You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, all credit-debit checks happen inside message_processor::process_message. However, transaction fees get charged upstream in accounts::load_tx_accounts. This means that if a credit-only account is the first signer, it gets successfully charged the fee if it can afford it, potentially adding non-determinism to the chain. 🙀
Proposed Solution
Update runtime to reject transactions pre-fee if the fee payer is not locked as credit-debit
The text was updated successfully, but these errors were encountered:
Can we reject the transaction before any accounts are loaded? Otherwise you can DoS the leader by having it load a bunch of huge accounts without having to pay anything. Before SigVerify or any deserialize() would be ideal.
Can we reject the transaction before any accounts are loaded? Otherwise you can DoS the leader by having it load a bunch of huge accounts without having to pay anything. Before SigVerify or any deserialize() would be ideal.
Yes, definitely. I am inclined to build off #6236, actually, and put this check in do_get_packet_offsets
Problem
Currently, all credit-debit checks happen inside message_processor::process_message. However, transaction fees get charged upstream in accounts::load_tx_accounts. This means that if a credit-only account is the first signer, it gets successfully charged the fee if it can afford it, potentially adding non-determinism to the chain. 🙀
Proposed Solution
Update runtime to reject transactions pre-fee if the fee payer is not locked as credit-debit
The text was updated successfully, but these errors were encountered: