From: Matt Corallo <git@bluematt.me>
Date: Mon, 14 Sep 2020 15:33:59 +0000 (-0400)
Subject: Add README note about key validity assertions at the FFI boundary
X-Git-Tag: v0.0.12~7^2~24
X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=8b8a97c6aabe157543f30d4d913283c0f5b6b02f;hp=df778b605a28580905cb5ca63b3ec8bbe99afc2f;p=rust-lightning

Add README note about key validity assertions at the FFI boundary
---

diff --git a/lightning-c-bindings/README.md b/lightning-c-bindings/README.md
index 72426bdf..0c221c7c 100644
--- a/lightning-c-bindings/README.md
+++ b/lightning-c-bindings/README.md
@@ -218,6 +218,9 @@ These include:
 	  ...
    } LDKChannelKeys;
    ```
+ * Private and public keys are asserted valid at the FFI boundary. Thus, before passing any
+   (untrusted) private or public key material across the boundary, ensure that they represent valid
+   (ie in-range) keys.
    
 **It is highly recommended that you test any code which relies on the C (or C++) bindings in
 valgrind, AddressSanitizer, MemorySanitizer, or other similar tools to ensure correctness.**