This commit modifies the blob encryption scheme to
use chacha20-poly1305 with a randomized 192-bit nonce.
The previous approach used a deterministic nonce scheme,
which is being replaced to simplify the requirements of
a correct implementation. As a result, each payload
gains an addtional 24-bytes prepended to the ciphertext.
This commit fixes an issue with the witness stack
construction for to-local and to-remote inputs,
that would cause the justice kit to return
signatures as fixed-size, 64-byte signatures.
The correct behavior is to return DER-encoded
signatures so that they will properly verify on
the network, since the consensus rules won't
be able to understand the fixed-size variant.
This commit fixes an oversight in the previous
design of the watchtower blob, by introducing
a length byte for sweep addresses. The previous
format supposed that addresses would be padded
to 42 bytes, but had no indication of the
address's actual length.
To rememdy this, we introduce a single byte
indicating the actual size of the address,
such that the padding can be removed upon
decoding.