Since I'm not sure exactly how this works on a technical level right now (might have slipped my memory): is the mining software / firmware used communicated through Stratum v2 and / or could it be spoofed? How do you make sure that someone pointing hashpower to your pool is running a tested / 'known working' software stack?