3rd-party: add new protobuf fields and messages

- externalSignature allows to attach an optional signature (from a non-ephemeral private key)
  to biscuit blocks
- scope lets blocks and rules specify which facts can be loaded (either through keywords
  for selecting groups of blocks, or through public keys for blocks signed by a specific
  key)
- publicKeys provides a way to intern public keys in a way similar to symbols. Only public
  keys referenced in datalog elements can be interned
- ThirdPartyBlockRequest / ThirdPartyBlockContents provide a way to add a signed 3rd party block
  to a given biscuit token without disclosing the token itself. For that, the request needs to
  provide:
    - the public key of the last block (needed to pin the signature to a specific biscuit token)
    - the list of already interned public keys (needed to properly generate the datalog ast).
      Contrary to public keys, interned symbols are not shared to 3rd party blocks to prevent
      information leaks.
  The response provides the serialized block, as well as the associated signature.

SPECIFICATIONS.md

@@ -519,8 +519,24 @@ message Biscuit {
 
 message SignedBlock {
   required bytes block = 1;
-  required bytes nextKey = 2;
+  required PublicKey nextKey = 2;
   required bytes signature = 3;
+  optional ExternalSignature externalSignature = 4;
+}
+
+message ExternalSignature {
+  required bytes signature = 1;
+  required PublicKey publicKey = 2;
+}
+
+message PublicKey {
+  required Algorithm algorithm = 1;
+
+  enum Algorithm {
+    Ed25519 = 0;
+  }
+
+  required bytes key = 2;
 }
 
 message Proof {
@@ -553,6 +569,8 @@ message Block {
   repeated FactV2 facts_v2 = 4;
   repeated RuleV2 rules_v2 = 5;
   repeated CheckV2 checks_v2 = 6;
+  repeated Scope scope = 7;
+  repeated PublicKey publicKeys = 8;
 }
 ```
 
@@ -565,7 +583,9 @@ each block must carry its own version.
 An implementation must refuse a token with a newer format than the range they know.
 An implementation must refuse a token with an older format than the range they know.
 An implementation must always generate tokens at the highest version it can do.
-The current minimum version number is 3.
+
+The current minimum version number is 3.  
+The current maximum version number is 4.
 
 # Version 2
 
@@ -704,6 +724,8 @@ message Block {
   repeated FactV2 facts_v2 = 4;
   repeated RuleV2 rules_v2 = 5;
   repeated CheckV2 checks_v2 = 6;
+  repeated Scope scope = 7;
+  repeated PublicKey publicKeys = 8;
 }
 ```
 

schema.proto

@@ -13,6 +13,12 @@ message SignedBlock {
   required bytes block = 1;
   required PublicKey nextKey = 2;
   required bytes signature = 3;
+  optional ExternalSignature externalSignature = 4;
+}
+
+message ExternalSignature {
+  required bytes signature = 1;
+  required PublicKey publicKey = 2;
 }
 
 message PublicKey {
@@ -40,6 +46,20 @@ message Block {
   repeated FactV2 facts_v2 = 4;
   repeated RuleV2 rules_v2 = 5;
   repeated CheckV2 checks_v2 = 6;
+  repeated Scope scope = 7;
+  repeated PublicKey publicKeys = 8;
+}
+
+message Scope {
+  enum ScopeType {
+    Authority = 0;
+    Previous  = 1;
+  }
+
+  oneof {
+    ScopeType scopeType = 1;
+    int64 block = 2;
+  }
 }
 
 message FactV2 {
@@ -50,6 +70,7 @@ message RuleV2 {
   required PredicateV2 head = 1;
   repeated PredicateV2 body = 2;
   repeated ExpressionV2 expressions = 3;
+  repeated Scope scope = 4;
 }
 
 message CheckV2 {
@@ -141,3 +162,13 @@ message AuthorizerPolicies {
   repeated CheckV2 checks = 5;
   repeated Policy policies = 6;
 }
+
+message ThirdPartyBlockRequest {
+  required PublicKey previousKey = 1;
+  repeated PublicKey publicKeys = 2;
+}
+
+message ThirdPartyBlockContents {
+  required bytes payload = 1;
+  required ExternalSignature externalSignature = 2;
+}