>>wslh+(OP)
In a way, this wouldn't be terribly surprising. The whole thing is sold as a way to anonymously execute transactions outside of government-controlled currency structures, but its core is a massive, fully-auditable record of all transactions. Especially if the 'anonymity' turns out to be mere pseudonymity, the whole thing becomes one massive honeypot for getting criminals to record their illegal activity in public (not to mention an auditable record of legal activity, which would be useful for trend analysis and observation of new patterns in resource allocation that could be predictive of future concerns... "Hm, we haven't been putting much thought into the sociopolitics of Tanzania, but someone sure is sending a lot of BTC to several accounts we know are owned by people who reside there... We should probably tip off the CIA that they need to be ready to do a brief on that").

"An incredibly popular, globally-accepted financial system that surveils itself" is like an NSA fever-dream.

>>wslh+(OP)
I’ve always assumed it was a state actor such as the NSA that invented it. Seems like the obvious step for such an organisation to take, even just for shits and giggles. There was an awful lot of talk about electronic gold and financial/crypto-havens in the 90s (see also Cryptonomicon) so it was brewing for a long time. Plus such an actor is one of the few who could keep quiet about it all this time - it’s part of the job. One would expect that we’d all know who Satoshi was by now, unless Satoshi was a state-sponsored collective effort.

>>wslh+(OP)
Interesting that they talk about the double spending problem but don't propose a solution (which ultimately came in the form of the proof-of-work blockchain). From the section on Multiple Spending Prevention:

> One way to minimize the problem of multiple spending in an off-line system is to set an upper limit on the value of each payment. This would limit the financial losses to a given merchant due to accepting coins that have been previously deposited. However, this will not prevent someone from spending the same small coin many times in different places.

> In order to prevent multiple spending in off-line payments, we need to rely on physical security. A "tamper-proof" card could prevent multiple spending by removing or disabling a coin once it is spent. Unfortunately, there is no such thing as a truly "tamper-proof" card. Instead, we will refer to a "tamper-resistant" card, which is physically constructed so that it is very difficult to modify its contents.

>>gizajo+04
I'm pretty impressed that the secret has been kept this long. But I guess whoever made it is just living as one of the many people who were lucky to get in really early.

>>wslh+(OP)
Even if this twitter link is a hoax, I've always assumed as much: the decision to go with a previously unknown Elliptic Curve (secp256k1) is especially suspicious.

Even the description of the curve on the bitcoin wiki, "Most commonly-used curves have a random structure, but secp256k1 was constructed in a special non-random way" should ring alarm bells.

Even with "not up my sleeve numbers", for any given parameter, there are so many sleeves, that a parallel reconstruction of "not up my sleeve numbers" are entirely possible, much like the "interesting number" paradox, if every number is interesting, then every number also has a reason for why it shouldn't be considered suspicious.

>>wombat+c5
There's a somewhat credible theory that the inventor of bitcoin is dead now. That could explain why his bitcoins are untouched and why he doesn't emerge to claim credit for his invention.

>>wslh+(OP)
Tatsuaki Okamoto is actually a real, living cryptographer however. Not hard to google.

https://www.rd.ntt/e/organization/researcher/fellow/f_001.ht...

>>chango+z6
By the same token (no pun) the inventor might not have been alive in the first place, at least not as a singular individual. Individuals sitting on billions find it very hard to keep quiet about it.

>>chango+z6
Even if he is alive the lottery curse is probably good enough reason to never claim them now.

When the coins were only worth a few million he could've cashed out then but now he's just in for permanent trouble.

>>gizajo+C6
The reply where one asks ChatGPT if it's an anagram of Satoshi Nakamoto made me laugh.

Not because of the answer, but because of even thinking of using an LLM to figure out it can't be.

>>wslh+(OP)
https://www.iacr.org/cryptodb/data/author.php?authorkey=59

Is the insinuation that Tatsuaki Okamoto is Satoshi Nakamoto? Or that Okamoto worked for the NSA?

It seems plausible that Okamoto adopted a pseudonym which shares DNA with his real name if he's a private individual, but I rather think that if he worked for the NSA, he would go to greater lengths to conceal his identity.

>>chango+z6
It's definitely possible. But one could think of plenty of other hypotheses for why they're unmoved and why he hasn't taken credit.

In my opinion, there was a real (but vague) clue to his identity that was not a red herring: the IP leak in the debug logs he sent to Hal Finney. He used Tor most of the time but briefly slipped up and likely divulged his real, residential IP address. If that's the case, then he was living in California, possibly around the LA area, as of January 2009.

https://whoissatoshi.wordpress.com/2016/02/20/satoshi-in-cal...

>>xnorsw+t5
The flipside is, which alarm bells should be rung? At the time there was not much concern over the other more popular curves being backdoored, and now there is. Some people have switched curves because they saw Bitcoin use another curve. Maybe that was it. The alarm bells were possibly already rung.

>>wslh+(OP)
Aside from the high-level concept of some cryptography based cash, there's nothing there to indicate any similarity with bitcoin.

>>wslh+(OP)
This is a bit racist. So they cite a source with a Japanese name that sounds a bit like Satoshi Nakamoto, so he must be the same guy?

>>sdflha+j7
Other than that the NSA have large amounts of cryptographers working on the exact problem of digital cash, some of which they release to the public and academia.

>>wslh+(OP)
It's mainly because he thinks "Tatsuaki Okamoto" (達明 岡本) sounds suspiciously like "Satoshi Nakomoto" (サトシ な子元). But that might be more due to the syllable structure of Japanese, compare the hiragana of each: たつあき おかもと and さとし なこもと

>>Psyoni+t7
It's just a complete nonsense tweet from top to bottom, for a variety of reasons. I don't know why it's being upvoted, here.

>>shadow+J3
There's no question that Bitcoin, and systems that copy its design more or less exactly, operate in more of a pseudonymous manner than anonymous. Projects like Monero and Zcash are actually attempting to be anonymous, but they don't seem to be as popular or prone to the kind of high market valuation that Bitcoin has.

>>wslh+(OP)
So the premise is that...

1/ a Japanese crypto researcher (not closely affiliated with the US govt at all) published research in the 90s that gets cited by the US govt

2/ the contents of this govt paper are publicly released for everyone to read

3/ the original BTC paper comes out 10+ years later, and also had a Japanese author

4/ therefore the US govt specifically the NSA invented btc?

How does this stuff end up on HN in the first place. It's like saying AWS invented Merkle trees because DynamoDB paper uses them.

>>gizajo+04
>One would expect that we’d all know who Satoshi was by now, unless Satoshi was a state-sponsored collective effort.

Or, if the creator died of ALS.

>>wslh+(OP)
In 2008, there were only a relative few people who could've created Bitcoin. Len Sassaman, dead since 2011, is the best fit imo.

"By all accounts, Len was on track to be one of the most important cryptographers of his time. But on July 3rd, 2011, he tragically took his own life at 31, following a long battle with depression and functional neurological disorders.

His death coincided with the disappearance of the world’s most famous cypherpunk: Satoshi Nakamoto. Only 2 months before Len died, Satoshi sent their final communication:

I’ve moved on to other things and probably won’t be around in the future." [0]

[0] https://evanhatch.medium.com/len-sassaman-and-satoshi-e483c8...

>>wslh+(OP)
I think it's obvious. When Bitcoin was born, the fed had just undertaken unprecedented quantitative easing which at the time, no one could foresee the ultimate outcome. Launching bitcoin and holding a large amount of the initial supply ensures their system of power and control will stay in place.

>>gizajo+C6
Publications - Books

    "Cryptography, Zero-Knowledge Proofs and Number Theory" (Kyoritsu-Shuppan, 1995)
    "Cryptography" (Sangyo-Tosho, 1997)
    "Cryptography and Information Security" (Nikkei-BP, 1998)
    "Information Security" (Denki-Tsushin-Kyokai, 2000)
    Japanese translation of "Modern Cryptography, Probabilistic Proofs and Psudorandomness (O.Goldreich)" (Springer-Verlag, Tokyo, 2001)
    Theory of Public-Key Cryptography (Kyoritsu-Shuppan, 2011)
    Quantum Computation (Kindai-Kagaku-Sha, 2015)
    Advent and Advance of Modern Cryptography (Kindai-Kagaku-Sha, 2019)

Well then, that's actually quite a replete amount of work. I'm impressed! He's been working for NTT for more than 40 years, here's an interview with him:

https://www.youtube.com/watch?v=D863zphRoqE

I dunno this all feels like someone mixing up names in a language they don't understand. Satoshi OKAmoto and Satoshi NAKAmoto are way different names. Japanese just happens to have a lot of homophones and there's even multiple different possible meanings for the family names Okamoto and Nakamoto - I've linked the one this specific person has based on his wikipedia page in Japanese [1] [2] [3]. It's also the name of a brand of my favorite condoms that feel like they came from the future, are like one micron thick, and are lubricated with hyaluronic acid if you're wondering how crazy the homophony goes with this one. [4] Reminds me of that time newsweek completely fucked with that random dude in California with the same name as the bitcoin nym for a while.

[1] https://tangorin.com/kanji?search=%E5%B2%A1%E6%9C%AC%E8%81%A...

[2] https://tangorin.com/words?search=nakamoto

[3] https://ja.wikipedia.org/wiki/%E5%B2%A1%E6%9C%AC%E8%81%A1

[4] https://www.okamoto-inc.jp/

>>gizajo+C6
That's Okamoto of MOV attack fame, among other things.

>>wslh+(OP)
Well. Either way it’s been an epic lols

>>gizajo+04
There's math to show that the viability of a secret decreases rapidly as the number of people involved grows: https://journals.plos.org/plosone/article?id=10.1371/journal...

The NSA couldn't even keep their data sniffing secret, the odds that they could keep the billion-dollar Bitcoin secret are not good (according to the theory above). There are more viable theories about Satoshi's identity and why/how he disappeared completely imho (eg Hal Finney). The paper and the name prove next to nothing, it's maybe a hint that one of the the creators might have had a US security clearance at some point.

>>wslh+(OP)
So... some NSA employees published a paper, which based on the limited part shown in the tweets seems to summarize existing research by others, with the part shown describing an entirely different approach than the one Bitcoin took, one of the (non-NSA!) sources quoted for such a different approach is a Japanese cryptographer whose name seems very very vaguely similar to Satoshi Nakamoto (probably not more than thousands of other Japanese names) and that's supposed to be evidence that the NSA invented Bitcoin?

>>gizajo+S6
I'd personally bet money on it being a solo project from him (until he open sourced it). I never saw compelling evidence for the collective theory.

If you dig through all of his forum posts, emails, and code, it's entirely consistent with a solo dev reading a bunch of papers, combining ideas (digital currency + hashcash), iterating on some software, and interacting with his community.

>>gizajo+04
> Seems like the obvious step for such an organisation to take, even just for shits and giggles

I don't understand this. What does the NSA get out of it? Developing it to study cryptography? Why not, but then why release it publicly? The fact that Bitcoin didn't replace fiat currency is something we know now, but recall that it was considered a possibility at the time. In the end, it just cost a lot of people a lot of money. Say what you want about the NSA, I don't think they would create something with a huge downside and no upside for them into the public for shits and giggles.

>>Psyoni+t7
Even if it were the same guy, wouldn't it be evidence that the NSA did NOT invent it, since that source is a cryptographer not associated with the NSA?

>>c7b+T9
I agree… but governmental actors prone to secrecy are in fact very very good at keeping official secrets. Their jobs and basically their lives depend on it, and they swear oaths ensuring not to break secrets as part of their work. There’s heaps we don’t know about that are kept top secret, by your logic we should know about absolutely all of it, and the proof is that we don’t. A good example being the work of Turing and Bletchley Park that was kept secret for a few decades after the end of WWII that nobody knew about due to the importance of the crypto skills learned in combatting the Soviets afterwards. Tommy Flowers even implemented the first programmable computer called Colossus to break German encryption, and it was ordered to be destroyed at the end of the war, leading the world to believe that ENIAC was the first programmable computer. Secrets are kept all the time.

>>gizajo+04
If it was NSA, you’d think there would be more back doors and so many millions of people wouldn’t be using it for drugs or fake ids.

>>meowfa+58
The Gell-Mann Amnesia Effect applies to social media as well.

>>kjkjad+nb
Yeah but if such a system can be invented and be spread simply, then they may as well do it themselves.

>>celtoi+Z8
>In 2008, there were only a relative few people who could've created Bitcoin.

I very strongly disagree, as would many others. I also think there are good arguments against the Sassaman theory.

>>wslh+(OP)
I have an open mind about these claims. Extraordinary claims require extraordinary evidence. That said, Satoshi's IP leaked in a debug log[0] and it was a Californian IP[0]. (Make of that what you will).

[0] https://whoissatoshi.wordpress.com/2016/02/20/satoshi-in-cal...

>>meowfa+wa
You’re correct. I’m not really denying any evidence, just there remain a bunch of mysteries around Satoshi’s identity, that all we can do is say “it could be this OR it could be this OR this could have happened OR they could have been this”. One can “or” oneself all day long in the face of a mystery or a paradox.

>>karate+xa
> What does the NSA get out of it?

A transparent ledger which is easy to audit, for the purpose of catching cybercriminals.

>>wslh+(OP)
Not sure if this discovery supports this idea, but I always thought Bitcoin was a canary for SHA. The value of Bitcoin is a strong incentive that weaknesses in SHA-256 will surface.

>>celtoi+Z8
Yep, this one makes a lot of sense. More people should consider Len Sassaman as likely to have been Satoshi Nakamoto.

>>wslh+(OP)
Newsweek must read on the matter:

https://www.newsweek.com/2014/03/14/face-behind-bitcoin-2479...

TL;DR: Satoshi Dorian Nakamoto, japonese imigrant in the US, is software engineer, worked both in financial and defense sector...

For the record, TOR network is the work of 2 defense sector contractors.

EDIT: TOR and Bitcoin are 2 technologies which work both in tandem and share some requirement as well as limitations. As for requirement, they both are designed to provide at least of pretense of privacy. And that what they both advertised for. And as for limitations, Bitcoin implentation doesn't make sense for wide adoption because it is extremely costly to operate and is so slow it cannot be adopted for day to day financial operations ; and TOR is also slow as hell and unreliable...

For spy and LE stuffs, creation of an anonymous(?) internet network and pseudo-anonymous payment network make sense. If you are of control of end points (like payment processors or online wallets or [ISP companies?]), they give both a sense of (false) security for bad actors, whoever they are for whatever they do, and allow allied organisations or individuals to funnel information and money to each other provided they have secured the endpoints they use themself.

Also for the record, China has banned both Crypto and TOR as well as Russia (except for 'international operations') at least 1 year ago.

Some might argue that creation of online drugs markets, the crazy rush in crypto space by dubious 'entrepreners' and the rise of private and state hacking actors are the proof that western governments agencies could not be involved in these technologies... But it could be simply they didn't anticipated neither of these devellopments. Let's call that externalities.

>>meowfa+0c
Len's connection to Hal Finney, the first recipient of a Bitcoin transaction and a hell of a cryptographer in his own right, is quite the breadcrumb.

>>Psyoni+t7
He shows evidence that NSA employees were aware of this guy’s work and implying they may have made up a similar name. I don’t think that’s racist. The Satoshi pseudonym had to come from somewhere, no?

>>karate+xa
If something crypto-related is ripe for invention then they may as well invent it even just to keep an eye on it. Plus at the last count, they’re $60billion up if they did invent it, and don’t need the money right now.

>>codetr+7e
Len's publications list [0] alone should be the clincher. People want to believe in shadowy orgs instead of basic human ingenuity.

[0] https://www.researchgate.net/scientific-contributions/Len-Sa...

>>karate+xa
In no particular order:

Pushes entities of interest towards using this new currency as part of sanctions evasion.

Creates downstream effects in tech for expanding the technology. Promising parts can be used to obtain budget for things that are even more off the books.

To this day one of the more prominent use cases of bitcoin/cryptocurrencies has been to turn USD into sanctioned currencies.

>>sysadm+3d
well that hasn't worked out very well, then? the elite tier of notional criminals don't get caught by that.

>>meowfa+g7
how is that a clue, given the best theory anyone has is that Hal Finney himself was Satoshi?

>>lesuor+Z6
Well, whatever the process is to cash out coins you mined could be used I assume? Such a person could likely afford top legal talent. Also, lotteries in many states require you to claim with your real name. A corporation could be used for bitcoin.

>>wyldbe+ui
But hasn't it made it easier to get around sanctions, not harder?

>>wombat+sm
Corporations hiding a name only obscures it from the general population. Kind of like how your social security number is private.

Sophisticated criminals who actually are interested in targeting you can play your shell game until they figure out who you are.

>>karate+Hq
initially yes, but with a more auditable trail. Intelligence agencies and other groups are no stranger to using stuff like this to get washed money to do things they aren't directly funded for.

>>tptace+y9
ahhhh thems the folks who broke elliptic curve crypto

>>banana+Mk
Because that's not the best theory anyone has.

>>wslh+(OP)
Sticking with my personal conspiracy theory that it was a scheme of an AI to convince greedy monkeys to attach as much processing power to the internet as possible.

>>celtoi+6f
It's absolutely a breadcrumb, but if you follow the crumbs you'll realize it likely is neither Sassaman nor Finney.

>>wslh+(OP)
Of course, NSA = Nakamoto Satoshi agency

>>tgsovl+ka
The most credible candidate is someone who was very familiar with and keen on its technology yet did not engage publicly in the first few years [1].

[1] https://chainbulletin.com/the-unmasking-satoshi-aftermath

>>meowfa+5y1
Sassaman was probably Satoshi. He and Finney worked together at PGP.

>>celtoi+Zw5
I disagree. I don't think anyone has any justification to feel remotely confident in any particular Satoshi suspect, and Sassaman is no exception.