Added range-check on online account timestamps

src/main/java/org/qora/controller/Controller.java

@@ -1249,11 +1249,20 @@ public class Controller extends Thread {
 	// Utilities
 
 	private void verifyAndAddAccount(OnlineAccountData onlineAccountData) {
-		// We would check timestamp is 'recent' here
+		PublicKeyAccount otherAccount = new PublicKeyAccount(null, onlineAccountData.getPublicKey());
+
+		final Long now = NTP.getTime();
+		if (now == null)
+			return;
+
+		// Check timestamp is 'recent' here
+		if (Math.abs(onlineAccountData.getTimestamp() - now) > ONLINE_TIMESTAMP_MODULUS * 2) {
+			LOGGER.trace(() -> String.format("Rejecting online account %s with out of range timestamp %d", otherAccount.getAddress(), onlineAccountData.getTimestamp()));
+			return;
+		}
 
 		// Verify
 		byte[] data = Longs.toByteArray(onlineAccountData.getTimestamp());
-		PublicKeyAccount otherAccount = new PublicKeyAccount(null, onlineAccountData.getPublicKey());
 		if (!otherAccount.verify(onlineAccountData.getSignature(), data)) {
 			LOGGER.trace(() -> String.format("Rejecting invalid online account %s", otherAccount.getAddress()));
 			return;

src/main/java/org/qora/controller/Synchronizer.java

@@ -11,10 +11,8 @@ import java.util.stream.Collectors;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.qora.account.Account;
-import org.qora.account.PublicKeyAccount;
 import org.qora.block.Block;
 import org.qora.block.Block.ValidationResult;
-import org.qora.data.account.RewardShareData;
 import org.qora.data.block.BlockData;
 import org.qora.data.block.BlockSummaryData;
 import org.qora.data.network.PeerChainTipData;