[Feature] Introduce BLOCK_SPEND_LIMIT

[vicsn]

Motivation

This PR introduces BLOCK_SPEND_LIMIT, the maximum amount in microcredits that can be spent on finalizing executions and synthesizing deployments in a block. This gives much greater certainty of maximum blocktimes. The advantages of this limit, analogous to a gas limit, are:

• more consistent blocktimes, so improved chain UX and consensus scalability
• fees are no longer required to be high to prevent against DoS attacks
• more accurate (validator/mining) rewards if they're assuming a particular blocktime No longer relevant

The new limit is only enabled from CONSENSUS_V2_HEIGHT onwards.

A limit of 950 credits was chosen because:

• BLOCKTIME is supposed to be 10 seconds.
• Given the assumption 100 credits == 1 second of runtime, 950 credits translates to 9.5 seconds
• Which leaves space for Solution verification, this incurs significant free compute. 4 solutions take 180ms to verify on macbook M1 max.
• To account for execution processing, EXECUTION_FIXED_COST of 2 credits is introduced. This is not reflected in fees, as it is subsidized, but it does count towards the BLOCK_SPEND_LIMIT. Benchmarks on M2 max imply between 15ms and 25ms verification time for executions.
• The biggest block seen on mainnet so far had 137 executions, which would still remain below this BLOCK_SPEND_LIMIT.

Open questions

• Flexible limits: could we have a ROUND_SPEND_LIMIT*num_rounds or PROPOSAL_SPEND_LIMIT*num_proposals? Or better: could we impose a spend limit per individual proposal?
• Only snarkOS-level change or only snarkVM-level change?
• Should we have to verify transactions/fees before enforcing the spend limit?
• Note for migration that existing programs will not retroactively be rejected.

Out of scope / future work

• Ensuring taking fees: We should review and ensure we always take fees from aborted/invalid transactions. Because any block limit effectively lowers the available blockspace by a well targeted attacker who knows how to make their transactions be aborted. 950 credits can be filled through 9 executions or 19 deployments.
• Reinserting transactions: if transactions ever surpass the spend limit, they will be aborted. Ideally, they are reinserted into batch proposals so that users don't have to retransmit. However, this would require a significant reworking all over snarkOS to ensure duplicate transmission ids are accepted under this circumstance.

Test Plan

• Local network succeeded, surviving the transition into the new consensus rules.
• Deployed canary network succeeded, surviving the transition, surviving the transition into the new consensus rules.

Related PRs

Replaces #2371

[ljedrz]

nit: it might be a good idea to swap these conditions in order to not suggest that the code block below contains the only CONSENSUS_V2 logic (since there is also extra logic for deploy txs); alternatively, that extra logic applicable to deploy txs could be moved under this code block (without altering the order), keeping all the V2 logic in one place

[vicsn]

Agree I like the clarity: fcbbb68

[ljedrz]

are there plans to extend this logic (in which case an alternative name might be more fitting)? I'm wondering about the rationale for the existence of a (non-const) function wrapper for a const

[vicsn]

I swear this was in my git staging area already: 3443c3e

are there plans to extend this logic (in which case an alternative name might be more fitting)?

Unclear at the moment. Only other name I can imagine is execution_compute_cost?

[vicsn]

@zkxuerb @zosorock do you have permission to draft this PR? Otherwise I'll close it. Still needs significant thinking.