build paths are embedded in wasms

[graydon]

For building wasms we decided to go with an approach that works on stable, which is to use cargo rustc --crate-type cdylib and tell users to enable LTO. This makes fairly small binaries, not as small as if we used +nightly -Z build-std -Z panic-immediate-abort but, you know, it works on stable rust, so big bonus there.

Unfortunately we still get embedded panic strings. LTO doesn't strip them entirely. And worst of all, those panic strings have pathnames in them. This leads to:

• A bit of a security issue, as contracts will contain the home directory name of their developer or whatever.
• A bit of needless churn, as contract bytes become less deterministic, every rebuild from some different directory (CI, a user's workstation, whatever) likely changes a constant so rearranges the data segment and changes all the byte offsets.

We can kinda work around this with --remap-path-prefix but it's quite awkward to use -- you have to know the path you're replacing exactly, which isn't the easiest thing to figure out in a build script -- and the better option trim-paths appears to also require nightly / is currently unstable.

Not sure what the best thing to do is here at this point, maybe figure out a good idiom for --remap-path-prefix, but I figured I'd at least make a note. cc @C0x41lch0x41 as I imagine you might (a) want to know (b) have opinions about how serious the security issue here is.

[graydon]

Also I can't actually make --remap-path-prefix work, so maybe that's also out.

[C0x41lch0x41]

Thanks for tagging me that's interesting.
Yes pathnames is not ideal we should at least make sure this is documented somewhere so that devs are aware of it and integrate this in their workflow.
The non determinism is also interesting has it will make it harder to map source code to contract code onchain in block explorers.
Would it be possible to leverage another tool to strip strings like wasm-snip maybe?