consensus/beacon: verify timestamp is greater than parent timestamp (ethereum#25236)

MariusVanDerWijden · cp-wjhan · commit bc9a43afa333 · 2023-09-22T11:18:29.000+09:00
diff --git a/consensus/beacon/consensus.go b/consensus/beacon/consensus.go
@@ -45,6 +45,7 @@ var (
 	errTooManyUncles    = errors.New("too many uncles")
 	errInvalidNonce     = errors.New("invalid nonce")
 	errInvalidUncleHash = errors.New("invalid uncle hash")
+	errInvalidTimestamp = errors.New("invalid timestamp")
 )
 
 // Beacon is a consensus engine that combines the eth1 consensus and proof-of-stake
@@ -214,7 +215,7 @@ func (beacon *Beacon) VerifyUncles(chain consensus.ChainReader, block *types.Blo
 //   - unclehash is expected to be Hash(emptyHeader)
 //     to be the desired constants
 //
-// (b) the timestamp is not verified anymore
+// (b) we don't verify if a block is in the future anymore
 // (c) the extradata is limited to 32 bytes
 func (beacon *Beacon) verifyHeader(chain consensus.ChainHeaderReader, header, parent *types.Header) error {
 	// Ensure that the header's extra-data section is of a reasonable size
@@ -228,6 +229,10 @@ func (beacon *Beacon) verifyHeader(chain consensus.ChainHeaderReader, header, pa
 	if header.UncleHash != types.EmptyUncleHash {
 		return errInvalidUncleHash
 	}
+	// Verify the timestamp
+	if header.Time <= parent.Time {
+		return errInvalidTimestamp
+	}
 	// Verify the block's difficulty to ensure it's the default constant
 	if beaconDifficulty.Cmp(header.Difficulty) != 0 {
 		return fmt.Errorf("invalid difficulty: have %v, want %v", header.Difficulty, beaconDifficulty)
