Bump deps (signatory/stdtx/k256/tendermint/yubihsm)

[tony-iqlusion]

Upgrades the following dependencies to the latest versions:

• signatory v0.22.0
• stdtx v0.3.0
• k256 v0.5.9
• tendermint v0.16.0
• yubihsm v0.35.0-rc

This commit also moves away from Signatory-based abstractions in several places, leaning more directly on ed25519-dalek and the k256 crate, the latter of which now contains full ECDSA/secp256k1 support. Additionally, it completely removes use of signatory-dalek and rust-secp256k1/signatory-secp256k1.

The rationale is that ed25519-dalek has natively adopted the Signer and Verifier traits which Signatory originally provided, which eliminates the need to use it through an abstraction layer/wrapper. The signatory-dalek crate has also since been retired.

[tony-iqlusion]

Getting some Secret Connection-related failures in the test suite:

error: client 'test_chain_id@tcp://127.0.0.1:62538' exited with error: cryptographic error

failures:
    test_handle_and_sign_ping_pong
    test_handle_and_sign_proposal
    test_handle_and_sign_vote

Will investigate (or would appreciate any help)

[tony-iqlusion]

I've found the cause of the Secret Connection failures, and it appears to be a somewhat confusing (non-critical) bug in the original code which previously didn't cause a breakage due to lack of Ed25519 point decompression:

https://github.com/iqlusioninc/tmkms/blob/d48c961/src/connection/secret_connection.rs#L131-L134

These lines are attempting to parse an ephemeral X25519 public key as an Ed25519 one. This just simply appears to be the wrong key: the remote_pubkey for SecretConnection intended to be the Ed25519 identity key, not the remote X22519 ECDHE ephemeral public key.

When the handshake completes, it's overwritten with the correct key here:

https://github.com/iqlusioninc/tmkms/blob/d48c961/src/connection/secret_connection.rs#L170-L171

This succeeded before because it was using Signatory's ed25519::PublicKey type, which does not decompress points and therefore silently ignored the invalid point. Switching to ed25519_dalek::PublicKey, the problem now surfaces, as the point is failing to decompress.

I'll open a branch that attempts to fix just this issue.

Edit: opened #164 which appears to address the issue, and rebased this PR on it.

[codecov-io]

Codecov Report

Merging #162 into develop will increase coverage by 0.32%.
The diff coverage is 29.20%.

@@             Coverage Diff             @@
##           develop     #162      +/-   ##
===========================================
+ Coverage    22.64%   22.97%   +0.32%     
===========================================
  Files           60       61       +1     
  Lines         2446     2429      -17     
===========================================
+ Hits           554      558       +4     
+ Misses        1892     1871      -21     

Impacted Files	Coverage Δ
src/commands/softsign/import.rs	0.00% <0.00%> (ø)
src/commands/softsign/keygen.rs	0.00% <0.00%> (ø)
src/commands/yubihsm/keys/import.rs	0.00% <0.00%> (ø)
src/commands/yubihsm/keys/list.rs	0.00% <0.00%> (ø)
src/config/validator.rs	0.00% <ø> (ø)
src/connection/tcp.rs	0.00% <0.00%> (ø)
src/keyring/ecdsa.rs	0.00% <ø> (ø)
src/keyring/providers/ledgertm.rs	0.00% <0.00%> (ø)
src/keyring/providers/softsign.rs	0.00% <0.00%> (ø)
src/keyring/providers/yubihsm.rs	0.00% <0.00%> (ø)
... and 14 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 14edb4e...1cfc62e. Read the comment docs.