Integrate light client from tendermint-rs

[ethanfrey]

There is a working light client for tendermint 0.34 that compiles to wasm: informalsystems/tendermint-rs#463

We have stargate queriers that make raw/provable queries. The queryVerified function already ensures there is a valid merkle proof that leads to the AppHash in the header .

When checking the merkle proof, we get the next header to check the AppHash via subscription or polling or both.

But we do not verify this is the valid header yet. The code we wish to replace/upgrade this just the following logic which runs after we get the header for the proper height:

    assert(nextHeader.height === searchHeight, "Got wrong header. This is a bug in the logic above.");
    return nextHeader;

We only assert the height of the header we got is correct, but do not check the signatures at all. Ideally, we would be able to replace this with some logic to prove the header via light-client proofs. We can happily do all the rpc in TypeScript, using websockets where available and falling back to polling where not.

Ideally, tendermint-rs will provides us with a passive light-client verifier that takes some trusted seed upon initialization, and takes a new header + signatures (aka Commit) and returns one of 3 states:

• Valid - trust it
• Invalid - trash it
• Too many changes - bisect and try to prove again

We can feed it commits (header + signatures) and check for verifications, bisecting if needed.

Later we can worry about persisting the roots of trust - let's just pass it in the initialization now and see if we can make the full assertions on our queries.