Secure member deletion (spammer slashing) in RLN-Relay

[staheri14]

Problem

In Waku-Rln-Relay protocol, when the secret key of the spammer is found, it should be sent to the membership smart contract to be deleted from the registry list. The slasher then gets the reward associated with slashing, and all the other rln-relayer, which are listening to the smart contract events, will be able to delete the spammers from their own local tree and reject any further message published by the same credential. Note that member deletion can be also triggered by the member itself when it wishes to leave the rln group. One major security issue with the plain submission of a secret identity key to the contract is that anyone can duplicate the secret key encoded in the tx and send a similar tx and claim the fund. Depending on the gas fee indicated on the tx, the replicated tx may front-run the initial tx and gets the reward earlier.

This issue is to investigate a secure way of member deletion from the membership contract. In essence, the slashing tx and any data therein should not be reusable by any other entity to claim the slashing fund (even in the form a new tx).

[rymnc]

Could we make use of a commit-reveal scheme here?

[staheri14]

Could we make use of a commit-reveal scheme here?

The issue with the commit&reveal is that it is subject to MEV attack. Not that we won't end up using that, but would be good to explore other solutions if any.

[rymnc]

Addressed in https://github.com/Rate-Limiting-Nullifier/rln-circuits/commit/131effb9d83563c3249273954fb504b393b46902, which is front running resistant.