[Bug] Prevent network from advancing on fork #3822
Description
🚀 Feature
Currently, if a node does not upgrade in time for a new consensus version, they may continue to produce blocks, and other clients may continue to sync from these nodes, until the point where they end up switching syncing to the canonical chain. Ideally, both honest and dishonest honest don't advance anymore as soon as the mismatch is observed.
We should decide which of the following options are feasible, and in which order we'll implement them.
TL;DR starting goal
Individual BlockSync Block responses should note the ConsensusVersion of blockresponse.last().height, so the requester can disconnect if it doesn't match their expectation of what the ConsensusVersion should be at that height.
Theoretical overview
Consensus and Certificate Sync
- Validators sign off on each other's advertised consensus version and/or recent block (height hash) in their certificate.
- Validators optimistically announce their current consensus version and/or recent block (height, hash) in their handshake or a P2P message. Note that "rolling message versions" like we implement for clients might be tricky due to intricacies of how certificates work.
Block Sync
- Honest approach: blocks or sync messages announce the consensus version, so the requester can check this
- Dishonest approach: we actually fetch and compare blocks from multiple nodes, which is a longer-term effort