publisher: opposition implementation allows a certain exploit

[gundas]

The way opposition is implemented in 'publisher' contract:

• 'oppositeAnnouncement' function adds the current balance of the caller to the oppositionWeight of the annoucement.
• 'closeAnnouncement' function just checks if the oppositionWeight is bigger than some threshold to decide if announcement is opposed or not. There are no checks if the opposing accounts still have the balance or not.

This allows a certain exploit - a malicious person could create multiple accounts, transfer all his CORION to one account and call 'oppositeAnnouncement', transfer all the money to another account and call 'oppositeAnnouncement' etc. As a result, his CORIONs could be counted multiple times in oppositionWeight.

[gundas]

OK, I get it - there is transferEvent callback which is supposed to take care of this.