diff --git a/00.md b/00.md index 76ee2faa..d598ca0e 100644 --- a/00.md +++ b/00.md @@ -93,7 +93,7 @@ A `Proof` is also called an _input_ and is generated by `Alice` from a `BlindSig } ``` -`amount` is the amount of the `Proof`, `secret` is the secret message and is a utf-8 encoded string (the use of a 64 character hex string generated from 32 random bytes is recommended to prevent fingerprinting), `C` is the unblinded signature on `secret` (hex string), `id` is the [keyset id][02] of the mint public keys that signed the token (hex string). +`amount` is the amount of the `Proof`, `secret` is the secret message and is string of 64 hex characters generated from 32 random bytes, `C` is the unblinded signature on `secret` (hex string), `id` is the [keyset id][02] of the mint public keys that signed the token (hex string). ## 0.2 - Protocol diff --git a/10.md b/10.md index ba4ee0c8..ade8cb2b 100644 --- a/10.md +++ b/10.md @@ -49,6 +49,8 @@ kind , - `data` expresses the spending condition specific to each kind - `tags` hold additional data committed to and can be used for feature extensions +Since it contains structured data, `Proof.secret` may be longer than the 64 hex character limit imposed in [NUT-00][00]. However, well-known `Secret` is still subject to contraints, which are decided on a case-by-case basis depending on the use case. + ## Examples Example use cases of this secret format are diff --git a/11.md b/11.md index 130f0f85..8ca79308 100644 --- a/11.md +++ b/11.md @@ -65,6 +65,15 @@ Supported tags are: **Note:** The tag serialization type is `[, , ...]` but some tag values are `int`. Wallets and mints must cast types appropriately for de/serialization. +#### Limits + +The following tags allow multiple entries: + +- `pubkeys: ` +- `refund: ` + +The combined length of their **value** entries may not exceed 10 (e.g. `len(pubkeys[1:]) + len(refund[1:]) <= 10`). + #### Signature flags Signature flags are defined in the tag `Secret.tags['sigflag']`. Currently, there are two signature flags. diff --git a/14.md b/14.md index 9b76f0d8..b2b6ef23 100644 --- a/14.md +++ b/14.md @@ -43,6 +43,8 @@ Here is a concrete example of a `Secret` of kind `HTLC`: A `Proof` with this `Secret` can be spent in two ways. To spend the hash lock, the witness in `Proof.witness` includes the preimage to `Secret.data` and a signature from the key in `Secret.tag.pubkeys`. Additionally, if the current system time is later than `Secret.tag.locktime`, the `Proof` can be spent if `Proof.witness` includes a signature from the key in `Secret.tags.refund`. +The combined length of the **value** entries of `Secret.tag.pubkeys` and `Secret.tag.refund` may not exceed 10 (e.g. `len(pubkeys[1:]) + len(refund[1:]) <= 10`). + The hash lock in `Secret.data` and the preimage in `Proof.witness.preimage` is treated as 32 byte data encoded as 64 character hex strings. See [NUT-11][11] for a description of the signature scheme, the additional use of signature flags, and how to require signature from multiple public keys (multisig).