francescomecca.eu/_posts/_site/2016-05-03-satoshisignature.html
Francesco Mecca 6aef3588b9 reddit
2018-03-27 04:26:23 +02:00

93 lines
4.8 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<p>I explained in my previous <a href="http://francescomecca.eu/pescewanda/2016/04/17/wright-nakamoto/">post</a> (in italian) that the signature that Wright provided as a public proof is in fact invalid.
I want to explain briefly how you could check this claim.
The key in Wrights <a href="http://www.drcraigwright.net/jean-paul-sartre-signing-significance/">post</a> is this:</p>
<p><code class="highlighter-rouge">
------------------------- Signature File -------------------------
MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl1
3VTC3ihl6XUlhcU+fM4=
------------------------- End Signature --------------------------
</code></p>
<p>Now we can use some bash utilities:</p>
<ul>
<li>base64, that translates encoded ASCII text;</li>
<li>hexdump, that displays hexadecimal contents from the input;</li>
<li>cut, used to remove the binary part of the input;</li>
<li>tr, used to delete spaces and carriage return from the input;</li>
</ul>
<p>```
base64 -d «&lt;MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl13VTC3ihl6XUlhcU+fM4= | hexdump -C| cut -b 11-60| tr -d \n</p>
<p>3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
```</p>
<p>Lets analyze the command one by one:</p>
<ul>
<li><code class="highlighter-rouge">base64 -d</code> decodes the redirected string, the output is some gibberish characters so I wont display them here;</li>
<li><code class="highlighter-rouge">hexdump -C</code> is used with a pipe to convert to hexadecimal:</li>
</ul>
<p><code class="highlighter-rouge">
00000000 30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11 |0E.!..*}T./&amp;.L..|
00000010 33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5 |3.Q"...A}....hA.|
00000020 5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a |\4"... fc,\....:|
00000030 28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9 |(7vN...Iu.T..(e.|
00000040 75 25 85 c5 3e 7c ce |u%..&gt;|.|
</code></p>
<ul>
<li>cut -b 11-60 displays only the characters from column 11 to 60:</li>
</ul>
<p><code class="highlighter-rouge">
30 45 02 21 00 c1 2a 7d 54 97 2f 26 d1 4c b3 11
33 9b 51 22 f8 c1 87 41 7d de 1e 8e fb 68 41 f5
5c 34 22 0a e0 02 20 66 63 2c 5c d4 16 1e fa 3a
28 37 76 4e ee 9e b8 49 75 dd 54 c2 de 28 65 e9
75 25 85 c5 3e 7c ce
</code></p>
<ul>
<li><code class="highlighter-rouge">tr -d ' \n'</code> is used to delete spaces and carriage returns from the output so that is shown in one line and it gives us the final result:</li>
</ul>
<p><code class="highlighter-rouge">
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code></p>
<p>If you noticed, there is also another cleartext string at the beginning of Wrights post:</p>
<p><code class="highlighter-rouge">
$ base64 -d &lt;&lt;&lt;'IFdyaWdodCwgaXQgaXMgbm90IHRoZSBzYW1lIGFzIGlmIEkgc2lnbiBDcmFpZyBXcmlnaHQsIFNhdG9zaGkuCgo='
Wright, it is not the same as if I sign Craig Wright, Satoshi.
</code></p>
<p>Now lets head to blockchain.info.
Blockchain.info has a little <a href="https://blockchain.info/decode-tx">utility</a> to get hexadecimal informations out of a transaction on the blockchain, so lets use it to get the related info about this transaction:</p>
<p><a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe">tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe</a>
<a href="https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?format=hex">tx/828ef3b079f9… in hexadecimal</a></p>
<p>As you can see the entire output of the first bash command, that is
<code class="highlighter-rouge">
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce
</code>
is contained in:
<code class="highlighter-rouge">
"script":"483045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce01"
</code>
except for the 48 at the beginning and the 01 at the end.</p>
<p>That is a signature hash:
this <a href="https://en.bitcoin.it/wiki/List_of_address_prefixes">page</a> explains that the 48 is just a decimal prefix given to uncompressed transactions, and the 01 at the end is just a SIGHASH_ALL <a href="https://bitcoin.org/en/glossary/signature-hash">code</a> that flags the end of the signature.</p>
<h2 id="so-is-it-a-fake">So, is it a fake?</h2>
<p>Yes, indeed.
At the end, I ask, why would you choose anything else than the easiest and most conclusive way to prove something?</p>
<p><img src="/wp-content/uploads/2016/satosh.jpg" alt="Wright &quot;signs&quot; the blockchain" /></p>