Security: MiningProof nonce replay allows proof reuse across blocks

[createkr]

Summary

The Proof of Antiquity validation pipeline does not reject previously used MiningProof.nonce values. Because proof state is reset between blocks, the same proof nonce can be replayed in later blocks and be accepted again.

Affected component

• rips/src/proof_of_antiquity.rs
• ProofOfAntiquity::submit_proof()

Impact

A miner can replay a previously accepted proof with the same nonce in a later block and have it accepted again. This breaks proof uniqueness across block boundaries and allows repeated reuse of a prior proof submission.

Why this happens

• MiningProof contains a nonce field intended for uniqueness
• submit_proof() did not validate whether that nonce had already been used for the submitting wallet
• Per-block proof processing clears pending submissions, so replayed proofs can re-enter the pipeline unless nonce history is retained

Suggested fix

• Persist previously used nonces per wallet
• Reject reused nonces during proof submission
• Keep nonce history across block resets so replay attempts fail in later blocks as well

I have a focused fix prepared.

Wallet: RTC1d48d848a5aa5ecf2c5f01aa5fb64837daaf2f35

[createkr]

I opened a fix PR for this issue: #2058 Wallet: RTC1d48d848a5aa5ecf2c5f01aa5fb64837daaf2f35