feat(engine)!: owner and resource-based access rules

[sdbondi]

Description

feat(engine)!: owner and resource-based access rules
feat(engine)!: adds owner public key on components and resources, sets to transaction signer
feat(engine)!: set owner rule on components and resources
fix(engine): validate invoke output is well-formed CBOR
fix(engine): validate expected number of args for calls
fix(engine): support for workspace variables in cross-template calls
refactor(template): adds a wrapper for component instantiation, rather than using ComponentInterface trait
feat(template): add debug! macro (short for call_debug(format!(...))
feat(engine)!: adds resource locking and proofs
feat(template-macros)!: only allows owner to call component methods by default when returning Self
tests(engine): adds a handful of new engine tests for access rules

Motivation and Context

Template that is used to test the new features:

https://github.com/sdbondi/tari-dan/blob/engine-resource-access-rules/dan_layer/engine/tests/templates/access_rules/src/lib.rs

How Has This Been Tested?

Unit tests and existing cucumber

What process can a PR reviewer use to test or verify this change?

Create a template that uses access and ownership rules

Breaking Changes

• None
• Requires data directory to be deleted
• Other - templates need to be recompiled

[github-actions]

Test Results (CI)

151 tests  +9   151 ✔️ +10   1h 21m 3s ⏱️ + 3m 5s
  45 suites +1       0 💤 ±  0 
    2 files   ±0       0 ❌  -   1 

Results for commit 1312886. ± Comparison against base commit 3be1536.

This pull request removes 2 and adds 11 tests. Note that renamed tests count towards both.

Scenario: Template registration and invocation in a 4-VN committee: tests/features/committee.feature:60:3
consensus_tests ‑ consensus::foreign_shard_decides_to_abort

tari_dan_engine::access_rules ‑ component_access_rules::it_allows_owner_to_update_component_access_rules
tari_dan_engine::access_rules ‑ component_access_rules::it_prevents_access_rule_modification_if_owner_is_none
tari_dan_engine::access_rules ‑ component_access_rules::it_restricts_component_methods
tari_dan_engine::access_rules ‑ resource_access_rules::it_allows_access_for_proofs_by_amount
tari_dan_engine::access_rules ‑ resource_access_rules::it_allows_resource_access_with_badge
tari_dan_engine::access_rules ‑ resource_access_rules::it_creates_a_proof_from_bucket
tari_dan_engine::access_rules ‑ resource_access_rules::it_denies_actions_on_resource
tari_dan_engine::access_rules ‑ resource_access_rules::it_locks_resources_used_in_proofs
tari_dan_engine::access_rules ‑ resource_access_rules::it_permits_cross_template_calls_using_proofs
tari_engine_types ‑ indexed_value::tests::it_returns_empty_indexed_value_for_empty_bytes
…

♻️ This comment has been updated with latest results.