WIP: remove script checking dependency on checkpoints #9175

Here's a quick change to remove a dependency on the checkpoints.

A new configurable option, -checkscriptnewer (with a default of 30 days specified in seconds) is created. It allows bypassing the checking of scripts in blocks that are older than the configurable time. This was mentioned at #7591 (comment) and this is an attempt at doing it. The old override, -checkpoints, still works with this.

Also, this fixes a minor bug with the current script checking dependency on checkpoints. The current checkpoints impl does not skip all the signature checking for pre-checkpoint blocks in some cases. For example, during headers-first IBD, it is a race between how fast the header chain is built relative to the next checkpoint available and how fast the block responses come in from async block requests. Once a checkpointed header is sync'ed, then all blocks before it will skip signature validation, but before that happens, sig checking is on. Yeah, like I said, it's minor.

Also, this pull shares some ideas with previous work https://github.com/bitcoinclassic/bitcoinclassic/pull/143, but I decided to use a configurable option.

The block time is set by miners, it is unreasonable to let the miner of the block decide if it should be verified or not. What Bitcoin Classic does is trivially exploitable and doesn't even require a reorg to exploit.

This is not what was suggested in 7591, what was suggested there was based on an amount of work beyond the block, not what the block claimed about itself. :)

@gmaxwell Thanks for reviewing and sorry for my misunderstanding.

The block header is still checked and all blocks claiming to be within the last 30 days would be fully validated. Wouldn't 30 days worth of blocks well cover that kind of issue because of the limits on valid block times? Which assumption would have to be violated for this to be a problem? Can the node not get a valid header chain? Can the node not get an "accurate" view of time?

The two ways I can think of to measure 30 days worth of work are:

1. based on block time where you also verify that the chain has at least an amount of work to make an attack very costly.
2. based on height by being buried under 4320 blocks (6 * 24 * 30).

The second does not fix the script checking IBD race like the first does (but no big deal).

So, I put up an alternate commit that does the second way. Here are the two approaches diffed https://github.com/bitcoin/bitcoin/pull/9175/commits/9bee2baedcf02726a928f8bc0aca9d52e93dd931 Is either way acceptable?

Oh, I think I see now what you're aiming for with respect to the amount of work between a block and the block you know about with the most total work. I'm closing this and will open something else later if I get it working.