Implement Certification of the Mithril Verification Keys in Signer/Aggregator

[jpraynaud]

Issue

Implement the certification of the Mithril Verification Keys in the Signer and the Aggregator

Tasks

• Use new key registration functions that use KES Secret Key and Operational Certificate to provide Mithril keys certification
• Implement a KES Period requester inside the Chain Observer
• Implement a hybrid mode: Certified and Legacy to allow for smooth transition (no breaking changes)
• Adapt Aggregator key registration
• Adapt Signer key registration
• Adapt Signer individual signatures registration
• Update crypto tests helpers from Common to handle hybrid modes (and add a test_only feature for them)
• Update devnet
• Update test lab and make it able to verify that Signers from both modes are able to contribute to signatures
• Add Verified Signer badge on the Explorer for certified signers

Depends

Depends on #384

[iquerejeta]

After a discussion with @abailly-iohk , we thought that it would probably be of interest to keep mithril-core protocol agnostic. In the sense that we should not fit mithril-core to work only with Cardano.

Therefore, it would be better for the parsing of the opcert and kes keys to happen in the Mitrhil client and aggregator. Therefore, the verification that a given key is really associated to a PoolID should happen in the node.

Thoughts @jpraynaud ?

[jpraynaud]

I completely agree with keeping mithril-core agnostic and handle the certification of the Mithril Verification Keys and PoolId in mithril-common instead 👍

We will use the code you created in the NewKeyReg of the PR #433 and adapt it in mithril-common. WDYT?

[iquerejeta]

Yes, I was thinking about that. we are only missing computing the poolID from the cold key, but other than that, we have compatibility. I'm now trying to install the node cli in my machine to try and resolve this last missing point 😓