As already mentioned, the signing session with Mr Andresen was different from the others because Mr Andresen wanted the signed message to be verified on his computer and Dr Wright’s team agreed to a laptop being bought for the purpose. This session involved Dr Wright signing a message on his laptop, transferring the signature to the new laptop and verifying the signature on that laptop.

So much is common to Dr Wright’s account and Mr Andresen’s (which was given in Kleiman by reference to notes in the form of a Reddit exchange with another person).

In Wright2, Dr Wright gave his version. He claimed that the new laptop was set up by Mr Andresen, and that Mr Andresen installed Windows, connected to the hotel’s Wi-Fi network and downloaded Electrum software directly from the official website. Dr Wright said that when downloading Electrum, Mr Andresen verified the integrity of the software by comparing its hash value to the one provided on the website. Dr Wright then described that, for each of block 1 and 9, he produced a signed message on his laptop; that he transferred it via USB stick to the new laptop; and that he then performed the verification with the Electrum software on the new laptop while Mr Andresen watched. Dr Wright recalled that the process initially failed, but only because the original message had been typed into Electrum incorrectly. The error was then corrected and the signature was verified.

Mr Andresen recalled that a hot-spot might have been used for internet access, a detail Dr Wright accepted in his Granath evidence. Mr Andresen was also clear that Dr Wright downloaded and installed the software on the new laptop, including the Electrum software. Mr Andresen could not recall having verified that the Electrum software had the HTTPS security certificate from the website. In Kleiman, when asked whether he had verified the hash digest of the download against anything he had brought with him, Mr Andresen said that he had not done so, and he did not suggest that he had verified the hash digest by any other means. Mr Andresen recalled that the message signed was “Gavin’s favourite number is 11 – CSW”. The Reddit notes indicate that on the first try Mr Andresen had omitted “– CSW”, after which the verification failed, but that Dr Wright then identified the omission.

In his evidence at trial, Dr Wright sought to bring his account into line with Mr Andresen’s. He said that he could not remember which of them had downloaded what, but tried to insist that Mr Andresen had been watching his every move {Day8/68:12}. He admitted that Mr Andresen may well have been right in his recollection of the message and how the verification initially failed {Day8/72:16}.

Prof Meiklejohn addressed the possibility of this session being faked. She explained that there are a number of ways in which it would have been possible for Dr Wright to do this by use of software. These include: (a) downloading a non-genuine version of Electrum wallet software; (b) downloading genuine Electrum software but running malware on the new laptop to interfere with its operation; or (c) altering the download of Electrum or introducing malware through internet connection being compromised (e.g. through a device used to provide a hotspot). COPA pointed out that Dr Wright’s account diverges from Mr Andresen’s on the key points of (i) who set up the laptop; (ii) who downloaded Electrum; and (iii) whether there was any verification of the Electrum software.

Once again, it is also important to note the point I made at the outset (see [834] above) that a reliable private signing could have easily been performed much more simply and without any proper concern about allowing Mr Andresen access to the private keys. COPA submitted that the adoption of Dr Wright’s complex process (involving the purchase of a new computer) in favour of that simple process spoke volumes. COPA invited the inference that the complex process was adopted because it could be staged.