CORDA-2147 Use serialization strict mode during transaction verification. (#4312)

* CORDA-2147 Use serialization strict mode during transaction verification.

* CORDA-2147 Address code review comments.

* CORDA-2147 Fix compilation error.

core/src/main/kotlin/net/corda/core/serialization/SerializationAPI.kt

@@ -150,6 +150,12 @@ interface SerializationContext {
      * The default is false.
      */
     val lenientCarpenterEnabled: Boolean
+    /**
+     * If true the carpenter will fail if the binary to be deserialized contains more fields then the current object from the classpath.
+     *
+     * The default is false.
+     */
+    val preventDataLoss: Boolean
     /**
      * The use case we are serializing or deserializing for.  See [UseCase].
      */
@@ -171,6 +177,12 @@ interface SerializationContext {
      */
     fun withLenientCarpenter(): SerializationContext
 
+    /**
+     * Return a new context based on this one but with a strict evolution.
+     * @see preventDataLoss
+     */
+    fun withPreventDataLoss(): SerializationContext
+
     /**
      * Helper method to return a new context based on this context with the deserialization class loader changed.
      */

core/src/main/kotlin/net/corda/core/serialization/internal/AttachmentsClassLoader.kt

@@ -123,7 +123,7 @@ internal object AttachmentsClassLoaderBuilder {
         val transactionClassLoader = AttachmentsClassLoaderBuilder.build(attachments)
 
         // Create a new serializationContext for the current Transaction.
-        val transactionSerializationContext = SerializationFactory.defaultFactory.defaultContext.withClassLoader(transactionClassLoader)
+        val transactionSerializationContext = SerializationFactory.defaultFactory.defaultContext.withPreventDataLoss().withClassLoader(transactionClassLoader)
 
         // Deserialize all relevant classes in the transaction classloader.
         return SerializationFactory.defaultFactory.withCurrentContext(transactionSerializationContext) {