crdt: fix pubsub validation for crdt messages

Currently, it was not looking at the signer of the message, but at the peer that relayed it, to verify the validity of the message. This caused that under certain gossip graph configurations, some nodes would only get messages via untrusted peers, and thus be unable to sync the chain.
2021-01-13 20:52:31 +01:00 · 2021-01-13 20:52:31 +01:00 · 82412ca91c
commit 82412ca91c
parent 7e0d39cdf7
1 changed files with 7 additions and 2 deletions
--- a/consensus/crdt/consensus.go
+++ b/consensus/crdt/consensus.go
@ -162,8 +162,13 @@ func (css *Consensus) setup() {
 	// from trusted sources)
 	err = css.pubsub.RegisterTopicValidator(
 		topicName,
-		func(ctx context.Context, p peer.ID, msg *pubsub.Message) bool {
-			return css.IsTrustedPeer(ctx, p)
+		func(ctx context.Context, _ peer.ID, msg *pubsub.Message) bool {
+			signer := msg.GetFrom()
+			trusted := css.IsTrustedPeer(ctx, signer)
+			if !trusted {
+				logger.Debug("discarded pubsub message from non trusted source %s ", signer)
+			}
+			return trusted
 		},
 	)
 	if err != nil {