Limit oracle calls, and charge fees for them.

[afck]

query_service calls the application's service code inside the validator workers. We need to make sure these calls time out if they take too long, and add a fee category for them.

Similarly http_post should limit the length of the response it accepts.

In general, all oracles must limit their cost, and cost fees.

[ma2bd]

@afck Should we close this now or move to Testnet-2?

[afck]

I moved it to Testnet-2.

[jvff]

I tried to implement a maximum execution time for services, but because the runtime runs in a synchronous thread, we can't cancel that thread. Attempting to cancel that thread with pthread_cancel led to process crashes because pthread expects an exception to be thrown through the call stack, and apparently that is caught somewhere in the code (maybe by Wasmer).

Since this is blocking the new testnet release, we discussed the problem and decided to perform the on-chain changes first, and later use Wasm metering to stop the service when it exceeds its execution time budget.