Add some validity checks for offer messages and oracle announcements

Messaging.md

@@ -377,6 +377,9 @@ See [the Oracle specifications](./Oracle.md#oracle-event) for more details.
    * [`event_descriptor`:`event_descriptor`]
    * [`string`:`event_id`]
 
+**Validity requirement**
+- `nb_nonces` MUST be equal to 1 for enumerated outcomes and to `nb_digits` for digit decomposition events.
+
 ### The `oracle_announcement` Type
 
 This type contains an `oracle_event` and a signature certifying its origination.
@@ -392,6 +395,10 @@ See [the Oracle specifications](./Oracle.md#oracle-announcements) for more detai
 
 where `signature` is a Schnorr signature over a sha256 hash of the serialized `oracle_event`, using the tag `announcement/v0`.
 
+**Validity requirement**
+- The `signature` MUST be valid for the `oracle_public_key`
+- `oracle_event` MUST be [valid](#the-oracleevent-type).
+
 ### The `oracle_attestation` Type
 
 This type contains information about the outcome of an event and the signature(s) over its outcome value(s).

Protocol.md

@@ -115,7 +115,9 @@ Outputs in the funding transaction will be sorted by `change_serial_id` and `fun
 sides will use to compute fees in the funding transaction, as described in the
 [transaction specification](Transactions.md).
 
-`cet_locktime` is the nLockTime to be put on CETs. `refund_locktime` is the nLockTime to be put on the refund transaction.
+`cet_locktime` is the nLockTime to be put on CETs.
+
+`refund_locktime` is the nLockTime to be put on the refund transaction.
 
 #### Requirements
 
@@ -130,7 +132,9 @@ The sending node MUST:
   - set `cet_locktime` to be less than `refund_locktime`.
   - use a unique `input_serial_id` for each input
   - set `change_serial_id` and `fund_output_serial_id` to different values
-  - use valid [contract descriptor(s)](./Messaging.md#The-contract_descriptor-Type) within `contract_info`.
+  - use valid [contract descriptor(s)](./Messaging.md#The-contract_descriptor-Type) within `contract_info`
+  - set `cet_locktime` to a value less than or equal to the earliest `event_maturity_epoch` amongst all `oracle_event` used included in the `contract_info`
+  - set `refund_locktime` to a value greater than `cet_locktime` (recommended value of latest event maturity + 86400 * 7 meaning roughly 7 days after latest event maturity).
 
 The sending node SHOULD:
 
@@ -139,6 +143,7 @@ The sending node SHOULD:
   - set `refund_locktime` sufficiently long after the latest possible release of oracle signatures added to all other delays to closing the contract.
   - set `payout_spk` to a previously unused script public key.
   - set `change_spk` to a previously unused script public key.
+  - set `refund_locktime` to a value not too big that both party can be expected to be refunded in a reasonable time-frame (recommended not more than latest contract maturity + 86400 * 14 meaning 2 weeks after latest contract maturity).
 
 The receiving node MUST:
 
@@ -152,6 +157,7 @@ The receiving node MAY reject the contract if:
   - `offer_collateral_satoshis` is too small.
   - `feerate_per_vb` is too small.
   - `feerate_per_vb` is too large.
+  - `refund_locktime` is too small or too large.
 
 The receiving node MUST reject the contract if:
 
@@ -166,6 +172,9 @@ The receiving node MUST reject the contract if:
   - The `fund_output_serial_id` and `change_serial_id` are not set to different value
   - Any input in `funding_inputs` is not a BIP141 (Segregated Witness) input.
   - invalid [contract descriptor(s)](./Messaging.md#The-contract_descriptor-Type) are used within `contract_info`.
+  - `cet_locktime` is not set to a value less than or equal to the earliest maturity time of all included oracle events.
+  - `refund_locktime` is less than or too close to `cet_locktime`.
+  - any of the included `oracle_announcement` is [invalid](Messaging#version-0-oracleannouncement).
 
 ### The `accept_dlc` Message