Wallycore

- PSET: When adding an Elements transaction output to a PSET, the nonce
commitment was incorrectly mapped to the PSET output blinding key field.
It is now correctly mapped to the ECDH public key field.
- Transaction versions less than 2 are now upgraded to version 2 when
converting a version 0 PSBT to version 2.
- Fetching nested structures (e.g. witness stacks) from PSBTs where no
structure is present now returns NULL without returning an error.
- Python wheels are no longer released for deprecated versions 3.6/3.7.
- Python wheels are now available through pip for musl-based x86 platforms
such as Apline Linux.

- ABI: wally_descriptor_to_script_get_maximum_length has changed its arguments
to match wally_descriptor_to_script.
- ABI: The vars_in variable substitution map argument to wally_descriptor_parse
now expects its key and value length to match the actual length to substitute
rather than including an extra byte. Since the map stores byte arrays and not
strings, this is more consistent with the existing map API.

- libsecp256k1-zkp: The internal libsecp256k1 library version has been updated
to fix a potential timing leak when compiling with clang v14 or later.
Although there are no known exploits at this time, users are encouraged to
update as soon as possible.
- descriptor_get_num_variants: Now returns 1 instead of 0 if no variants are
present. This allows iterating the variant from 0 to the number of variants
returned in order to generate all scripts/addresses.
- scriptpubkey_csv_2of3_then_2_from_bytes has been removed from the API.
- psbt: psbt_finalize now takes an extra flags parameter. The Java and Python
wrappers default this to zero for backwards compatibility.
- psbt: output_index, sequence, required_locktime and required_lockheight are
now returned as uint32_t values. Wrapped languages are not affected.

- witness_multisig_from_bytes: The length for the internally generated
scriptsig was not calculated correctly, and not checked after generation.
In rare cases where all signatures encode to the maximum DER signature
encoding, this may cause an invalid write/read of 1-2 bytes past an
allocated buffer. The severity of this depends on the users malloc
implementation, but all users are encouraged to upgrade to the latest
version. Note that the Jade and Bitbox02 hardware wallets and the Green
wallet apps are confirmed to *not* be affected by this issue.
- The old Javascript and cordova wrappers have been removed. Users should move
to the new JS wrappers which are significantly more functional.
- `WALLY_SEGWIT_ADDRESS_PUBKEY_MAX_LEN` was increased to account for future
segwit versions, in accordance with BIP 141. The previous value is available
as `WALLY_SEGWIT_V0_ADDRESS_PUBKEY_MAX_LEN`.

- Javascript: Add a new WASM-based JS + typescript wrapper for Node and
browsers. This now supports the entire wally API and builds to an npm module.
- Javascript: The old JS wrappers are now deprecated and will be removed
in the next release. Please report any issues with the replacement wrapper.
- psbt_extract now takes an extra flags parameter. The Java and Python
wrappers default this to zero for backwards compatibility.
- bip39_mnemonic_to_seed is no longer available for SWIG-wrapped languages.
Callers should use bip39_mnemonic_to_seed512 instead.
- Python: Remove support for Python 2.x.
- Python: The Python wrappers are now automatically generated. Please ensure
you thoroughly test your Python code after upgrading.
- Python: Some calls (e.g. bip39_mnemonic_to_seed512, aes, and aes_cbc) used
to take output buffers to fill and return the number of bytes written. These
calls now automatically create and fill thier buffer, returning it as the
only return value. The number of bytes written can be determined by using
len() on the returned output buffer.

- Support for PSET v0 (Elements) has been removed.
- PSBT: PSBT/PSET v2 support has been added. The ABI has changed slightly as a result.
Users will need to recompile their applications and change function names and
arguments in the cases listed below:
- PSBT_PROPRIETARY_TYPE has been renamed to WALLY_PSBT_PROPRIETARY_TYPE to respect
wallys namespace.
- psbt_init_alloc has changed its definition and now has a new flags argument.
Passing `WALLY_PSBT_INIT_PSET` to this function will create an Elements
PSET instead of a PSBT (version must be passed as 2 in this case).
- psbt_from_base64 and psbt_from_bytes now take an extra flags parameter. The
Java and Python wrappers default this to zero for backwards compatibility.
- psbt_add_input_at has been renamed to psbt_add_tx_input_at.
- psbt_add_output_at has been renamed to psbt_add_tx_output_at.
- wally_map initialization functions now take a verification function
as an extra parameter.
- wally_map_add_keypath_item has been renamed to wally_map_keypath_add.
This call must only be made on a keypath initialized map.
- The input and output variants wally_psbt_input_add_keypath_item and
wally_psbt_output_add_keypath_item have also been renamed to
wally_psbt_input_keypath_add and wally_psbt_output_keypath_add.
- New functions wally_map_keypath_bip32_init_alloc and
wally_map_keypath_public_key_init_alloc for initializing BIP32 and public key
keypath maps have been added.
- Note that PSET support for issuance and peg-in is incomplete at this time and
may contain bugs. Users are strongly advised to test their code thoroughly
if using these features.