I could not verify the signature in this process. When I find the Z value, the Kx value of point K (i.e. R) is not verified. Am I wrong in calculating the message.
-snip-
Yes.
All inputs, together with those with the same R and S are signed with [SINGLE|ANYONECANPAY] (
0x83) sighash flag.
But you've calculated the message hash for SIGHASH_ALL (
0x01).
Problem is, I cannot find a single "
RSZ tool" that can check for the sighash_flag then switch the z-value calculation algorithm accordingly.
With that; DYOR, I'll just leave you some references:
