Parent hash to session index mapping in parachains module too aggressive

[rphmeier]

https://github.com/paritytech/polkadot/pull/840#issuecomment-602020273

cc @montekki

The pruning introduced in this PR is too aggressive, as we will not be able to accept any reports from prior eras. The main issue with this is that at the very beginning of an era there is almost nothing that can be slashed for. Technically, we should be able to accept reports from all eras for which are currently bonded, although slashing for the current era as well as the last gets us the desired behavior in practice. Eras will be ~24 hours long, so if a misbehavior is not detected within that time, it may never be.

Also as a nit, it would be nice to remove the direct dependence on staking module. Not really a problem as we are in polkadot space, not generic component space, but it still feels cleaner to expose a generic interface

[rphmeier]

A completely alternative strategy to achieve the same goal that the parent_hash -> session_index mapping did just occur to me, which may be cleaner overall.

The issue that we have without this mapping is that we have no way of ensuring that the proof-of-set-membership actually corresponds to the same session as the Statements were signed in. However, every signature on a Statement also encompasses the parent_hash. The mapping lets us associate the parent-hash we need to check the signature with the correct session.

This has two drawbacks:

• We have to maintain the mapping and prune it, which is difficult and potentially heavy on the runtime side (thousands of old parent_hashes to clean up when pruning)
• We can only slash double-vote offences on our chain, since any parent_hash from another fork will be unrecognized. This weakens accountable-safety somewhat because it's best to be slashable on all forks.

So as an alternative to the mapping that solves the same problem, I propose that we instead include the session_index in the payload for fn sign_table_statement. The implementation fallout from this would include at least these tasks:

• Add a primitive type for SigningContext { session_index, parent_hash }.
• Add a runtime API for fn signing_context() -> SigningContext which returns the context with current session index and parent hash.
• Alter sign_table_statement and check_statement functions to accept SigningContext
• Extend TableContext initialization with a SigningContext
• Pass SigningContext fetched from to the network when we callnew_local_leaf`.
• Amend DoubleVoteReport to take a SigningContext, and compare the session_index there with the Proof's.