Feature to add a nonce to private manifests

Private manifests (see #5) could leak information via their hash if they don't contain enough entropy to prevent brute force attacks. If a manifest is private, a nonce should be added.

This issue proposes a new field in the manifest, called `privateNonce`, which perhaps the Codius CLI would help you set to a cryptographically strong random value.