It seems to me that this is the unsafe case.
- The attacker sends you a PSBT
- You generate a
secnonce
and sign with it - The attacker tells you that something went wrong, and sends you the same PSBT again with the same
session_id
- So you generate the exact same
secnonce
and sign again with it
This is precisely what should not happen. Or why would this attack be prevented?