Blob size vulnerability

In the current architecture, where a user first stages data in a validator (either using Iroh's reverse upload or directly) it is possible that user uploads a big blob lets say 1GB. But it overrides the `size` param in the SDK to a smaller value eg: 1MB. In this case, the user will be only charged for storing 1MB where as the validators will be forced to store 1GB