fix(tm2): filter validator updates by valid power & pubkey

[MikaelVallenet]

Prevent node crash on invalid validator pubkey type & invalid voting power

fix #3842

---

Problem

Currently, when a validator with an unsupported public key type (e.g., secp256k1 instead of ed25519) is added through GovDAO, the node crashes with the following error:

Error on ApplyBlock. Did the application crash? Please restart tendermint       {"module": "consensus", "err": "Error in validator updates: validator {g1jAddress... gpubkey... 1} is using pubkey /tm.PubKeySecp256k1, which is unsupported for consensus"}

Solution

Instead of failing the entire block execution when encountering invalid validator updates, we now filter out invalid validators updates and continue with the valid ones. This makes the system more resilient while maintaining security.

https://www.youtube.com/watch?v=n_DKIVS3kxk

Changes

Before:

// Old approach - would error and crash
err = validateValidatorUpdates(abciValUpdates, *state.ConsensusParams.Validator)
if err != nil {
    return state, fmt.Errorf("Error in validator updates: %w", err)
}

After:

// New approach - filters invalid updates and continues
filteredValUpdates = filterValidatorUpdates(
    abciValUpdates,
    *state.ConsensusParams.Validator,
    blockExec.logger,
)

• Added comprehensive logging for filtered validators to help track issues
• Updated tests to verify filtering behavior instead of error conditions

I think this change does not compromise security as invalid validators are still prevented from joining the validator set. The only difference is that the system continues operating instead of crashing when encountering invalid updates.

[Gno2D2]

🛠 PR Checks Summary

All Automated Checks passed. ✅

Manual Checks (for Reviewers):

• IGNORE the bot requirements for this PR (force green CI check)

Read More

🤖 This bot helps streamline PR reviews by verifying automated checks and providing guidance for contributors and reviewers.

✅ Automated Checks (for Contributors):

🟢 Maintainers must be able to edit this pull request (more info)
🟢 Pending initial approval by a review team member, or review from tech-staff

☑️ Contributor Actions:

1. Fix any issues flagged by automated checks.
2. Follow the Contributor Checklist to ensure your PR is ready for review.
   • Add new tests, or document why they are unnecessary.
   • Provide clear examples/screenshots, if necessary.
   • Update documentation, if required.
   • Ensure no breaking changes, or include BREAKING CHANGE notes.
   • Link related issues/PRs, where applicable.

☑️ Reviewer Actions:

1. Complete manual checks for the PR, including the guidelines and additional checks if applicable.

📚 Resources:

• Report a bug with the bot.
• View the bot’s configuration file.

Debug

Automated Checks

Maintainers must be able to edit this pull request (more info)

If

🟢 Condition met
└── 🟢 And
    ├── 🟢 The base branch matches this pattern: ^master$
    └── 🟢 The pull request was created from a fork (head branch repo: MikaelVallenet/gno)

Then

🟢 Requirement satisfied
└── 🟢 Maintainer can modify this pull request

Pending initial approval by a review team member, or review from tech-staff

If

🟢 Condition met
└── 🟢 And
    ├── 🟢 The base branch matches this pattern: ^master$
    └── 🟢 Not (🔴 Pull request author is a member of the team: tech-staff)

Then

🟢 Requirement satisfied
└── 🟢 If
    ├── 🟢 Condition
    │   └── 🟢 Or
    │       ├── 🟢 At least 1 user(s) of the organization reviewed the pull request (with state "APPROVED")
    │       ├── 🟢 At least 1 user(s) of the team tech-staff reviewed pull request
    │       └── 🔴 This pull request is a draft
    └── 🟢 Then
        └── 🟢 Not (🔴 This label is applied to pull request: review/triage-pending)

Manual Checks

**IGNORE** the bot requirements for this PR (force green CI check)

If

🟢 Condition met
└── 🟢 On every pull request

Can be checked by

• Any user with comment edit permission

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

📢 Thoughts on this report? Let us know!

[n0izn0iz]

LGTM

[zivkovicmilos]

Blocking until I review 🙏

This is super touchy -- I'm not sure the node should continue if the on-chain valset emits a change