EVM Watcher Security Improvements

[mdulin2]

We support a large number of EVM chains. There are several invariants that we currently rely on that we should probably explicitly check for that we were not. Specifically, we assume that the EVM subscription will return only logs matching the filter. We assume that a failed Tx will not have any logs. New checks have been added below.

• Tx Status.
• Contract emitter.
• Event type
• LogRemoved is false.

[mdulin2]

There are a couple of less-than-ideal things here. For the instant path, we don't have the TxStatus. So, this requires an extra RPC call to get a single value. If there's a better way to do this, please make me aware, and I'll be happy to change it.

Second, the isLogValid function in the safe/finalized path is slightly annoying to find the proper index. The log entry stores the log index for the entire block, not for the transaction itself. So, we store the block log index instead. From there, we get the first index of the recipient and subtract from that block log index to find the relative offset within the logs. This makes the lookup O(1) but is slightly hard to reason about.

[djb15]

I think the changes are fine, but it's worth running this on a Guardian in testnet first before wider rollout given the code changes are on the critical path

[johnsaigle]

Left some suggestions. Overall the changes look good 👍🏻