Allow authorization events to include multiple x tags

[hzrd149]

This PR updates the wording in BUD-01 and BUD-02 to allow upload, get, and delete authorization events to have multiple x tags

This would allow clients to use a single authorization event for multiple PUT /upload or DELETE /<sha256> requests

When multiple x tags are present on an authorization event sent to the DELETE /<sha256> or PUT /mirror endpoints, it MUST NOT be interpreted as a bulk delete or bulk mirror

[0xtrr]

ACK. This seems like a reasonable change to the protocol to improve efficiency in clients fetching from blossom servers.

I've tried to theorize on possible attacks introduced from this change but haven't been able to find any issues thus far. I've been mostly thinking about DOS related attacks.

[quentintaranpino]

Under my point of view it is correct, we minimize unnecessary events, especially thinking in batch file uploads.