Sign a 32-byte CKB tx hash with a PLC rotation private key.
The on-chain validator runs k256/p256's Verifier::verify which internally
SHA-256 hashes the message before checking the ECDSA signature. Noble's
default is the opposite (treat input as already-hashed), so we pass
prehash: true to make noble apply SHA-256 internally and match the
contract. Output is canonical low-s 64-byte compact form, identical to
what @atproto/crypto's Keypair.sign produces.
Sign a 32-byte CKB tx hash with a PLC rotation private key.
The on-chain validator runs k256/p256's
Verifier::verifywhich internally SHA-256 hashes the message before checking the ECDSA signature. Noble's default is the opposite (treat input as already-hashed), so we passprehash: trueto make noble apply SHA-256 internally and match the contract. Output is canonical low-s 64-byte compact form, identical to what @atproto/crypto's Keypair.sign produces.