"Variable length string identifier" is not defined anywhere, and the suggestion
to use "0x00" is also deeply unclear. I assumed it meant a nul-terminated
string!
Be explicit: you mean it must be a compact siz1\e unsigned int length, followed
by that many identifier bytes, followed by a compact size unsigned int subtype,
followed by optional keydata.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
PSBT_INPUT_PROPRIETARY -> PSBT_IN_PROPRIETARY
PSBT_OUTPUT_PROPRIETARY -> PSBT_OUT_PROPRIETARY
to be consistent with other in/out type names that use shortened `IN` and `OUT`
In the test case "Case: PSBT With invalid output witnessScript typed key", after PSBT_OUT_WITNESS_SCRIPT key with garbage data (which ends with `...478ef51309d`, follows value `2b` which would denote the length of the data value of the key. But the length of actual remaining data is only 7 bytes. Thus, an implementation that reads key-value pairs and checks for validity of the key data after it has read the current key-value pair, will not be able to hit the exact condition intended for this test case: extra data within the key itself. This is because such implementation will hit serialization error when it will try to read the data of the value and will get the short read.
Reading full key-value pair and then checking key format afterwards is fairly normal thing to do, as the format of the keys with all their meaning is an abstraction of higher level than just the simple key-value serialization format.
The proposed change is to replace byte `2b` after the key data to `06` and thus make the value length in the key-value pair valid (not going beyond the end of the data).
base64 encoding has been changed accordingly.
As the key type is now defined as compact size integer, `At the beginning of each key is a compact size unsigned integer representing the type`, the comment in the first table in the document, about first byte of the key being the key type is no longer accurate.
As the structure of the key data is described further in the text after the table, and the comment that it starts with the compact size integer seems a bit long to be in that table, I think it is better to just remove the comment about the key data structure from the table, and leave the explanation to the text after the table.
The sentence seems to suggest that the "master key fingerprint" can be the fingerprint of any intermediate node on the derivation path, which isn't true.
Being new to the spec, I had to reread this multiple times to understand it. Ordering the setences according to scope seems to make it easier to grock.