libp2p nodes vulnerable to OOM attack

### Summary


This can occur because when a signed peer record is received, only the signature validity check is performed but the sender signature is not checked. Signed peer records from randomly generated peers can be sent by a malicious actor. A target node will accept the peer record as long as the signature is valid, and then stored in the peer store.


### Expected behavior

reject  peer on peer ID mismatch


### Actual behavior

saved the mismatched peer

### Relevant log output

```shell

```

### Possible Solution

reject  peer on peer ID mismatch

### Version

_No response_

### Would you like to work on fixing this bug ?

Yes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

libp2p nodes vulnerable to OOM attack #295

Summary

Expected behavior

Actual behavior

Relevant log output

Possible Solution

Version

Would you like to work on fixing this bug ?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

libp2p nodes vulnerable to OOM attack #295

Description

Summary

Expected behavior

Actual behavior

Relevant log output

Possible Solution

Version

Would you like to work on fixing this bug ?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions