Normailize signatures

[survived]

Output signatures produced by cggmp are not compatible with bitcoin by default. PR adds signature normalization, and adds tests that verify output signatures using other ecdsa libs

[github-actions[bot]]

Benchmark Result

Benchmarks

```text RUST_TESTS_SEED=582acbd13d7abafee8c988a3d3c3a081d29df8b613a61392a04ccf898deb3bfa n = 3 Key refresh protocol Protocol Performance: - Protocol took 3.50s to complete In particular: - Setup: 24.40µs - Retrieve auxiliary data: 800.00ns (3.3%) - Setup networking: 18.00µs (73.8%) - Precompute execution id and shared state: 5.40µs (22.1%) - Unstaged: 200.00ns (0.8%) - Round 1: 391.56ms - Retrieve or compute primes (p and q): 400.00ns (0.0%) - Compute paillier decryption key (N): 22.47ms (5.7%) - Generate secret y and public Y: 214.60µs (0.1%) - Compute schnorr commitment τ_i: 210.30µs (0.1%) - Generate secret x_i and public X_i: 632.79µs (0.2%) - Generate auxiliary params r, λ, t, s: 5.67ms (1.4%) - Prove Πprm (ψ_i): 361.84ms (92.4%) - Compute schnorr commitment τ_j: 428.99µs (0.1%) - Sample random bytes: 1.30µs (0.0%) - Compute hash commitment and sample decommitment: 90.30µs (0.0%) - Unstaged: 600.00ns (0.0%) - Round 2: 500.00ns - Round 3: 2.11s - Validate round 1 decommitments: 178.20µs (0.0%) - Validate data sizes: 500.00ns (0.0%) - Validate П_prm (ψ_i): 721.01ms (34.1%) - Validate X_i: 51.80µs (0.0%) - Compute paillier encryption keys: 7.50µs (0.0%) - Add together shared random bytes: 400.00ns (0.0%) - Compute schnorr proof п_i: 5.10µs (0.0%) - Compute П_mod (ψ_i): 1.18s (55.9%) - Sample challenge for schnorr_pok: 6.00µs (0.0%) - Prepare auxiliary params and security level for proofs: 2.10µs (0.0%) - Compute schnorr proof ψ_i^j: 1.50µs (0.0%) - Paillier encryption of x_i^j: 50.46ms (2.4%) - Compute П_fac (ф_i): 159.14ms (7.5%) - Unstaged: 600.00ns (0.0%) - Round 4: 992.50ms - Paillier decrypt x_j^i from C_j^i: 44.02ms (4.4%) - Validate shares: 477.30µs (0.0%) - Validate schnorr proofs п_j and ψ_j^k: 3.55ms (0.4%) - Validate ψ_j (П_mod): 784.09ms (79.0%) - Validate ф_j (П_fac): 160.35ms (16.2%) - Calculate new x_i: 700.00ns (0.0%) - Calculate new X_i: 10.10µs (0.0%) - Assemble new core share: 500.00ns (0.0%) - Assemble auxiliary info: 1.80µs (0.0%) - Unstaged: 700.00ns (0.0%) Signing protocol Protocol Performance: - Protocol took 2.41s to complete In particular: - Setup: 27.95ms - Validate security level: 4.70µs (0.0%) - Retrieve auxiliary data: 27.93ms (100.0%) - Precompute execution id and security params: 4.30µs (0.0%) - Setup networking: 4.00µs (0.0%) - Unstaged: 400.00ns (0.0%) - Round 1: 186.62ms - Generate local ephemeral secrets (k_i, y_i, p_i, v_i): 45.70µs (0.0%) - Encrypt G_i and K_i: 49.92ms (26.8%) - Prove ψ0_j: 136.65ms (73.2%) - Unstaged: 800.00ns (0.0%) - Round 2: 1.19s - Hash received msgs (reliability check): 60.80µs (0.0%) - Verify psi0 proofs: 124.20ms (10.4%) - Sample random r, hat_r, s, hat_s, beta, hat_beta: 94.50µs (0.0%) - Encrypt D_ji: 72.03ms (6.0%) - Encrypt F_ji: 66.10ms (5.6%) - Encrypt hat_D_ji: 94.00ms (7.9%) - Encrypt hat_F_ji: 88.01ms (7.4%) - Prove psi_ji: 303.63ms (25.5%) - Prove psiˆ_ji: 310.20ms (26.0%) - Prove psi_prime_ji : 132.52ms (11.1%) - Unstaged: 1.90µs (0.0%) - Round 3: 892.67ms - Assert other parties hashed messages (reliability check): 600.00ns (0.0%) - Retrieve auxiliary data: 7.70µs (0.0%) - Validate psi: 282.27ms (31.6%) - Validate hat_psi: 260.38ms (29.2%) - Validate psi_prime: 124.81ms (14.0%) - Compute Gamma, Delta_i, delta_i, chi_i: 88.45ms (9.9%) - Prove psi_prime_prime: 136.76ms (15.3%) - Unstaged: 900.00ns (0.0%) - Presig output: 115.84ms - Validate psi_prime_prime: 115.34ms (99.6%) - Calculate presignature: 506.49µs (0.4%) - Unstaged: 300.00ns (0.0%) - Partial signing: 21.30µs - Signature reconstruction: 708.69µs ```