-
Notifications
You must be signed in to change notification settings - Fork 2.2k
EIP166 - replay protection via high-order bits of nonce #3620
Conversation
Some tests from |
Just a side question: is it possible to reject transactions with gas > 2^63-1 straight away when parsing? |
@chfast I think it's possible, since there're currently some checks in |
34c36ba
to
0a3e302
Compare
Codecov Report
@@ Coverage Diff @@
## develop #3620 +/- ##
===========================================
+ Coverage 65% 65.06% +0.06%
===========================================
Files 306 307 +1
Lines 21337 21390 +53
===========================================
+ Hits 13870 13918 +48
- Misses 7467 7472 +5
Continue to review full report at Codecov.
|
libethereum/ClientBase.cpp
Outdated
ts.nonce = max<u256>(postSeal().transactionsFrom(ts.from), m_tq.maxNonce(ts.from)); | ||
if (postSeal().info().number() >= bc().chainParams().u256Param("metropolisForkBlock")) | ||
{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
curving brace
// Unneeded as it's checked again in Executive. Keep it here since tests assume it's checked. | ||
if (_ir & ImportRequirements::TransactionBasic && _t.baseGasRequired(evmSchedule(EnvInfo(_bi))) > _t.gas()) | ||
BOOST_THROW_EXCEPTION(OutOfGasIntrinsic()); | ||
if (_ir & ImportRequirements::TransactionBasic) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That function is called by the verifyBlock
,
but seems transactions that comes from onPeerTransaction
get accepted and thus relayed even if the chainId
is wrong.
Would it make sense to check for the replay protection also at the 'network' layer?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For unconfirmed transactions the check is in Executive.
(so they are checked when when we try to execute them and put into pending block)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can't check that on network level, because the check depends on which block the transaction will be put into
(depends on the block number)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So currently we propagate all the transactions with incorrect chainID-in-nonce (which is fine, since they are currently valid)
We can add the check for chainID-in-nonce to TransactionQueue::import() later after the Metropolis fork, then we'll stop to propagate them.
test/libethashseal/CMakeLists.txt
Outdated
@@ -0,0 +1,5 @@ | |||
cmake_policy(SET CMP0015 NEW) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You don't know what this is about, do you? Remove it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No idea, just copied from another dir 😆
test/libethashseal/CMakeLists.txt
Outdated
@@ -0,0 +1,5 @@ | |||
cmake_policy(SET CMP0015 NEW) | |||
|
|||
aux_source_directory(. SRCS) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
file(GLOB SRCS "*.cpp")
.
libethashseal/Ethash.cpp
Outdated
_t.checkNonceChainId(nonceChainId); | ||
} | ||
|
||
// Unneeded as it's checked again in Executive. Keep it here since tests assume it's checked. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add TODO:
prefix for this comment.
libethcore/Transaction.cpp
Outdated
namespace | ||
{ | ||
int const c_chainIdInNonceBits = 64; | ||
u256 const c_nonceLowMask = 0xffffffffffffffff; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm sure you can use primitive int type here, boost should have an overloading for it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure it has, but it converts it to multiprecision internally anyway, so will we save anything?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We will save at least dynamic initialization of this global.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Buying it for additional initialization time for processing each transaction?
I'm not really convinced
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So I checked :) https://gist.github.com/chfast/dc7cfb070947f703e57c25dc3cbb79f7.
- Both versions are very similar, they call
eval_bitwise_...
template function (big unrolled code in the middle). u256 c_nonceLowMask
does not require dynamic initialization. See_ZN12_GLOBAL__N_1L10lowMask256E
.- The version with
uint64_t
is a bit better because does not require global constant loading.
That was not to prove you ware wrong, I was really curious. I would slightly prefer native type in the constant, but you can decide. Let me know.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So it inlines the int value in code instead of using variable?
Ok, there's little difference, I'll change it, int looks slightly nicer in code for me, too
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Global does not have to be created because it has local scope to linker namespace {}
. Compiler usually produces code like mov -1 to reg0
. The constant is included in the instruction itself.
0a2cd31
to
fa4f10c
Compare
…ect unconfirmed transactions when we construct the pending block
…at it's equal to sender nonce
Rebased & review comments addressed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Big thanks for the unit tests.
Is this ready to be merged? |
@chfast It is, but it's probably not going to be included in Metropolis, so we're not merging it yet, waiting for the final decision on which EIPs are included. |
This EIP faded away. |
#3617
ethereum/EIPs#166
eth.sendTransaction
RPC call