Verify consensus message sender against extensible whitelist

[AnnaShaleva]

Expected behaviour

Consensus message sender should be verified against the whitelist of extensible payload senders. This list should be constructed based on the validators from Governance contract and should exclude Policy's black listed addresses.

Actual behaviour

No verification present:

go-ethereum/eth/protocols/dbft/ledger.go

Lines 23 to 26 in cada98a

	func (l *ledger) IsAddressAllowed(addr common.Address) bool {
	// Call governance contract here.
	return true
	}

[AnnaShaleva]

Slightly depends on #239 since Governance contract should not return black-listed validators. Ref. #239 (comment).

[AnnaShaleva]

It should be noted that in fact this issue is relevant only for seed (non-consensus) nodes because consensus nodes perform consensus payloads verification inside this method:

go-ethereum/consensus/dbft/dbft.go

Line 1367 in cada98a

if err := c.validatePayload(p); err != nil {