Tumblebit Escrow Contract

Tumblebit escrow transaction as proposed in the Tumblebit white paper.
This script is functionally equivalent to the Timelocked 2FA script.
Tumbler can insert a 0 (false) in the scriptSig to choose to enter through the else branch and recover his money after the expiry date, if Bob has not been paid.
Bob can insert a 1 (true) in the scriptSig to choose to enter through the if branch and send the money to himself, having found the solution to the puzzle.
The solution to the puzzle is a symetric encryption key used by Tumbler to encrypt his signature.

Use case:
Alice wants to send money to Bob via Tumbler, an untrusted anonymous payment hub.
In the escrow phase, Tumbler sends money to the P2SH Tumblebit Escrow address.
Bob can collect his payment by using the solution to the Tumblebit puzzle found by Alice.
The solution is in the form of a symetric encryption key used by Tumbler to encrypt his signature over a transaction paying Bob.
If Bob fails to collect his payment before the expiry time, Tumbler can collect his refund.

scriptPubKey::
IF
2 <TumblerPubkey> <BobPubkey> 2 CHECKMULTISIG
ELSE
<expiry time> CHECKLOCKTIMEVERIFY DROP
<TumblerPubkey> CHECKSIG
ENDIF

scriptSig (before expiry): 0 <Tumbler signature> <Bob signature> TRUE
scriptSig (after expiry): <Tumbler signature> FALSE

Example:

Expiry: 2016-12-19 08:14:00 UTC

Bob Public Key: 023927B837A922696836E26399F759965328437F93AAFAF3E02767D22860C0FBA7

Tumbler Public Key: 02259B57015E60DE464E1D83C375BDD01D272290C51CEDE0B794301DE1B7770C7B

Tumblebit Escrow Address: 3M9CDcPe6b5uYjp1BBGohTAbeZ3GK54mxs