Protobuf unknown field rejection

[aaronc]

Summary

As discussed in #6078, we need to generally reject unknown protobuf fields and this is not done automatically in signature verification with our current approach. Also, we want to add a reserved range of "non-critical" fields for forwards compatibility with newer clients.

Basically, a transaction processor should generally reject transactions that it does not understand because not doing so would give clients the expectation that something had been handled when it had actually just been ignored. However, there may be cases where we want fields that aren't understood to be silently ignored, thus the "non-critical" field range.

Therefore we need code that:

• parses a protobuf message with its schema and rejects unknown fields even tranversing inside Anys
• except does not reject fields in the "non-critical" range of 1028-2047 (i.e. bit 11 set)

This will likely be a custom protobuf parser pass that does not actually unmarshal any values but simply checks a message for compatibility.

TODO

• basic implementation codec: implement protobuf unknown fields checker #6557
• integrate with ante handlers &/or TxDecoder
• simplify and cleanup tests

[odeke-em]

Thanks for filing this issue @aaronc! I have started working on this issue today.

[aaronc]

Closing this, improved tests can continue in #6977