Bug Report: `TotalVerifiedPodCount` Increments Incorrectly on Multiple Verifications

[ComputerKeeda]

Description: There is an issue in the AuditSequencer function where if multiple users verify the same pod multiple times, the TotalVerifiedPodCount in the station metrics is incremented each time. This results in an inflated count that doesn't accurately represent unique pod verifications.

Current Behavior:

• The TotalVerifiedPodCount is incremented for every verification, even if the pod has already been verified by another user or the same user.

Steps to Reproduce:

1. Verify a pod (e.g., Pod-1).
2. Have a second verifier audit the same pod.
3. Observe that TotalVerifiedPodCount is incremented for both verifications, even though only one pod was verified.

Expected Behavior:

• TotalVerifiedPodCount should only increment when a pod is verified for the first time, not for subsequent audits by different users.

---

Suggested Fix: We should not prevent multiple users from verifying the same pod. It's beneficial to allow multiple users to verify a single pod, as this can enhance the reliability and trustworthiness of the audit process.

Instead of blocking further verifications, we should introduce a system to record the verifiers' addresses and track how many unique verifiers have audited the pod. Here's a proposal:

1. Verifiers List: Add a new field in the ExtTrackSchemaEngagement to store the addresses of users who have verified the pod. Each time a user verifies the pod, their address is added to this list.

Verifiers []string `json:"verifiers"`  // New field to track verifiers

2. Prevent Duplicate Entries in Verifiers List: Before adding a verifier to the list, check if their address is already recorded. If the verifier's address is already in the list, don't add it again.

    alreadyVerified := false
    for _, verifierAddr := range engagementData.Verifiers {
        if verifierAddr == verifier {
            alreadyVerified = true
            break
        }
    }

    if !alreadyVerified {
        engagementData.Verifiers = append(engagementData.Verifiers, verifier)
    }

3. Increment TotalVerifiedPodCount Only Once: Modify the logic to increment TotalVerifiedPodCount only when the pod is verified for the first time (when IsVerified is false).

    if !engagementData.IsVerified {
        updatedStationMetrics.TotalVerifiedPodCount = stationMetrics.TotalVerifiedPodCount + 1
    }

By introducing this verifiers list, we ensure that:

• Multiple users can verify the same pod, which can increase audit reliability.
• Only unique verifications are counted in the TotalVerifiedPodCount.
• We can track which users have audited a pod, which could be useful for governance or future features.

---

Context:

• The proposed solution prevents inflated metrics and ensures that each pod is only counted once in the station metrics, while still allowing multiple users to verify the same pod.

[saatvik333]

Suggestion: Restrict Eligible Verifier Addresses

Why not restrict the addresses responsible for verifying the pods? I think allowing just anyone to verify the pod can lead to potential misuse (e.g Sybil attacks). Restricting the verification process to specific, authorized users or addresses would ensure that only trusted parties perform the audit. This would improve the reliability of the data, prevent excessive or irrelevant verifications, and maintain the integrity of the verification process. Thoughts?