In the story, both outlets detailed a myriad of evidence that led each to come to the same conclusion, Nakamoto and Wright were the same person. It’s that same evidence, however, that might be responsible for bringing this entire house of cards down.
Europe’s leading tech festival
TNW Conference is back for its 12th year. Reserve your 2-for-1 ticket voucher now.
I’m not in a position to debunk any of the claims made by Wired or Gizmodo. I am, however, a journalist and one of the most important traits of any journalist worth his or her salt is an undying curiosity to question everything.
I started with “why?”
Why would a man that has concealed his identity for the better part of a decade decide that now is the time to out himself? Of course, that too is a point of contention. We’re still not sure who leaked/hacked these emails, but there is a growing chorus that suggests that the leaks may be the product of Wright himself. But why?
Last year, Wright publicly announced his intentions to start the “world’s first Bitcoin bank.” His LinkedIn profile lists him as the CEO of DeMorgan Ltd., a company that describes itself on its website as, “focused on alternative currency.” Additionally, Wright is tied to at least two other cryptocurrency companeis, C01n — a Bitcoin wallet company — and Coin-Exch — a Bitcoin exchange.
He’s also touted ownership of one of the world’s fastest supercomputers, and is a proprietor of W&K, a company Wright’s accountant calls, “an entity created for the purpose of mining Bitcoins.”
To put it lightly, Wright is heavily involved in the Bitcoin space and stands to profit handsomely if there is any connection made between him and the mysterious creator of the world’s most popular cryptocurrency.
According to a comment on Reddit by Bitcoin Expert Gregory Maxwell:
I’ve seen people drop hints that they were Bitcoin’s creator seemingly to try to bring in investment money, and the other things one does with fame and mystique. Having people you want to influence quietly think that /maybe/ you are the mysterious creator of Bitcoin can confers business and social power.
On the other side of the coin, Satoshi Nakamoto and Bitcoin in general, actually stand to gain more by remaining quiet.
The anonymity of Nakamoto was one of the factors that made Bitcoin so appealing to investors. Without a tangible leader, or leadership group, the decentralized nature of the cryptocurrency was left without a regulatory control unit. As a result, decisions were made by consensus, Nakamoto’s mythical status grew and Bitcoin was left without a leader that government officials could pressure to make sweeping changes to the system.
Without a defined controlling interest or central point of failure, Bitcoin is left to operate as an entity that’s essentially untouchable by state apparatus. People, in this case, would provide the weak link to the decentralized nature of the currency as they — unlike machines — are susceptible to greed, coercion and legal entanglements by government powers.
A faceless entity left for the people to collectively rule has few weak links.
Again, this isn’t definitive proof, but it does at least provide a motive for both staying silent and for going public.
The blog posts
One of the key bits of evidence in both the Wired and Gizmodo story was the existence of two blog posts from 2008 — both published prior to Bitcoin’s creation — and one from 2009 — around the time of Bitcoin’s release.
The first two referenced an unreleased cryptocurrency project and included an encryption key that is linked to the email address firstname.lastname@example.org. The address is similar to the email@example.com email address used by Satoshi himself, but the addition of the “n” to the former casts at least a bit of doubt on the authenticity of the claim.
But we’ll get to email in a moment.
If these blog posts are legitimate, it’s strong evidence that Wright is indeed Nakamoto. However, it seems that details linking Wright to Bitcoin were actually added after the fact, somewhere between 2013 and 2014.
According to Wired’s Andy Greenberg:
Comparisons of different archived versions of the three smoking gun posts from Wright’s blog show that he did edit all three—to insertevidence of his bitcoin history. The PGP key associated with Nakamoto’s email address and references to an upcoming “cryptocurrency paper” and “triple entry accounting” were added sometime after 2013. Even the post noting bitcoin’s beta launch is questionable. While it was ostensibly posted in January 2009, it later seems to have been deleted and then undeleted—or possibly even written for the first time—sometime between October 2013 and June of 2014.
The emails are arguably the strongest piece of evidence in both the Wired and Gizomodo pieces. They’re also impossible to authenticate.
Dave Kleiman, a computer forensics expert, was on the receiving end of the most convincing of the leaked emails. In the first of these, Wright reached out to his close friend and detailed the birth of Bitcoin. The second read as a frustrated plea for help as Wright grew tired of his pseudonym, Nakamoto.
Neither of these emails can be authenticated, as Kleiman passed away in 2013. The next best thing we can do is cross reference the PGP keys on the encrypted messages, both of which turn out to be fake.
There is one true PGP key known to be associated with Satoshi Nakomoto. This key is known as the “Original Key” and has existed since 2008, shortly before the release of Bitcoin.
The Original Key has long been linked to Satoshi. It’s currently hosted at bitcoin.org and has been since 2009 when Satoshi was still associated with the site, before his Bitcoin exodus.
The most convincing part of the emails were the addresses both were sent from. In the Wired piece, the PGP key is tied to firstname.lastname@example.org, an email address that has never been linked to Satoshi Nakamoto. The Gizmodo piece shows the PGP key tied to email@example.com, an email address confirmed to be Nakamoto’s, but thought to have been compromised by hackers in 2014.
But this too has holes that were pointed out first by Motherboard, and then in two separate conversations TNW had with leading experts in their respective fields of Bitcoin and cryptography.
According to the MIT keyserver that both are hosted on, both keys were created in 2008, before the release of Bitcoin to the public. This alone is convincing, but as Motherboard, and both experts we spoke with pointed out, it’s not all that difficult to fake a creation date on a PGP key.
Motherboard staff writer Jordan Pearson created a PGP key and uploaded it to MIT’s keyservers in just 10 minutes. The creation date was December 8, 2015, but according to the keyserver entry, the key was created December 9, 2008.
You can poke further holes in the argument once you know that it’s possible to create a fake PGP key with an altered date from an email account you don’t control. Motherboard cybersecurity reporter Lorenzo Francheschi-Bicchierai was able to do just that by creating a mirror image of the key, complete with the confirmed — and later hacked — firstname.lastname@example.org email address.
In a Reddit post, Bitcoin core developer Gregory Maxwell also pointed out that the, “key was also not on the keyservers in 2011 according to my logs.” When pressed about the logs, Maxwell explained that him and others discussed possible leads to Nakamoto and referenced other keys tied to his email that weren’t the Original Key. These were flagged as fakes.
The keys implicated by Wired and Gizmodo weren’t amongst them. Maxwell believes this is because they weren’t there in 2011.
The case gets even stronger when you look at encryption. In 2008 the default encryption in GnuPG — a free software implementation of PGP — was DSA-1024. Both the Wired and Gizmodo keys were generated using RSA-3072, an encryption level that exceeds the standard RSA-2048 we use today, as well as that of the Original Key, which used DSA-1024.
Our source, a high-profile cryptography expert who chose to remain anonymous, revealed that this level of encryption was unheard of in 2008. He also went on to mention that the encryption algorithm used on the Wired and Gizmodo key wasn’t even available until September of 2009, nearly a year after the date on the first email tying Wright to Nakamoto.
When I asked about his opinion on the Wright/Nakamoto connection, he stated:
It can’t hold up to scrutiny. All of the evidence is suspect and I believe that — [although] this isn’t as bad as the Newsweek blunder — it’s going to fall apart as people dig deeper. If Wright wants to prove he is Satoshi, all he has to do is sign a message with the key pair from the Genesis block. He has dropped hints that he is Satoshi in the past, but he’s refused to offer simple proof and basically hung Gizmodo and Wired out to dry when this all comes crashing down.
The documents aren’t the strongest piece of evidence, but when paired with other factors outlined in the exposé, they offered a strong argument. That is, until you take a closer look and realize that amongst the documents are unfinished drafts, unconfirmed meeting transcripts, and not a single piece of notarized or otherwise officially recognized documentation.
For example, a contract from 2009 setting up a trust between Kleiman and Wright documents a transfer of 1,100,111 BTC (Bitcoin) from Wright to Kleiman. On the date of the document, those 1.1 million BTC would be valued at $31 million. The contract states the value is just $100,000.
There’s also an incomplete sentence in the fourth paragraph which should have been highlighted and fixed immediately given the weight these documents are supposed to carry.
Perhaps circumstantially, Wright is considered to be a terrible writer, as these Amazon reviews for ‘The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments,’ a book he authored, can attest to.
That said, this is a draft of a trust, and not the final document. That’s telling, as there’s no need to forge a draft; it’s not considered a forgery until it’s legally processed and filed.
The documents also contain four additional PGP key “fingerprints” — shorthand for the much longer PGP key — two of which belonged to Nakamoto, one belonged to Kleiman and the final one belonged to Wright. Only one of these, the Original Key, holds up to scrutiny. The others use the odd key sizes that don’t match up with the encryption level of the Original Key.
The gwern factor
Gwern is the pseudonymous source of the leaked/hacked documents. He’s a bit of an oddity in the Bitcoin world as he himself was once thought to be Satoshi Nakamoto. He’s also got a rather sketchy reputation for bad journalism and internet mischief.
According to Bitcoin core developer Greg Maxwell:
Gwern has been accusing people of being bitcoin’s creator for some time. It seems to have become his windmill.
I think he’s really good at finding confirming evidence and explaining away contradictions, and not so good at finding potential disproof; and hasn’t seemed to learn sufficient caution from past mistaken identification, nor from the threats he received when some nutball thought it was him.
Anecdotal as it may be, others share this assessment.
It’s also alleged that gwern may be responsible for calling in the raid that saw Australian police storm Wright’s home. Australian Federal Police deny that this had anything to do with recent media reports and say the timing was merely a coincidence.
We sought out another Bitcoin expert who could reveal more about gwern and his thoughts on the potential Wright/Nakamoto connection. Bryan Bishop is a developer at LedgerX — a Bitcoin trading platform — and the keynote speaker at the ‘Scaling Bitcoin’ conference in Montreal.
He also has a friendly relationship with gwern, although he’s quick to point out that he wouldn’t consider the two friends.
When asked about gwern and whether the leaks were legitimate, Bishop stated:
Personally I feel that the PGP information that he was aware of, should have been sufficient to convince him to dissociate himself from making that article. This should have convinced him that he was engaging in something dangerous that we should all be concerned about.
He also presented an IRC conversation between himself and gwern, which he had posted to Reddit hours earlier. In the conversation, ‘kanzure’ (Bishop) took issue with the fact that gwern seemed intent to pass along the documents as legitimate, all while knowing that the PGP key was faked.
Bishop then proceeded to question gwern’s integrity as a journalist:
gwern: i suggest that in the future if you want wired.com publicity that you can achieve that without wasting everyone’s time. don’t be so quick to sacrifice your pseudonym’s reputation nor the time and patience of your readers.
He expressed concerns with gwern’s reputation to me as well.
Gwern’s goal for the past few years has been to become a prominent journalist that other people trust. There’s no reason to trust someone that so easily lies.
I then asked if there was anything that jumps out at Bishop that makes him think the leaks are real, and that this can’t be faked. “No. Absolutely not,” he replied.
Update: Bryan Bishop emailed me this morning and said the following:
By the way, I am one of the moderators for the Bitcoin-dev mailing list (one of the primary communication channels for Bitcoin development). Yesterday, I mistakenly approved an email from email@example.com — something I already regret doing. The email was a one-liner from “Satoshi” (no evidence that this is the real Satoshi) and it said “I am not Craig Wright. We are all Satoshi.”
The onus of truth
To be quite clear, the work of Gizmodo and Wired was — for the most part — excellent. Both should be commended in their efforts.
William Faulkner once said, “In writing, you must kill all your darlings.”
Where they fell short isn’t in due diligence, but in staking too large an investment in evidence that doesn’t stand up to scrutiny. They should have killed this darling.
But sometimes the story is appealing, the evidence is circumstantial and journalists are drawn to the big wins by piecing together suspect evidence in order to massage a larger narrative.
In doing so, we set a dangerous precedent for journalism. When two esteemed publications let their lust for a story drive the narrative, we all lose.
In their defense, it’s not the first time.
Newsweek was responsible for a rather nightmarish job of reporting in 2014. For the 81-year-old magazine’s return to print, reporter Leah McGrath Goodman proudly boasted that she had found the elusive creator of Bitcoin. Newsweek made it the cover story.
Goodman did indeed find Satoshi Nakamoto. This Satoshi Nakamoto, however, was the wrong guy with the right name. Dorian Satoshi Nakamoto hadn’t gone by “Satoshi” in almost 40 years, and after numerous proclamations that he had nothing to do with Bitcoin, he had to take his story to the Associated Press in order to clear his name after Goodman ran the story anyway.
In 2013 60 Minutes correspondent Laura Logan interviewed Dylan Davies, a former security contractor that claimed to be at the Benghazi consulate during the attack. He told a rather unbelievable story that featured fierce gunfire, climbing walls, fire and an attack on an Al-Qaeda soldier that ended with Davies fending him off with the butt of his rifle.
Later he claimed he saw the body of ambassador Stevens at the hospital.
It was all fake.
The Washington Post got its hands on an incident report filed with Davies’ employer that featured a report by Davies himself that he never made it to the consulate that night.
60 Minutes responded by saying they knew Davies was lying, but that he was lying to his employer, not them. They drew a line in the sand and stuck with an unreliable witness.
The fabricated story was sexier than the truth.
It’s easy to get drawn into a big story. As journalists, however, we have the ethical responsibility not to be first, or to be sexy, but to be right.
Craig Steven Wright could very well turn out to be Satoshi Nakamoto. But the evidence presented by Gizmodo and Wired is far from conclusive and falls well short of definitive proof that warrants the declaration that this is fact.
We should all expect better.