key rotation and revocation

[urbien]

Problem

Hypercore has an associated static Public / Private key pair. Private keys should never migrate between devices for security. When device is replaced, new keypair is created. Need

Proposed solution

1. Use Hypercore-multi-key module which allows to switch this Hypercore to a new keypair. We need to add code to sign the new key with the old one to establish safe handoff.

2. We need to verify this signature on receiving nodes so that they can prove to themselves the legality of key rotation. Perhaps this can be added as a hypercore extension?

3. After key is rotated, old key is revoked.

Not covered by this issue

Key loss and recovery schemes. This will be addressed by another issue