From 20ad4f500e7fafab93f6d94fa171a5c0309de6ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Garamv=C3=B6lgyi?= Date: Thu, 22 May 2025 11:30:20 +0200 Subject: [PATCH] core/txpool: add explicit max blob count limit (#31837) Fixes #31792. --------- Co-authored-by: lightclient --- core/txpool/blobpool/blobpool.go | 15 +++++-- core/txpool/blobpool/blobpool_test.go | 59 +++++++++++++++++++++++++++ core/txpool/errors.go | 4 ++ core/txpool/validation.go | 10 +++-- 4 files changed, 81 insertions(+), 7 deletions(-) diff --git a/core/txpool/blobpool/blobpool.go b/core/txpool/blobpool/blobpool.go index e506da228d..2602d82104 100644 --- a/core/txpool/blobpool/blobpool.go +++ b/core/txpool/blobpool/blobpool.go @@ -62,6 +62,12 @@ const ( // limit can never hurt. txMaxSize = 1024 * 1024 + // maxBlobsPerTx is the maximum number of blobs that a single transaction can + // carry. We choose a smaller limit than the protocol-permitted MaxBlobsPerBlock + // in order to ensure network and txpool stability. + // Note: if you increase this, validation will fail on txMaxSize. + maxBlobsPerTx = 7 + // maxTxsPerAccount is the maximum number of blob transactions admitted from // a single account. The limit is enforced to minimize the DoS potential of // a private tx cancelling publicly propagated blobs. @@ -1095,10 +1101,11 @@ func (p *BlobPool) SetGasTip(tip *big.Int) { // and does not require the pool mutex to be held. func (p *BlobPool) ValidateTxBasics(tx *types.Transaction) error { opts := &txpool.ValidationOptions{ - Config: p.chain.Config(), - Accept: 1 << types.BlobTxType, - MaxSize: txMaxSize, - MinTip: p.gasTip.ToBig(), + Config: p.chain.Config(), + Accept: 1 << types.BlobTxType, + MaxSize: txMaxSize, + MinTip: p.gasTip.ToBig(), + MaxBlobCount: maxBlobsPerTx, } return txpool.ValidateTransaction(tx, p.head, p.signer, opts) } diff --git a/core/txpool/blobpool/blobpool_test.go b/core/txpool/blobpool/blobpool_test.go index 0a323179a6..12b64bf674 100644 --- a/core/txpool/blobpool/blobpool_test.go +++ b/core/txpool/blobpool/blobpool_test.go @@ -1142,6 +1142,65 @@ func TestChangingSlotterSize(t *testing.T) { } } +// TestBlobCountLimit tests the blobpool enforced limits on the max blob count. +func TestBlobCountLimit(t *testing.T) { + var ( + key1, _ = crypto.GenerateKey() + key2, _ = crypto.GenerateKey() + + addr1 = crypto.PubkeyToAddress(key1.PublicKey) + addr2 = crypto.PubkeyToAddress(key2.PublicKey) + ) + + statedb, _ := state.New(types.EmptyRootHash, state.NewDatabaseForTesting()) + statedb.AddBalance(addr1, uint256.NewInt(1_000_000_000), tracing.BalanceChangeUnspecified) + statedb.AddBalance(addr2, uint256.NewInt(1_000_000_000), tracing.BalanceChangeUnspecified) + statedb.Commit(0, true, false) + + // Make Prague-enabled custom chain config. + cancunTime := uint64(0) + pragueTime := uint64(0) + config := ¶ms.ChainConfig{ + ChainID: big.NewInt(1), + LondonBlock: big.NewInt(0), + BerlinBlock: big.NewInt(0), + CancunTime: &cancunTime, + PragueTime: &pragueTime, + BlobScheduleConfig: ¶ms.BlobScheduleConfig{ + Cancun: params.DefaultCancunBlobConfig, + Prague: params.DefaultPragueBlobConfig, + }, + } + chain := &testBlockChain{ + config: config, + basefee: uint256.NewInt(1050), + blobfee: uint256.NewInt(105), + statedb: statedb, + } + pool := New(Config{Datadir: t.TempDir()}, chain, nil) + if err := pool.Init(1, chain.CurrentBlock(), newReserver()); err != nil { + t.Fatalf("failed to create blob pool: %v", err) + } + + // Attempt to add transactions. + var ( + tx1 = makeMultiBlobTx(0, 1, 1000, 100, 7, key1) + tx2 = makeMultiBlobTx(0, 1, 800, 70, 8, key2) + ) + errs := pool.Add([]*types.Transaction{tx1, tx2}, true) + + // Check that first succeeds second fails. + if errs[0] != nil { + t.Fatalf("expected tx with 7 blobs to succeed") + } + if !errors.Is(errs[1], txpool.ErrTxBlobLimitExceeded) { + t.Fatalf("expected tx with 8 blobs to fail, got: %v", errs[1]) + } + + verifyPoolInternals(t, pool) + pool.Close() +} + // Tests that adding transaction will correctly store it in the persistent store // and update all the indices. // diff --git a/core/txpool/errors.go b/core/txpool/errors.go index 968c9d9542..9bc435d67e 100644 --- a/core/txpool/errors.go +++ b/core/txpool/errors.go @@ -58,6 +58,10 @@ var ( // making the transaction invalid, rather a DOS protection. ErrOversizedData = errors.New("oversized data") + // ErrTxBlobLimitExceeded is returned if a transaction would exceed the number + // of blobs allowed by blobpool. + ErrTxBlobLimitExceeded = errors.New("transaction blob limit exceeded") + // ErrAlreadyReserved is returned if the sender address has a pending transaction // in a different subpool. For example, this error is returned in response to any // input transaction of non-blob type when a blob transaction from this sender diff --git a/core/txpool/validation.go b/core/txpool/validation.go index e370f2ce84..720d0d3b72 100644 --- a/core/txpool/validation.go +++ b/core/txpool/validation.go @@ -42,9 +42,10 @@ var ( type ValidationOptions struct { Config *params.ChainConfig // Chain configuration to selectively validate based on current fork rules - Accept uint8 // Bitmap of transaction types that should be accepted for the calling pool - MaxSize uint64 // Maximum size of a transaction that the caller can meaningfully handle - MinTip *big.Int // Minimum gas tip needed to allow a transaction into the caller pool + Accept uint8 // Bitmap of transaction types that should be accepted for the calling pool + MaxSize uint64 // Maximum size of a transaction that the caller can meaningfully handle + MaxBlobCount int // Maximum number of blobs allowed per transaction + MinTip *big.Int // Minimum gas tip needed to allow a transaction into the caller pool } // ValidationFunction is an method type which the pools use to perform the tx-validations which do not @@ -63,6 +64,9 @@ func ValidateTransaction(tx *types.Transaction, head *types.Header, signer types if opts.Accept&(1< opts.MaxBlobCount { + return fmt.Errorf("%w: blob count %v, limit %v", ErrTxBlobLimitExceeded, blobCount, opts.MaxBlobCount) + } // Before performing any expensive validations, sanity check that the tx is // smaller than the maximum limit the pool can meaningfully handle if tx.Size() > opts.MaxSize {