Wires the propagation-side accept rule per
docs/fof-spec/layer-2-mode2-fof-comments.md. When a BlobHeaderDiffOp::
AddComment arrives for a post whose CommentPolicy.allow_comments is
FriendsOfFriends, the receive path now:
1. Looks up the parent post in storage. If the post lacks fof_gating,
drop (policy says FoF but no key material to verify against).
2. Calls fof::verify_fof_group_sig (which folds together: valid
pub_x_index range + Ed25519 verify of group_sig against
pub_post_set[pub_x_index] over the binding tuple).
3. Checks pub_post_set[pub_x_index] is NOT in fof_gating.revocation_list
(initially empty; revocation diffs land in a future slice but the
check is in place now).
4. Continues to the existing identity_sig verify step.
Any failure → continue (drop, don't store, don't forward). This kills
the bandwidth-amplification DoS that a single admitted FoF member
could otherwise mount by spamming forged group_sigs.
Receive-side storage of FoF comments is via the existing
storage.store_comment call; the InlineComment shape carries the FoF
fields (pub_x_index, group_sig, encrypted_payload) through unchanged.
139 tests pass (relay_cooldown flake is pre-existing and unrelated).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
63ff5ad6eb