A reshare message can initiate multiple DKG instances. The request IDs for those DKG instances are
chosen deterministically by hashing the reshare message. Then, the DKG instances are performed by
the initiator in sequence. Given that instances become stale after one minute, it is possible to evict later
reshare instances from the buffer by reuse their instance ID or spamming the buffer. This will prevent the
legitimate initiator from finishing.
Solution:
add entropy to instance ID by combining 12 bytes of random UUID and hash of reshare message.
Description:
A reshare message can initiate multiple DKG instances. The request IDs for those DKG instances are chosen deterministically by hashing the reshare message. Then, the DKG instances are performed by the initiator in sequence. Given that instances become stale after one minute, it is possible to evict later reshare instances from the buffer by reuse their instance ID or spamming the buffer. This will prevent the legitimate initiator from finishing.
Solution: