eth_subscribe on http connection leads to inconsistent state of the server and subsequent crash

[tramp87]

Expected Behavior

eth_subscribe to be rejected on HTTP connection with a message that it is only supported on websockets.

Current Behavior

• eth_subscribe is accepted in http server and forwarded to provider: https://github.com/trufflesuite/ganache-core/blob/develop/lib/httpServer.js#L56
• After that http request immediately terminates
• Client is led to believe that their subscription succeeded (it may be a buggy client that attempts to subscribe by http, but nevertheless)
• Then when the event happens (some time later), websocket server is not aware of the subscription and the whole process just crashes with TypeError: Cannot read property 'connection' of undefined (see stack trace below): https://github.com/trufflesuite/ganache-core/blob/develop/lib/webSocketServer.js#L126

Possible Solution

disallow eth_subscribe on HTTP server.
Possibly mitigation for users until the code is changed: disable ws server (not possible in ganache-cli)
Connect using WS rather than HTTP.
Change client to not attempt to use subscriptions if connection is not WS.

Steps to Reproduce (for bugs)

1. docker run -it -v --rm --name ganache trufflesuite/ganache-cli:latest
2. From another terminal connect to ganache server by HTTP, make eth_subscribe request
3. After that trigger an event that subscription was listening to.
4. Observe server crash with stacktrace outline below.

The actual code for steps (2) and (3) in my case is rather complex, but I hope my verbal explanation, and links to the suspected code is sufficient :)

Context

Deploying test instances of Augur contracts using third-party code, and it appears that code subscribes to the ethereum node (possibly expecting that if we do it over HTTP, the subscription will fail, and it will back to polling).

After that when I attempt to use those contracts, Ganache server crashes due to orphaned subscription.

Your Environment

Linux.
Docker trufflesuite/ganache-cli:latest
Also trufflesuite/ganache-cli:v6.1.8
Also latest master of ganache-cli (590b856e9b2dfa92b9491925fcb663dcd4a355b2)

Stack trace:

TypeError: Cannot read property 'connection' of undefined
    at ConnectionManager._updateSubscriptions (/src/node_modules/ganache-core/lib/webSocketServer.js:134:70)
    at Provider.<anonymous> (/src/node_modules/ganache-core/lib/webSocketServer.js:32:31)
    at emitTwo (events.js:126:13)
    at Provider.emit (events.js:214:7)
    at SubscriptionSubprovider.<anonymous> (/src/node_modules/ganache-core/lib/provider.js:48:10)
    at emitTwo (events.js:126:13)
    at SubscriptionSubprovider.emit (events.js:214:7)
    at SubscriptionSubprovider._notificationHandler (/src/node_modules/ganache-core/node_modules/web3-provider-engine/subproviders/subscriptions.js:96:8)
    at Array.forEach (<anonymous>)
    at BlockFilter.<anonymous> (/src/node_modules/ganache-core/node_modules/web3-provider-engine/subproviders/subscriptions.js:62:15)
    at emitOne (events.js:116:13)
    at BlockFilter.emit (events.js:211:7)
    at BlockFilter.update (/src/node_modules/ganache-core/node_modules/web3-provider-engine/subproviders/filters.js:319:8)
    at emitOne (events.js:121:20)
    at Web3ProviderEngine.emit (events.js:211:7)
    at Web3ProviderEngine._setCurrentBlock (/src/node_modules/ganache-core/node_modules/web3-provider-engine/index.js:165:8)
    at GanacheBlockTracker.Web3ProviderEngine.self._blockTracker.on (/src/node_modules/ganache-core/node_modules/web3-provider-engine/index.js:35:10)
    at emitOne (events.js:121:20)
    at GanacheBlockTracker.emit (events.js:211:7)
    at GanacheBlockTracker._setCurrentBlock (/src/node_modules/ganache-core/lib/block_tracker.js:63:8)
    at emitOne (events.js:116:13)
    at BlockchainDouble.emit (events.js:211:7)

[benjamincburns]

Good catch, @tramp87! We shouldn't be handling eth_subscribe or eth_unsubscribe methods via HTTP at all.

[H34D]

The combination of MetaMask and [email protected] will crash ganache every single time. looks like a version miss match on my side

[davidmurdoch]

Thanks @tramp87 for taking the time to file this issue! We're currently tracking this issue in #186.