ChaCha20Poly1305: Nonce is not incremented above 2^70, allowing for inadvertent reuse

[who-biz]

This is security-breaking behavior, potentially. Simply generating a random nonce each time is not sufficient in this scenario. We need to use a counter as well, to ensure that we don't use a given nonce + MAC key more than once for the same encrypted information.

This takes place here: https://github.com/blur-network/blur/blob/master/src/crypto/chacha.c#L142
And has relevance here:

blur/src/wallet/wallet2.cpp

Line 3997 in 5971fe6

cache_file_data.iv = crypto::rand<crypto::chacha_iv>();

... among other places, too.

For the implications of what this inadvertent reuse could result in, see:
https://github.com/miscreant/miscreant/wiki/Nonce-Reuse-Misuse-Resistance

This was mentioned as a prospective change in #53

[who-biz]

Why don't we place a hard stop at 2^70 at this point? If we can't securely encrypt data larger than that (limitation of chacha20), or if it never happens ... why not place a stop there instead of making it a user's responsibility?

Edit: Need to look into difficulty calculations, as this has probably the most relevance there, where we frequently deal with larger than 70-bit numbers.