[retrac]

At its core, a Bitcoin address is a public/private key pair used to sign data. One type of data you can sign is a Bitcoin transaction, which when signed and valid, gets processed by the Bitcoin network. "Send 0.01 BTC to xyz" -- signed retrac. But it's standard public key cryptography, and you can use that key to sign any kind of data.

The signature in question was not posted to the Bitcoin network. It's almost exactly like signing an email with a PGP signature. The message/signature pair alone are proof that the message was signed by the key in question.

2) Yes. Anyone with the private key could sign a message. And for clarity, such things are not date-stamped in a secure way, so there's no way to know when it was signed.

For me, one major incongruity is that, it is possible to post such data to the Bitcoin network. If you need a permanent record of when a key signed something, that's honestly about the only thing blockchains are good for! Hal Finney understood this very well. So when he allegedly signed that message 8+ years ago for future generations to finally know the truth, why didn't he take advantage of an architecture, that he helped create, that enables making such claims in a (more) verifiable manner?

[cmatthias]

This is great info, thank you! I agree that it’s strange that Finney wouldn’t have posted this message to the blockchain. Unfortunately I think most people superficially familiar with bitcoin don’t understand cryptography deeply enough to realize that the most likely explanation for all of this this is that Shkreli or an associate is in possession of Finney’s private key.

[TacticalCoder]

> 2) Yes. Anyone with the private key could sign a message. And for clarity, such things are not date-stamped in a secure way, so there's no way to know when it was signed.

Certainly if the message included a hash of the last Bitcoin block that'd be a very strong date-stamp.

[retrac]

I would consider that a strong date-stamp too, but it doesn't do what we would need here. It can only set an earliest possible date for the message. It does not bound it on the other end.

It's like using today's newspaper to prove when a photo was taken. If the front page of Dec 13 2022's New York Times is in the photo (and the photo is authentic) then the photograph must have been taken on or after Dec 13 2022. But I could use that same newspaper in 2025 to prove the same thing. The photo was taken on, or after, Dec 13 2022.

Bounding the other end -- to prove that this key was not used after a certain point in time -- is really quite a puzzle with no particularly elegant solution, as far as I know. Trusted central authority that date-stamps and signs messages when it receives them. Or a blockchain, ironically.

[ashpool37]

Is there a way to provably destroy a piece of information? The closest thing I heard of was the Z-Cash "ceremony" [1]. If there was, we could create messages that are provably and absolutely timestamped.

Another possible way would be crafting the message in a way that requires a low-entropy system, like a living human person, a sophisticated computer, or an immense power source. But, this would only be useful on extreme time scales, or within limited space.

[1]: https://z.cash/technology/paramgen/

[ashpool37]

Such a timestamp could only be interpreted as a "no-earlier-than" proof. You couldn't use it to prove that the message was created before a certain date, as all existing bitcoin blocks can easily be referenced in any future messages.