-snip-
Misc: Please someone quote this and possibly verify on their keybase.io (Archived on keybase app)
Misc: Please someone quote this and possibly verify on their keybase.io (Archived on keybase app)
Verified on keybase.io, but do me a favor and click the "marcotheminer" link, it leads to -> https://keybase.io/marcotheminer
which now reads
Quote
keybase.io/marcotheminer
a mystery user with no key
a mystery user with no key
Emphasis mine. From the post by QS it seems there was a different key listed, if anyone has an archive of that side Id like to see it.
Besides that, I am certain that quickseller is not marcotheminer, mainly because of my past with both users. Im willing to accept that I was wrong with this assumption should I see solid evidence. Right now I just see keybase fucking up because they dont have quicksellers key.
The following is the output on my console where I verified the signed message:
content of the file:
Code:
$ cat quickseller.2017.01.05
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
My QS account has not been sold. Not that this fact has anything to do with your argument.
QS
Jan 5, 2017
-----BEGIN PGP SIGNATURE-----
Version: oPenGP 6.0 on iOS
iQEVAwUBWG5nJlMt0pDwvrUWAQghNwf/dnocGGRvtl9t7sAprG4Sz5za/Lmas9GM
Sq4PHP1p46McNw8etK9c1xsqBAjtr2LDEVPtH83XFWKWUn7auPrZtkxApAcJqiO2
6cT/+Cl3PIgTD7B1ngnxKExHXsQCUhIHYKkpcdsSnm+2hA3uP7mIw/8AsanIJMx3
OwLU3TUCYe18sNNE3hv5LDR8Qs8wc2mvwWV5X7EB+E+2C2pnhp3mAfpMowlMzOY0
xsKhcbN2QuZSrk+a/f7CYZE6G0dl4qTun7QcaMOjExkbZhRLDQqffnShaadA8gcx
0Uv7x7CEkGjLzixmi/jwnK6gdQPkZEgMLne6ZntIwo+g040DZx7QTQ==
=i6KL
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
My QS account has not been sold. Not that this fact has anything to do with your argument.
QS
Jan 5, 2017
-----BEGIN PGP SIGNATURE-----
Version: oPenGP 6.0 on iOS
iQEVAwUBWG5nJlMt0pDwvrUWAQghNwf/dnocGGRvtl9t7sAprG4Sz5za/Lmas9GM
Sq4PHP1p46McNw8etK9c1xsqBAjtr2LDEVPtH83XFWKWUn7auPrZtkxApAcJqiO2
6cT/+Cl3PIgTD7B1ngnxKExHXsQCUhIHYKkpcdsSnm+2hA3uP7mIw/8AsanIJMx3
OwLU3TUCYe18sNNE3hv5LDR8Qs8wc2mvwWV5X7EB+E+2C2pnhp3mAfpMowlMzOY0
xsKhcbN2QuZSrk+a/f7CYZE6G0dl4qTun7QcaMOjExkbZhRLDQqffnShaadA8gcx
0Uv7x7CEkGjLzixmi/jwnK6gdQPkZEgMLne6ZntIwo+g040DZx7QTQ==
=i6KL
-----END PGP SIGNATURE-----
verified the signature:
Code:
$ gpg2 --verify quickseller.2017.01.05
gpg: Signatur vom Do 05 Jan 2017 16:32:54 CET mittels RSA-Schlüssel ID F0BEB516
gpg: Korrekte Signatur von "quick seller " [vollständig]
gpg: Signatur vom Do 05 Jan 2017 16:32:54 CET mittels RSA-Schlüssel ID F0BEB516
gpg: Korrekte Signatur von "quick seller " [vollständig]
full fingerprint
Code:
$ gpg2 --fingerprint quickseller
pub 2048R/F0BEB516 2014-12-03 [verfällt: 2018-12-03]
Schl.-Fingerabdruck = F364 AB33 6F00 9BA4 736C 7F69 532D D290 F0BE B516
uid [ vollst.] quick seller
sub 2048R/809B4642 2014-12-03 [verfällt: 2020-12-04]
sub 4096R/7E27676D 2016-06-15 [verfällt: 2020-06-15]
pub 2048R/F0BEB516 2014-12-03 [verfällt: 2018-12-03]
Schl.-Fingerabdruck = F364 AB33 6F00 9BA4 736C 7F69 532D D290 F0BE B516
uid [ vollst.] quick seller
sub 2048R/809B4642 2014-12-03 [verfällt: 2020-12-04]
sub 4096R/7E27676D 2016-06-15 [verfällt: 2020-06-15]
Oldest file I have signed with the same key.
Code:
$ gpg2 --verify quickseller.2015.02.15.5
gpg: Signatur vom So 15 Feb 2015 23:43:20 CET mittels RSA-Schlüssel ID F0BEB516
gpg: Korrekte Signatur von "quick seller " [vollständig]
gpg: Signatur vom So 15 Feb 2015 23:43:20 CET mittels RSA-Schlüssel ID F0BEB516
gpg: Korrekte Signatur von "quick seller " [vollständig]
Hmmm, thats weird.
A lot of things are weird. For example the signed message you provided in this thread (which shorena promptly rushed to verify saying it was the same than "x" years ago while on september 2016 i see a different signature here that gives another weirdness like this
[ img]https://ibin.co/38LrJ1t8iJOv.png[/img]
-snip-
Lets go again:
Code:
$ cat quickseller.2017.01.11.Gunthar.2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
This is Quickseller from bitcointalk, today is August 25, 2016
RE: The loan to DebitMe from myself on the following thread:
https://bitcointalk.org/index.php?topic=812533.msg16041232#msg16041232
I have sent 4 BTC via txid 904fcf6e81ec32fa90960271b939d500ad7eff4db0bbf0dd6c81b602de2a88b1
Please repay 4.08 BTC to the following address: 1GUF9UyGfWxKqqPKuq6bKRdSS16gySWNc1
The due date is Monday September 1, 2016 by 2359 Eastern Time (US), however DebitMe can repay early if he wishes.
Regards
QS
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXv5FIAAoJEApD4sx+J2dtdUcP/27ywkXRZZ1hY4wHnYtMX/0E
nG4+WfCgf9QvXFELqe3M7QD7fnRF+TddHmIcY3FEamr1qBH9K3R2zX5RsfGsT0jI
ZROhMrzrEUjC8R82mRzYAnbNo5w/M65ontnpKzn2rl7KDVF+IcKZ9xoXe+5fdZuI
iPoQk1wxn4py+exjPixPdHQFfn+z4rZwspTr+lcSaa4AZxhNyDJkofQ/yoyAQmxJ
gWIXvSAp6RblA+qGm+FzIrCtYMq8wSoOAbmb8e/EAq6GHIcpx4W4XxSTuL196evh
Lf17iqvZwjP/ymtVk6Mt7DrQNDZBjBAfP65I5rwKB6INstdXxicgvUzrDqhteyVP
pciO1dSOQmlGgA/l1D3b0cb3sVytykdYWxWELA8sQkkUHqtnDnx8YedcH0FYJrk+
VZCxmx+YbPI9/790oJ8Q4elloWxquUVpFUSjOaowe9gZ/AzVfxjQZOOGUIrbm9M1
DuOmuDKjn3jTViNsfJEDoFQtMcp0NXhEiAjUBQGr/Q6mPujWeuzGZXLghDGsQuWf
X+p8n+sksyHOEMl9M3S7ZpUH8m0DxRrE99ZKiL5495pGps4Ia+pbs8Ax+cL64rFB
SjFI8T7Cg52xlVTTATW/5jA+mFSryKBegvd0epb1DSEoh7Jnq/2noQIcwzG/Azp1
srDkUosljpgFP1h/XR5R
=jnay
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
This is Quickseller from bitcointalk, today is August 25, 2016
RE: The loan to DebitMe from myself on the following thread:
https://bitcointalk.org/index.php?topic=812533.msg16041232#msg16041232
I have sent 4 BTC via txid 904fcf6e81ec32fa90960271b939d500ad7eff4db0bbf0dd6c81b602de2a88b1
Please repay 4.08 BTC to the following address: 1GUF9UyGfWxKqqPKuq6bKRdSS16gySWNc1
The due date is Monday September 1, 2016 by 2359 Eastern Time (US), however DebitMe can repay early if he wishes.
Regards
QS
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXv5FIAAoJEApD4sx+J2dtdUcP/27ywkXRZZ1hY4wHnYtMX/0E
nG4+WfCgf9QvXFELqe3M7QD7fnRF+TddHmIcY3FEamr1qBH9K3R2zX5RsfGsT0jI
ZROhMrzrEUjC8R82mRzYAnbNo5w/M65ontnpKzn2rl7KDVF+IcKZ9xoXe+5fdZuI
iPoQk1wxn4py+exjPixPdHQFfn+z4rZwspTr+lcSaa4AZxhNyDJkofQ/yoyAQmxJ
gWIXvSAp6RblA+qGm+FzIrCtYMq8wSoOAbmb8e/EAq6GHIcpx4W4XxSTuL196evh
Lf17iqvZwjP/ymtVk6Mt7DrQNDZBjBAfP65I5rwKB6INstdXxicgvUzrDqhteyVP
pciO1dSOQmlGgA/l1D3b0cb3sVytykdYWxWELA8sQkkUHqtnDnx8YedcH0FYJrk+
VZCxmx+YbPI9/790oJ8Q4elloWxquUVpFUSjOaowe9gZ/AzVfxjQZOOGUIrbm9M1
DuOmuDKjn3jTViNsfJEDoFQtMcp0NXhEiAjUBQGr/Q6mPujWeuzGZXLghDGsQuWf
X+p8n+sksyHOEMl9M3S7ZpUH8m0DxRrE99ZKiL5495pGps4Ia+pbs8Ax+cL64rFB
SjFI8T7Cg52xlVTTATW/5jA+mFSryKBegvd0epb1DSEoh7Jnq/2noQIcwzG/Azp1
srDkUosljpgFP1h/XR5R
=jnay
-----END PGP SIGNATURE-----
verification:
Code:
$ gpg2 --verify quickseller.2017.01.11.Gunthar.2
gpg: Signatur vom Fr 26 Aug 2016 02:46:00 CEST mittels RSA-Schlüssel ID 7E27676D
gpg: Korrekte Signatur von "quick seller " [vollständig]
gpg: Signatur vom Fr 26 Aug 2016 02:46:00 CEST mittels RSA-Schlüssel ID 7E27676D
gpg: Korrekte Signatur von "quick seller " [vollständig]
key(s) for quickseller:
Code:
$ gpg2 --list-keys quickseller
pub 2048R/F0BEB516 2014-12-03 [verfällt: 2018-12-03]
uid [ vollst.] quick seller
sub 2048R/809B4642 2014-12-03 [verfällt: 2020-12-04]
sub 4096R/7E27676D 2016-06-15 [verfällt: 2020-06-15]
pub 2048R/F0BEB516 2014-12-03 [verfällt: 2018-12-03]
uid [ vollst.] quick seller
sub 2048R/809B4642 2014-12-03 [verfällt: 2020-12-04]
sub 4096R/7E27676D 2016-06-15 [verfällt: 2020-06-15]
Looks like its an older subkey.
Also,this is something I need to understand
~snip
~snip
it would be interesting a good technical explanation about that, this is not the case of a sign chain tho: a signed message works like a wallet signed message. You sign the message with your private key (which only you can use) and i verify your message using your public key.
So if QS signs a message and the public key i have says it was signed by marcotheminer, it is so.
-snip-
It doesnt though. Keybase.io says it was signed by user "X" and user "X" has currently no PGP key. X beeing marcotheminer here. The key in the sigchain[1] has a different fingerprint than the key by quickseller, which verifies just fine with gpg2. If you could reopen the issue on github[2] Id like to continue the discussion with the devs, because currently all I see is keybase.io puting out some strange info that I can not verify. Id trust gpg2 over keybase any day. Yes, in theory I could have modified the output from my console above, but everyone else can verify it independently. Quicksellers key is listed on the common keyservers.
More keybase fuckery?
Checking quicksellers key on keybase.io[3] you can see that it has the same last digits 532DD290F0BEB516, but clicking the link it returns an error stating
Quote
That key could not be found or associated with an active Keybase user.
I encrypted the following to quickseller via keybase.io[4]
Code:
-----BEGIN PGP MESSAGE-----
Version: Keybase OpenPGP v2.0.61
Comment: https://keybase.io/crypto
wcBMA4+wLeKAm0ZCAQf9Ec/BltLN473TryAIau0JCSpuwiwsO+NOq6BguA23Vwp1
/Gl7zPRf/fCEtYqZT2jI+RURBIFwYO/spH7/6PJ+7/gbc0mYN/EkBvWvnXdQ6IoH
9JslM3wlkULS22g28J80FN/9CfnuFlpSRvTMBUJ0OOsd3sH0sjODkmVbUl8JWXEA
MMcDUlUexWFOilEKnzBEQCZcYDohxUiF0m8XgXFSVELOQ/uvH5g+K/5xuaFGEfXN
upX98t6rnf0gzUBAixVnf/cB3U44tTnziCBo5kxg1j2h1W/IToHJu3UEPZiYj9xv
RcTJweAHAJnJyGRkHEw8F3UAfAbcUozHqhPO2X7Tt9KAAVpjVhtGDbpUGzYAO3R0
b5sO1mYSbR2Gycui9x9VKpsZx/LiPcnvYgZbiuau1FvATSUKplrJb25Kd3tdr8tS
mozYbsy6a9x0gnm2f44nu46T6R/eyXnXDl3KTbzjr3VPdQC0uvsBGUDtDPfpcMo8
bBMGCGzYLssHJVps4oI6sUI=
=2iZQ
-----END PGP MESSAGE-----
Version: Keybase OpenPGP v2.0.61
Comment: https://keybase.io/crypto
wcBMA4+wLeKAm0ZCAQf9Ec/BltLN473TryAIau0JCSpuwiwsO+NOq6BguA23Vwp1
/Gl7zPRf/fCEtYqZT2jI+RURBIFwYO/spH7/6PJ+7/gbc0mYN/EkBvWvnXdQ6IoH
9JslM3wlkULS22g28J80FN/9CfnuFlpSRvTMBUJ0OOsd3sH0sjODkmVbUl8JWXEA
MMcDUlUexWFOilEKnzBEQCZcYDohxUiF0m8XgXFSVELOQ/uvH5g+K/5xuaFGEfXN
upX98t6rnf0gzUBAixVnf/cB3U44tTnziCBo5kxg1j2h1W/IToHJu3UEPZiYj9xv
RcTJweAHAJnJyGRkHEw8F3UAfAbcUozHqhPO2X7Tt9KAAVpjVhtGDbpUGzYAO3R0
b5sO1mYSbR2Gycui9x9VKpsZx/LiPcnvYgZbiuau1FvATSUKplrJb25Kd3tdr8tS
mozYbsy6a9x0gnm2f44nu46T6R/eyXnXDl3KTbzjr3VPdQC0uvsBGUDtDPfpcMo8
bBMGCGzYLssHJVps4oI6sUI=
=2iZQ
-----END PGP MESSAGE-----
[1] https://keybase.io/marcotheminer/sigchain
[2] https://github.com/keybase/keybase-issues/issues/2762
[3] https://keybase.io/quickseller
[4] https://keybase.io/encrypt#quickseller