Someone could try to create a fake vote for others and get others punished

#### Problem
Currently in BLS verify we get the pubkey from rank in the message, but don't compare it with the pubkey on the other end of the connection. Someone can fake to be others:
1. A creates a fake vote for B with bad signature (just set the rank to rank of B and add a fake signature)
2. as a staked validator, A can send this fake vote to others
3. But B gets punished if we don't check whether the vote actually came from B's connection

#### Proposed Solution
We need to check the pubkey on the quic connection we received the package matches the pubkey we get from vote.rank.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Someone could try to create a fake vote for others and get others punished #515

Problem

Proposed Solution

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Someone could try to create a fake vote for others and get others punished #515

Description

Problem

Proposed Solution

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions