dkg/bcast: exchange full messages

[gsora]

Instead of passing around hashes, share the whole message with the target for them to validate.

category: refactor
ticket: none

[codecov]

Codecov Report

Attention: 25 lines in your changes are missing coverage. Please review.

Comparison is base (61b0df4) 0.00% compared to head (9fbf05c) 53.28%.
Report is 9 commits behind head on main.

❗ Current head 9fbf05c differs from pull request most recent head f96bd54. Consider uploading reports for the commit f96bd54 to get more accurate results

Files	Patch %	Lines
dkg/bcast/server.go	66.66%	6 Missing and 4 partials ⚠️
dkg/frostp2p.go	69.69%	7 Missing and 3 partials ⚠️
dkg/nodesigs.go	62.50%	2 Missing and 1 partial ⚠️
dkg/dkg.go	50.00%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff            @@
##           main    #2798       +/-   ##
=========================================
+ Coverage      0   53.28%   +53.28%     
=========================================
  Files         0      199      +199     
  Lines         0    27669    +27669     
=========================================
+ Hits          0    14744    +14744     
- Misses        0    11096    +11096     
- Partials      0     1829     +1829     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dB2510]

this is still an incomplete solution as a malicious peer can still broadcast a malformed message in the correct pb.FrostRount1Casts. They can still be able to get the sign on this data from other peers.

[gsora]

They don't control the input anymore though, i.e. it's not just a slice of bytes.

What do you suggest we check?

[dB2510]

not sure if we can check each field in pb.FrostRound1Cast

[dB2510]

LGTM

[sonarcloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud