Remove exposure of token in proxied-verifier

[alxdavids]

Currently, in the proxied-verifier server running mode, the entire redemption token is sent to the server. However, we may be able to avoid this by only sending the initial data inside the RedemptionRequest, and keeping the tag and info at the proxy. This is because data is operated on under the server key, while the rest of the information is just added to a hash function evaluation. This means that the token issuer only sees the token (and can then implement double-spending protection based on this), but nothing else about the request to the verifier.

The change will probably drop the requirement for the VerifyFinalize API in the VOPRF doc, which is also advantageous. Originally discussed with @chris-wood, @siyengar, and Zutian Luo.

[alxdavids]

@chris-wood, I will take a look at this today. It would be nice to have this in ahead of the PrivateStats ciphersuites..

[alxdavids]

I don't think that we're quite ready to move forward with this, but we can consider it for a future draft release.

[chris-wood]

Overcome by events. Closing.