darksidewalletd: check the correctness of incoming transactions' merkle root anchors

[defuse]

The bug in Electric-Coin-Company/zcash-swift-wallet-sdk#253 cannot be properly tested using darksidewalletd because the failure there gets detected by the consensus rules implemented in zcashd, which are not present in darksidewalletd.

To properly test that bug, we'll want darksidewalletd to:

• Calculate the correct merkle root for each fake "mined" block in its state, which is produced by appending each mined transaction's commitments to the merkle tree.
• Check, when a transaction is submitted, that the anchor it used is a valid merkle tree root for one of the mined blocks as calculated above.

We should also think more generally about which consensus rules it will be important to emulate in darksidewalletd for testing---I'd really like to avoid implementing consensus rules in darksidewalletd as much as possible because it's a lot of effort and will be prone to diverging from the actual consensus rules in zcashd.

[pacu]

@LarryRuane @gmale and I discussed this over an ad-hoc standup meeting today.

Kevin proposed that we could probably spin up a testnet build and try to reproduce this against a that network. The problem I see is that we need to force a reorg to test our hypothesis and that's not possible to do on testnet as is (maybe testnet in a box?)

[defuse]

If we had an ASIC we could forcefully reorg testnet, but we probably don't want to rely on that because (a) it may interrupt other testing going on on testnet and (b) if other ASICs start mining on testnet then we won't be able to do it anymore.

I'm curious if it's possible with testnet in a box though, that would be really really cool!