Apply new rules for signatures and witness events

[it-spiderman]

https://github.com/inblockio/mediawiki-extensions-Aqua/issues/397

[it-spiderman]

now that signature is stored on the revision that injects it (not on the one that was current at the time of signing), verification though external verifier fails. This is becuase when you sign, messages is i sign .... {verification_hash of current revision}, and that is used for verification. But that hash specified in message does not match the revision that holds the signature (as it is now added to the revision after it, one that injects the sig)

Also, Verifier is freaking out in general

[FantasticoFox]

We will have a look today and test. Will get back with any feedback I have.

Thank you Dejan!

[FantasticoFox]

Find an example JSON page. The Witness object exists but the path with the merkle-tree-path is completly missing. [ ] fix to include merkle-tree path

6c3fbf41e5_Testpage_Witness.json

Signatures_hash must be included when caluclating the verification hash of the revision, which also stores the signature. Currently the signature hash is ignored. [ ] fix: include signature hash in the hasher to calculate verification hash with signature hash

See example manipulated page I used for testing the signature (it should work if I put the signature back into the first revision, the verifier should return green as the second revision takes the signature hash as input to calculate the revision hash). 6c3fbf41e5_Testing_Signatures (2).json

Current hash does not include signature hash, it is only content + metadata_hash

The same problem persists with the witness hash, it is not included in the hasher but should be included. [ ] fix: ensure that witness_hash is part of the hasher input to calculate verification hash of the second revision (see example)

Current hash does not include witness hash, it is only content + metadata_hash

[it-spiderman]

Updated commit, hopefully all is good now

[FantasticoFox]

Signature is tested and works. Verifier needs adjustment. Manuel tests for signature checks out after putting the signature to its original position. cf4f30f866_Whatever_Page.json

[FantasticoFox]

Witness data is malformatted and at the wrong place for verifier to process.

cf4f30f866_Interactive_Tutorial.json

"structured_merkle_proof": [] is still empty in the second revision and is now populated at the wrong position witness_slot in content. The structured merkle proof needs to be stored as JSON in the witness object outside of the content.

The witness-slot does contain now all verification data (including merkle-tree-proof). Its redudent to the witness data in the JSON and not required in full length in there as it is invisibile to the user anyway at this moment. A useful information at this place would be to show the link to the onchain timestamp event with basic witness information.

[FantasticoFox]

Like the Signature field:

The Witness field should include useful user information about the witness event.

Those information are:

• Witness Netzwerk (e.g. Mainnet, Sepolia, Holesky)
• Link so Etherscan (Witness_event_transaction_hash) clickable, transaction hash needs to be visible for potential manuel lookup
• Link to Witness event (the page which is visible in the publisher)

Successcreteria:

• Please test that the verifier is getting green with signature and witness event being manuelly moved into the revision before for testing purpose.