francescomecca.eu/_posts/_site/2016-05-03-satoshisignature.html

94 lines
4.8 KiB
HTML
Raw Normal View History

2018-03-27 04:26:23 +02:00
<p>I explained in my previous <a href="http://francescomecca.eu/pescewanda/2016/04/17/wright-nakamoto/">post</a> (in italian) that the signature that Wright provided as a public proof is in fact invalid.
I want to explain briefly how you could check this claim.
The key in Wrights <a href="http://www.drcraigwright.net/jean-paul-sartre-signing-significance/">post</a> is this:</p>
<p><code class="highlighter-rouge">
------------------------- Signature File -------------------------
MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl1
3VTC3ihl6XUlhcU+fM4=
------------------------- End Signature --------------------------
</code></p>
<p>Now we can use some bash utilities:</p>
<ul>
<li>base64, that translates encoded ASCII text;</li>
<li>hexdump, that displays hexadecimal contents from the input;</li>
<li>cut, used to remove the binary part of the input;</li>
<li>tr, used to delete spaces and carriage return from the input;</li>
</ul>
<p>```
base64 -d «&lt;MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl13VTC3ihl6XUlhcU+fM4= | hexdump -C| cut -b 11-60| tr -d \n</p>
<p>3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
```</p>
<p>Lets analyze the command one by one:</p>
<ul>
<li><code class="highlighter-rouge">base64 -d</code> decodes the redirected string, the output is some gibberish characters so I wont display them here;</li>
<li><code class="highlighter-rouge">hexdump -C</code> is used with a pipe to convert to hexadecimal:</li>
</ul>
<p><code class="highlighter-rouge">
00000000 30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11 |0E.!..*}T./&amp;.L..|
00000010 33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5 |3.Q"...A}....hA.|
00000020 5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a |\4"... fc,\....:|
00000030 28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9 |(7vN...Iu.T..(e.|
00000040 75 25 85 c5 3e 7c ce |u%..&gt;|.|
</code></p>
<ul>
<li>cut -b 11-60 displays only the characters from column 11 to 60:</li>
</ul>
<p><code class="highlighter-rouge">
30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11
33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5
5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a
28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9
75 25 85 c5 3e 7c ce
</code></p>
<ul>
<li><code class="highlighter-rouge">tr -d ' \n'</code> is used to delete spaces and carriage returns from the output so that is shown in one line and it gives us the final result:</li>
</ul>
<p><code class="highlighter-rouge">
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code></p>
<p>If you noticed, there is also another cleartext string at the beginning of Wrights post:</p>
<p><code class="highlighter-rouge">
$ base64 -d &lt;&lt;&lt;'IFdyaWdodCwgaXQgaXMgbm90IHRoZSBzYW1lIGFzIGlmIEkgc2lnbiBDcmFpZyBXcmlnaHQsIFNhdG9zaGkuCgo='
Wright, it is not the same as if I sign Craig Wright, Satoshi.
</code></p>
<p>Now lets head to blockchain.info.
Blockchain.info has a little <a href="https://blockchain.info/decode-tx">utility</a> to get hexadecimal informations out of a transaction on the blockchain, so lets use it to get the related info about this transaction:</p>
<p><a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe">tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe</a>
<a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?format=hex">tx/828ef3b079f9… in hexadecimal</a></p>
<p>As you can see the entire output of the first bash command, that is
<code class="highlighter-rouge">
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code>
is contained in:
<code class="highlighter-rouge">
"script":"483045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce01"
</code>
except for the 48 at the beginning and the 01 at the end.</p>
<p>That is a signature hash:
this <a href="https://en.bitcoin.it/wiki/List_of_address_prefixes">page</a> explains that the 48 is just a decimal prefix given to uncompressed transactions, and the 01 at the end is just a SIGHASH_ALL <a href="https://bitcoin.org/en/glossary/signature-hash">code</a> that flags the end of the signature.</p>
<h2 id="so-is-it-a-fake">So, is it a fake?</h2>
<p>Yes, indeed.
At the end, I ask, why would you choose anything else than the easiest and most conclusive way to prove something?</p>
<p><img src="/wp-content/uploads/2016/satosh.jpg" alt="Wright &quot;signs&quot; the blockchain" /></p>