The output of SHA256 is not guaranteed to be a valid point, so as described this procedure can fail.
Yeah the output `e` would be a scalar. But when it is multiplied with the issuer_public_key point, would the resulting `contract_point` not be a valid elliptic curve point?
Im basing it on the post from Stefan Thomas ...
So how about this.
The recipient publishes their public ECDSA point P.
A sender generates a JSON metadata object M and calculates its hash e = SHA256(M). The sender then calculates a new public point PM = P * e. Next, the sender creates a transaction sending the money to the address RIPE160(SHA256(PM)). Finally, he transmits M to the recipient through a secure channel - this could be sent directly via HTTPS, encrypted email, etc. or perhaps left as an message in a DHT, encrypted with ECDH and the recipient's public point P as the key.
Edit: to include quote.