Enforcing that a voter only cast a single vote in a round? #199
Description
So far, the ID of a vote is a pair (voterId, roundNo), assuming that a voter only vote once.
But (how) do we enforce that a voter will only vote once per round actually?
We can imagine an attacker that diffuses a vote for block A to half its neighbours, and a vote for B to the other half. These two different-body-but-same-ID votes will be indistinguishable for ObjectDiffusion, so nodes will just get the first of the two they can obtain, and disregard the rest. Nodes in the network won't ever be aware that someone is messing with votes. Consequently, some of the nodes will be able to reach quorum, while some others won't. I don't know how far this issue can propagate.
I guess that nodes that reached quorum will still diffuse a cert, and nodes that didn't reach quorum on their own will receive this cert and thus not enter cooldown (since validaty of a cert is a property that doesn't depend on the votes being held in the VoteDB of a node).
So I'm not sure it is a problem for the protocol. I guess in the worst case, voting will just fail and Peras will enter cooldown, like in any other kind of attack.
P.S. : the question originally arose in IntersectMBO/ouroboros-consensus#1809 (comment)