NUT-00/NUT-11: clarify types for `secret` and signatures on inputs and outputs

cashubtc / nuts

Cashu protocol specifications https://cashubtc.github.io/nuts/

MIT License

143 stars 49 forks source link

NUT-00/NUT-11: clarify types for `secret` and signatures on inputs and outputs #78

Closed callebtc closed 8 months ago

callebtc commented 8 months ago

NUT-00: Short clarification that Proof.secret is a UTF-8 string. The recommendation to use a hex string can be confusing since it may suggest that the byte data is signed (whereas we actually sign the string).

NUT-11: Clarify that Proof.secret is signed as a string whereas output.B_ is signed as bytes.

Egge21M commented 8 months ago

I wonder if the protocol should be specific about the secret. For example dictate that secret SHOULD be either a random 32-byte hex-string or serialised JSON according to NUT-10, in order to avoid fingerprinting.

thesimplekid commented 8 months ago

ACK 9799455 happy with this change or the stronger wording or SHOULD suggested by @Egge21M . However, I think its better not to reference optional nuts like 10 in mandatory ones.