op-service: Fix failing SSZ fuzz test (#13324)

The SSZ fuzz tests were not erroring when the `edOffset` was 508 and the `txOffset` was 514. This is because the transaction unmarshaler was reading the number of transactions in the payload as zero, but not checking to see if there was additional data left over. This should never be the case for a valid payload.

To verify, I ran the fuzz suite for 5 minutes:

```
fuzz: elapsed: 5m1s, execs: 12910962 (42267/sec), new interesting: 9 (total: 41)
```

op-service/eth/ssz.go

@@ -412,6 +412,9 @@ func unmarshalTransactions(in []byte) (txs []Data, err error) {
 		return nil, fmt.Errorf("invalid first tx offset: %d, out of scope %d", firstTxOffset, scope)
 	}
 	txCount := firstTxOffset / 4
+	if txCount == 0 && scope > 0 {
+		return nil, fmt.Errorf("invalid first tx offset: %d, no transactions in scope %d", firstTxOffset, scope)
+	}
 	if txCount > maxTransactionsPerPayload {
 		return nil, fmt.Errorf("too many transactions: %d > %d", txCount, maxTransactionsPerPayload)
 	}

op-service/eth/ssz_test.go

@@ -258,7 +258,16 @@ func FuzzOBP01(f *testing.F) {
 	require.NoError(f, err)
 	data := buf.Bytes()
 
+	// Represents a weird txOffset that is long enough to seem valid,
+	// but actually doesn't allow transactions to be serialized.
+	f.Add(uint32(508), uint32(514))
+
 	f.Fuzz(func(t *testing.T, edOffset uint32, txOffset uint32) {
+		if edOffset == 508 && txOffset == 540 {
+			// These values are the correct serialization, so don't test them.
+			return
+		}
+
 		clone := make([]byte, len(data))
 		copy(clone, data)
 
@@ -268,7 +277,7 @@ func FuzzOBP01(f *testing.F) {
 		var unmarshalled ExecutionPayload
 		err = unmarshalled.UnmarshalSSZ(BlockV1, uint32(len(clone)), bytes.NewReader(clone))
 		if err == nil {
-			t.Fatalf("expected a failure, but didn't get one")
+			t.Fatalf("expected a failure, but didn't get one. ed: %d, tx: %d", edOffset, txOffset)
 		}
 	})
 }