Drop equivocations before validations in pubsub

[Stebalien]

They cannot be useful and this can help make the network more secure and will help alleviate a potential DoS vector (somewhat).

[masih]

@Stebalien,

Question 1

before validation

We technically need to validate the message regardless. Because, we otherwise don't know if the message should be rejected by pubsub or ignored, which effects peer ranking. Right?

Also whether it is an equivocation or not is determined deep in gpbft, at which point the code implicitly assumes messages are validated. I am hesitant getting unvalidated messages anywhere near that code.

If I have not missed anything to get this done we need to:

• validate the message regardless,
• expose a new API to check if a validatedMessage is an equivocation without processing it,
• call it from within pubsub message validator to then decide whether to return ValidationIgnore which would then result in no further propagation of message across pubsub.

What have I missed?

Question 2

Double checking that dropping messages that may be valid globally but equivocations locally does not cause self-inflicted censorship. I think it does not because the current implementation silently ignores such messages anyway even though they continue to propagate via pubsub.

Does that sound right?

[masih]

Discussed in standup:

Question 1

We can detect equivocations using the validation message cache alone by changing the keying scheme slightly to consider sender/instance/round/phase.

Question 2

This is most likely fine as there are already other mechanisms, such as dropping irrelevant messages, that affects scoring.