Author

Topic: Help with Casascius Escrow Scheme 'identifier31' (Read 796 times)

hero member
Activity: 793
Merit: 1026
Edit:  Mods, if this is not the correct place for this, which board should I post similar questions in in the future?  Is "technical support" more appropriate?

I've been fooling around with various bitcoin apps, including Casascius' Bitcoin Address Utility and its Escrow functions, and trying to recreate a lot of what they do in Python, just to help me learn Python.  As a first sample test, I looked at the code for generating the initial escrow components, which was mostly matched at a website which implements it.

However, for the life of me I cannot seem to output the correct prefix referred to as "constant plus identifier31".

I was hoping somebody might be able to see the problem with my code.  I've triple and quadruple checked the functions and variables being used, so I assume the code must be wrong somewhere in here, but it's reasonably simple and for the life of me I can't find the error.  I was hoping somebody else's eyes might spot the problem.  Why doesn't escrowA_actualprefix match escrowA_decodedprefix!?

Code:
einva = "140bebc0a12ca9c6"
einvb = "140bebc16ae0563b"

escrowA = "einvaALiXnuThMYVpu7Gz6FJgEj7xvwtcA15ss29cMv7UMa1kgBmvcQtgjSd93AJ7Zadh1k3m3Adxzyw2MtDL3F43Kz1cqBye8rqWAtm6s"
escrowB = "einvbALiXnsHWdyJ8soFrrw4ZNCp4ftM5yGqkU5jQkrZUqdFXLK6ubxK56g7YyRfFoVK9o7cjgyDb51cbynmrpSnkJh9nMGJRJFZXuXFdH"

# base58_decode output is hex string without checksum. e.g. "VZL8ExEXUaC" becomes "aabbccdd"
keyA = int(base58_decode(escrowA)[18:-66],16)
keyB = int(base58_decode(escrowB)[18:-66],16)

keyAB = (keyA * keyB) % N

keyABx, keyABy = ec_multiply(Gx,Gy,keyAB)

keyABx = str(hex(keyABx)).rstrip("L").lstrip("0x")

keyABy = str(hex(keyABy)).rstrip("L").lstrip("0x")

keyABpub = compress_pub_key_str("04" + keyABx + keyABy)

hashGxy = str(hashlib.sha256(hashlib.sha256(binascii.unhexlify(keyABpub))
         .digest()).hexdigest())

identifier31 = str(hex(((int(hashGxy[:2],16) & int("3f",16)) << 24)
             + (int(hashGxy[2:4],16) << 16)
             + (int(hashGxy[4:6],16) << 8)
             + int(hashGxy[6:8],16))) \
             .rstrip("L").lstrip("0x")

escrowA_actualprefix = base58_decode(escrowA)[:16]

escrowA_decodedprefix = str(hex(int(einva,16) + int(identifier31,16))) \
                        .rstrip("L").lstrip("0x")

print (einva)
print (escrowA_actualprefix)
print (escrowA_decodedprefix)

exit()
Jump to: