I once wrote up a more layman's explanation of the Sartre stunt on reddit, as simply as I could try to make it, including why his more modern excuses for it don't hold up either. It references your article. Hopefully anybody can follow along, even if they're not too technical:
Also, this Twitter thread by WizSec was very good, about how the double hash in Bitcoin vs OpenSSL provided the opportunity to perform the trick. I notice now it's also a response to you, which I didn't remember when I went to dig it up again to post it here. :P
>Ditto, any of us could make any number of similar fakes. It's not only not proof that he's Satoshi, it's evidence that he isn't, since he faked it and lied about it.
>Hidden under all that obfuscation and padding ("when you have nothing, you put more") is just a simple trick:
>Standard ECDSA signatures hash the message once, but Bitcoin does it twice. You can use standard tools like OpenSSL to validate a Bitcoin signature, such as Satoshi's transaction to @halfin, as long as you perform an extra step of manually hashing the message once first.
>Wright took this transaction data hashed-once and then lied by explicitly asserting it's the hash of his Sartre text. Passing this hash along with the Satoshi signature to OpenSSL will confirm it's a valid signature. But it's not his signature and it's not of the Sartre text.
>ECDSA signatures are worthless if you don't validate them all the way from the original message, which OpenSSL normally does for you. But the extra hash in Bitcoin signatures gave Wright an opportunity to perform this trivial trick of simply substituting a different hash digest.
>People like @ryancdotorg already debunked Wright's Sartre nonsense IMMEDIATELY after it was posted in 2016, and Wright is now trying to make excuses for it by saying he's just "misunderstood". Please. The intended meaning is crystal clear and the post is intrinsically fraudulent.
I once wrote up a more layman's explanation of the Sartre stunt on reddit, as simply as I could try to make it, including why his more modern excuses for it don't hold up either. It references your article. Hopefully anybody can follow along, even if they're not too technical:
https://www.reddit.com/r/bsv/comments/yax6ak/bsvers_right_no...
https://www.reddit.com/r/bsv/comments/yax6ak/bsvers_right_no...
Also, this Twitter thread by WizSec was very good, about how the double hash in Bitcoin vs OpenSSL provided the opportunity to perform the trick. I notice now it's also a response to you, which I didn't remember when I went to dig it up again to post it here. :P
https://nitter.net/wizsecurity/status/1571639561352269825#m
https://nitter.net/wizsecurity/status/1571640691972870152#m
>Ditto, any of us could make any number of similar fakes. It's not only not proof that he's Satoshi, it's evidence that he isn't, since he faked it and lied about it.
>Hidden under all that obfuscation and padding ("when you have nothing, you put more") is just a simple trick:
>Standard ECDSA signatures hash the message once, but Bitcoin does it twice. You can use standard tools like OpenSSL to validate a Bitcoin signature, such as Satoshi's transaction to @halfin, as long as you perform an extra step of manually hashing the message once first.
>Wright took this transaction data hashed-once and then lied by explicitly asserting it's the hash of his Sartre text. Passing this hash along with the Satoshi signature to OpenSSL will confirm it's a valid signature. But it's not his signature and it's not of the Sartre text.
>ECDSA signatures are worthless if you don't validate them all the way from the original message, which OpenSSL normally does for you. But the extra hash in Bitcoin signatures gave Wright an opportunity to perform this trivial trick of simply substituting a different hash digest.
>People like @ryancdotorg already debunked Wright's Sartre nonsense IMMEDIATELY after it was posted in 2016, and Wright is now trying to make excuses for it by saying he's just "misunderstood". Please. The intended meaning is crystal clear and the post is intrinsically fraudulent.