Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Access] Use Indexed height when checking payer balance #6129

Open
Tracked by #5683
peterargue opened this issue Jun 19, 2024 · 0 comments
Open
Tracked by #5683

[Access] Use Indexed height when checking payer balance #6129

peterargue opened this issue Jun 19, 2024 · 0 comments
Labels
S-Access

Comments

@peterargue
Copy link
Contributor

peterargue commented Jun 19, 2024
edited
Loading

Problem Description

#6004 added support for validating that a payer has sufficient balance to fund a transaction. This is implemented by executing a script against the latest sealed block. If executing the script fails, the payer check fails open, and the tx is marked valid.

This is OK since the payer validation is a best-effort check since it does not provide any security guarantees, and instead helps to defend against accidental spam.

However, this also means that some percent of tx will still get through depending on how well the node keeps up with indexing.

Proposed Solution

Instead of using the latest sealed block, use the latest indexed block. We could then do a check to ensure that the difference between the latest sealed and indexed is within some tolerance to handle cases where a node is behind on indexing.

The access handler accepts a state_synchronization.IndexReporter which provides a method to get the highest indexed height. This is passed into the rpcBuilder here:

flow-go/cmd/access/node_builder/access_node_builder.go

Line 1776 in 9d87eb4

indexReporter,

This same reporter could be passed into the backend, and then into the validator when instantiated it. This would allow us to extend the ProtocolStateBlocks to include a new method IndexedHeight that returned the response from calling HighestIndexedHeight() on the indexer

flow-go/access/validator.go

Lines 41 to 43 in 9d87eb4

func (b *ProtocolStateBlocks) FinalizedHeader() (*flow.Header, error) {
return b.state.Final().Head()
}

Finally, when checking the payer,

  1. first get the sealed and indexed heights
  2. check that there is less than some threshold number of block between them. a reasonable default could be 30 (~30 seconds)
  3. If the gap is larger than the threshold, skip the check and return no error (allow the tx)
  4. Use the indexed height when executing the script

This will produce a higher rate of successful checks, while avoiding the executions entirely when the node falls behind.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
S-Access
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@peterargue