Resolve ENS signature keys from cl.sig.* and use ed25519:<base64> format

[GsCommand]

Motivation

• Stop using PEM-based cl.receipt.pubkey.pem lookups and signer_id indirection, and standardize on signature-specific ENS TXT records and a compact Ed25519 text format.
• Make the verification path canonical by using cl.sig.pub and cl.sig.kid (with delegation via cl.receipt.signer) and support a simple ed25519:<base64> env/local key representation.

Description

• Replaced the environment/local pubkey handling to use RECEIPT_SIGNING_PUBLIC_KEY (expects ed25519:<base64>) instead of RECEIPT_SIGNING_PUBLIC_KEY_PEM_B64, and added strict parsing/validation for that format.
• Introduced parseEd25519PublicKeyText and ed25519PublicKeyObject helpers to validate the ed25519:<base64> form and construct a usable Node PublicKey (SPKI DER) from raw 32-byte key bytes.
• Added resolveSignatureKey(name) abstraction that resolves cl.receipt.signer on the verifier name (delegation), then reads cl.sig.pub and cl.sig.kid on the signer name and returns { pubkeyBytes, kid, signer, source, cache }.
• Replaced old PEM-based ENS fetch flow (cl.receipt.pubkey.pem) with the new TXT keys: cl.receipt.signer, cl.sig.pub, and cl.sig.kid, and updated /verify and debug endpoints to use and report the new fields (including surfaced kid).
• Switched verifyEd25519Base64 to accept raw pubkey bytes and verify via the constructed Ed25519 public key object.
• Updated smoke test to emit RECEIPT_SIGNING_PUBLIC_KEY in ed25519:<base64> format and updated README and docs (docs/CONFIGURATION.md, docs/OPERATIONS.md) to reflect new env vars and ENS TXT keys.

Testing

• Ran node --check server.mjs with no syntax errors. (succeeded)
• Ran the repository smoke tests via npm test which starts the server and exercises signing and verification flows; all tests passed. (succeeded)

---

Codex Task

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d49730d2d3

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Preserve ENS fallback when local key text is invalid

/verify now parses RECEIPT_SIGNING_PUBLIC_KEY before attempting ENS lookup, so any malformed local key throws and returns a 500 even when ens=1 and ENS has a valid signature key. This regresses the prior behavior where a bad local key could be ignored and ENS-based verification could still succeed, so one misconfigured optional env var can take verification down in deployments that rely on ENS.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Accept unpadded base64 in ed25519 public key text

The validation requires bytes.toString("base64") === payload, which rejects otherwise valid unpadded base64 encodings (same 32-byte key, missing trailing =) that are commonly produced by tooling and manual ENS/env configuration. As written, valid ed25519:<base64> values can be rejected with invalid base64, causing unnecessary verification failures.

Useful? React with 👍 / 👎.