Cointime

Download App
iOS & Android

Hal Finney Was Not Satoshi Nakamoto

Repost from Cypherpunk Cogitations, Jameson Lopp: “Hal Finney Was Not Satoshi Nakamoto” The full report and all related findings are available on the official website of Cypherpunk Cogitations.

The mystery of Satoshi Nakamoto's identity has intrigued countless people ever since the inception of Bitcoin in 2009. Who, the world wonders, would be so gifted that they could solve the Byzantine Generals' Problem? Who, we ask, is so altruistic as to create a new monetary system but not use it to enrich themselves? Who, we question, is sufficiently privacy-conscious that they could pull off these magnificent feats and manage not to leak their true name?

The actual identity of Satoshi Nakamoto is irrelevant to the security, evolution, and future operation of the Bitcoin network. But the speculation of Satoshi's identity does have real-world consequences for those who end up in its crosshairs.

Hal Finney was swatted and extorted in 2014 when he was in poor health.

Dorian Nakamoto's life was upended by Newsweek's baseless speculation in 2014.

A multitude of scammers have taken the opposite route and tried to leech off of Satoshi’s reputation by claiming to be him.

Who do I think is Satoshi? I have my theories, but I shall never share them as it would be irresponsible to do so. Rather, I believe it is in the best interest of Bitcoin to dispel any myths of Satoshi's identity. Let's begin.

The Race

On Saturday April 18, 2009 at 8 AM Pacific time Hal Finney, an avid runner, began a 10 mile race in Santa Barbara, California. We can see his results here:

Source: https://archive.is/46t9A

Why is this noteworthy? Because Satoshi was performing activities at the same time that Hal was running. For the hour and 18 minutes that Hal was running, we can be quite sure that he was not interacting with a computer.

It turns out that early Bitcoin developer Mike Hearn was emailing back and forth with Satoshi during this time. Hearn later published his emails on his web site; you can find a copy archived here.

We can see from the timestamps that Mike emailed Satoshi on Apr 18, 2009 at 3:08 PM and Satoshi replied at 6:16 PM. But what time zone was Mike's email client reporting? Well, Hearn conveniently included his IP address at the time (because one way of sending and receiving bitcoin back then was via direct connection to a peer node's IP address) and his address was 84.73.233.199. A quick lookup shows that this IP belongs to a Swiss ISP.

Source: https://www.whois.com/whois/84.73.233.199

This lines up with the well-established fact that Mike Hearn was working for Google at the time, out of their Zurich office. I additionally confirmed these details directly with Mike during my investigation.

What can we determine from all of this? Satoshi sent the email to Mike at 9:16 AM Pacific time - 2 minutes before Hal crossed the finish line.

Source: https://www.timeanddate.com/worldclock/converter.html?iso=20090418T161600&p1=268&p2=1050

How can we be sure that Hal was actually running in the race and didn't send an imposter to stand in for him? Well, we have third party photographic evidence courtesy of the event photography service, PhotoCrazy (though their site has been offline for many years now.) We can see that his ID number 591 matches the one from the race results database linked above.

There's also a photo taken by Hal's wife:

The Transaction

As seen in the email exchange between Mike Hearn and Satoshi, Satoshi sent 32.5 BTC to Mike Hearn via transaction 6a679898780f5d99f0ffa12573b855e0dc470956406eb8b82690b688fa19200f which was confirmed in block 11,408 at 8:55 AM Pacific time on April 18, 2009. Satoshi then replied to Mike's email 20 minutes later.

The previous block (11,407) was mined at 8:28 AM Pacific time, thus the transaction was likely created, signed, and broadcast during the window between 8:28 AM and 8:55 AM.

Blocks 11407, 11408, and 11409 (in blue) were all mined by Patoshi (likely Satoshi.)

The previous block 11,406 was minted by an unknown miner at 8:08 AM; it's safe to assume that if the transaction had been broadcast and was in node mempools at that time, it would have been confirmed at 8:08.

Potential Objections

“Mike Hearn is untrustworthy”

  • Hearn published the full emails in 2017 after many distrusted him due to disagreements during the multi-year scaling debates.
  • Hearn actually shared the first of the emails on the Bitcoin Foundation forum in December 2012.
  • Hearn's emails are the strongest evidence, but not the sole evidence, as we'll see shortly.
  • Mike's own words on the matter.

I thought these emails had been published already, because I had forwarded them to a project that was archiving Satoshi's emails years ago. When CipherionX asked me for these emails again, he told me they'd actually never been uploaded anywhere and so I forwarded them once more.The emails are real. As others have noted, I quoted parts of them in various conversations stretching over many years. It would have required vast planning to have set up such a forgery and there is no reason to do so.

“Hal could have scripted the emails and transactions.”

Sure, but Occam’s Razor applies. Why go to such lengths to sow disinformation in a private communication? It would have been far simpler for Hal to have just responded at a different time rather than leaving this proverbial needle in the haystack that would have never been revealed had Hearn not published the emails.

“Hal could have been one member of a group.”

Sure, but Occam's Razor again. As Benjamin Franklin noted: “Three can keep a secret, if two of them are dead.” In all my time researching Satoshi, I've yet to come across any evidence suggesting it was a group. If it was a group, then they all operated on the same sleep schedule, consistent across code commits, emails, and forum posts.

“The early blockchain history could have been rewritten.”

Technically true, though 3 hours later Mike sent BTC back & confirmed via email. The timestamp activity of the emails and blockchain line up.

“Someone else could have been running the race in Hal’s place.”

As seen above, we have photographic evidence from multiple parties that shows otherwise.

Singularity Summit 2010

Hal at Singularity Summit

Hal attended the Singularity Summit in San Francisco on August 14th and 15th of 2010. We can see his wife published this post about it a few days later.

This past year, Hal and I have had to completely alter projections of our future together. Hal was diagnosed with ALS (Amyotrophic Lateral Sclerosis, better known in the US as "Lou Gehrig's Disease"). Since his diagnosis in August of 2009, Hal has physically changed in very obvious ways. His speech has become slow, quiet, and labored. His typing has gone from rapid-fire 120 WPM to a sluggish finger peck. His weekly running (50-60 miles per week in February 2009) stopped being possible in November of 2009, and now Hal gets around in a motorized wheelchair. Eating, always a pleasure before, is now a challenge - much concentration is involved to avoid choking. The most recent and worrisome manifestation of the weakening in Hal's voluntary muscles is his breathing. However - all of these changes have been to Hal's body. The machine that Hal's brain controls through efferent output to interact with the environment. Inside, he is the same brilliant guy I have known for well over half of my life.

She specifically talks about how Hal can barely type at this point.

What was Satoshi doing on August 14 and 15 of 2010? Satoshi was quite active, with 4 code check-ins and 17 forum posts. You can view my compilation of all publicly known Satoshi activity timestamps here.

The IP Address

In the initial days of Bitcoin, the client connected to an IRC (Internet Relay Chat) room in order to discover IP addresses of peer nodes to connect and thus join the network. For this reason the debug log becomes crucial for the investigation. It reveals IP addresses of 3 users who were connected to the IRC on January 10, 2009 - the day after Bitcoin launched. As far as we know, Satoshi and Hal were the only two people working on the project during that time.

Source: https://web.archive.org/web/20140821141611/http://sourceforge.net/p/bitcoin/mailman/message/21295694/

The debug log is quite verbose, so I'll point out the relevant lines:

[x93428606] is the admin of the IRC channel (Satoshi) and connects from i=x9342860 gateway/tor/x-bacc5813d7825a9a (via tor, a privacy preserving network)

[uCeSAaG6R9Qidrs]  CAddress(207.71.226.132:8333) - this is Hal.

[u4rfwoe8g3w5Tai]  new  CAddress(68.164.57.219:8333) - this is the only other node, thus likely Satoshi.

What can we determine from these IP addresses?

Hal Finney’s IP can be identified easily as he has hosted his website at the same IP address. Data source can be found here.

IP Address: 207.71.226.132State/Region: CaliforniaCountry: United StatesReverse DNS: 226-132.adsl2.netlojix.netHost/ISP: Silicon Beach Communications

Domains Hosted on IP 207.71.226.132

  • finney.org
  • privacyca.com
  • franforfitness.com

Could other people have been running nodes? Sure! Though the debug log shows not one, not two, but three boot-ups of Hal's node, and it receives the same peer IP address every time. It appears unlikely that anyone else was running a node at this time.

We can note that:

  • Satoshi’s IP address doesn’t appear to be a tor exit node (I can't find that IP address in publicly available historical lists of tor exit node IPs)
  • Satoshi’s IP belonged to a different ISP than Hal’s, though also in California.

I think it's reasonable to ask ourselves the following:

  • If Hal was privacy conscious, why publish this info?
  • If Hal was Satoshi, publishing disinformation, why not make their IP in a different state or country?

Inconsistencies in Coding Styles

Some have claimed stylistic similarities between Hal’s and Satoshi’s public writing, but I know nothing of stylometric analysis thus I can't comment on the veracity of that claim. What I can confidently state is that their code is quite different.

We can compare Hal’s Reusable Proofs of Work code against the original Bitcoin client and several differences are immediately apparent.

  1. Hal used tabs while Satoshi used spaces (this is a massive never-ending debate between developers)
  2. Hal preferred his debug statements not to be indented while Satoshi’s maintained indentation with surrounding code
  3. Hal made comments with block style multi-line markers while Satoshi preferred to create many single-line comments with double slashes
  4. Hal used snake_case for his function names while Satoshi used camelCase

There are probably far more differences that are more subtle, but these jumped out from just a few minutes of eyeballing the codebases.

Inconsistencies in Personas

There are a few points about Satoshi's and Hal's perspectives that don't line up, and it would have required a pretty creative writer to keep their personas distinct. For example:

Are we to believe that Satoshi had been working on Bitcoin for a year (if not years) but suddenly started being concerned about CO2 emissions?

It appears that Satoshi Nakamoto only learned about Nick Szabo’s "bit gold" idea from Hal Finney’s first reply to the whitepaper announcement post on the cryptography mailing list.

I also do think that there is potential value in a form of unforgeable token whose production rate is predictable and can't be influenced by corrupt parties. This would be more analogous to gold than to fiat currencies. Nick Szabo wrote many years ago about what he called "bit gold" and this could be an implementation of that concept.

Once again, this level of "character development" for alternate personas is a pretty big ask for someone who is not a professional fiction writer.

Hal Finney was not actually a particularly private person. According to his wife, Hal was a huge privacy advocate and believed everyone had the right to privacy. But privacy is the ability to selectively reveal yourself to the world, and Hal was quite open about his dealings.

In terms of being privacy conscious, most of the other Satoshi contenders are far stronger candidates with regard to this attribute.

Inconsistencies in Activity Gaps

Satoshi had 2 lengthy gaps in their public activity:

  1. From 2009-03-04 16:59:12 UTC to 2009-10-21 1:08:05 UTC
  2. From 2010-03-24 18:02:55 UTC to 2010-05-16 21:01:44 UTC

We can see that Hal Finney kept posting during those periods:

While this doesn't prove anything, it's yet another difference in the characteristics of Hal and Satoshi.

Hal was a Legend, Just not That Legend

We should all aspire to be like Hal Finney.

Check out the reactions to Satoshi's announcement of Bitcoin on the cryptography mailing list.

First response: "your system doesn't scale."

Second response: "honest nodes won't control the network. Bad guys with zombie farms will take it over."

Third response: “I think the real issue with this system is the market for bitcoins. Computing proofs-of-work have no intrinsic value.  We can have a limited supply curve but there is no demand curve that intersects it at a positive price point.

Hal arrives: “Bitcoin seems to be a very promising idea. I like the idea of basing security on the assumption that the CPU power of honest participants outweighs that of the attacker. It is a very modern notion that exploits the power of the long tail. When Wikipedia started I never thought it would work, but it has proven to be a great success for some of the same reasons.”

Hal was an optimist, a builder, and a thoughtful collaborator. He made great contributions to cypherpunk projects like anonymous remailers, PGP 2.0, Reusable Proofs of Work, and Bitcoin. Open source projects need people like Hal.

This is Good for Bitcoin

Some will surely claim that the prior points do not constitute incontrovertible proof that Hal was not Satoshi. Indeed, proving a negative is often an impossible task. But I find the aggregate of all the evidence to provide so much doubt that a reasonable person would conclude that it's far more likely that Satoshi was someone else. After months of research I have been sufficiently convinced that I am willing to stake my reputation upon this claim.

It is better for Bitcoin that Satoshi not be a man, for men are fallible, fickle, and fragile. Satoshi is an idea; it is better that all who contribute to Bitcoin be an embodiment of that idea. As such, I pose to you that it is to the benefit of Bitcoin that we crush any myths of Satoshi’s true identity.

Satoshi Nakamoto is Dead

Long Live Satoshi Nakamoto

Comments

All Comments

Recommended for you

  • A Total of 37,212.18 DMD Permanently Burned Over the Past 7 Days

    July 9, 2026 — According to the latest on-chain data released by DMDAO, a total of 37,212.18 DMD has been permanently burned over the past seven calendar days through the protocol's predefined trading and wealth management burn mechanisms.

  • Whale Transfers 1,133 BTC to Coinbase Prime, Valued at $71.48 Million

    According to Onchain Lens monitoring, a whale transferred 1,133 BTC from Coinbase to Coinbase Prime through an intermediary wallet, valued at $71.48 million.

  • U.S. AI Chip Stocks Decline Before Market Open, Intel Falls Over 3%

    On July 7, U.S. AI chip stocks experienced widespread declines before the market opened. Intel dropped over 3%, while AMD, Qualcomm, and NXP fell more than 2%. TSMC, Broadcom, and Tesla decreased by over 1%, and NVIDIA declined by 0.7%.

  • China's Central Bank Increases Gold Reserves for the 20th Consecutive Month

    As of the end of June, China's gold reserves stood at 75.44 million ounces (approximately 2,346.446 tons), an increase of 480,000 ounces (about 14.93 tons) from the end of May, which reported 74.96 million ounces (approximately 2,331.52 tons). This marks the 20th consecutive month of gold accumulation.

  • China's Foreign Exchange Reserves in June at $341.6262 Billion

    On July 7, China's foreign exchange reserves for June stood at $341.6262 billion, a decrease of $26 billion from the end of May, representing a decline of 0.75%, with expectations set at $343.2 billion.

  • U.S. Storage Stocks Drop Pre-Market, SanDisk and Micron Down Over 4%

    On July 7, U.S. storage concept stocks collectively fell in pre-market trading. Western Digital dropped over 5%, SanDisk and Micron Technology fell over 4%, Seagate Technology declined over 3%, Rambus fell over 2%, and SMI fell over 1%.

  • U.S. Stocks in Optical Communication Sector Drop Pre-Market

    On July 7, stocks in the optical communication sector of the U.S. market collectively fell pre-market. Astera Labs dropped over 4%, while Marvell Technology, Credo Technology, and AXT Inc. fell more than 3%. Tower Semiconductor, MaxLinear, Corning, Applied Optoelectronics, GlobalFoundries, Lumentum, and Qorvo all declined by more than 2%. Coherent, Nokia, Amphenol, and Broadcom dropped over 1%.

  • Pre-market Decline in U.S. Storage Stocks

    In pre-market trading, U.S. storage concept stocks experienced a widespread decline, with Micron Technology falling by 4.8%, SanDisk dropping over 4%, Corning down more than 2%, and Intel decreasing by over 3%.

  • Two Departments: Support for Reinsurance Institutions to Increase Capital and Issue Supplementary Capital Tools

    On July 7, the National Financial Supervision and Administration Bureau and the Shanghai Municipal Government released several measures to accelerate the construction of the Shanghai International Reinsurance Center. Among these measures, they proposed to enhance the quality and efficiency of the reinsurance industry, support reinsurance institutions in increasing capital and expanding shares, and issuing supplementary capital tools to improve the capacity for internal capital accumulation and external capital supplementation, thereby strengthening the reinsurance industry's capabilities. The initiative aims to guide the insurance industry to focus on major national projects, strategic emerging industries, and livelihood security, consolidating insurance and reinsurance underwriting capabilities to enhance risk protection levels. It also supports reinsurance institutions in leveraging their professional technical advantages to assist the insurance industry in reducing risk.

  • Sources: Saudi Arabia Plans to Expand Oil Pipeline to Red Sea, Increasing Capacity by 2 Million Barrels Daily to Bypass Strait of Hormuz

    On July 7, five informed sources revealed that Saudi Arabia is considering expanding the crude oil pipeline capacity to its western coast on the Red Sea, allowing Saudi Arabia and its neighbors to transport more oil without passing through the Strait of Hormuz. This east-west pipeline, built in the early 1980s, has gained strategic importance since the outbreak of the Iran war in February and the disruption of shipping in the Strait of Hormuz. The pipeline can deliver up to 7 million barrels of crude oil per day to the Red Sea port. The CEO of Saudi Aramco stated in May that approximately 2 million barrels are supplied to west coast refineries, while about 5 million barrels are for export. Sources indicate that Saudi Arabia is in preliminary discussions with some neighboring countries regarding the pipeline expansion, aiming to add about 2 million barrels of pipeline capacity per day. It remains unclear whether Aramco's planned expansion involves upgrading existing infrastructure or constructing new pipelines. One source mentioned that the expansion plan also includes a smaller refined oil pipeline. Two sources indicated that the expansion scale could range from 1 million to 2 million barrels per day, with refined oil also being considered. Another source stated that the project would take several years and cost billions of dollars, requiring adjustments to Saudi crude pricing mechanisms.