Looking at the description above that rule ????(0001 - 0999) means <any 4 bytes><any 4 bytes value between "0001" and "0999">, I thought that the value in the fixed part is checked as whole, but the code actually checks its bytes in isolation, so the rule is actually ????0(0 - 9)(0 - 9)(1 - 9).
It's fine for ranges like this, but let's take another: ??(53 - 97). I would expect aa68 to satisfy the rule, but in the proposed implementation it doesn't (because bytes are checked in isolation and 8 is outside the range [3, 7]). Could you clarify if this is the intended behaviour?
If yes, i.e. aa68 should not satisfy rule ??(53 - 97):
It would be nice to make it more clear in the description that all bytes are checked in isolation and there are actually no n-bytes values. In this case, there is a bug: for rule ??(50 - 97) and value MM58 (where M is max byte \xFF), satisfies() returns SatisfiesCode.NO_NEXT because nextRowKeyCandidateExists is only updated for non-fixed positions. It should return NEXT_EXISTS, because MM60 should be the next key.
If no, i.e. aa68 should satisfy rule ??(53 - 97):
In this case, satisfy() should be fixed. I made a patch with the fix and can add it if needed. It also has a small optimisation when there is no need to check less significant bytes. For example: for range [120, 500] and key 345, it will compare the first byte (3) only, as it's clear that the whole value is in the range.
In any case, tests might include testing satisfy() with ranges (the current patch only adds tests for getNextForFuzzyRule() with ranges).