feat(ckbtc): Add get_utxos_cache to reduce latency of update_balance calls

[ninegua]

XC-314: ckBTC: Cache update_balance results

The call to the bitcoin canister's get_utxos method takes up the majority time of a update_balance call.
Sometimes a client may call update_balance repeatedly, which adds to the workload of the ckBTC minter canister.
The result of get_utxos would remain unchanged until the bitcoin canister receives a new block, which makes it a good candidate for caching.

This PR implements an internal get_utxos_cache that will reuse previous call results (if available and not expired) without making new get_utxos calls. Entries are expired based on a pre-configured get_utxos_cache_expiration setting.

Caching get_utxos results is safe for update_balance because:

1. UTXOs are immutable data, and their values would never change.
2. The set of UTXOs are unique to an address, and never shared between addresses.
3. The update_balance call is looking for new UTXOs from the result, so re-using older results only delays the finding. In particular, cached results may include transaction outputs that could have already been spent, but this won't affect update_balance because only the minter could spend them, which means they are already known and not new.

[github-actions]

If this pull request affects the behavior of any canister owned by
the Governance team, remember to update the corresponding
unreleased_changes.md file(s).

To acknowldge this reminder (and unblock the PR), dismiss this
code review by going to the bottom of the pull request page, and
supply one of the following reasons:

1. Done.

2. No canister behavior changes.

No NNS governance canister behavior changes.

[mducroux]

Very nice PR @ninegua! Some minor comments on my side.

[ninegua]

Thanks @mducroux for a careful review! I should have addressed all the concerns, please let me know if the changes look good to you. Thanks!

[mducroux]

LGTM @ninegua! Thanks for addressing my comments

[gregorydemay]

Thanks a lot @ninegua for this PR! Mostly some minor comments and understanding questions, otherwise code looks very good!

[gregorydemay]

nit1: any reason why to have this in nanoseconds? We don't have that precision, so I would say something like seconds should be good enough no? I think this would also help when verifying a proposal to ensure that we don't have an ungodly amount of zeroes to count.

nit2: for clarity when verifying for example a proposal, we could add the unit as a suffix to the field name, e.g. get_utxos_cache_expiration_seconds

[ninegua]

Sounds good! Changed to seconds.

[gregorydemay]

understanding question: why do we need CandidType and Serialize+Deserialize? I would expect this to just be stored on the heap.

[ninegua]

Good catch! They are not needed. Removed.

[gregorydemay]

nice!

[gregorydemay]

This method potentially invalidate a lot of entries (if the expiration is much shorter than the previous one). Shouldn't we call prune inside the method?

[gregorydemay]

From the Rust doc of CacheWithExpiration

/// More specifically, entries are inserted with a timestamp, and
/// then all existing entries with a timestamp less than `t - expiration` are removed before
/// the new entry is inserted.

I would have assumed that prune is actually part of insert. What about making it a single method? Right now I would need to remember to call prune before doing an insert which seems a bit error-prone.

[ninegua]

Initially I had the prune inside insert. But later I removed it and forgot to change the documentation.

Although I understand where you are coming from, but decoupling insert and prune is more flexible. For example, in tests, I don't have to worry about the order of insertions, when making assertions on len().

Alternatively I could provide an additional method called insert_no_prune(), and let the regular insert() do the pruning before insertion. WDYT?

[gregorydemay]

as commented below I would make prune to be called in insert

[gregorydemay]

nit: why having this parameter when now could be queried with runtime.time within the method bitcoin_get_utxos?

[ninegua]

In tests, we drive the time by mocking the runtime.time() function, and increment the time value in there. So whenever runtime.time() is called, time will change. I had to avoid unnecessary calls to runtime.time() here so as not to break existing tests. Frankly mocking time this way is quite fragile but I don't have a better idea. WDYT?

[gregorydemay]

should we even register the latency in case of a cache hit?

[ninegua]

Good question! If we do register, the histogram graph will have a bar of latency 0, maybe also a good comparison?