....Or How Craig will prove he is Satoshi. submitted by
I will just advise that I am not a coder or anything technical, I'm just positing a hypothesis and would like some feedback/help from anybody that actually is a coder. I've read quite extensively into Bitcoin and have been around the scene around 5 years or so though - and I'm not easily fooled. I just need to know if my hypothesis is feasible technically, so I'll just roughly sketch it out for now.
Here is a quote from Craig regarding his key signing “proofs” that have been widely criticized: .” In recent sessions, I have used a total of 10 private keys are associated with bitcoin addresses. These were loaded into Electrum, an SPV wallet. In one of the exercises, I signed messages that I will not detail on this post for a number of individuals. “
These private signings were for people such as Gavin Anderson, John Matonis etc,( who said they were convinced) culminating in a well documented (and disputed) signing for the BBC and Economist.Apparently, the BBC proof seemed to point to the very first transaction Satoshi made to Hal Finney of 10 BTC but no message transaction appeared to be there: https://www.blockchain.com/btc/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?show_adv=true
Here is a Medium article by Craig from 2018: https://medium.com/@craig_10243/nsequence-and-p2p-exchange-9e4cbf32124c
I read this and the links at the bottom to research all about “NlockTime” etc. This was removed from BTC code on 16th April 2016 by the looks of it - from what I understand of Github. This would be exactly the time (within days either way) of the Gavin Andersen and other signings: http://gavinandresen.ninja/satoshi
Now this is just too much to believe is a coincidence to my mind. Clearly one thing was likely a direct response to the other thing.
I think Craig saw what was being planned and thought “Bloody mongrel drongo baaarstards!”.....or similar and got straight on the phone to Gavin Andersen. There was an urgency about this – which I think is a clue. The signings were not particularly about proving anything
– they were about updating the terms of existing Nlocktime contracts with those that he already had them with. As the original code being removed was going to bugger them up, they had to co-sign to update them. Otherwise all the previous contracts/transactions that were planned to be executed/accepted on to the Blockchain at a later date would no longer be.
This would also indicate that Craig has been contracting those involved to do particular things for quite a while. This would also explain the apparent mystery of Craig stating he was forced to come out and do this with the BBC. The BBC proof was different to the private proofs though and was done for a very different reason. I believe this was probably the 10th of the private keys, though it could possibly be the 9th.
Anyway, the intention now is to put the code back to how it was, so early Nlocktime contracts can execute properly......so where does that leave us?
I think a message/transaction will appear on the Hal Finney block at a future time and it will say “I'm Gavin Andersen and my favourite number is 11 CSW” - or whatever the exact wording was. Similar messages will appear on other known Satoshi addresses. My guess is that there will be a big reveal in the Court case when maybe the 10th private key is used. I'm guessing that certain people I have mentioned may be called as witnesses to attest to what their messages were. It will be demonstrated by experts that only Satoshi could have done these things and it may or may not involve one last signing. What do we think.........possible?
Relevant things for technical people to consider I think, may include how certain things work such as raw transactions and Nlocktime and associated things and the fact that early Bitcoin code used "sequencing". This is just my layman's opinion though.
Any feedback would be much appreciated either in support of my hypothesis or in order to rule it out - either way I'm going to be more knowledgeable - so it's a win win!
Peter Todd submitted by
on Aug 24 2016:
Bitcoin-based honeypots incentivise intruders into revealing the fact they have
broken into a server by allowing them to claim a reward based on secret
information obtained during the intrusion. Spending a bitcoin can only be done
by publishing data to a public place - the Bitcoin blockchain - allowing
detection of the intrusion.
The simplest way to achieve this is with one private key per server, with each
server associated with one transaction output spendable by that key. However
this isn't capital efficient if you have multiple servers to protect: if we
have N servers and P bitcoins that we can afford to lose in the compromise, one
key per server gives the intruder only N/P incentive.
Previously Piete Wuille proposed(1) tree signatures for honeypots, with a
single txout protected by a 1-N tree of keys, with each server assigned a
specific key. Unfortunately though, tree signatures aren't yet implemented in
the Bitcoin protocol.
However with a 2-of-2 multisig and the SIGHASH_SINGLE feature we can implement
this functionality with the existing Bitcoin protocol using the following
2 2 CHECKMULTISIG
The honeypot secret key is shared among all N servers, and left on them. The
distriminator secret key meanwhile is kept secret, however for each server a
unique signature is created with SIGHASH_SINGLE, paying a token amount to a
notification address. For each individual server a pre-signed signature created
with the distriminator secret key is then left on the associated server along
with the honeypot secret key.
Recall the SIGHASH_SINGLE flag means that the signature only signs a single
transaction input and transaction output; the transaction is allowed to have
additional inputs and outputs added. This allows the thief to use the honeypot
key to construct a claim transaction with an additional output added that pays
an address that they own with the rest of the funds.
Equally, we could also use SIGHASH_NONE, with the per-server discriminator
being the K value used in the pre-signed transaction.
Note that Jeff Coleman deserves credit as co-inventor of all the above.
A potential disadvantage of using non-standard SIGHASH flags is that the
transactions involved are somewhat unusual, and may be flagged by
risk analysis at exchanges and the like, a threat to the fungibility of the
We can improve on the above concept from Todd/Coleman by using a pre-signed
standard transaction instead. The pre-signed transaction spends the honeypot
txout to two addresses, a per-server canary address, and a change address. The
private key associated with the change addres is also left on the server, and
the intruder can then spend that change output to finally collect their reward.
To any external observer the result looks like two normal transactions created
in the process of someone with a standard wallet sending a small amount of
funds to an address, followed by sending a larger amount.
A subtlety in the the two transactions concept is that the intruder doesn't
have the necessary private keys to modify the first transaction, which means
that the honeypot owner can respond to the compromise by doublespending that
transaction, potentially recovering the honeypot while still learning about the
compromise. While this is possible with all honeypots, if the first transaction
is signed with the opt-in RBF flags, and CPFP-aware transaction replacement is
not implemented by miners, the mechanics are particularly disadvantageous to
the intruder, as the honeypot owner only needs to increase the first
transaction's fee slightly to have a high chance of recovering their funds.
With CPFP-aware transaction replacement the intruder could in-turn respond with
a high-fee CPFP second transaction, but currently no such implementation is
We can use the "scorched earth" concept to improve the credibility of the
honeypot reward by making it costly for the honeypot owner to doublespend. Here
a second version of the honeypot pre-signed transaction would also be provided
which sepnds the entirety of the honeypot output to fees, and additionally
spends a second output to fees. An economically rational intruder will publish
the first version, which maximizes the funds they get out of the honeypot. If
the owner tries to dishonestly doublespend, they can respond by publishing the
"scorched earth" transaction, encouraging the honeypot owner's honesty and
making CPFP-aware transaction replacement irrelevant.
Of course, miner centralization adds complexity to the above: in many instances
honeypot owners and/or intruders will be able to recover funds from altruistic
miners. Equally, the additional complexity may discourage intruders from making
use of the honeypot entirely.
Note that as an implementation consideration CHECKSEQUENCEVERIFY can be used to
ensure the honeypot output can only be spent with transaction replacement
enabled, as CSV requires nSequence to be set in specific ways in any transation
spending the output.
1) https://blockstream.com/2015/08/24/treesignatures/ https://petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 455 bytes
Desc: Digital signature
URL: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160824/b348f953/attachment.sig original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/013058.html
Bitcoin Ethereum Ripple Litecoin Tron All Coins . Support. FAQ Contact Us Track Order ... Build crypto exchange directly into your website with ZERO CODE. Trusted by thousands of traders around the world . Instantly exchange 300+ cryptocurrencies. Transact with ease across all major exchanges. Manage and track transactions with ease. Login to your account. Email. Password (6-25 characters ... Bitcoin Forum Bitcoin Stack Exchange Bitcoin Magazine. Download Bitcoin Core. Bitcoin Core is the backbone of the Bitcoin network. Almost all Bitcoin wallets rely on Bitcoin Core in one way or another. If you have a fairly powerful computer that is almost always online, you can help the network by running Bitcoin Core. You can also use Bitcoin Core as a very secure Bitcoin wallet. Latest ... I would like to know how payment channel mechanic works in practice. What do the involved parties need to do, which information they exchange and how is the security ensured. Bonus question: What different types of payment channels exist? Only answ... So you could set one of these up with an exchange and withdraw and deposit without waiting for confirmations. Since replacement is not used currently, all transactions Bitcoin creates have LockTime = 0 and Sequence = UINT_MAX. This is the case with the genesis block's generation transaction. Bitcoin Stack Exchange is a question and answer site for Bitcoin crypto-currency enthusiasts. It only takes a minute to sign up. Sign up to join this community . Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Bitcoin . Home ; Questions ; Tags ; Users ; Jobs; Unanswered ; What does the 'n' in nLockTime and nSequence stand for? Ask Question Asked ...
Provided to YouTube by Sequence Sequence Limited Enlightening Exchange · Rainforest Sounds Peaceful Garden Rain and Nature Pieces ℗ 2020 Conner Records Released on: 2020-06-01 Producer: Chuck ... Buy bitcoin here off coinbase and get $10 for free https://www.coinbase.com/join/59cb26c779530b01690916f2 Best and most secure way to start in the crypto wor... Latest Video: http://bit.ly/BW10000 1. Buy Bitcoins: http://bit.ly/BWCoinbase 2. Best Crypto Exchange: http://bit.ly/BWBinance 3. ROBINHOOD http://bit.ly/ROB... #banqueenligne #bitcoin #wirex #btc #cryptomonnaie Banque en ligne Bitcoin Banque en ligne BTC Wirex Avis Avis Wirex Carte prépayée Cryptomonnaie Cryptomonnaie Wirex Banque Carte Bancaire Wirex ... Gossip Room est une communauté sur les réseaux sociaux, créée il y a 7 ans, qui regroupe aujourd’hui des millions de passionnés d’actualité TV, people, série...