[Bug] Unthrottled worker ping allows denial of service attack

[feezybabee]

https://hackerone.com/reports/2288038

Summary:

In the current implementation of the Event::WorkerPing handling, there is no throttling mechanism in place to limit the frequency of worker pings from a specific validator. This opens up a potential vulnerability where a malicious validator could send worker pings with fake transmissions to other validators at a high frequency.

Validators do not perform strict checks on the transmissions before proposing. Once the ready queue is filled with invalid transaction, the worker won't process WorkerPings from other validators. Then the valid transactions won't propagate.This could lead to the finalized block being filled with invalid transactions. This could potentially disrupt the normal operation of the network and may be used as a form of Denial of Service (DoS) attack.

Steps To Reproduce:

Set WORKER_PING_IN_MS to 100ms. Find that there is no rate limit.

Proof-of-Concept (PoC)

1. Set up a malicious validator that sends worker pings with fake transmissions at a high frequency.
2. Observe that other validators do not throttle these pings and proceed to propose blocks with the invalid transactions.

Fix Suggestions

Implement a throttling mechanism for worker pings from a specific validator and perform stricter checks on the transmissions before proposing.

Impact

A malicious validator can flood invalid transaction. This could lead to blocks being filled with these invalid transactions, making it very difficult for valid transactions to be included.