[Feature]: dynamic signing scheme config with BLS support

[rnbguy]

Is there an existing issue for this?

• I have searched the existing issues

Describe the feature

Summary

We want pluggable signing schemes, starting with BLS12-381 alongside secp256k1. Add a config flag to pick the scheme at runtime. Update the validator manager contract so it accepts unbounded bytes pubkeys (no fixed-length secp checks).

Scope

• Add config option for signing scheme and wire it into node startup.
• Implement a BLS signing provider using the existing provider trait.
• Generalize public key handling across types and utils.
• Update ValidatorManager.sol to take unbounded bytes keys and derive validator IDs from keccak256(publicKey).
• Update CLI/tools to parse, generate, and show BLS keys.

Changes Needed

• Contract refactor: solidity/src/ValidatorManager.sol moves from secp256k1 structs/parsing to unbounded bytes public keys + generic validation + address derivation from raw bytes.
• Signing provider: new BLS provider implementation aligned with existing signing provider traits in types/src/signing/.
• Config + runtime wiring: add signing_scheme config in cli/src/config.rs and select provider in app/src/node.rs / app/src/state.rs.
• Key handling across the stack: update Rust types + utilities to accept variable-length keys and BLS formats: types/src/context.rs, types/src/validator_set.rs, utils/src/poa.rs, utils/src/genesis.rs, utils/src/validator_manager/types.rs, and CLI commands under cli/src/cmd/.

Acceptance Criteria

• 48‑byte BLS pubkeys register + read fine in ValidatorManager.sol.
• Node runs with signing_scheme = "bls12381" and signs/verifies votes/proposals.
• secp256k1 remains default and still works.
• CLI/tools accept and output BLS keys without format errors.

Remark

• No BLS signature aggregation in this change. Just swap in BLS as a scheme. We can revisit aggregation later.
• BLS support unlocks succinct signatures, which could be useful in remote contexts (e.g. bridge flows).