The Genesis of Genesis

Some time ago in a blog post far far away, I wrote about the genesis block and the start of Bitcoin.

Many have argued that the initial block in Bitcoin is a flaw. It is nothing of the sort. The so-called lost bitcoin from the genesis block do not exist as spendable bitcoin; it is an anchor.

The problem people have when they look through glasses tainted with greed is that they don’t see the simple facts, but rather paint the scenario with one of their desire. The first thing to remember is that there were no bitcoin sales in January 2009. Bitcoin was a system that cost money to run and create, and yet had no value. When asked about the lost value of the genesis block, the calculation is simple: 50 bitcoin times zero. Remember, anything times zero is zero. There is nothing lost.

More importantly, the keys vary between the genesis block that is public and the early code that was distributed. In September 2008, I sent many copies of the early code.

txNew.vout[0].scriptPubKey = CScript() << OP_CODESEPARATOR << CBigNum(“0x31D18A083F381B4BDE37B649AACF8CD0AFD88C53A3587ECDB7FAF23D449C800AF1CE516199390BFE42991F10E7F5340F2A63449F0B639A7115C667E5D7B051D404”) << OP_CHECKSIG;

In this version of the code, it was not called a “block chain” — such was a later change.

// The timechain is a tree shaped structure starting with the
// genesis block at the root, with each block potentially having multiple
// candidates to be the next block. pprev and pnext link a path through the
// main/longest chain. A blockindex may have multiple pprev pointing back
// to it, but pnext will only point forward to the longest branch, or will
// be null if the block is not part of the longest chain.

Orphans and forks are part of how Bitcoin works. Such was always the design. They don’t impact transactions, but rather are part of how mining works.

The genesis block did not only have a different hash, it had a completely different address.

This version was completed and posted to people on Wednesday, September 10, 2008. It was a busy busy week. I took time off work. I had a few weeks vacation, and I was preparing for another certification. I sat the SANS/GIAC GSE-Malware exam. They don’t offer it anymore; it was considered too difficult.

The GSE exam is hands-on. You have multiple days of testing after you pass the theory test. I had been prepping for the theory test for the month before. In the exam, the student needed to reverse-engineer malware. This point was probably my peak technically. I was still teaching and coding C/C++/C# on a very regular basis, not that I ever went to develop sound production code very well.

I sat the SANS/GIAC Security Expert Malware (GSE-Malware) certification. The year before I had sat the GSE-Compliance stream. The GSM is no longer offered as only four of us managed to ever achieve it.

Even now, very few people sit the GSE. I’m proud to have been one. Having been the only individual who sat all three, I can tell you that the malware exam was the hardest by a long way. The GREM exam and certification still remains, which is the reverse-engineering-malware training and certification.

Interestingly enough, the reason I sent the code out at the time was that I’d been procrastinating from studying more for my malware exam. I’d spent every spare moment since September 2007 studying. I was simultaneously enrolled in a master’s degree in statistics at the University of Newcastle and finalising my master-in-law degree from Northumbria (Newcastle, UK). It was a busy time. I would spend mornings on Bitcoin. I got up at ridiculous times, and started by coding and checking my material before having breakfast.

I had memorised practically everything over the year that would be included in the GSE-Malware exam, and had practised with IDA and Olly until I knew every shortcut by heart.

Now, I’ve left it far too long, and I don’t play with disassembling code other than in the occasional way to remember the past. So, I can flood my way around Hex-Rays, but if you asked me to engage in reversing Objective-C binaries using a REobjc module… I would need to do some serious studying to remember how to do it.

On September 10th, the most memorable thing for me was that the Large Hadron Collider at CERN was powered up in Geneva, Switzerland.

I guess for other people, it’s going to be different. I was living and breathing low-level networks and low-level code at the time. On top of them, Internet law and a few other areas. I am doing two doctorates simultaneously right now, but I am not doing a fraction of the study hours I was doing then. I was living on four hours’ sleep for two years. I was used to being up at 3 AM or 4 AM seven days a week.

Then, after I had stopped with the work at BDO, it became even more ridiculous.

But that’s another story.

I had my presentation ready for IT Security World around the same time. I was discussing document storage and WORM storage, something required by Sarbanes-Oxley (WORM means write once read many). I still fail to see how people do not understand that the blockchain, that is Bitcoin, creates immutably singular storage that allows organisations to securely manage documents.

I presented on the legal aspects of compliance and security when I visited the US to present at IT Security World.

So many people believed that you couldn’t have privacy and retain information. I’m still having a hard time getting people to understand that you can.

I had a publication the same year concerning document-destruction practices in organisations. I did a lot of publishing in the Institute of Internal Auditors and risk-management journals. The header of one paragraph was “Destroying Documents: Bad for Business or Illegal.” I argued that organisations shouldn’t need to destroy documents ideally, management could be done cryptographically, and key control could be much simpler.

My blog posting at the time slowed considerably during the same weeks.

But with staff at BDO, we created a number of forensic tools. One of them had to do with analysing the mining of data. I never managed to gain much traction talking about mathematics with IT people. But the software we created enabled the prosecution of a child-grooming offender in South Australia. By reviewing chat logs in social media, we were able to use the links between individuals to deanonymise accounts.

I knew perfectly well about the interconnectivity of network systems at the time. I had testified on a number of criminal cases using such techniques to deanonymise social media accounts. One people in the crypto community won’t like is that of catching copyright infringers. There was never any one individual, it is never some poor person at home but rather organised crime rings.

Some cases involved specialised hardware, such as for a raid I did later on with an ex-NSW Police Sgt. I did a lot of work with friends (‘Clarence’ — Bill Bush) which involved systems that broke satellite transmission, systems that allowed karaoke bars to act without paying for their licensing and where people would sell rights using peer-to-peer networks. There was never once a case where anyone ever mentioned raiding some poor home user. Rather, some of the copyright offenders created global networks, and sold pirated software to tens or hundreds of thousands of users. Almost all included a backdoor designed to capture financial transactions and de-privatise people’s personal accounts.

My knowledge of peer-to-peer networks was gained through analysing networks in regards to conducting piracy investigations in the music industry.

  1. There is a longstanding legal principal, a piratis et latronibus capta domimium non mutant, which translates to mean ‘things taken or captured by pirates and robbers do not change their ownership.’ Hence you can accept that simply because some other infringer has placed infringing television broadcasts in a public place, i.e. the web, it doesn’t mean anyone who aggregates such infringing content is no longer a copyright infringer.
  2. A criminal cannot avoid culpability by producing a disclaimer, guarantee, or warranty — otherwise all economic criminals would include a disclaimer in their handiwork.

Ah, remembering all this…

I got back around October 5. I gave myself an afternoon off, and then I started studying for the GSSP exams. There were two: secure coding using Java and C. I still had a lot of work to do in C# at the time.

But, I started another master’s degree to help. I had to give it up before I graduated. I ended up completing all but one subject. I was enrolled at the time, around 2012–2013, in both my PhD in computer science and the master’s degree at Charles Sturt University. It would have been my fourth master’s degree from them. But, I had people complain. The university had given me two separate student IDs, and I was completing both degrees simultaneously. Doing so is technically against the rules, and unfortunately, I needed to choose one or the other. Such is life.

Ironically, I still sat ITE505 Enterprise Applications Development. As such, I think I learnt everything I needed to.

Getting back to the development of Bitcoin, part of it involved economically incentivising DATs.

DATs are digital auditing techniques.

If you’re wondering why the Wayback Machine only has material of mine saved dating to 2015, what you’re missing is that I used both robots.txt and metadata tags in my pages. It isn’t that the pages didn’t exist, it was that I was trying to remove them in 2015.

You’ll notice in the post I made before launching Bitcoin, I wrote:

From my observations, the accounting and audit would seem to be increasing its productivity at a rate of between 1 and 3% per annum. At this rate, not only can organizations who are not growing fail to maintain equilibrium (this is currently attained through exceeding with the big four) in the long run, but within a decade, small to medium firms will likely lose up to 50% of their business to them.

One of the biggest reasons for the development of blockchain, Bitcoin, is that I saw the changes in order technology that were about to come in the development of productivity tools. It wasn’t just money. It’s a form of money that radically alters the way we do business. There is a reason why WP0001, general ledger accounting on the blockchain and the first filed patent application I had with nChain, is about accounting.

I wrote at the time that DATs have also shown an accuracy of over 96% on analysis of non-fraud financial statements. It is important; to be effective, the system needs to link into a single immutable data store. Such was Bitcoin. I know that it seems boring to most people, but I find the creation of something that will reduce fraud to be massively exciting and groundbreaking.

As I said back then, to make such types of productivity gains, we don’t need to work harder, we need to follow the often used idiom that we need to work smarter. We need to look at working with each other and think about how we can better implement technology.

So the fun thing for you to know is that you can find links to the blog pages dating back to 2007. Yet the archives are not so old. Those who have a little bit of skill in digital forensics and web analysis will realise that the absence of evidence in the Wayback Machine is proof of very little at all.

Having said so, back then I was considering how we would gain access to data.

The funny thing is, I had people such as those at SAS who read my blog. One thing you will notice is that I cannot update timestamps for comments. So the pages existed. All it does is show your own ignorance and how little you know about how the Wayback Machine actually works.

On Keys

To recover the public key from an ECDSA signature (R,S), we require knowledge of the curve and the message that was signed (or at least the hash of the message). With both, we can calculate the public keys. One of them will correspond to the private key used.

I always find it strange to see how people react as if 50 bitcoin in the genesis block mattered.

At the time, they had zero value. The genesis block was designed never to be spent. There are many ways to do so; ECDSA allows for an unknown private key in the creation of a signature that can even link to an invalid public key. There’s even a way to create a self-signed Bitcoin transaction. Here, you compute the value of the private key after creating the signature, which can be done as you know the value K, the ephemeral key.

In September, the version of code that I had finished and sent out was a lot simpler. It contained the following line:

  • txNew.vout[0].nValue = 10000;

If it had been left, the amount of bitcoin would’ve been completely different. COIN is used as a multiplier, and comes to 10,000,000. So the initial reward would’ve only been a small fraction of a bitcoin and not 50 bitcoin for the initial block. At least, the initial genesis block would’ve started that way. The idea with the block subsidy was that early adopters would get a lot more so that they could reinvest in the network and make their investment valuable. I greatly underestimated human greed and the propensity to scam people.

  • txNew.vout[0].nValue = 50 * COIN;

What we ended up with is what you see now listed above.

Such techniques are not going to go away. Change is pervasive; either we embrace it in an entrepreneurial manner, or it will steamroll us.

I haven’t stopped reflecting on the nearly two decades. The process has been interesting to say the least. Thinking about it, all that occurred and all that I went through, I wonder how I managed to do it. I certainly couldn’t do what I did then now. I am still very productive, I write more than one paper a day on average, sometimes closer to two. But I certainly cannot study at the rate I used to, with age comes change. The consolidation of knowledge that I’ve learnt brings a different result. And through it, I am not the same man that I was then.

Would I go back and do it again?

Yes, if I could, and I would do it just the same way. There are things I did not like at the time, but I like the place I’ve come to, the person I have become, and everything about it.

The phoenix must burn to rise.

Never miss a story from Craig Wright (Bitcoin SV is the original Bitcoin)