PDU depth field can exceed Canonical JSON integer bounds

[DMRobertson]

Link to problem area:

• https://spec.matrix.org/v1.2/rooms/v1/#event-format
• https://spec.matrix.org/v1.2/appendices/#canonical-json

Issue

Name	Type	Description
depth	integer	Required: The maximum depth of the prev_events, plus one. Must be less than the maximum value for an integer (2^63 - 1). If the room’s depth is already at the limit, the depth must be set to the limit.

This refers to the maximum value of an signed 64-bit integer.

But Canonical JSON specifies that

[n]umbers in the JSON must be integers in the range [-(2**53)+1, (2**53)-1]

presumably because this is the range of integers that fits into an IEEE 64-bit float without loss of precision.

These two limits are inconsistent in any room version which enforces Canonical JSON on PDUs.

Expected behaviour

Easy: lower the limit defined in the PDU spec to 2**53 -1. Depending on your level of paranoia, this may require a new room version.
Hard: remove the depth field altogether, c.f. matrix-org/matrix-spec-proposals#3802

[turt2live]

It would be interesting to see which limit is respected by Synapse following matrix-org/matrix-spec-proposals#2540