prevent front-running for exit challenges

[troggy]

Bounty

If a public function execution results in money transfer to msg.sender, this tx is likely to be front-run on the mainnet by bots (see thread). This is discouraging for challengers, so needs to be addressed

Scope

• figure out the simplest way to prevent front-running. Some examples: require stake from challenger or add sender address into tx params and check it in the contract.
• implement front-run protection for challengeExit and challengeYoungestInput.
• execute the challenge on the mainnet (once updated) and get slashed stake (no front run). For this you can create an invalid exit and challenge it by yourself. If someone else challenges your exit and he is not a front-runner, you will get your stake reimbursed from the LeapDAO Operations Circle budget (request in #ops channel on Slack)

Deliverables

• updated contracts
• updated unit tests

Gain for the project

• prevent discouraging of challengers. If there is no reward for challengers, they will stop checking the network and thus make the network less secure.

Roles

bounty gardener: @troggy / 10% bounty worker: @troggy / 60% bounty reviewer: name / 30%

[troggy]

downsizing this one to XS, wasn't actually that big