On Sat, Sep 13, 2014 at 10:03:20AM -0400, Jeff Garzik wrote:
> That claim is horse manure :)  He never signed private emails sent to
> me, nor the forum posts.

That's consistent with what everyone else is saying:
https://twitter.com/petertoddbtc/status/509614729879642113

> He -might- have signed the occasional thing related to releases, I'm not sure.

Doesn't seem like there's any evidence of that either. For instance the
archive.org Jan 31st 2009 capture of bitcoin.org with v1.3 has a link to
his PGP key, but the release itself is unsigned:
https://web.archive.org/web/20090131115053/http://bitcoin.org/

Similarly the Nov 29 2009 capture of the sourceforge download directory
has releases v0.1.0, v0.1.2, v0.1.3, and v0.1.5, none of which have
signatures:

https://web.archive.org/web/20091129231630/http://sourceforge.net/projects/bitcoin/files/Bitcoin/

The earliest signature I can find is from v0.3.20 from Gavin Andresen:

https://web.archive.org/web/20110502125522/http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.20/

Earliest sig in the git commit history is the v0.3.21 tag, again from
Gavin.


My best guess is Satoshi only created the PGP key in case
someone needed to send him a security-related bug report. Which leads to
a related question:

Do we have any evidence Satoshi ever even had access to that key? Did he
ever use PGP at all for anything?

-- 
'peter'[:-1]@petertodd.org
00000000000000000ce4f740fb700bb8a9ed859ac96ac9871567a20fca07f76a