-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
config: reduce default mempool size #2300
Conversation
This reduces the mempool size from 100k to 5k. Note that each secp256k1 sig takes .5ms to compute. Therefore an adversary could previously delay every node on the network's computation time upon receiving a block by 50 seconds. This now reduces that ability to being able to only delay each node by 2.5 seconds. This change should be reverted once ABCI recheck is implemented.
// Each signature verification takes .5ms, size reduced until we implement | ||
// ABCI Recheck | ||
Size: 5000, | ||
CacheSize: 10000, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why reduce cache size?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seemed kinda weird to have a 20x ratio between Size and CacheSize, though I guess there isn't a need to reduce it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not about the ratio. It's about memory (total cache size) and being the first layer of protection from replay
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think more limited defaults is fine.
Broke a mempol test though ;)
|
This reduces the mempool size from 100k to 5k. Note that each secp256k1 sig
takes .5ms to compute. Therefore an adversary could previously delay every
node on the network's computation time upon receiving a block by 50 seconds.
This now reduces that ability to being able to only delay each node by 2.5
seconds. This change should be reverted once ABCI recheck is implemented.
ref #2127
I think this should be included next release, to improve network resiliency.