Slash on SignCompleted for unrecognized plan

coordinator/src/tributary/handle.rs

@@ -530,15 +530,27 @@ pub(crate) async fn handle_application_tx<
         Accumulation::NotReady => {}
       }
     }
-    Transaction::SignCompleted { plan, tx_hash, .. } => {
+    Transaction::SignCompleted { plan, tx_hash, first_signer, signature: _ } => {
       log::info!(
         "on-chain SignCompleted claims {} completes {}",
         hex::encode(&tx_hash),
         hex::encode(plan)
       );
-      // TODO: Confirm this is a valid plan ID
+
+      if TributaryDb::<D>::attempt(txn, genesis, Topic::Sign(plan)).is_none() {
+        fatal_slash::<D>(
+          txn,
+          genesis,
+          first_signer.to_bytes(),
+          "claimed an unrecognized plan was completed",
+        );
+        return;
+      };
+
       // TODO: Confirm this signer hasn't prior published a completion
-      let Some(key_pair) = TributaryDb::<D>::key_pair(txn, spec.set()) else { todo!() };
+      let Some(key_pair) = TributaryDb::<D>::key_pair(txn, spec.set()) else {
+        panic!("SignCompleted for recognized plan ID despite not having a key pair for this set")
+      };
       processors
         .send(
           spec.set().network,

processor/src/signer.rs

@@ -329,7 +329,6 @@ impl<N: Network, D: Db> Signer<N, D> {
       }
     } else {
       // If we don't have this in RAM, it should be because we already finished signing it
-      // TODO: Will the coordinator ever send us Completed for an unknown ID?
       assert!(!SignerDb::<N, D>::completions(txn, id).is_empty());
       info!(
         "signer {} informed of the eventuality completion for plan {}, {}",