Allow disabling local-by-default for transactions with new config entry

[XertroV]

Fix #8820

Transactions submitted through import_own_transaction are checked to see if we have the account (provided the tx_queue_allow_unknown_local flag is false).

The exact logic is:

let treat_as_local = self.options.tx_queue_allow_unknown_local 
		|| self.accounts.and_then(|accts| accts.has_account(sender).ok()).unwrap_or(false);

BTW - I've never written Rust before, so please check this twice to make sure it is any good.

I'm also not sure if I should add any tests and/or where.

[parity-cla-bot]

It looks like @XertroV signed our Contributor License Agreement. 👍

Many thanks,

Parity Technologies CLA Bot

[XertroV]

@5chdn - Do you guys want this to be squashed into one commit? I know some communities like that.

(Note: asking you because you just added the tag)

[5chdn]

Yes, we squash-merge :)

[XertroV]

@5chdn - if you don't mind my bothering you, is there any way to quickly run a test? I haven't actually gotten to the point of running my test until https://gitlab.parity.io/parity/parity/-/jobs/89906 showed me the failure.

have tried cargo test -j 8 miner::miner::tests::should_import_own_transaction_selectively with and without --lib, without any test-name-argument (which doesn't seem to run any miner tests..), with partial names; the ./test.sh script doesn't seem to run it, and so on.

I'm not sure if I need to cargo clear or anything, but it's been a very long cycle time so far.

Edit: just realised that ethcore is it's own package/cargo-thing, so trying to run tests from within that directory instead of root. anyway feels like I'm making progress finally.

Edit2: YES! Great success - cargo test -j 8 should_import_own_transaction_selectively from ./ethcore/ worked! (I mean the test failed, but I got it to run! And it was only like 2 min to compile)

[XertroV]

[XertroV]

Sweet - I think we're good to go. Thanks for being super on top of labels and such @5chdn. Parity really is one of the most functional and responsive github orgs I've ever come across. Massive props 👏.

Notes:

• The only part I'm not happy with is some of the repeated / copypasted code between the tests should_import_external_transaction and the new should_import_own_transaction_selectively. That could be refactored to be identical, which (if we want to replicate external tx behaviour) seems like a good idea. I'm willing to do that if it's desired.
• At one stage in dev I explicitly returned from import_own_transactions but refactored to a bigger if statement so there are no explicit returns. Not sure what y'all preferences are in this regard, but this is cleaner to me (coming from purescript/haskell)
• This feels cleaner than the two options in Option to not mark transactions as local when received over RPC #8820 and the behaviour is clearer / more predictable than either of those options.
• I chose to act exactly like import_external_transactions in the case we don't treat it as local to avoid any new or undefined behaviour.
• I think the issue arose because many moons ago the assumption was that transactions either came from the network or a trusted source (e.g. eth_sendRawTransaction).
• I'd like to see the default on tx_queue_allow_unknown_local be changed to false in an upcoming release. It's safer as the default and isn't likely to affect many people b/c it checks for local accounts. The edge case is people who submit low-fee transactions (which they want the node to keep) from an external source. I'm not sure if a watch-only wallet would solve that (though it looks like AccountProvider doesn't support that atm).
• It'd be nice to have some docs that could prevent new contributors going through the growing pains I did above.
• I was pleasantly surprised by Rust, having never used it before. Despite some unintuitive things it feels like a very productive and capable language (and ❤️ for anything monadic, like Option and Result). do syntax would be amazing if it doesn't exist yet.

Bonus fun fact: this is the first work I've done relating to anything core to Ethereum since February 2014.

[5chdn]

Parity really is one of the most functional and responsive github orgs I've ever come across. Massive props clap.

Haha, wait till you (eventually) get a review. 🤣

[XertroV]

Haha, wait till you (eventually) get a review. 🤣

Heh, I guess I haven't had the full experience yet 😛, but I also get that merging code fast-and-loose into something like parity is probably not very wise. Totally happy if that part takes a bit. On that note, also happy to rework things to bring it up to Parity's standards.

[sorpaas]

I think we should wrap import_own_transaction rather than modifying it, as it may break some previous assumptions for this function used elsewhere. Other comments are just minor grumbles.

[sorpaas]

I would suggest we:

• Leave import_own_transaction unchanged.
• Create another function, probably called import_local_or_external_transaction (or maybe a better name, can't think of right now), which dispatch to import_own_transaction or import_external_transactions.
• Make eth_submitRawTransaction call that function instead, through Dispatcher.

The issue is that import_own_transaction is used in many other places in ethcore, and this change may break some of the previous assumptions.

[XertroV]

Yup, agreed. Much more elegant . Will get on that tomorrow.

[XertroV]

How does import_foreign_transaction sound? Or maybe just import_unknown_local_transaction, which corresponds to the argument name very well.

On the one hand introducing a new term is not good, but coming up with a good name is hard. Maybe normalise_unknown_local? like mixing them in with external instead of treating like known locals. I think the External/Local thing makes sense and should be left how it is (no redefining what a local tx is). (though maybe better names would be Indirect/Direct transactions (either that you get them second-hand or directly.)

[sorpaas]

Both sound fine to me. :)

[sorpaas]

Should be <whitespace> not <tab> right before vec![.

[sorpaas]

Extra whitespace after fn.

[sorpaas]

Why having an extra default_miner_opts? I think this may be confusing as MinerOptions already implements Default trait.

[XertroV]

Yup, it is confusing. The config returned is the default used in testing (which is not Default:: default()).

probs better to extract config from the miner produced by miner(). (I need to change just one config item)

[XertroV]

Alternative is to rename it to something like std_test_miner_opts

[sorpaas]

Maybe change this to a flag, as it is a boolean?

[XertroV]

I wanted the default (for the flag/arg) to be true, which I can't do with a flag (seems like default must be false?) Also, unknown_local was the simplest name I could come up with that also explains the concept, and keeps all the flags/config items the same name (not negations). Length was also a cosideration. If there's a better name happy to change it.

(Like: allow_unknown_local is better than disallow_unknown_local (or deny_...), less thinking to do about what it means. and unknown_local is not great to start with, so already takes some thinking. Not super happy with the name, tbh)

[sorpaas]

We have many "negative" flags already in cli, like --no-warp, --no-discovery, etc. And I searched the code, we don't have any boolean arg. So I still think that flag may be better for consistency, like --disallow-unknown-local/--demote-unkown-local-transactions or something like that.

Or maybe like you said, we can set --allow-unknown-local default to false? I can't think of any case where this may break existing usages -- eth_submitRawTransaction specification doesn't require giving special promotion to the submitted transaction.

[XertroV]

@sorpaas - The best name I think I've come up with is something like demote_unfamiliar_locals for the flag name, and import_local_transaction for the import function. By the definition of local the txs we get over eth_sendRawTransaction are local, we just don't want to prioritise the ones that don't come from us. These names still feel clear, and import_own_transaction actually does mean our own transaction now.

[sorpaas]

In our current transaction pool implementation (in miner/src/pool/verifier.rs) we call transactions handled by import_own_transaction to be Transaction::Local(...), and import_external_transaction to be Transaction::Unverified(...). So I guess we may not want to overload the term "local" too much in our code.

But I think that's just a minor naming issue and both sound fine to me. :)

[XertroV]

@sorpaas - Fixed up as per above. Note I went with tx_queue_no_unfamiliar_locals as the flag/config name, and import_claimed_local_transaction as the function name. These feel quite solid as names to me.

[XertroV]

So I seem to be getting this error the last two gitlab-build-tests that have run:

fatal: cannot create directory at 'BlockchainTests/GeneralStateTests/stQuadraticComplexityTest': No space left on device
Cloning into 'ethcore/res/wasm-tests'...
fatal: could not write to /builds/parity/parity/ethcore/res/wasm-tests/.git: No space left on device
fatal: clone of 'https://github.com/paritytech/wasm-tests' into submodule path 'ethcore/res/wasm-tests' failed

Ideas?

[sorpaas]

@XertroV Can we only use import_claimed_local_transaction for eth_sendRawTransaction? I'm worried about a race condition where:

• A new transaction, from a vault account, is sent through eth_sendTransaction.
• Before the dispatcher gets a chance, the vault is closed, and thus the account is removed from address list.
• The dispatcher gives the transaction to miner. Miner doesn't find it in the account list, so it's imported as external transaction -- clearly this is not what we want.

A simple way may be just to add a boolean param in dispatch_transaction, and only set that to true for eth_sendRawTransaction.

[XertroV]

Yeah okay. I'm not too familiar with how all of this connects together, FYI.
What I'm doing atm is adding a trusted: bool param to dispatch_transaction that gets called with false from eth_sendRawTx and true from the other uses of dispatch_transaction (which seems to be called from personal.rs or signer.rs. That should mean all RPC methods that involve signing get a free pass regardless of config options.

Also going to add this flag to import_claimed_local_transaction.

[sorpaas]

Maybe just call import_own_transaction below. The function body looks duplicate.

[XertroV]

I tried that today and couldn't figure out how to do it (calling the instance of import_own_transaction above it).
The compiler told me to add BlockChainClient to C because self.import_own_transaction is called on MinerService not TestMinerService, but that didn't feel right.

Eventually I realised that TestMinerService::import_own_transaction isn't actually called anymore, so have left the body in my function and added unimplemented!() to import_own_transaction.

[XertroV]

This test refactor isn't correct.

[sorpaas]

Looks good to me!

[5chdn]

Needs a 2nd review.

[tomusdrw]

lgtm

[tomusdrw]

We prefer to keep trailing commas in general.

[XertroV]

Ahh cool, I removed it because I presumed I added it while copy-pasting. My bad.