francescomecca.eu/_site/pescewanda/2016/05/03/satoshisignature/index.html
2018-08-15 11:48:39 +02:00

711 lines
13 KiB
HTML

<!DOCTYPE html>
<html lang="en-us">
<head>
<meta charset="UTF-8">
<title>Caught in the Net</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="theme-color" content="#157878">
<link rel="stylesheet" href="/css/normalize.css">
<!--<link href='https://fonts.googleapis.com/css?family=Open+Sans:400,700' rel='stylesheet' type='text/css'>-->
<link rel="stylesheet" href="/fonts/opensans.css">
<link rel="stylesheet" href="/css/cayman.css">
</head>
<body>
<section class="page-header">
<h1 class="project-name">Caught in the Net</h1>
<h2 class="project-tagline">La rete ti cattura ma libera il pensiero</h2>
<a class="btn" href="/">Home</a>
<a class="btn" href="/about/">About me</a>
<a class="btn" href="/contattami/">Contact me</a>
<a class="btn" href="/archive/">Archive</a>
<a class="btn" href="/feed.xml">RSS</a>
<a class="btn" href="http://francescomecca.eu/git/pesceWanda">Personal Git</a>
<a class="btn" href="https://github.com/FraMecca">Github</a>
<a class="btn" href="/curriculum/CV_Mecca_Francesco.pdf">Curriculum</a>
</section>
<section class="main-content">
<div class="post">
<h1 class="post-title">Why Wright's proof is a fake</h1>
<span class="post-date">03 May 2016</span>
<p>I explained in my previous <a href="http://francescomecca.eu/pescewanda/2016/04/17/wright-nakamoto/">post</a> (in italian) that the signature that Wright provided as a public proof is in fact invalid.
I want to explain briefly how you could check this claim.
The key in Wright&#39;s <a href="http://www.drcraigwright.net/jean-paul-sartre-signing-significance/">post</a> is this:</p>
<div class="highlight"><pre><code class="language-" data-lang="">------------------------- Signature File -------------------------
MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl1
3VTC3ihl6XUlhcU+fM4=
------------------------- End Signature --------------------------
</code></pre></div>
<p>Now we can use some bash utilities:</p>
<ul>
<li>base64, that translates encoded ASCII text;</li>
<li>hexdump, that displays hexadecimal contents from the input;</li>
<li>cut, used to remove the binary part of the input;</li>
<li>tr, used to delete spaces and carriage return from the input;</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">base64 -d &lt;&lt;&lt;'MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl13VTC3ihl6XUlhcU+fM4=' | hexdump -C| cut -b 11-60| tr -d ' \n'
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code></pre></div>
<p>Let&#39;s analyze the command one by one:</p>
<ul>
<li><code>base64 -d</code> decodes the redirected string, the output is some gibberish characters so I won&#39;t display them here;</li>
<li><code>hexdump -C</code> is used with a pipe to convert to hexadecimal:</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">00000000 30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11 |0E.!..*}T./&amp;.L..|
00000010 33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5 |3.Q"...A}....hA.|
00000020 5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a |\4"... fc,\....:|
00000030 28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9 |(7vN...Iu.T..(e.|
00000040 75 25 85 c5 3e 7c ce |u%..&gt;|.|
</code></pre></div>
<ul>
<li>cut -b 11-60 displays only the characters from column 11 to 60:</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11
33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5
5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a
28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9
75 25 85 c5 3e 7c ce
</code></pre></div>
<ul>
<li><code>tr -d &#39; \n&#39;</code> is used to delete spaces and carriage returns from the output so that is shown in one line and it gives us the final result:</li>
</ul>
<div class="highlight"><pre><code class="language-" data-lang="">3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code></pre></div>
<p>If you noticed, there is also another cleartext string at the beginning of Wright&#39;s post:</p>
<div class="highlight"><pre><code class="language-" data-lang="">$ base64 -d &lt;&lt;&lt;'IFdyaWdodCwgaXQgaXMgbm90IHRoZSBzYW1lIGFzIGlmIEkgc2lnbiBDcmFpZyBXcmlnaHQsIFNhdG9zaGkuCgo='
Wright, it is not the same as if I sign Craig Wright, Satoshi.
</code></pre></div>
<p>Now let&#39;s head to blockchain.info.
Blockchain.info has a little <a href="https://blockchain.info/decode-tx">utility</a> to get hexadecimal informations out of a transaction on the blockchain, so let&#39;s use it to get the related info about this transaction:</p>
<p><a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe">tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe</a>
<a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?format=hex">tx/828ef3b079f9... in hexadecimal</a></p>
<p>As you can see the entire output of the first bash command, that is
<code>
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code>
is contained in:
<code>
&quot;script&quot;:&quot;483045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce01&quot;
</code>
except for the 48 at the beginning and the 01 at the end.</p>
<p>That is a signature hash:
this <a href="https://en.bitcoin.it/wiki/List_of_address_prefixes">page</a> explains that the 48 is just a decimal prefix given to uncompressed transactions, and the 01 at the end is just a SIGHASH_ALL <a href="https://bitcoin.org/en/glossary/signature-hash">code</a> that flags the end of the signature.</p>
<h2 id="so-is-it-a-fake">So, is it a fake?</h2>
<p>Yes, indeed.
At the end, I ask, why would you choose anything else than the easiest and most conclusive way to prove something?</p>
<p><img src="/wp-content/uploads/2016/satosh.jpg" alt="Wright &quot;signs&quot; the blockchain"></p>
</div>
<!--<div class="related">-->
<!--<related-posts />-->
<!--<h2>Related Posts</h2>-->
<!--<ul class="related-posts">-->
<!---->
<!--<li>-->
<!--<h3>-->
<!--<a href="/pescewanda/2018/07/27/dtldr/">-->
<!--Un articolo per r/italyinformatica-->
<!--<small>27 Jul 2018</small>-->
<!--</a>-->
<!--</h3>-->
<!--</li>-->
<!---->
<!--<li>-->
<!--<h3>-->
<!--<a href="/pescewanda/2018/03/27/addio-reddit/">-->
<!--Addio Reddit-->
<!--<small>27 Mar 2018</small>-->
<!--</a>-->
<!--</h3>-->
<!--</li>-->
<!---->
<!--<li>-->
<!--<h3>-->
<!--<a href="/pescewanda/2017/10/02/minidoxguide/">-->
<!--Minidox, a guide for the Europeans and the Scrooges-->
<!--<small>02 Oct 2017</small>-->
<!--</a>-->
<!--</h3>-->
<!--</li>-->
<!---->
<!--<li>-->
<!--<h3>-->
<!--<a href="/pescewanda/2017/05/09/vaporwave/">-->
<!--Cyber-utopia and vaporwave-->
<!--<small>09 May 2017</small>-->
<!--</a>-->
<!--</h3>-->
<!--</li>-->
<!---->
<!--<li>-->
<!--<h3>-->
<!--<a href="/pescewanda/2017/05/07/latestage_handbrake/">-->
<!--Late Stage Capitalism meets FOSS-->
<!--<small>07 May 2017</small>-->
<!--</a>-->
<!--</h3>-->
<!--</li>-->
<!---->
<!--</ul>-->
<!--</div>-->
<footer class="site-footer">
<!--<span class="site-footer-owner"><a href="http://francescomecca.eu">Caught in the Net</a> is maintained by <a href="contattami">Francesco Mecca</a>.</span>-->
<span> CC BY-SA 4.0 International.</br> </span>
<span class="site-footer-credits"><a href="https://jekyllrb.com">Jekyll</a>, <a href="https://github.com/jasonlong/cayman-theme">Cayman theme</a>.</span>
</footer>
</section>
</body>
</html>