Separate Asmble VM and real-time worker / batch validator process

[xdralex]

Currently, we have the following design: docker { jvm { node <----> Asmble {untrusted WebAssembly code} } }. However, because real-time workers participate in Tendermint consensus and batch validators participate in verification signing, this has potential security issues.

In particular, if a malicious piece code breaks from Asmble VM, it might be able to double vote in Tendermint consensus or confirm an incorrect batch – which are punishable activities in the network.

I think that to improve security the following design should be adopted instead:
dockerA { jvmA { node } } <----> dockerB { jvmB { Asmble {untrusted WebAssembly code} } }. This way we have more security layers, which should significantly decrease the probability of malicious code harming the miner.