Context

See #8062 for details. This issue is to update the cluster compliance engine to make use of improvements to the PendingBlockBuffer from #7981 to improve proposal validation.

Definition of Done

• Validate proposals BEFORE inserting to PendingBlockBuffer
  • Update documentation to correspond to this new flow
• Detect double proposals (handle new sentinel from PendingBlockBuffer) and emit notification
• (optional) Introduce additional worker proposal validation
  • Currently, the compliance engine is single-threaded. But we could process disconnected proposals in parallel (validation can be done in-place). Not strictly necessary, but something to consider while doing this work.

General Permissionless Guidelines

• Update documentation if necessary, resolve any BFT-related TODOs (eg. for origin validation)
  • If already BFT resilient, ensure documentation exists explaining why
• Ensure error paths indicating malicious inputs trigger a notification (see HotStuff as example), consumer of notification should log using LoggingTagSuspicious for now.