Several problems here:

• A lot of the description relies on examples rather than normative language.
• The split of a CID that has an odd length produces HEX sequences with an odd number of characters, which in many circumstances will be interpreted as being (left-)padded with 4 zero bits. If that happened, then bad things would occur. You really need to retain the number of bits.
• Step 3 passes two arguments to expand_left, when it has three.
• The encryption doesn't bind to the configuration that is in use; instead the high bits of the first octet are set to 0.
• The formatting of the operations wraps awkwardly.
• The operators that this uses (^ and || primarily) aren't defined.
• The third input to expand_{left|right} seems to increment without explanation.

Given the examples, I could no doubt work this all out satisfactorily, but that shouldn't be necessary.

Fixed by #208