Skip to content
This repository has been archived by the owner on Aug 2, 2022. It is now read-only.

Allow wildcard actions in filters for history #4068

Closed
ScottSallinen opened this issue Jun 12, 2018 · 7 comments
Closed

Allow wildcard actions in filters for history #4068

ScottSallinen opened this issue Jun 12, 2018 · 7 comments
Labels
enhancement user experience
Milestone
Version 1.1

Comments

@ScottSallinen
Copy link
Contributor

Explanatory text about the filter from the config:
Track actions which match receiver:action:actor. Actor may be blank to include all. Receiver and Action may not be blank. (eosio::history_plugin)

The filter options are currently too restrictive -- they allow wildcard actors, but trying to track a whole contract is complex and un-ideal. There should be an easier way to specify all actions.

For example, instead of listing all of them:

filter-on = eosio:newaccount:
filter-on = eosio:setcode:
filter-on = eosio:setabi:
... (there's a LOT more)

We could simply do something like
filter-on = eosio:*:*
For any action and any actor.

For even more control, we could insert some kind of basic regex here, such as
filter-on = eosio:[^sellram, ^buyram]:*
or something along those lines, to include everything from eosio except buying and selling ram, for example.
@wanderingbort wanderingbort added this to the Version 1.0.4 milestone Jun 13, 2018
@tbfleming
Copy link
Contributor

Wildcards on actions open an easy attack vector. Contracts don't reject actions they don't recognize. Someone could spam unknown actions with large payloads to filtered contracts. The history plugin would then store these in shared memory, causing it to fill up, bringing down the node. It's only safe to record actions that the contract limits size on; this is why eosio.token limits the memo field on transfers.

@tbfleming
Copy link
Contributor

setcode and setabi are examples of actions which should be excluded because of their size in normal use.

@aaroncox
Copy link
Contributor

I'm just curious - why wouldn't the contract reject actions not defined within their own ABI?

@tbfleming
Copy link
Contributor

  1. Consistency. If no contract is installed, then all actions are ignored. Contracts add behavior.
  2. If contracts reject actions they don't understand, then contracts which use require_recipient will tend to fail, e.g. eosio.token::tansfer.

@ScottSallinen
Copy link
Contributor Author

Would it be possible to, instead of a "full wildcard", have the wildcard refer specifically to actions that are defined in the ABI? That way we could achieve our desired effect.

There needs to be some easy way of adding a new filter for a new contract to a node without having to replay the full blockchain every time. Or, a way of whitelisting up front which contract we want to listen to the ABI's for (and only actions in the ABI), and store the history of.

@perduta
Copy link

perduta commented Jun 16, 2018

have the wildcard refer specifically to actions that are defined in the ABI
This is such a great idea. ATM we have to wrap ABI to manually filter-on = :eosio:*:*

@ScottSallinen
Copy link
Contributor Author

Closing this as it is mostly implemented in #4739

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement user experience
Projects
None yet
Milestone
Version 1.1
Development

No branches or pull requests
6 participants
@tbfleming @aaroncox @wanderingbort @ScottSallinen @andriantolie @perduta