For the health of the network under this kind of attack it makes sense for clients to stop propagating any blocks upon receiving the first POS_BLOCK_FINALIZED and remove handlers with the corresponding penalty upon receiving the second POS_BLOCK_FINALIZED. So, the updated spec should look like:
The networking stack SHOULD NOT send the following messages if they advertise the descendant of any terminal PoW block:
Beginning with the first
POS_BLOCK_FINALIZEDevent, the networking stack MUST discard the following ingress messages:Beginning with the second
POS_BLOCK_FINALIZEDevent, the networking stack MUST remove the handlers corresponding to the following messages:Peers that keep sending these messages after the handlers have been removed SHOULD be disconnected.
According to the current spec honest peers that keep propagating maliciously produced terminal PoW blocks maybe accidentally disconnected because of the racing in receiving the POS_BLOCK_FINALIZED event by between different nodes.
cc @MicahZoltu