NUMS_UNSPENDABLE_KEY_HEX is not supposed to be used as is (privacy concerns)

[tvpeter]

I believe technically the NUMS_UNSPENDABLE_KEY_HEX is not supposed to be used as is (privacy concerns), though for now it's fine. Per BIP-0431, should add an issue to do the following:

"In order to avoid leaking the information that key path spending is not possible it is recommended to pick a fresh integer r in the range 0...n-1 uniformly at random and use H + rG as internal key. It is possible to prove that this internal key does not have a known discrete logarithm with respect to G by revealing r to a verifier who can then reconstruct how the internal key was created."

Originally posted by @notmandatory in #208 (comment)

[va-an]

If this is planned to be done not in 2.0.0, but in a subsequent version, then please assign this to me.