(I deleted my previous email on this topic, because I had a wrong hex encoding, but after fixing that, the bug described in this email nevertheless persists.)
In Python key = ecdsa.VerifyingKey.from_string(public_key, curve=ecdsa.SECP256k1, hashfunc=hashlib.sha256),
where public_key is the binary encoding of a principal, produces ecdsa.errors.MalformedPointError: Length of string does not match lengths of any of the enabled (hybrid, raw, compressed, uncompressed) encodings of the curve.
The length of public_key in my test is 29 bytes.
Please help me to understand, how to verify the message.
and then use pubkey.toDer() (in TypeScript) to extract the key, the length of the key (62) still does not match the requirements of ecdsa.VerifyingKey.from_string in Python.
Is this from the agent? Can you try toRaw or rawKey instead of toDer()? According to the error message you received it seems that raw representation may be supported in the python code you are attempting to use.
The length of public_key in my test is 29 bytes.
This is definitely too short, that is probably a (self-authenticating) principal, not a public key. Public keys should be at least 33 bytes for ECDSA keys.