Craig Wright is Not Satoshi Nakamoto, The Myth Lives On
Can Craig Steven Wright really claim he is, in any way, the genius who invented Bitcoin?
Craig Steven Wright is one of the most peculiar characters to descend on Bitcoin’s community. Can this man really claim he is, in any way, the genius who invented Bitcoin?
Since the anonymous creator of Bitcoin disappeared five years ago, the world has kept asking one fascinating question: Who is Satoshi Nakamoto?
Mainstream media candidate
Reputable mainstream media have proposed one candidate after another, with none standing up to scrutiny. However, for the first time, someone is seemingly claiming to be Satoshi. According to Financial Times and the Mirror, Craig Steven Wright is to perform a “cryptographic miracle” to “prove” he is Bitcoin’s creator.
Craig Wright is one of the most peculiar characters to descend on Bitcoin’s community. His background is riddled with potential fabrication, wild exaggeration, alleged deception and perhaps outright fraud. Courts have convicted him, the ATO has issued a penalty against his company, universities and companies have denied some of his claims, a security researcher has publicly called him “dangerous” and “ignorant”. Can this man really claim he is, in any way, the genius who invented Bitcoin?
When looking at Craig Steven Wright’s background, his seemingly inability to spell stands out immediately. As does his preference for general terms, vague language, and long windedness.
Wright’s now deleted Linkedin profile contains 26 A4 sized pages and terms such as “Encryption Techniology” and “continential kitchens”. In a now deleted purported Letter of Endorsement from SGI, a document Cloudcroft’s website, a company owned by Wright, claims was written by SGI’s Director, Greg McKeon, it reads: “, and continues to perform through innovation is very synergistic.” DeMorgan’s now deleted website, a company owned by Wright, states: “we have completed several Bitcoin based research projects that have lasted over and are now ready to start commercialising.”
Such atrocious writing, even in official or semi-official documents where nothing less than perfect spelling and grammar is expected, suggests Wright simply cannot spell or lacks attention to detail. Contrast the above with Satoshi’s flawless, concise, succinct and concrete writing.
- Craig Steven Wright
“Dangerous” and “Ignorant”
Although the above in itself is sufficient to strongly suggest Wright is not Satoshi, it is only the surface. In a damning post on the security mailing list on February the 9th 2010, when Satoshi was still writing on bitcoin related forums, Timothy M. Mullen, a computer and information security expert with more than 30 years of experience who has worked for Microsoft, the U.S Air Force and the U.S Court System as well as written a number of books on the subject with one reviewer stating that “[t]he introduction for Thor’s Microsoft Security Bible by Timothy "Thor" Mullen is one of the best I have read of any security related books”, Mullen had enough. In publicly calling out Craig Wright, who claimed in his now deleted website that he is “the most highly accredited Global Information Security Professional", Mullen states:
“People like you are dangerous and need to be exposed before someone in a position of power actually believes that you know what you are talking about.”
The unqualified statement was made in reply to a post by Craig Wright where he claims that he can quantify the “probability of compromise” with a simple formula:
“Where a system uses an SMS response with a separate system (such as a web page), the probability that the banking user is compromised and a fraud is committed, P(Compromise), can be calculated as: P(Compromise) = P(C.SMS) x P(C.PIN)
Where: P(C.SMS) is the probability of compromising the SMS function and P(C.PIN) is the compromise of the user authentication method [sic]
The user can be compromised by Trojan apps, poor pins that are pasted to a monitor etc.”
The above may sound reasonable to someone unfamiliar with information security. However, it was sufficient to convince Muller that Wright was “dangerous” and “ignorant” to the point where he states:
“Not only will I take your money, and ruin your reputation in this bet, but I'll tell you how I will do it UP FRONT. If I have someone show up at the door with a shotgun and ask for the hardware, do I win? … Where in your formula do you plug that in?”
Muller’s overall assessment is backed by Carl Jongsma, a security expert at Sunnet Beskerming, who states:
“I read through the post that Craig has placed online and there are a couple of seemingly critical faults in the model that have a massive effect on the overall reliability / strength against attack / resilience… that a system displays.”
ATO Levies an Almost $2 Million Penalty Fine
Yet, this is still only the surface. Wright claimed on Cloudcroft’s website, a company he owns, that he has a supercomputer with parts manufactured by SGI, the “trusted leader in high performance computing” according to SGI’s website. In a further press release, DeMorgan Ltd. announced that they are “eligible to receive up to approximately $54,000,000 R&D cash rebate” from the Australian Tax Office (ATO) which has allowed DeMorgan to “tune our Supercomputers”. It further states that:
“Mr McKeon of SGI has stated that they “look forward to a long, sustained relationship” and that together our companies will reach the highest ranks of the Top500 list.”
However, SGI has categorically denied any relationship with Wright. In a statement to ZDNet, Cassio Conceicao, SGI EVP and chief operating officer stated:
"Cloudcroft has never been an SGI customer and SGI has no relationship with Cloudcroft CEO Craig Steven Wright."
It may well be the case, therefore, that the Letter in Support is fabricated, particularly as it contains a number of grammatical and spelling errors. Furthermore, there are no pictures or any evidence that the supercomputer exists except for a course titled Programming on Supercomputers by Charles Sturt University, a lower tier Australian university with a ranking of 701+. The course is peculiar in itself. It contains a number of specialised topics that would take at least a semester, such as Distributed Computing: Power Grid, Thread Programming, Parallel Programming Models and Paradigms, C Programming on MIC (Xeon Phi) and many more. Yet it claims to cover them all in about four hours. Although there are videos, none of them show a supercomputer and individuals who seem to have worked with supercomputer have stated in public posts that Wright’s descriptions of the supercomputer and its workings are “laughable”.
It is highly likely therefore that the supercomputer does not exist. The Australian Tax Office (ATO)’s “serious evasion and criminal investigations unit” has opened an investigation on potential fraud. They may be interested in the supercomputer or Hotwire Ltd, a company mainly owned by Wright, or both.
Hotwire was meant to acquire various e-learning and e-payment systems software. However, it went into administration in 2014 because, according to a report by the administrators in May 2014, ATO “withheld” $3.1 million in Goods and Services Tax (“GST”) refunds as it required “further verification of transactions”.
The report paints a somewhat complex picture. Firstly, Wright was to acquire a number of e-learning and e-payments systems from third-parties. It is not clear whether he did do so, but, “according to Hotwire’s records”, he assigned the rights to a Wrights Family Trust. The trust then in turn assigned them to Hotwire. The latest report of the administrators issued on the 23rd of November 2015 states that ATO has levied a penalty of $1,716,608.00 on Hotwire, disputing the validity of the amounts claimed.
Has Wright Faked Some of His Degrees?
As we can see from his now deleted Linkedin profile, Wright claimed he has two PhDs, including one from Charles Sturt University(CSU), and eight Masters degrees, mostly from CSU, but also from Australia’s prestigious university of Newcastle and Northumbria. He further claimed that he is a “Subject Coordinator/Lecturer” at CSU for the past five years.
The University of Newcastle and Northumbria University have not yet responded to our requests for confirmation. CSU confirmed only three degrees, according to mashables, Master of Networking and Systems Administration, Master of Management (Information Technology) and Master of Information Systems Security, denying he was awarded a PhD or any other degree. They further state that he was an “adjunct academic at CSU”, undertaking “unpaid academic work and… not formally employed by the University."
His PhD in Religious Studies does not list an institution. “Ask me and I may share” – he states. However, he claims that he began the PhD in 1998. In a now deleted blogpost, he states: “In 1989 I started a B.Eng/BSci double degree. I dropped out of the University of Queensland in 1992 (after my 3rd year). I have a reason for this. I had cancer.” His Linkedin profile states: “Engineering, Computer Systems Engineering (incomplete - changed to Comp Sci in 4th year [around 1993] - I was young).” It then lists an Associate of Science, a degree lower than Bachelors, as completed in 1997. No Bachelors or Masters is listed prior to Wright starting his PhD in 1998.
Wright is Not Satoshi
Looking at the above evidence, even if Wright manages to sign with Satoshi’s PGP key or, more extraordinarily, signs the genesis address, that would not, in my view, be sufficient. It would only prove that somehow he has gained the keys, whether through hacking or in some other way. However, neither is likely. What is probable is that Wright might use the allegedly fake keys referred to in his documents. According to a report by Motherboard investigating the PGP keys which Wright or documents connected to Wright claimed belong to Satoshi, Motherboard concluded in unqualified terms: “there’s evidence of active, intentional deception with respect to the keys.”
The myth of Satoshi thus lives on with the great race to find him continuing as the prize for journalists becomes slightly more prestigious while curiosity and difficulty intensifies. For now, we can all rejoice in the certainty that freedom lives on. For, as long as Satoshi’s myth continues, we have living proof that to have privacy is still possible, that one can still choose when, how, and to whom to reveal oneself.