How to properly handle request IDs?

[MuxZeroNet]

A request packet has its unique request ID. A ZeroNet implementation interprets a response packet with the help of the request ID. If an attacker spoofs the request ID in a malicious response packet, then the implementation cannot properly interpret the response, and may incorrectly abort the previous request. This attack works even when the attacker does not run the Internet infrastructure. Consider the following example.

When sequential request ID works:

A --> B
<getFile, req_id=0>

B --> A
<response, to_req_id=0, file_content=bytes>

A: I got a response for request 0. It has file payload in it.

When sequential request ID does not work:

A --> B
<getFile, req_id=0>

C --> A
<response, to_req_id=0, error>

B --> A
<response, to_req_id=0, file_content=bytes>

A: I got a response for request 0. I can decode this response properly. It says there is
   an error on the other side.
A: I got a response for request 0. I handled request 0 a second ago, dropping this
   response.

There are algorithms that handle request IDs more safely.

• Store an (ip_address, port, request_id) tuple as the real identifier. Does not work with connectionless sockets, such as datagram. Denies "retry," which may be a problem for the peers that have poor connectivity. This seems too restrictive.

• Generate random request IDs. Take 4 bytes of random data from os.urandom and convert them to an integer.

Which algorithm does ZeroNet use?

[HelloZeroNet]

The request-id is per-connection. I not sure how could anyone inject a fake response packet to a TCP (and encrypted) stream. And if someone could, then I think the random id does not helps as the attacker could also record the request id sent to remote client.