Summary
Two related scalability concerns:
-
JSON-RPC body size: The server relies on library defaults for maximum request body size. A client could send very large JSON payloads to increase memory and CPU cost during parsing.
-
Background loop: Every 10 seconds the monitor loads up to 1000 requests (get_requests(Some(1000))) and iterates (src/rpc.rs). As the database grows, work per tick grows unless pagination or indexing by status is introduced.
Suggested mitigations
- Configure a strict max body size at the HTTP layer or reverse proxy.
- Query only pending/processing keys (secondary index or prefix scan filtered by status) instead of scanning recent N requests.
References
src/rpc.rs (tokio spawn monitor)src/storage.rs (get_requests)
Summary
Two related scalability concerns:
JSON-RPC body size: The server relies on library defaults for maximum request body size. A client could send very large JSON payloads to increase memory and CPU cost during parsing.
Background loop: Every 10 seconds the monitor loads up to 1000 requests (
get_requests(Some(1000))) and iterates (src/rpc.rs). As the database grows, work per tick grows unless pagination or indexing by status is introduced.Suggested mitigations
References
src/rpc.rs(tokio spawn monitor)src/storage.rs(get_requests)