contrib: Remove keys that are no longer used for merging

[hebasto]

See:

• https://bitcoin-irc.chaincode.com/bitcoin-core-dev/2021-10-21#726591
• https://bitcoin-irc.chaincode.com/bitcoin-core-dev/2021-12-09#750000

Also updated trusted-git-root to be right after meshcollider's last merge.

The latest similar change was #7713.

A related discussion on IRC:

12:28 <MarcoFalke> jonasschnelli: I was about to ask you whether you planned to remove your fingerprint from the "trusted-keys" for merging, but it looks like this will break verify-commits ...
12:31 <laanwj> you would also have a add all his merge commits to exceptions, i guess
12:32 <laanwj> or patch the script to allow different key for different ranges of commits
13:15 <jonasschnelli> MarcoFalke: I had no plan to remove my keyid,… would that make sense and how would you fix verify commits?
13:16 <jonasschnelli> Ideally, we should set en expiration date next to those keyid

[laanwj]

Changes LGTM, however when running locally I run into this verification issue:

bitcoin$ contrib/verify-commits/verify-commits.py
Using verify-commits data from …

No parent of e658b0e49bee257e197dd8ca37ee3ffa73092d92 was signed with a trusted key!
Parents are:
commit 19e3e654293858141f39eef8fdae0badd224090f
Merge: 9b48b3ac42294410cb56e7da24a261fa69ddb503 915e34112b5a4c2ef391d7e3706603bcd6f62a2a
Author: MarcoFalke <falke.marco@gmail.com>
Date:   Fri Mar 26 17:30:18 2021 +0100

This seems to be an old expired key of Marco Falke (60B0B8A402FB386B24A039ACD2EA4850E7528B25). I don't think it's caused by this change.

[laanwj]

pub   rsa4096/0x29D4BCB6416F53EC 2015-05-22 [SC] [expires: 2027-05-19]
      32EE5C4C3FA15CCADB46ABE529D4BCB6416F53EC
uid                   [ unknown] Jonas Schnelli <dev@jonasschnelli.ch>

[laanwj]

pub   rsa4096/0xD300116E1C875A3D 2017-07-13 [SC] [expires: 2033-07-09]
      CA03882CB1FC067B5D3ACFE4D300116E1C875A3D
uid                   [ unknown] MeshCollider <dobsonsa68@gmail.com>

[fanquake]

Concept ACK

[maflcko]

Commit 19e3e65 should be buried far under the trusted root 577bd51, so I don't see how it could be considered even or cause a failure.

[laanwj]

Commit 19e3e65 should be buried far under the trusted root 577bd51, so I don't see how it could be considered even or cause a failure.

Apparently I don't know how to use the script, then.
It also took almost a hour to run.

[laanwj]

I just retried, it works now:

$ git fetch upstream pull/25197/head
From github.com:bitcoin/bitcoin
 * branch                                                                              refs/pull/25197/head -> FETCH_HEAD
$ git checkout FETCH_HEAD
Note: switching to 'FETCH_HEAD'.
…
HEAD is now at d4b3dc5b0a726cc4cc7a8467be43126e78f841cf contrib: Remove keys that are no longer used for merging
$ git reset --soft HEAD~1  # get rid of unsigned top-level commit, but keep changes in local tree
$ contrib/verify-commits/verify-commits.py
Using verify-commits data from /store/orion/projects/bitcoin/bitcoin/contrib/verify-commits
There is a valid path from "HEAD" to 577bd51a4b8de066466a445192c1c653872657e2 where all commits are signed!

ACK d4b3dc5