When I implemented a Silent Payments send on testnet, I used a Taproot key-path spend as input. In that case, the sender's public key is directly readable from the witness.But I'm not sure this holds for all input types. For example, in a P2WPKH input the pubkey is in the witness, but for a Taproot script-path spend it may not be directly recoverable.Does BIP352 require the sender's input pubkey to be recoverable? And if the sender uses an input type where the pubkey is not visible, does the protocol break down?