Using Elliptic Curve Calculator (in Armory) - 2-of-2 multisig Question

[BeeCoin]

Hi folks

I was excited to see this post on the Elliptic Curve Calculator in Armory:
https://bitcointalk.org/index.php?topic=66862.0

Based on the 2-of-2 Multisig example, I was able to create a shared public key. However, I was not able to get the corresponding shared private key.

So, here is the data I have used:

Code:

1:
PUBLIC
1MFpXAU8VaYUfKxzpPvZSZXpvbZJVE34jM
de3001c3402b4ff42c91bfb60f18943a209bafc6
PRIVATE
5JvuJuiZiyjFzNqnQ16sbqmQ9wQ26dEaqsbikw734Nega4u2gYN
92b7f1f77f22afd8275cf628e71664082b442202a49eac567e7e7b37ba559e69

2:
PUBLIC
18J9jxfYQw9e9fv1YYm9QxNBkFoxyTEZix
50073f899897517dc8bc743e5690773515042432
X:fa4bb8fe6da6c646ac63361a16a142d6c04269d02fbc740eed2c4a54ba7dda26
Y:12fec352c07045d144ee96197a68a6060c89eff887ef3f8c2dfea8bff7965f33
PRIVATE
5JtTHTXeoq792C7Dy2C7ELEu6RgGQYyQiX2aQ8myWRq4GJnuKj9
8d288fef6dfed2edffb34f620256975fe9dbe2949f7e61b14b91d0be593d628a

Based on this, I've calculated the shared public key in the EC Calculator:

Code:

==> PRIVATE 1 * PUBLIC XY 2 (second function):
X:f8c61d46fc0c7f866b6ec34e191279e9a9ef1ff9d263aadc189669cd6bb4b7db
Y:161b41cae92dbb41e7b0584be2e5adbb9c83718c19eb1c6f3f82e31a403c6d96
==>BTC:1GmWADL3wvwm6dCxgf5XxirW8bBD34rRgU

Now, I've tried calculating the shared private key but it didn't match:

Code:

==> PRIVATE 1 * 2 (first function):
31ac197e32af979fc9010b39b7a3c84358d9bfb669f59562b4a63fc86a8bf754
==>BTC:1BjwqtjfMifRNW6dPdAYyJV7K8dV98Cbmm

Did I do something wrong? How do I achieve a matching pair of secret public/private keys?

-BeeCoin.

[BeeCoin]

Anyone can help me with the calculation? Still not solved...

[jackjack]

What you do seems ok, do you use the same 'compressedness' for both?
How do you calculate the addresses?

[BeeCoin]

What you do seems ok, do you use the same 'compressedness' for both?

That's kind of what I suspect but I wasn't able to put my finger on the problem.

How do you calculate the addresses?

You can reconstruct the whole calculation using the data in the OP.
In Armory Elliptic-Curve Calculator, I've used the second function, called "Scalar Multiply EC Point", using PrivateKey1 and PublicKey2 in X/Y raw form.

[jackjack]

I meant how do you do pubkey->address and privkey->address?

[BeeCoin]

I meant how do you do pubkey->address and privkey->address?

Hi JackJack
ok... suddenly, problem solved!! I've gone through this at least half a dozen times initially.
I don't know what I did different this time - but it works!!
Sorry, for taking your time, but I was going crazy... And now it works..

Obviously,  PrivateKey1*PublicKey2  vs  PublicKey1*PrivateKey2  vs  PrivateKey1*PrivateKey2  should result in the same Bitcoin Address for the shared key. And now they do... (see below).
thanks again
BeeCoin.


First step: Create two random private keys (5JvuJuiZiyjFzNqnQ16sbqmQ9wQ26dEaqsbikw734Nega4u2gYN & 5JtTHTXeoq792C7Dy2C7ELEu6RgGQYyQiX2aQ8myWRq4GJnuKj9)
Entered them in the "Keys" tab of Armory EC-Calculator in the "Encoded Private Key" section. It was recognized as "Standard base58 key with checksum" and all other keys were generated.

Second step: Multiply PrivateKey1 and PublicKey2
Using "Scalar Multiply EC Point" with Raw PrivateKey1 (92b7f1f77f22afd8275cf628e71664082b442202a49eac567e7e7b37ba559e69) and raw X/Y PublicKey2 (X:fa4bb8fe6da6c646ac63361a16a142d6c04269d02fbc740eed2c4a54ba7dda26 // Y:12fec352c07045d144ee96197a68a6060c89eff887ef3f8c2dfea8bff7965f33).
Result was:
(a*B)x = 68800907c8d450b1c71c9eab88cbb48d7ed7ae33ddd6f92a3553de132214dd56
(a*B)y = 2388823af491f0c105491625eadd7a92add6e6d35926bac0840c17e2254361bc

I've entered the result as "Raw public key (x,y)" in the "Keys" section and calculated the Bitcoin address (1BjwqtjfMifRNW6dPdAYyJV7K8dV98Cbmm).

Third step: Multiply both private keys.
Using "Multiply Scalars (mod n)" I have multiplied both raw private keys (92b7f1f77f22afd8275cf628e71664082b442202a49eac567e7e7b37ba559e69  and  8d288fef6dfed2edffb34f620256975fe9dbe2949f7e61b14b91d0be593d628a).
The result is a shared private key (31ac197e32af979fc9010b39b7a3c84358d9bfb669f59562b4a63fc86a8bf754).

In the "Keys" section, using the calculated raw private key, I've calculated the Bitcoin address (1BjwqtjfMifRNW6dPdAYyJV7K8dV98Cbmm).

And yes...  it matches!!!