Add support for ephemeral keys in key manager

[peternose]

Add API methods like the following:

• get_ephemeral_key(epoch, key_pair_id)
• get_public_ephemeral_key(epoch, key_pair_id)

Those would derive special ephemeral X25519 key pairs separate from the other runtime keys and where the epoch number is used as part of the derivation, but would only derive them if the epoch was not too far back in the past based on consensus layer state as seen by the key manager. Initially the epoch check may rely on untrusted consensus state provided by the key manager host node.

[kostko]

Some early comments on the current draft.

[codecov]

Codecov Report

Merging #4888 (d80f77d) into master (7fa7883) will decrease coverage by 0.26%.
The diff coverage is 100.00%.

❗ Current head d80f77d differs from pull request most recent head 4102e8e. Consider uploading reports for the commit 4102e8e to get more accurate results

@@            Coverage Diff             @@
##           master    #4888      +/-   ##
==========================================
- Coverage   66.60%   66.34%   -0.27%     
==========================================
  Files         464      464              
  Lines       50977    50977              
==========================================
- Hits        33954    33820     -134     
- Misses      12833    12955     +122     
- Partials     4190     4202      +12     

Impacted Files	Coverage Δ
go/worker/keymanager/worker.go	65.31% <100.00%> (+0.21%)	⬆️
go/worker/keymanager/status.go	0.00% <0.00%> (-82.61%)	⬇️
go/worker/keymanager/api/api.go	0.00% <0.00%> (-32.44%)	⬇️
go/consensus/tendermint/apps/staking/auth.go	62.96% <0.00%> (-14.82%)	⬇️
go/registry/api/grpc.go	38.66% <0.00%> (-6.40%)	⬇️
go/beacon/api/grpc.go	21.71% <0.00%> (-6.29%)	⬇️
go/consensus/tendermint/abci/prune.go	76.78% <0.00%> (-6.25%)	⬇️
go/worker/common/p2p/dispatch.go	71.52% <0.00%> (-5.56%)	⬇️
go/storage/api/metrics.go	76.66% <0.00%> (-5.00%)	⬇️
.../worker/compute/executor/committee/transactions.go	84.09% <0.00%> (-4.55%)	⬇️
... and 34 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[kostko]

Given that #4806 has been merged, please rebase on master.

[Yawning]

My inner tinfoil hat says that the master secret used to derive ephemeral keys should be distinct and have nothing to do with the master secret used to derive the long term keys.

(And yes, I am aware that the current way of doing things is fine as long as KMAC is.)

[Yawning]

Should we generate test vectors for the KDF so we don't inadvertently break it? (Since it's deterministic this should be possible)

[kostko]

Yeah that's a good idea. They should probably be added as Rust unit tests for the KDF.