feat: transient per-block limit for zero gas tx per block#2519
feat: transient per-block limit for zero gas tx per block#2519matthiasmatt wants to merge 10 commits intomainfrom
Conversation
… to record payments
Ensures EvmKeeper depends on SudoKeeper via depinject for zero-gas ante handling and tracks PaidWei in ZeroGasMeta with tests covering the ABCI EthereumTx path.
Introduces a new test case for the AmountsToUndoCredit method in ZeroGasMeta, covering various scenarios including crediting, paying, and refunding gas amounts. This enhances the test coverage for zero-gas transaction handling.
… and sdb.Commit comments
…s as bech32/hex, AlwaysZeroGasContracts as EIP55
… O(1) ante lookup
…rop redundant nil/ok checks; failed or nil assertion already yields nil.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a per-block quota for zero-gas EVM transactions to mitigate spam and DoS risks. The implementation is solid, adding new ante handler steps for detection and quota enforcement, and correctly modifying existing ante handlers to bypass fee-related logic for these transactions. The changes are well-tested, covering various scenarios including normal transactions, zero-gas transactions, and edge cases like new accounts and reverted executions. My main concern is the inclusion of hardcoded testnet private keys and mnemonic phrases in the repository, which poses a significant security risk and should be addressed immediately.
I am having trouble creating individual review comments. Click here to see my feedback.
evm-e2e/.passkey-testnet2-privkey.txt (1)
Committing a private key to the repository, even for a testnet, is a significant security risk. This key should be removed from the repository's history. It's recommended to use environment variables or a secure secret management system to handle such credentials, or generate them on the fly for tests.
evm-e2e/.passkey-testnet2-wallet.json (1)
Committing a wallet mnemonic phrase to the repository is a critical security vulnerability. This allows anyone with access to the repository to control the associated funds. This file should be removed from the repository and its history. For testing, consider generating wallets dynamically or using environment variables to supply credentials securely.
x/evm/evmante/evmante_gas_consume.go (119-121)
The removal of debugging fmt.Printf and log.Printf statements is a good cleanup. However, there are more instances of such logging in the all_evmante.go file that should also be removed before merging to keep the codebase clean.
x/evm/evmstate/msg_server.go (76)
This log.Printf statement appears to be for debugging and should be removed before merging to avoid polluting logs in production environments.
matthiasmatt
force-pushed
the
mat/rate-limit
branch
from
6150283 to
0d14bbb
Compare
…EVM tx during DeliverTx
matthiasmatt
force-pushed
the
mat/rate-limit
branch
from
0d14bbb to
eb0387e
Compare
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## ud/zero-gas-evm #2519 +/- ##
===================================================
+ Coverage 58.98% 59.07% +0.09%
===================================================
Files 361 362 +1
Lines 24415 24436 +21
===================================================
+ Hits 14401 14436 +35
+ Misses 8777 8758 -19
- Partials 1237 1242 +5
🚀 New features to boost your workflow:
|
2 participants
What
Adds a per-block quota for zero-gas EVM transactions to limit free blockspace consumption.
Why
Zero-gas EVM calls bypass fee deduction and mempool min-gas-price checks. A deterministic per-block cap provides a protocol-level
backstop against spam/DoS targeting ZeroGasActors.always_zero_gas_contracts.
How
x/evm/evmstate/evm_state.go)
evm/errors.go, x/evm/evmante/all_evmante.go)
evmante_zero_gas_quota.go)
Testing
fails in the same block. (x/evm/evmante/evmante_zero_gas_quota_test.go)
Follow-ups
only).