I126 secp ext

[PopcornPaws]

Description

Aims to close #126 and #134

Bit rough around the edges, but id gets the job done. What job? Well, we wanted end users to be able to interact with the network using just their metamask wallet. For this to work, we cloned the Multisignature implementation from sp-runtime and modified the ECDSA part to verify EVM-specific ECDSA instead of a generic one that used blake2 for hashing the message.

• the EIP-155 normalization is handled by a simple recovery id check
• in order to keep ristretto and edwards signature schemes working, the account id has to be 32 bytes, so the address $a$ is hashed via blake2_256 with a prefix evm: $p$

$$H_{blake2_{256}}(p||a)$$

PS. polkadot.js does the same

[OnyxSkyscape]

Nice

[PopcornPaws]

I just realized that hashing the evm address is not a good idea because it's a one-way operation. However, the oracle needs to query the evm addresses for evm token checks which it cannot do if we store the addresses as hashes. Therefore, I think we should just pad the addresses with zeros to get 32 byte account ids. Then, the oracle will be able to query addresses from the chain and just strip the padding zeros to recover the 20 byte evm addresses.

[OnyxSkyscape]

Runtime upgrade v104 tested and successfully rolled out into prod today 2:10 pm CEST at commit 5e03a8c, ready to merge.