fix(payment): enforce single-node proof verification

[mickvandijke]

Description

This PR tightens the final single-node payment verification path used before a new PUT is cached as paid. The verifier still enforces the existing quote count, distinct encoded peer IDs, content-address binding, quote freshness, ML-DSA public-key-to-peer-ID binding, and quote signature checks. After that, it now requires an attached P2PNode, verifies that this node's peer ID is one of the quoted peers, verifies that the local peer's own quote uses the configured local rewards address, and checks the quoted peer set against find_closest_nodes_local_with_self(xorname, CLOSE_GROUP_SIZE). The close-group check is intentionally local and self-inclusive, so it avoids a request-handler network DHT lookup while requiring at least 5 of 7 quoted peers to match and tolerating up to two missing peers for normal routing-table skew.

For the on-chain part, the verifier no longer delegates to the generic SingleNodePayment::verify() amount-only check. It reconstructs the sorted single-node payment, checks the selected median-priced quote first, falls back to other median-price ties if needed, and validates each candidate with PaymentVaultV2.completedPayments(quote.hash()). A candidate only passes if the recorded amount is at least 3 * quote.price and the stored 16-byte recipient prefix matches the quote rewards address. Full 20-byte recipient equality is still not possible from completedPayments without a contract/ABI change or event-based reconstruction.

SemVer: patch

Tests

• cargo fmt --all -- --check
• cargo test payment::verifier
• cargo clippy --all-targets --all-features -- -D warnings

[Copilot]

Pull request overview

Tightens single-node payment proof verification in PaymentVerifier by ensuring the proof’s quoted peers match the verifier’s local close-group view and by strengthening the on-chain validation (median-priced selection, recipient-prefix binding, and under/overpayment handling) against PaymentVault.completedPayments.

Changes:

• Adds local close-group membership enforcement for all quoted peers in single-node proofs.
• Replaces the previous SingleNodePayment::verify(...) path with explicit on-chain completedPayments(quoteHash) checks that handle median-price ties and validate rewards-address prefix + paid amount.
• Extends unit tests to cover close-group set validation and completed-payment amount/recipient-prefix checks.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (1)

src/payment/verifier.rs:501

• The CPU-heavy ML-DSA signature verification runs before the single-node close-group check (which also fails fast if no P2PNode is attached). To reduce DoS surface and avoid wasting CPU when the proof will be rejected due to close-group / attachment constraints, consider running validate_single_node_close_group(...) (or at least the p2p_node attachment + local peer/rewards checks) before spawning the blocking signature verification task.

        // Verify quote signatures (CPU-bound, run off async runtime)
        let peer_quotes = payment.peer_quotes.clone();
        tokio::task::spawn_blocking(move || {
            for (encoded_peer_id, quote) in &peer_quotes {
                if !verify_quote_signature(quote) {