This removes almost all uses of the global value.  All that remains is its use
as a default in case no configuration is given.

Call redeemWithCounter with a Voucher object instead of voucher text

Add counter to database and Python representation

A new voucher has not been redeemed any times.

Replace IRedeemer.redeem with a counter-accepting API and update callers

Add an interface for inserting tokens

Merge pull request #126 from PrivateStorageio/125.backup-order-equals-spend-order-equals-insert-order

Make backup order equal spend order equal insert order

We have our new test that verifies ordering

Cause extraction to fail if it cannot supply all requested tokens

Bust the cache key

Record redemption public keys

Our dependencies changed a while ago but we probably kept using the same cache
so we never updated it with the builds of the new dependencies.

It was doing to do some complex time math and decide if the voucher redemption
looked legit but the whole premise is broken.

The only thing you might be able to decide about a key change on a new voucher
is that some *older* ZKAPs might be suspicious.  And, really, what you should
probably decide instead is that whole issuer is suspicious and you might need
to stop using it.  On top of that, you need more information than what you get
from voucher redemptions.  You need more frequent monitoring of the issuer's
key in case you don't redeem vouchers except once in a blue moon.

So hanging a suspiciousness on a voucher isn't coherent.

And API docs