fix: Signature serializes more bytes than are deserialized

[sergerad]

Closes #685.

We discovered in 0xMiden/protocol#2128 that serialization of Signature is problematic.

It appears that an additional byte is serialized but not deserialized.

[sergerad]

Unsure how we actually want to fix this. Put this here for now.

[bobbinth]

I think this is probably related to #668 (and now thinking about it, my concern about the odd number of bytes is not valid).

@Al-Kindi-0 - is there a reason we need 66 bytes vs. 65 bytes for serialization?

Also, this should probably go into main as it seems like a bug fix.

[PhilippGackstatter]

For now, we could just read the extra byte during deserialization and discard it as a fix, right? That means we wouldn't actually touch the serialization format, in case that is somehow important.

[bobbinth]

Yeah, I think we probably want to do two things:

1. The short-term fix that reads the extra byte and discards it - this would go into main.
2. The longer term fix that reduces signature size to 65 bytes (assuming that's the correct thing to do) - that would go into next.

[bobbinth]

Looks good! Thank you! Also, let's update the changelog.

I'd hold off on merging before review from @Al-Kindi-0.

[bobbinth]

We are not planning to release the v0.20.0 version yet - so, I'd keep it as TBD.

The bug fix (that keeps signature length as is) should go into main - and that would probably be a different PR.

[Al-Kindi-0]

LGTM
I think the reason for the extra bit was the previous solution where we wanted to accommodate both the Keccak and SHA variants of the signature. We then probably forgot to remove this extra bit when we abandoned that goal.