Commit graph

17201 commits

Author SHA1 Message Date
MariusVanDerWijden
07eb971ff8
eth/catalyst: pass TargetGasLimit via engine api 2026-07-16 12:42:13 +02:00
MariusVanDerWijden
5749cbce7b
tests: add BAL specific tests 2026-07-16 12:42:13 +02:00
Sina M
06b23b4293
.github: rm s1na from CODEOWNERS (#35365)
Some checks failed
/ Linux Build (push) Has been cancelled
/ Linux Build (arm) (push) Has been cancelled
/ Keeper Build (push) Has been cancelled
/ Windows Build (push) Has been cancelled
/ Docker Image (push) Has been cancelled
🫡
2026-07-15 17:48:03 +02:00
Felix Lange
bde64d702d
.mailmap: consolidate healthykim committer names (#35366) 2026-07-15 17:47:45 +02:00
Bosul Mun
d91b71fb36
core/txpool/blobpool, eth: implement sparse blobpool (#34047)
This is the implementation of EIP-8070 Sparse Blobpool. It introduces
protocol version eth/72 which relays blob transaction cells instead of
full blobs.

The blobpool now store 'incomplete' transactions, where only some of
the cells are provided. The stored cell indexes are taken from the
custody bitmap, which is provided by the consensus layer in
forkchoiceUpdatedV4. This method will be called once Glamsterdam
activates, and the default custody is full custody, so for now there
is no change in the amount of stored cells for now.

The main entities added are the BlobBuffer and BlobFetcher, which work
together to track and fetch missing cells from connected peers. The
partial transactions become available for inclusion in blocks when
they are covered by enough peers that hold all cells.

This change also introduces engine_getBlobsV4, which allows for
cell-based responses (and partial blobs with only some of the cells).
We maintain backward compatibility with getBlobsV3 which expects full
blob responses by recovering the blob from available cells. Since this
process is resource-intensive, we proactively cache the conversion so
it is ready in time for getBlobsV3 calls. This mechanism will be
removed once support for getBlobsV4 is universal across all consensus
layer implementations.

devp2p tests for eth/72 are not part of this initial change. This is
to avoid breaking test success status for execution clients that do
not have eth/72 implemented yet. The tests will be added in a
subsequent change.

---------

Co-authored-by: Felix Lange <fjl@twurst.com>
2026-07-15 14:41:04 +02:00
Sina M
c3f2851872
cmd/utils: tune GOGC for large cache values (#34851)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
---------

Co-authored-by: jonny rhea <5555162+jrhea@users.noreply.github.com>
2026-07-14 13:00:47 -05:00
Jonny Rhea
d5d936d76c
eth/catalyst: handle bogota fork in payloadVersion (#35355)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Docker Image (push) Waiting to run
#34057 added the Bogota fork, but didn't add it to payloadVersion.
This PR fixes the CI error.
2026-07-14 17:24:07 +02:00
ozpool
3155d3ad14
core/rawdb: drop stray %d verb from freezer metadata log message (#35351) 2026-07-14 09:56:22 -05:00
cui
6e6fcef0ba
eth/protocols/eth: discard message before size check (#35289)
- Move `msg.Discard` defer ahead of the max message size check in
`handleMessage`.
- Ensures oversized messages are released when the handler returns
early.
2026-07-14 09:06:57 -05:00
Chase Wright
8d84e5001a
p2p/dnsdisc, cmd/devp2p: keep invalid and unreachable nodes out of DNS trees (#35312)
The DNS discovery crawler (ethereum/discv4-crawl) builds signed enrtree
lists by crawling the network and running the collected records through
`devp2p nodeset filter` and `devp2p dns sign`. Those records come from
external nodes, and `enr.Record` keeps entries it can't decode as raw
RLP, so a self-signed record with an out-of-range port (EIP-778 defines
ports only as "big endian integer", not `uint16`) can round-trip
verbatim into a signed tree. Consumers that decode ports strictly then
fail to decode that record.

Two publish-side checks:

- `MakeTree` rejects a record if a present port entry
(`tcp`/`tcp6`/`udp`/`udp6`/`quic`/`quic6`) does not decode as a
`uint16`. This is an invariant at the signing boundary: geth won't sign
a tree containing a record with an undecodable port, regardless of how
the node list was produced. Absent and zero ports are unaffected.

- `devp2p nodeset filter -dialable` keeps only nodes advertising a
usable RLPx port (non-zero `tcp`/`tcp6`/`quic`/`quic6`), letting the
crawler drop discovery-only and unreachable nodes so consumers aren't
handed peers they can't connect to.

The two are deliberately separate: the `MakeTree` check is a correctness
guard that always applies, while `-dialable` is an opt-in selection
filter for the crawler pipeline. A follow-up will add `-dialable` to
discv4-crawl's `filter_list`.
2026-07-14 09:05:02 -05:00
jwasinger
a10969f650
accounts/abi: fix abigen v1 bindings for deployment of library dependencies (#32164)
When we are deploying library dependencies, if the `TransactOpts` nonce
is unset we will choose the nonce of the next deployment transaction
based on the pending nonce of the sender. If a previous library
deployment transaction was made but not yet accepted into the pool, the
pending nonce will not be updated for the the next deployment
transaction.

This PR introduces a new method to the bind API `WaitAccepted` which
poll until a submitted transaction hash is accepted into the pool or
rejected. The bindings for v1 are updated to invoke this method after
deploying each library dependency.
2026-07-14 14:45:16 +02:00
lightclient
0d1cf34ec6
all: add bogota fork to config (#34057)
Adds stubs for Bogota fork.
2026-07-14 14:37:29 +02:00
rjl493456442
1ef0ffb98c
core: implement EIP-2780 and EIP-8037 changes (#35318)
Implement the spec changes of EIP-2780 and EIP-8037.

See the spec diffs in
- https://github.com/ethereum/EIPs/pull/11844
- https://github.com/ethereum/EIPs/pull/11891
- https://github.com/ethereum/EIPs/pull/11906
-
a4801f3bb1

---------

Co-authored-by: MariusVanDerWijden <m.vanderwijden@live.de>
2026-07-14 14:28:26 +02:00
danceratopz
abfb2de574
eth/catalyst, eth/ethconfig, cmd: make engine API max reorg depth configurable (#35335)
Some checks are pending
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
2026-07-14 15:48:30 +08:00
Marius van der Wijden
68f711b9de
beacon/engine: correct rlp encoding/decoding (#35348)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
Correctly passes BAL around in engine api

---------

Co-authored-by: Gary Rong <garyrong0905@gmail.com>
2026-07-13 15:31:10 +02:00
Marius van der Wijden
f9382c2d1b
eth/tracers/logger: respect logging limit (#35349)
Necessary for building fuzzers that don't take 10s of seconds for
tracing a test
2026-07-13 19:51:38 +08:00
cui
3140668d49
miner: cap configured MaxBlobsPerBlock to protocol limit (#35295)
## Summary

- Only apply user-configured `MaxBlobsPerBlock` when it is strictly
below the protocol-defined maximum.
- Prevents the miner from building blocks that exceed the consensus blob
limit.

## Test plan

- [x] `go test -short ./miner/`
2026-07-13 12:13:15 +02:00
cui
df7b89603c
internal/testlog: clone attributes before appending (#35324)
WithAttrs and terminalFormat appended to h.attrs directly, which can
mutate the shared slice when it has spare capacity. Clone attrs first to
avoid corrupting parent handler state.
2026-07-13 11:06:26 +02:00
cui
13bcbf0eef
core/rawdb: fix off-by-one in freezer init progress log (#35344)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
2026-07-13 15:56:00 +08:00
Stefan
b34a925e9e
beacon/engine, eth/catalyst: return block access lists in payload bodies v2 (#35347) 2026-07-13 15:55:39 +08:00
Marius van der Wijden
e7314c8a13
core: charge floorDataGas if it exceeds regularGas (#35342)
Implement EIP spec change
https://github.com/ethereum/EIPs/pull/11908/changes

---------

Co-authored-by: Gary Rong <garyrong0905@gmail.com>
2026-07-13 09:38:54 +08:00
Marius van der Wijden
0e2cbebbd1
params: update contract addresses (#35341)
As per https://notes.ethereum.org/@ethpandaops/glamsterdam-devnet-7
2026-07-13 09:11:12 +08:00
Marius van der Wijden
3ab52d837d
go.mod: update ckzg (#35336)
Some checks failed
/ Linux Build (arm) (push) Has been cancelled
/ Keeper Build (push) Has been cancelled
/ Windows Build (push) Has been cancelled
/ Linux Build (push) Has been cancelled
/ Docker Image (push) Has been cancelled
Updates ckzg to the newest version
2026-07-10 11:42:16 +02:00
Csaba Kiraly
111e7b8b48
eth: protect high-value peers from random dropping based on tx inclusion stats (#34702)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
The peer dropper periodically disconnects random peers to create churn.
This was previously blind to peer quality.
This PR adds peer-score based peer protection, handling the
multi-dimensionality problem of peer scoring through the concept of
protected peer pools.

---------

Signed-off-by: Csaba Kiraly <csaba.kiraly@gmail.com>
Co-authored-by: healthykim <bsbs8645@snu.ac.kr>
2026-07-09 18:54:27 +02:00
Marius Kjærstad
5a39aa10ad
build: upgrade -dlgo version to Go 1.25.12 (#35317)
New security fix:
https://groups.google.com/g/golang-announce/c/OrmQE_Yp5Sc
2026-07-09 09:50:42 -05:00
spencer
2ce0200762
cmd/evm, core: fixes for eels tests@v20.0.0 release (#35283)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
## Summary

Sanity fixes surfaced by running the EELS `tests@v20.0.0` fixture
release (63,109 blockchain tests) through `evm blocktest`.

Also bumps CI to consume the new release: `build/checksums.txt` now
points at `tests@v20.0.0` / `fixtures.tar.gz` from
`ethereum/execution-specs` (supersedes the archived EEST repo's
`fixtures_develop`).

---------

Co-authored-by: Gary Rong <garyrong0905@gmail.com>
2026-07-09 16:27:34 +08:00
cui
896a4ab7c6
core/vm/runtime: cap regular gas budget at MaxTxGas for Amsterdam (#35301)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
2026-07-09 12:21:15 +08:00
cui
6c80ee6c50
eth/protocols/snap: fix access list sync progress double counting (#35323) 2026-07-09 10:52:28 +08:00
rjl493456442
76e3dc6b5b
core: improve chain reset head (#35252)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
This PR does a few things:

- reject `debug_setHead` if the target is even before the pivot block
(if non-nil)
- reject `debug_setHead` if in path mode, the target is not recoverable
- decouple the chain rewinding and state recovery in path mode and
recover the state in one shot

---------

Co-authored-by: jonny rhea <5555162+jrhea@users.noreply.github.com>
2026-07-08 16:44:34 -05:00
ozpool
2133e014ae
internal/ethapi: reject gasPrice together with authorizationList (#35320)
Closes #35314.

### Problem

`TransactionArgs.ToTransaction` selects `SetCodeTxType` when an
`authorizationList` is present, but then unconditionally downgrades to
`LegacyTxType` when `gasPrice` is set:

```go
case args.AuthorizationList != nil || defaultType == types.SetCodeTxType:
    usedType = types.SetCodeTxType
...
if args.GasPrice != nil {
    usedType = types.LegacyTxType
}
```

A legacy transaction cannot carry an EIP-7702 authorization list, so the
list is silently dropped. `eth_sendTransaction`, `eth_signTransaction`
and `eth_fillTransaction` can then return a plain legacy
transaction/hash even though the requested delegation update or
revocation was never included.

The downgrade also masks a latent issue: `setFeeDefaults` returns early
once `gasPrice` is set (without `authorizationList`) and never fills
`MaxFeePerGas`/`MaxPriorityFeePerGas`. Building the `SetCodeTx` without
the downgrade would hit
`uint256.MustFromBig((*big.Int)(args.MaxFeePerGas))` with a nil fee cap
and panic. Erroring early is therefore the correct behavior.

### Fix

Reject the `gasPrice` + `authorizationList` combination in
`setFeeDefaults`, mirroring the existing `gasPrice` / EIP-1559 guard, so
the request fails explicitly instead of producing a transaction that
omits the authorization list.

### Test

Added a `setFeeDefaults` case asserting the new error. Verified
fail-on-main: with the guard reverted the test fails (`expected error:
both gasPrice and authorizationList specified`); with the guard it
passes. Full `internal/ethapi` package, `go vet` and `gofmt` are clean.

### Note

The same silent-drop applies to `gasPrice` + `blobVersionedHashes` (blob
transactions also cannot be legacy). I scoped this PR to the reported
`authorizationList` case; happy to extend the guard to blob hashes in
the same spot if preferred.
2026-07-08 11:57:31 -06:00
rjl493456442
0c88fee429
eth/downloader, eth/protocols/snap: snap v2 catchup failure (#35321)
Fixes https://github.com/ethereum/go-ethereum/issues/35319
2026-07-08 10:47:39 -05:00
rjl493456442
4d2181aa41
cmd, core, eth, miner: apply 7997 in block building (#35285)
Some checks failed
/ Linux Build (push) Has been cancelled
/ Linux Build (arm) (push) Has been cancelled
/ Keeper Build (push) Has been cancelled
/ Windows Build (push) Has been cancelled
/ Docker Image (push) Has been cancelled
This PR applies the 7997 irregular state transition in t8n, block
building, simulation and tracing.
2026-07-07 14:40:25 +02:00
rjl493456442
cf35a1b6f6
core/vm: add access cost check (#35261)
This is an edge case found by @weiihann. 

Under 8038, the cold storage access cost is increased to 3,000 gas,
which exceeds the sentry check threshold. Therefore, the sentry check no
longer guarantees that the remaining gas is sufficient to cover a cold
slot access.

Therefore, an additional access affordability check is added to
eliminate the potential DoS vector.
2026-07-07 14:38:08 +02:00
cui
e5c5e1897d
core/txpool/locals: nil journal writer before checking close error (#35300)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
This PR clears `journal.writer` immediately after `Close()` in `rotate` and `setupWriter`,
before checking the error. This prevents leaving a stale file handle that could be reused
if close fails.

---------

Co-authored-by: Bosul Mun <bsbs8645@snu.ac.kr>
2026-07-06 16:10:25 +02:00
Richard Creighton
a8a7116395
cmd/evm: respect --fuzz=false (#34975)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
Passing `--fuzz=false` currently still selects blocktest fuzz output
mode because the command checks whether the flag was set.

This switches the blocktest fuzz-mode checks to use the boolean flag
value, so explicit false keeps the normal output path while `--fuzz`
still enables fuzz-oriented reporting.
2026-07-06 12:36:29 +02:00
cui
69d88aee93
eth/tracers: include log index in erc7562 tracer output (#35200)
Populate the Index field on captured logs, matching callTracer
behaviour.
2026-07-06 11:31:08 +02:00
Rafael Matias
7c1959b306
rpc: add --rpc.http-body-limit flag for HTTP request body size (#35224)
The HTTP JSON-RPC server caps request bodies at a hardcoded 5 MB
(`defaultBodyLimit`), with no way to raise it. EEST bloatnet depth
benchmarks post worst-case batch requests larger than that during
fill-stateful, which the server rejects with `413 Request Entity Too
Large`.

This adds `node.Config.HTTPBodyLimit` (default 5 MB), wired through to
the HTTP/WS server config, and exposes it via `--rpc.http-body-limit`
(value in **megabytes**, default 5). Default behaviour is unchanged.
2026-07-06 11:30:32 +02:00
cui
3620a947ee
params: return AmsterdamTime from ChainConfig.Timestamp (#35293)
## Summary

- Add the missing `forks.Amsterdam` case to `ChainConfig.Timestamp`.
- Callers can now look up the Amsterdam fork activation time.

## Test plan

- [x] `go test -short ./params/`
2026-07-06 11:27:34 +02:00
Marius van der Wijden
2919267b64
core: remaining spec fixes for glamsterdam (#35279)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
This PR fixes five remaining differences between master and
glamsterdam-devnet-6:

- RegularCost for Auths has been increased, since 8037 increases the
WARM_ACCESS cost
- Floor is anchored to the transaction base cost, not the intrinsic cost
- Auth destinations need to be recorded in the BAL before the call is
executed
- Change the place where intrinsic gas is verified in calls to delegated
addresses
- Refund state gas directly to reservoir in outer tx frame

---------

Co-authored-by: Gary Rong <garyrong0905@gmail.com>
2026-07-06 09:39:09 +08:00
rayoo
415fe376a3
p2p/enode: close sources added after FairMix shutdown (#35298)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
`FairMix.AddSource` takes ownership of the supplied iterator, but if the
mixer has already been closed it currently returns without closing that
iterator. Close the rejected source in this shutdown path so callers
racing with `Close` do not leak iterator resources.
2026-07-05 20:21:24 +02:00
ozpool
e3b6d0c86f
cmd/devp2p: fix swapped args in private-key error message (#35193)
Some checks failed
/ Linux Build (push) Has been cancelled
/ Linux Build (arm) (push) Has been cancelled
/ Keeper Build (push) Has been cancelled
/ Windows Build (push) Has been cancelled
/ Docker Image (push) Has been cancelled
This fixes an error where a failed key decode prints its arguments in
the wrong order.
2026-07-03 14:54:51 +02:00
cui
217506364d
accounts: fix missing wallet drop (#35133)
The drop helper uses sort.Search on the sorted wallet list, but the
returned index can point at the next greater wallet when the target URL
is missing. Fix this by rewriting the drop to use slices.DeleteFunc and a map.

---------

Co-authored-by: Felix Lange <fjl@twurst.com>
2026-07-03 14:50:59 +02:00
cui
6eae868a95
p2p/discover: always increment TALKREQ drop counter on timeout (#35243)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
Increment `dropCount` on every TALKREQ dropped due to overload timeout.
Previously the counter was only updated when the throttled warning log
was emitted.
2026-07-03 13:13:46 +02:00
rjl493456442
3006c4411b
eth/protocols/eth: fix blockAccessList empty marker (#35286)
This PR addresses an issue in the eth71 `BlockAccessListsMsg` handler,

specifically: 
- if the requested bal is not accessible in the server side, 0x80
(EmptyString) will be returned as the marker
- at the client side, old message definition
`rlp.RawList[RawBlockAccessList]` assumes all the elements are List
- the message with 0x80 (kind = string) won't be decoded correctly
- the peer will be disconnected

The message definition has been changed to `rlp.RawList[rlp.RawValue]`,
which is aligned with the one in SNAP/2 protocol.
2026-07-03 11:15:07 +02:00
cui
aa3d286f54
cmd/utils: keep metrics tag values containing '=' (#35168) 2026-07-03 14:59:28 +08:00
Stavros Vlachakis
d617f4fcdb
rpc: reject block parameter with neither number nor hash (#35271) 2026-07-03 14:31:53 +08:00
rjl493456442
3d50e3eb0e
core/types/bal: enhance the bal validation (#35281)
EIP-7928 requires that each address appears exactly once in the block
access list.

In the `BlockAccessList.Validate`, the strict `isStrictlySortedFunc` is
required to detect the duplicated accounts.
2026-07-03 14:30:56 +08:00
ozpool
7aa7806c09
cmd/devp2p: close the iterator in discv4 LookupRandom (#35206)
Some checks are pending
/ Linux Build (push) Waiting to run
/ Linux Build (arm) (push) Waiting to run
/ Keeper Build (push) Waiting to run
/ Windows Build (push) Waiting to run
/ Docker Image (push) Waiting to run
The LookupRandom RPC handler obtains a node iterator from
RandomNodes() but never closes it.

RandomNodes() returns a lookupIterator backed by a cancelable
context derived from the listener's lifetime context
(newLookupIterator -> context.WithCancel). The iterator's
Close() is what calls the cancel func, so each LookupRandom call
that never closes leaks the cancel func (and any in-flight lookup
goroutine) until the discv4 listener shuts down. When the listener
serves the RPC API (discv4 --rpc) it is long-lived, so repeated
LookupRandom calls accumulate the leak.

Close the iterator when the handler returns. This matches how the
crawler already releases the same RandomNodes() iterators
(crawl.go closes every iterator it consumes).
2026-07-02 18:20:25 +02:00
cui
f9417bb279
node: match auth-schema case insensitively (#35022) 2026-07-02 18:18:58 +02:00
cui
448515a448
accounts/external: forward blob fee cap to external signer (#35167)
SignTx populated BlobHashes and the sidecar fields (Blobs/Commitments/
Proofs) for a blob transaction but never set args.BlobFeeCap. As a
result the external (clef) signer received maxFeePerBlobGas:null and
signed a transaction inconsistent with the one passed in, silently
dropping the blob fee cap.

Set args.BlobFeeCap from tx.BlobGasFeeCap() so the signing request
faithfully reflects the input transaction. This mirrors the existing
handling of the other blob-tx fields.
2026-07-02 18:12:58 +02:00