feat: add slip39 extendable flag

[8de2fdb0]

Adds the extendable flag for the updated slip39 spec.

Allows for resharable secrets, references:

• Add extendable backup flag in SLIP-0039 satoshilabs/slips#1724
• Support extendable backup flag trezor/python-shamir-mnemonic#46
• https://trezor.io/guides/backups-recovery/general-standards/slip39-faqs

@alvroble this might be also of interest to you.

[alvroble]

Thanks @8de2fdb0! Is nice to have this feature updated, I completely overlooked it.

Maybe it's a topic for a different PR, but I suspect (couldn't verify) that the generate_shares function is also cryptographically incorrect (similar to recover_mnemonic, as discussed in #90) and we would be getting a completely different wallet. According to the SLIP-0039 spec, we should't be recovering from the secret that mnemonic_to_bytes returns, but from the 512-bit seed, which would result in 59-word shares.

I'm planning to set up a PR once I find some clearance on this issue.

[alvroble]

Said that, for now I think is good to have two separate approach to generate shares: generate_shares_from_secret and generate_shares (from bip39 mnemonic)

[8de2fdb0]

Yes the idea of generate_shares_from_secret was to stay backward compatible, but actually use a bip32 seed in byte format. As explained in #90 using the bip39 mnemonic as input is a bit misleading.