Still WIP, sorry.   Please take a look anyway.

I think the current docstring of ‘assert-valid-signature’ is not correct
since ‘signature’ must be a string (as produced by
‘canonical-sexp->string’), not an sexp.

Similarly, the “signature is not a valid s-expression” and “corrupt
signature data” messages are a bit confusing due to the way
‘string->canonical-sexp’ works (try ‘string->canonical-sexp "foo"’).
But I may be wrong about the latter.