Skip to content

feat: add limit for batch request and response size #249

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Aug 8, 2025
Merged

feat: add limit for batch request and response size #249

merged 12 commits into from
Aug 8, 2025

Conversation

@mmsqe
Copy link
Contributor

@mmsqe mmsqe commented Jun 26, 2025
edited
Loading

Description

  • align batch-request-limit config to enforces the maximum number of requests per batch and prevents abuse by oversized batch requests
  • align batch-response-max-size config to allow server should reject the batch or truncate the response, returning an error or partial result indicating the response size limit was exceeded.

Closes: #241, for test info

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • tackled an existing issue or discussed with a team member
  • left instructions on how to review the changes
  • targeted the main branch

Reviewers Checklist

All items are required.
Please add a note if the item is not applicable
and please add your handle next to the items reviewed
if you only reviewed selected items.

I have...

  • added a relevant changelog entry to the Unreleased section in CHANGELOG.md
  • confirmed all author checklist items have been addressed
  • confirmed that this PR does not change production code
  • reviewed content
  • tested instructions (if applicable)
  • confirmed all CI checks have passed

vladjdk
vladjdk approved these changes Jun 26, 2025
View reviewed changes
Copy link
Member

@vladjdk vladjdk left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm, thank you for the contribution.

Similar to other PRs, could you add a more thorough description here and in the issue of the problem and your solution? The reference was helpful for context, but the PR you referenced is different from the changes you made here.

@mmsqe mmsqe changed the title feat: add limit for eth_call return value feat: add limit for batch request and response size Jun 28, 2025
@mmsqe mmsqe requested a review from vladjdk June 30, 2025 01:38
vladjdk
vladjdk requested changes Jul 4, 2025
View reviewed changes
rpc/backend/call_tx.go Outdated
if err != nil {
return nil, err
}
length := len(res.Ret)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you removed this by mistake in the latest commits :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

revert the space, no change for this file

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahh, I see, the restriction is now happening on the geth side. Lgtm!

rpc/backend/call_tx.go
if err != nil {
return nil, err
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add back the code here

@aljo242
Copy link
Contributor

aljo242 commented Jul 21, 2025

@mmsqe we have resolved this in the audit and the change will be integrated once published. Will close this PR once integrated

@aljo242 aljo242 closed this Jul 21, 2025
@aljo242 aljo242 reopened this Jul 21, 2025
@aljo242 aljo242 requested review from a team as code owners July 21, 2025 16:06
@aljo242
Copy link
Contributor

aljo242 commented Jul 28, 2025

@mmsqe this is fixed in 0.3 and will be added back onto main shortly

@mmsqe
Copy link
Contributor Author

mmsqe commented Aug 6, 2025

@aljo242 just saw missing config for toml from main, not sure if it's intended

@aljo242
Copy link
Contributor

aljo242 commented Aug 8, 2025

Makes sense to have in the config - thank you! this was an oversight

@aljo242 aljo242 enabled auto-merge August 8, 2025 13:55
@aljo242 aljo242 added this pull request to the merge queue Aug 8, 2025
Merged via the queue into cosmos:main with commit 9bc1559 Aug 8, 2025
16 checks passed
zsystm pushed a commit to zsystm/evm that referenced this pull request Nov 2, 2025
@mmsqe
feat: add limit for batch request and response size (cosmos#249)
17cc226 
* feat: add limit for eth_call return value

* align batch limit

* add back space

* add back space

* resolve

---------

Co-authored-by: Alex | Interchain Labs <alex@interchainlabs.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vladjdk vladjdk vladjdk approved these changes

@aljo242 aljo242 aljo242 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: no response too large limit for batch call

3 participants

@mmsqe @aljo242 @vladjdk