A docker image for building contracts

[MaksymZavershynskyi]

We need a standardized docker image for building Rust contracts so that we can:

• Prove that certain Wasm binary was produced from a certain code;
• Avoiding leaking user information into Wasm binary, like absolute file paths.

[frol]

I want to highlight that this is a security concern, and here is some relevant context about bit-for-bit reproducible builds: rust-lang/rust#34902

[frol]

/cc @olonho @evgenykuzyakov @bowenwang1996

Reading the issue referenced above, bit-for-bit reproducible builds mostly work, but you still need the same OS and environment, I believe, so Docker image should be a good shortcut on achieving reproducibility.

[frol]

https://dev.to/gnunicorn/hunting-down-a-non-determinism-bug-in-our-rust-wasm-build-4fk1

TL;DR: They use Docker to have some guarantee about build reproducibility, but they learned that some source code can trigger non-reproducible builds.

[frol]

https://www.reddit.com/r/rust/comments/i4ij47/rustc_1441_is_reproducible_in_debian/

Rustc 1.44.1 is able to produce a reproducible build of itself and the rust team is going to maintain this state things going forward 🥇

[evgenykuzyakov]

This seems to be fixed by #195