Since yesterday, my post was read 30k times in just one day. So a lot of people started asking me how precise was my analysis, since I had estimated the figure just by looking at the graph. People want a more rigorous analysis. Today I carefully masked all blocks that were not part of Satoshi mining pattern segments, leaving only the ones that belong to Satoshi (or the entity I’ve associated with him). I also extended the analysis of spent coinbases to the whole blockchain up to 20-april-2013.
Here is a graph of all blocks from 0 to 50000. Black dots are unspent coinbases that are part of the Satoshi mining pattern. Red dots are spent coinbases. Yellow dots are unspent coinbases that are not part of any segment of the Satoshi mining pattern. Click in the image to enlarge. Note that this image has been compressed and it is not in “1 block=1 pixel” scale, so it’s not usefull as source to a pixel counting function.
Having masked all blocks not in Satoshi pattern I could count the number of block in the pattern, which are 19600 blocks, or 980K BTC, or 132M USD at current exchange rate. Since masking was done by hand, “dot per dot” I may have missed a few, and also some cannot be ruled neither out of nor in the pattern. So the value I’ve given has an error of about 0.1%, at most.
Another interesting fact is that the pattern starts just after the genesis block, in block 1. Here is an image containing the first 15 blocks. The dots are labeled (x,y), where x is the block number and y is the extraNonce value. It seems that block 12 is the first mined by another user.
I really don’t want to dig more into Satoshi’s Fortune. I have nothing but gratitude for him. In the following posts I will analyze the mystery behind Satoshi’s computer performance. Also I plan to extend the extraNonce analysis to mining in the period 2010-2013, which is quite more technically challenging.
You can follow me realtime on twitter at @SDLerner
(I almost never retweet and I only tweet when I have something to say)
Happy data mining!
Bitslog 
#1 by Milly Bitcoin on April 28, 2013 - 2:24 am
You never really give really good explanation of how the nonce value links back to (or at least you think it links back to) a single entity. Some people have refuted that claim but they don’t explain themselves either from what I saw.
“The extraNonce fields increments every time the nonce fields (which is 32 bits) overflows, so it’s a slow realtime clock, until the application is restarted, in which case it goes back to 1.”
You talk about 1 computer or a group of computers. Would that meant they were in some sort of mining pool attached to one machine that incremented the nonce values? What exactly are you not sure about when you say you are not sure if it is all from one entity?
#2 by SDLerner on April 29, 2013 - 1:46 pm
My post was purely technical. A person with deep knowledge of the Bitcoin protocol will understand the graphs shown as evidence of a single entity mining. It’s difficult to distinguish if it is a computer with 16 cores, a single core supercomputer, or an FPGA, but certainly it’s not a mining pool, since all “clocks” are finely correlated. I will post shortly an non-technical explanation.
#3 by Milly Bitcoin on April 29, 2013 - 3:59 pm
It is not a complete technical explanation either and some of the people with a deep technical knowledge say this is wrong but they don’t explain why they think it is wrong. A better explanation is needed in order to evaluate the situation.
Here you say “It’s difficult to distinguish if it is a computer with 16 cores, a single core supercomputer, or an FPGA, but certainly it’s not a mining pool, since all “clocks” are finely correlated.” but, again, you make a claim without an explanation that can be evaluated one way or the other.
#4 by Adam Back on May 3, 2013 - 10:43 pm
The explanation is quite simple – someone can correct if I get this wrong: to generate hashes you start somewhere, hash the string, if it doesnt have enough bits you increase a counter in the string and repeat. The extraNonce is the most significant chunk of the counter – to be incremented only if the smaller chunk of the counter wraps around (you dont want to repeat work). So due to an implementation bug the extraNonce was not reset, consequently it just increases. If you have a few miners you can see they will be counting at different rates, so the coins made by one miner will diverge, but be visible as increasing extraNonce values. Hashcash didnt have that bug coincidentally – I caught it because hashcash also has to be careful about privacy because one of its earliest uses was to throttle anonymous remailers abuse. It would be similarly bad for a remailer user if their emails were linked together.
(Btw about the multicore, probably each core looks like a separate extraNonce so its more jumbled? Not sure that helps very much unless there was a secondary bug that jumbled it across threads).
Question for the blog author – when was this bug fixed? What proportion of the $130m did he spend (or cash). Thats just curiosity. And I suppose if it seems to you that you’re getting too close you might want to stop in Nakamoto’s interests…
Adam
#5 by SDLerner on May 6, 2013 - 8:09 pm
When was this bug fixed?
Grogory Maxwell said that after October 2010 (e.g. v0.3.14) the clients cleared ExtraNonce periodically (see https://en.bitcoin.it/wiki/Changelog for release logs and release dates). I’ve checked that version 0.4.0 modifies the behavior relating the ExtraNonce continuity. This is consistent with the graphs I’ve printed over that period.
Bitcoin versions release logs at that time say nothing regarding this change. The source codes of these releases have been removed from the sourceforge repository. I’ve checked the comments in the commits of the modified source code and it seems that the change was not regarded as a patch to protect from a privacy vulnerability. It was done for other purposes and collaterally the vulnerability was fixed.
What proportion of the $130m did he spend (or cash)?
I saw only two blocks rewards (100 BTC) that seem to be part of a Satoshi mining pattern being spent. There may be some few more. My last post on this subject estimates the mined amount to 980K bitcoins lying on the Satoshi mining pattern.