In gpg-agent, reading and processing MPI assumes unsigned integer using default mode ("+").
But writing uses "%m", which is signed integer.
This works, as long as the MPI value is positive.
But there are two problems:
(1) When the MPI value is negative, it results wrong value, undetected.
(2) Representation may have extra leading zero octet.
This should be fixed like:
(1) When writing, make sure the value is positive and results error when it's not. DETECT INVALID VALUE.
(2) Use %M without leading zero octet.
(3) For backward compatibility (in the existing file), keep the support of allowing extra leading zero octet when reading.
The fix #1 would cause problem for SSH, as "mpint" in the SSH specification assumes signed integer, but I believe negative value is never in use in the implementations.