I've been fooling around with various bitcoin apps, including Casascius' Bitcoin Address Utility and its Escrow functions, and trying to recreate a lot of what they do in Python, just to help me learn Python. As a first sample test, I looked at the code for generating the initial escrow components, which was mostly matched at a website which implements it.
However, for the life of me I cannot seem to output the correct prefix referred to as "constant plus identifier31".
I was hoping somebody might be able to see the problem with my code. I've triple and quadruple checked the functions and variables being used, so I assume the code must be wrong somewhere in here, but it's reasonably simple and for the life of me I can't find the error. I was hoping somebody else's eyes might spot the problem. Why doesn't escrowA_actualprefix match escrowA_decodedprefix!?
Code:
einva = "140bebc0a12ca9c6"
einvb = "140bebc16ae0563b"
escrowA = "einvaALiXnuThMYVpu7Gz6FJgEj7xvwtcA15ss29cMv7UMa1kgBmvcQtgjSd93AJ7Zadh1k3m3Adxzyw2MtDL3F43Kz1cqBye8rqWAtm6s"
escrowB = "einvbALiXnsHWdyJ8soFrrw4ZNCp4ftM5yGqkU5jQkrZUqdFXLK6ubxK56g7YyRfFoVK9o7cjgyDb51cbynmrpSnkJh9nMGJRJFZXuXFdH"
# base58_decode output is hex string without checksum. e.g. "VZL8ExEXUaC" becomes "aabbccdd"
keyA = int(base58_decode(escrowA)[18:-66],16)
keyB = int(base58_decode(escrowB)[18:-66],16)
keyAB = (keyA * keyB) % N
keyABx, keyABy = ec_multiply(Gx,Gy,keyAB)
keyABx = str(hex(keyABx)).rstrip("L").lstrip("0x")
keyABy = str(hex(keyABy)).rstrip("L").lstrip("0x")
keyABpub = compress_pub_key_str("04" + keyABx + keyABy)
hashGxy = str(hashlib.sha256(hashlib.sha256(binascii.unhexlify(keyABpub))
.digest()).hexdigest())
identifier31 = str(hex(((int(hashGxy[:2],16) & int("3f",16)) << 24)
+ (int(hashGxy[2:4],16) << 16)
+ (int(hashGxy[4:6],16) << 8)
+ int(hashGxy[6:8],16))) \
.rstrip("L").lstrip("0x")
escrowA_actualprefix = base58_decode(escrowA)[:16]
escrowA_decodedprefix = str(hex(int(einva,16) + int(identifier31,16))) \
.rstrip("L").lstrip("0x")
print (einva)
print (escrowA_actualprefix)
print (escrowA_decodedprefix)
exit()
einvb = "140bebc16ae0563b"
escrowA = "einvaALiXnuThMYVpu7Gz6FJgEj7xvwtcA15ss29cMv7UMa1kgBmvcQtgjSd93AJ7Zadh1k3m3Adxzyw2MtDL3F43Kz1cqBye8rqWAtm6s"
escrowB = "einvbALiXnsHWdyJ8soFrrw4ZNCp4ftM5yGqkU5jQkrZUqdFXLK6ubxK56g7YyRfFoVK9o7cjgyDb51cbynmrpSnkJh9nMGJRJFZXuXFdH"
# base58_decode output is hex string without checksum. e.g. "VZL8ExEXUaC" becomes "aabbccdd"
keyA = int(base58_decode(escrowA)[18:-66],16)
keyB = int(base58_decode(escrowB)[18:-66],16)
keyAB = (keyA * keyB) % N
keyABx, keyABy = ec_multiply(Gx,Gy,keyAB)
keyABx = str(hex(keyABx)).rstrip("L").lstrip("0x")
keyABy = str(hex(keyABy)).rstrip("L").lstrip("0x")
keyABpub = compress_pub_key_str("04" + keyABx + keyABy)
hashGxy = str(hashlib.sha256(hashlib.sha256(binascii.unhexlify(keyABpub))
.digest()).hexdigest())
identifier31 = str(hex(((int(hashGxy[:2],16) & int("3f",16)) << 24)
+ (int(hashGxy[2:4],16) << 16)
+ (int(hashGxy[4:6],16) << 8)
+ int(hashGxy[6:8],16))) \
.rstrip("L").lstrip("0x")
escrowA_actualprefix = base58_decode(escrowA)[:16]
escrowA_decodedprefix = str(hex(int(einva,16) + int(identifier31,16))) \
.rstrip("L").lstrip("0x")
print (einva)
print (escrowA_actualprefix)
print (escrowA_decodedprefix)
exit()