This differs from the original spec:

1. Extra data is determined to only be of size less than 32, can't anyone then change this value and still generate a valid checkpoint block? This easiness of generating valid blocks could be exploited, should we minimize that as much as possible and have this be deterministic?
2. Gas limit is determined to be in a range, doesn't that allow the same attack as in 1.?
3. Shouldn't it be better if checkpoint blocks had instead no impact on the block difficulty? The one second gap between this block and it's parent will increase the difficulty of this block if not

Expanding from 3. even if we do that there's likely a difference in timestamp between this block and the next (as checkpoint generation will take longer than 1 second), and that would also affect the chains difficutly. Ideally, given an average checkpoint generation time of X, shouldn't we set the timestamp of the checkpoint block to be parentHeader.unixTimestamp + X?

Regarding X, that's idealistic far beyond being realistic. A more realistic approach could be: given chain B0 -> C -> B1 take (timestamp(B1) - timestamp(B0)) / 2 as the interval in the difficulty calculation.

Edit: nah, doesn't make sense, the interval between B1 and B0 will not be twice the average. I think the easiest and a sane thing to do would be to assume that the checkpoint does not affect the difficulty of the succeeding block so: difficulty(B1) == difficulty(B0).

We could later adjust it based on empirical data.

Separate task, right?

difficulty(B1) == difficulty(B0).

Doesn't this remove the adjusting possibility of ETC's block difficulty? The block B1 will take the same to mine independently on how much after C it was mined. If checkpoints will be as often as we've done so far (a checkpoint per 5 blocks) that might affect it

Separate task, right?

Yes, (here it is), but definitely with some discussions before on which exact rule we propose to have here

What's this? I'm not seeing it used anywhere?

sorry I used it to generate signature with random k, will remove it

I hate the method names in this class. This one says that it validates the header but it does not. There are several others like that. Maybe we should create a task to address it?

I agree, I had some problems to understand what's going on there and what's a purpose because of naming. I will create a task.

https://jira.iohk.io/browse/ETCM-171

Minor: as this is for testing purposes, shouldn't we re-use the rlp encoders instead of multiple serializers?

I'm not quite sure what you mean, this is different than RLP encoding. I need/desire/can't live without this method here, even if it's not used a single time in the codebase.

this is different than RLP encoding

This is why I'm asking, given that RLP is our default serializing way, it's easy to assume that any methods toBytes and fromBytes on our objects use RLP for serialization. If we want to keep them, shouldn't we rename them (maybe as toRawBytes and fromRawBytes?) or move them to a separate codec object?

move them to a separate codec object?

No! I need this here and you will too :)
As for renaming, I'm not sure, can't recall what this signature format is called (I don't think it's DER).