fix: blob size validation

[avichalp]

Summary

This PR addresses issue #458 where malicious users could upload large blobs while declaring smaller sizes in the SDK, resulting in validators storing more data than users are charged for.

Problem

In the current implementation, users first stage data in a validator (either using Iroh's reverse upload or directly). Without proper validation, a user could:

1. Upload a large blob (e.g., 1GB)
2. But override the size parameter in the SDK to a smaller value (e.g., 1MB)
3. Result: User is charged for storing only 1MB while validators are forced to store the full 1GB

Solution

The PR implements size validation at multiple checkpoints throughout the blob lifecycle:

1. Size Verification During Set Pending: Added a validation check in set_blob_pending that verifies the blob's actual size matches the claimed size before changing status to pending

   if blob.size != size {
       return Err(ActorError::assertion_failed(format!(
           "blob {} size mismatch (expected: {}; actual: {})",
           hash, size, blob.size
       )));
   }

2. Size Validation During Download: Added validation in the Iroh resolver to ensure downloaded blob size matches the expected size

   if res.local_size + res.downloaded_size != size {
       return Err(anyhow!(
           "downloaded blob size {} does not match expected size {}",
           res.local_size + res.downloaded_size,
           size
       ));
   }

3. Size Information Propagation: Modified relevant data structures to carry size information throughout the resolution process:

   • Added size to BlobRequest, PendingBlob, and FinalizedBlob structures
   • Updated BlobPoolItem to include size parameter
   • Modified Iroh resolver interfaces to include size validation

Key Changes

1. Data Structure Updates:

   • Modified BlobRequest to include blob size: (Hash, u64, HashSet<(Address, SubscriptionId, PublicKey)>)
   • Added size field to FinalizedBlob and PendingBlob structures
   • Updated BlobPoolItem to include size information

2. Function Modifications:

   • Updated get_added_blobs and get_pending_blobs to return blob size
   • Modified set_blob_pending to accept and validate size parameter
   • Updated Iroh resolver to verify downloaded sizes

3. Validation Points:

   • Blob actor validates size matches during pending status changes
   • Iroh download process validates actual downloaded size matches claimed size

This fix ensures users cannot exploit the system by misrepresenting blob sizes, protecting validators from storing more data than they're compensated for.

Resolves #458

[avichalp]

Gets the size of the newly added blobs and return it to Fendermint

[avichalp]

Returns the size of pending blobs to Fendermint.

[avichalp]

Added size in the pool item so it can be checked against the download blob.

[avichalp]

Returns the size of the blob as u64 so that it could be added to the resolution pool

[avichalp]

FinalizedBlob needs to have size to construct BlobPoolItem again so it can be removed from the pool.

[sanderpick]

very nice! big improvement. i left one question about changing the toolchain version

[sanderpick]

at some point we should make these giant types into structs

[avichalp]

#571

[sanderpick]

do we need to do this on this PR? I think CI will need to be changed as well... esp. the docker build and publish

[avichalp]

i will revert this for now