This resolves #6. The security model is as described in that issue:
An unrelated attacker, that cannot observe "authorized" traffic cannot do anything
A passive attacker, who can observe a connection, can obtain the uploaded firmware image, together with its authentication tag, but cannot create a new connection to picowota to upload the image.
An active attacker, who can take over tcp connections still has no way to create new connection on their own. On an existing connection that they took over, they can erase flash, boot, but cannot use picowota to upload an unrelated firmware image. Only firmware images, where the attacker previously observed the upload can be replayed.
This resolves #6. The security model is as described in that issue:
To use these changes, a corresponding change in https://github.com/usedbytes/serial-flash is required. That I can prepare a PR for, if this change is wanted.