upgradability: key rotation of the auditor public key

AuditorIDs are the public keys of the entity in charge of auditing tokens. Indeed, just one signature valid under any of these public keys is enough to deem the token request successfully audited. 
