Update encodings for ik and issueAuthSig

[vivek-arte]

This is a companion PR to QED-it/orchard#182. It makes the changes to the specification made in zcash/zips#1042, namely the addition of a 0x00 byte to the start of the issuance validating key and the issuance authorization signature.

[PaulLaux]

added minor comments

[PaulLaux]

Still, the intent of https://github.com/zcash/zips/pull/1053/files is not fully reflected from these changes.

We need an "encoding" step (a function to encode) to add the
$\mathtt{ZSA-BIP340-SIG-SCHEME} = \mathtt{0x00}$ to
$\mathtt{issueAuthSig_encoding} = \mathtt{ZSA-BIP340-SIG-SCHEME}||\ ...$

$\mathtt{ZSA-BIP340-SIG-SCHEME} = \mathtt{0x00}$ to
and $\mathsf{issuer} = \mathsf{ik_encoding} = \mathtt{ZSA-BIP340-SIG-SCHEME} ||\ \mathsf{ik}$

the constant name should be
ZSA_BIP340_SIG_SCHEME = b'\0'

Also, The issuer should be properly represented here.

In addition, these changes also should be reflected in the code:

math:: \mathsf{AssetId} := (\mathsf{issuer}, \mathsf{assetDescHash})

and define their canonical encoding as

.. math:: \mathsf{EncodeAssetId}(\mathsf{AssetId}) = \mathsf{EncodeAssetId}((\mathsf{issuer}, \mathsf{assetDescHash})) := \mathtt{0x00} \,||\, \mathsf{issuer}\,||\,\mathsf{assetDescHash}

see https://github.com/zcash/zips/pull/1053/files#diff-c6949a94266d29a04e537001e58384261262c4c490334776ae26ff28b3437d00R255

The associated constant name for this should be
ZSA_ASSETID_VERSION_BYTE = b'\0'

The Orchard implementation should mimic those changes

[PaulLaux]

Looks good,

In this PR:

    allowed_choices = [
        [False, False, False],
        [False, False, True],
        [True, False, False],
        [True, False, True],
        [True, True, False],
        [True, True, True]
    ]

drop [False, False, True] - issuance without OrchardZSA bundle is not allowed.
Merge after fixing the in body comment.

For a subsequent PR we need:

• Burns: Are we testing burns? I see orchard_zsa_burn_field_bytes() but it is always empty, isn't it. Also, must enforce no duplicates and no zero value burn.

• We should create Reference note for first issuance of an Asset. Curently there is no referance to it.

• We need ρ for IssueNotes: rho = DeriveIssuedRho(nf0,0, indexAction, indexNote)
  If unclear, let's discuss in our meeting.

[ConstanceBeguier]

I think orchard_zsa_issuance_auth_sig.rs should be also updated (ik and sig must begin with 0x00)

[vivek-arte]

Implemented the suggestions in #31 (review) and also updated the issueAuthSig to be generated from the signature digest rather than the txid_digest (which differs in the case where transparent inputs are present).

Burns: Are we testing burns? I see orchard_zsa_burn_field_bytes() but it is always empty, isn't it. Also, must enforce no duplicates and no zero value burn.

• We are testing burns, yes. The function is defined and is not empty.
• We are not enforcing no duplicates and no zero-value burns though, noted.

[PaulLaux]

With minor comments