Always use tweaked keys with taproot

[xoloki]

When doing taproot signatures with distributed keys, it is necessary to always use tweaked keys even when there is no script spend path. This is because a malicious DKG actor can insert a hidden script spend if the key is not tweaked.

So for all taproot sign functions, the merkle root should be optional, but tweaking the keys is not. If there is no merkle root, then the tweak is the hash of the public key only.

[codecov-commenter]

Codecov Report

Merging #17 (37c2a78) into main (9f004bc) will decrease coverage by 1.69%.
Report is 1 commits behind head on main.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main      #17      +/-   ##
==========================================
- Coverage   79.83%   78.14%   -1.69%     
==========================================
  Files          10       10              
  Lines         709      691      -18     
==========================================
- Hits          566      540      -26     
- Misses        143      151       +8     

Files Changed	Coverage Δ
src/compute.rs	100.00% <100.00%> (ø)
src/taproot.rs	85.71% <100.00%> (ø)
src/v1.rs	81.18% <100.00%> (-3.72%)	⬇️
src/v2.rs	86.08% <100.00%> (-1.23%)	⬇️

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[jferrant]

LGTM

[xoloki]

codecov is failing with a config issue:

[2023-09-05T17:09:04.026Z] ['error'] There was an error running the uploader: Error uploading to https://codecov.io: Error: There was an error fetching the storage URL during POST: 404 - {'detail': ErrorDetail(string='Unable to locate build via Github Actions API. Please upload with the Codecov repository upload token to resolve issue.', code='not_found')}

All other tests are passing so I'll go ahead and merge to unblock external users.