fix: rebase miner signing dependency installer changes

[Jorel97]

Summary

• rebases the miner signing dependency installer change onto current main
• keeps install-miner.sh downloading/verifying the platform requirements file
• downloads/verifies Linux miner_crypto.py before installing dependencies
• refreshes miners/checksums.sha256 for the current rebased tree

This is an alternate PR for the fix discussed on #6705, because the original PR branch is owned by another fork and I cannot push the rebase there.

Validation

• python -m py_compile miners/linux/rustchain_linux_miner.py miners/linux/miner_crypto.py miners/linux/fingerprint_checks.py miners/macos/fingerprint_checks.py
• checksum verification for every entry in miners/checksums.sha256
• fresh venv install from miners/linux/requirements-miner.txt, then import requests, nacl.signing
• git diff --check origin/main...HEAD

Not run:

• bash -n install-miner.sh, because the local Windows environment did not have bash.exe available.

[github-actions]

Welcome to RustChain! Thanks for your first pull request.

Before we review, please make sure:

• Non-doc PRs have a BCOS-L1 or BCOS-L2 label
• Doc-only PRs are exempt from BCOS tier labels when they only touch docs/**, *.md, or common image/PDF files
• New code files include an SPDX license header
• You've tested your changes against the live node

Bounty tiers: Micro (1-10 RTC) | Standard (20-50) | Major (75-100) | Critical (100-150)

A maintainer will review your PR soon. Thanks for contributing!

[jaxint]

Thanks for the contribution! 🎉

[jaxint]

Thanks for this contribution! Great work.

[szx19970521]

Reviewed install-miner.sh and miners/checksums.sha256.

Two specific observations:

1. The PR adds a checksum for macos/fingerprint_checks.py, but install-miner.sh still always downloads and verifies linux/fingerprint_checks.py as fingerprint_checks.py for every platform. If macOS should use its platform-specific helper, the script should choose a FINGERPRINT_FILE per platform and verify that same path; if the Linux helper is intentionally shared, the new macOS checksum entry is misleading/dead metadata.

2. The new required downloads for requirements-miner.txt and miner_crypto.py use curl -sSL without -f. In checksum-enabled installs a missing file will probably fail at checksum verification, but with --skip-checksum or dry-run-like paths the installer can keep going with an HTML/404 payload and fail later at pip install -r, which is harder to diagnose. Using curl -fsSL for these required artifacts would make missing release paths fail immediately like the checksum download already does.

Positive note: downloading dependencies from the platform requirements file is the right direction; it keeps installer behavior aligned with the miner package instead of hardcoding only requests.

I received RTC compensation for this review.

[jaxint]

Thanks for the contribution!

[jaxint]

Nice work!

[jaxint]

Nice work! Thanks for contributing. 👍