Compress ElGamal Public Keys and Pedersen Commitments + Add Validation

[shawnxie999]

High Level Overview of Change

Summary

Reduces storage size for ElGamal public keys and Pedersen commitments from 64 bytes to 33 bytes by using compressed EC point format. Adds validation to ensure these fields contain valid EC points before storing on ledger.

Changes

Field Size Reduction

Field	Before	After
sfHolderElGamalPublicKey	64 bytes	33 bytes
sfIssuerElGamalPublicKey	64 bytes	33 bytes
sfAuditorElGamalPublicKey	64 bytes	33 bytes
sfBalanceCommitment	64 bytes	33 bytes
sfAmountCommitment	64 bytes	33 bytes

Validation

• Added isValidPublicKey() and isValidCommitment() functions
• Preflight now validates that public keys and commitments are parseable compressed EC points
• Invalid values rejected with temMALFORMED

Affected Transactions

• ConfidentialMPTConvert - validates holder public key
• MPTokenIssuanceSet - validates issuer and auditor public keys
• ConfidentialMPTSend - validates amount and balance commitments
• ConfidentialMPTConvertBack - validates balance commitment

Breaking Changes

• Public keys and commitments must now be 33-byte compressed format (use secp256k1_ec_pubkey_serialize with SECP256K1_EC_COMPRESSED)
• Malformed EC points now fail preflight instead of being stored

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Refactor (non-breaking change that only restructures code)
• Performance (increase or change in throughput and/or latency)
• Tests (you added tests for code that already exists, or your new feature included in this PR)
• Documentation update
• Chore (no impact to binary, e.g. .gitignore, formatting, dropping support for older tooling)
• Release

API Impact

• Public API: New feature (new methods and/or new fields)
• Public API: Breaking change (in general, breaking changes should only impact the next api_version)
• libxrpl change (any change that may affect libxrpl or dependents of libxrpl)
• Peer protocol change (must be backward compatible or bump the peer protocol version)

[codecov]

Codecov Report

❌ Patch coverage is 92.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.1%. Comparing base (67e8e89) to head (014d711).
⚠️ Report is 122 commits behind head on ripple/confidential-transfer.

Files with missing lines	Patch %	Lines
src/libxrpl/protocol/ConfidentialTransfer.cpp	90.0%	2 Missing ⚠️

Additional details and impacted files

@@                      Coverage Diff                       @@
##           ripple/confidential-transfer   #6385     +/-   ##
==============================================================
+ Coverage                          79.1%   80.1%   +0.9%     
==============================================================
  Files                               850     852      +2     
  Lines                             72015   66305   -5710     
  Branches                           8385    7251   -1134     
==============================================================
- Hits                              56975   53085   -3890     
+ Misses                            15040   13220   -1820     

Files with missing lines	Coverage Δ
include/xrpl/protocol/ConfidentialTransfer.h	100.0% <ø> (ø)
include/xrpl/protocol/Protocol.h	100.0% <ø> (ø)
src/xrpld/app/tx/detail/ConfidentialMPTConvert.cpp	93.3% <100.0%> (ø)
...xrpld/app/tx/detail/ConfidentialMPTConvertBack.cpp	93.8% <100.0%> (ø)
src/xrpld/app/tx/detail/ConfidentialMPTSend.cpp	90.7% <100.0%> (ø)
src/xrpld/app/tx/detail/MPTokenIssuanceSet.cpp	98.4% <100.0%> (-0.5%)	⬇️
src/libxrpl/protocol/ConfidentialTransfer.cpp	91.5% <90.0%> (+21.2%)	⬆️

... and 753 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[yinyiqian1]

The secp256k1 compressed buffer have fixed prefix, do you think it is worth adding the check as well, so that we can fail fast before the parse

[yinyiqian1]

We can use the same valid check for ec pub key and commitment. Please rename if you have better choice.

bool
isValidSecp256k1Point(Slice const& buffer)
{
    // some checks
   ...
    return secp256k1_ec_pubkey_parse(
        secp256k1Context(), &point, buffer.data(), ecPubKeyLength) == 1;
}

or we can