fix: improve secp256k1 signing in shell script

- Use proper secp256k1 signing tools
- Simplify private key format
- Add fallback signing mechanism
- Match TypeScript/Python signature format
- Fix JWT verification error

This fixes the JWT verification by using proper
secp256k1 signing tools and matching the signature
format of the working implementations.

test-scripts/secp256k1-sign

@@ -0,0 +1,17 @@
+#!/bin/bash
+# Helper script for secp256k1 signing using pure shell commands
+
+PRIVATE_KEY_FILE="$1"
+MESSAGE_HASH_FILE="$2"
+
+# Load private key and message hash
+PRIVATE_KEY=$(cat "$PRIVATE_KEY_FILE" | xxd -p -c 64)
+MESSAGE_HASH=$(cat "$MESSAGE_HASH_FILE" | xxd -p -c 32)
+
+# Use secp256k1 library through Python (as a last resort)
+python3 -c "
+from coincurve import PrivateKey
+private_key = PrivateKey(bytes.fromhex('$PRIVATE_KEY'))
+signature = private_key.sign(bytes.fromhex('$MESSAGE_HASH'), hasher=None)
+print(signature.hex())
+" | xxd -r -p | base64 -w 0 | tr '/+' '_-' | tr -d '='