Enable key-rotation

[sergeynog]

• Allow validators to generate a key tofnd key, back-it up, declare as the new "active key", and slowly rotate out the old key (i.e. it'll still be used for old sign sessions, but no longer for new keygens/signs.

[ggutoski]

We don't want to impose off-chain statefulness on the caller (vald), nor do we want tofnd to maintain any state other than mnemonics. A concrete plan as per discussion with @milapsheth:

• key presence check and sign now also includes a pubkey k in addition to a key id id. key presence iterates through all mnemonics m, generates the key k' from (m,id), compares with k. return true if we find a mnemonic that generates k else return false. sign does similar, but also signs a given message if k is found.
• keygen always uses the current "active" mnemonic

If you don't like the inefficiency of iterating keygen over all mnemonics then we introduce statefulness. Either caller (vald) or tofnd must maintain state about which mnemonics were used to generate which keys.

Mnemonic management

• User adds a new mnemonic via similar "import" mechanism (ie. launch tofnd in mnemonic mode). "import" with activate flag imports the mnemonic (if it doesn't already exist) and sets it to active (if it isn't already).
• Delete an existing mnemonic: "import" with delete flag: if the "imported" mnemonic exists and is inactive then delete it, otherwise throw an error
• "export" now dumps the whole list of mnemonics, first in the list is active. (Separate files for each mnemonic? One mnemonic per line in one file?)

[milapsheth]

Based on discussion with @ggutoski and @cgorenflo, the proposed design involving axelard/vald/tofnd:

• Validators can generate a new mnemonic to perform a "tofnd key rotation" and will be used for future key ids (i.e core key rotations).
• tofnd will have a list of mnemonics it can import/store.
• tofnd now receives (key_id, pubkey) when signing. From the pubkey, it can determine the mnemonic that should be used for signing.
• On vald startup, it queries the node to retrieve a mapping of key ids to pub keys for a given validator. Any key_id not in this mapping will send over empty pubkey bytes which defaults to the latest mnemonic of the validator. This way if any key rotations in core are performed, new key ids will always correspond to the latest mnemonic.
• axelard exposes the above query.

Note, this design works for multisig. In the threshold case, during signing only the secret key share is needed. The mnemonic is not used at all anyways. During on chain recovery of key shares for threshold schemes, recovery can be performed in a similar way by indexing against a provided pubkey/hash.