[SC] Embedded Smart Contracts

[quantumagi]

See https://app.clickup.com/t/6tzz8e.

This PR:

• Implements embedded smart contracts on both Strax and Cirrus to support the Authentication and MultiSig contracts.

The Authentication contract:

• Allows maintaining multiple groups of signatories including the "main" group which is the (Stratis) primary signatories.
• The default list of signatories is defined on the network class, in the form of specified wallet addresses.
• All groups, including "main", are maintained by a quorum of the "main" group.

The MultiSig contract:

• Can be called to modify the multisig federation when provided with a quorum of signatures from the "main" group.
• Signatures are obtained using the "signmessage" API. The message depends on the method (+arguments) being called.
• Signature verification is delegated to the Authentication contract.

Embedded (or bundled) smart contracts behave exactly the same as normal smart contracts in all respects, except:

• The SC code is not rewritten (and cached) as would normally be required to monitor memory and gas consumption.
• Implicit gas spending is thereby disabled but gas can still be spent explicitly by the embedded contract as and if required.
• These contracts have no deployment step and as such need to maintain an "Initialized" flag to determine whether their state had been initialized yet.
• The SC constructor is called before each method call to give the contract an opportunity to initialize its state, if it had not already done so, and is also a great opportunity for the VM to pass in any service references required by the contract.
• Code has no imposed restrictions internally, and has access to all services. However interfacing standards are maintained.

Includes the MultiSig contract with test cases and shows how it authenticates by delegating to the Authentication contract.

You can get a birds-eye view by stepping through theVM_ExecuteEmbeddedContract_WithParameters test case.

The most notable changes are found in the EmbeddedContractMachine.cs class and in the two contracts being presented.

[noescape00]

Can this happen?

I assume constructor is called only when contract is deployed, so how can it be initialized?

[quantumagi]

The embedded contracts act a bit like transient singletons. When called via the EmbeddedContractMachine VM this constructor, rather than the default constructor (via reflection), is used to instantiate the contract to be called. Contract objects are not kept in memory as that may open the door to bad programming practices such as passing in-memory variables between calls. Initialized keeps track of once-off state initialization to be performed by the contract.

[YakupIpek]

@rowandh Wdyt about this ?

[quantumagi]

I.e. for embedded contracts there is no enforced deployment step so the state must be initialized the first time it is used. The Initialized value itself is set and stored in the state to indicate that the state is initialized. Keep in mind that this constructor is called repeatedly as a result of a new contract object being used for each call. Such a new object may detect that the state is already initialized and skip the initialization.

[YakupIpek]

It seems it makes more sense to me that Authentication deployed as another smart contract and MultiSig has to make external calls to that contract.

[quantumagi]

Authentication is being deployed as a separate contract. In this case the contract can be called directly, which seems faster, so why not? :)

[YakupIpek]

This decision bring Initialized logic and it is not what expected in regular design for smart contracts.

[quantumagi]

The "Initialized" flag is required due to the absence of a deployment step for embedded smart contracts.

#534 (comment)