Merge pull request #1832 from nspcc-dev/consensus/microfixes

consensus: add MaxBlockSize and MaxBlockSysFee settings
This commit is contained in:
Roman Khimov 2021-03-16 18:11:33 +03:00 committed by GitHub
commit 025330f132
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 192 additions and 30 deletions

View file

@ -18,6 +18,10 @@ type (
KeepOnlyLatestState bool `yaml:"KeepOnlyLatestState"` KeepOnlyLatestState bool `yaml:"KeepOnlyLatestState"`
// RemoveUntraceableBlocks specifies if old blocks should be removed. // RemoveUntraceableBlocks specifies if old blocks should be removed.
RemoveUntraceableBlocks bool `yaml:"RemoveUntraceableBlocks"` RemoveUntraceableBlocks bool `yaml:"RemoveUntraceableBlocks"`
// MaxBlockSize is the maximum block size in bytes.
MaxBlockSize uint32 `yaml:"MaxBlockSize"`
// MaxBlockSystemFee is the maximum overall system fee per block.
MaxBlockSystemFee int64 `yaml:"MaxBlockSystemFee"`
// MaxTraceableBlocks is the length of the chain accessible to smart contracts. // MaxTraceableBlocks is the length of the chain accessible to smart contracts.
MaxTraceableBlocks uint32 `yaml:"MaxTraceableBlocks"` MaxTraceableBlocks uint32 `yaml:"MaxTraceableBlocks"`
// MaxTransactionsPerBlock is the maximum amount of transactions per block. // MaxTransactionsPerBlock is the maximum amount of transactions per block.

View file

@ -73,9 +73,6 @@ type service struct {
blockEvents chan *coreb.Block blockEvents chan *coreb.Block
lastProposal []util.Uint256 lastProposal []util.Uint256
wallet *wallet.Wallet wallet *wallet.Wallet
network netmode.Magic
// stateRootEnabled specifies if state root should be exchanged and checked during consensus.
stateRootEnabled bool
// started is a flag set with Start method that runs an event handling // started is a flag set with Start method that runs an event handling
// goroutine. // goroutine.
started *atomic.Bool started *atomic.Bool
@ -97,6 +94,8 @@ type Config struct {
Broadcast func(p *npayload.Extensible) Broadcast func(p *npayload.Extensible)
// Chain is a core.Blockchainer instance. // Chain is a core.Blockchainer instance.
Chain blockchainer.Blockchainer Chain blockchainer.Blockchainer
// ProtocolConfiguration contains protocol settings.
ProtocolConfiguration config.ProtocolConfiguration
// RequestTx is a callback to which will be called // RequestTx is a callback to which will be called
// when a node lacks transactions present in a block. // when a node lacks transactions present in a block.
RequestTx func(h ...util.Uint256) RequestTx func(h ...util.Uint256)
@ -125,8 +124,6 @@ func NewService(cfg Config) (Service, error) {
transactions: make(chan *transaction.Transaction, 100), transactions: make(chan *transaction.Transaction, 100),
blockEvents: make(chan *coreb.Block, 1), blockEvents: make(chan *coreb.Block, 1),
network: cfg.Chain.GetConfig().Magic,
stateRootEnabled: cfg.Chain.GetConfig().StateRootInHeader,
started: atomic.NewBool(false), started: atomic.NewBool(false),
quit: make(chan struct{}), quit: make(chan struct{}),
finished: make(chan struct{}), finished: make(chan struct{}),
@ -182,7 +179,7 @@ func NewService(cfg Config) (Service, error) {
dbft.WithNewCommit(func() payload.Commit { return new(commit) }), dbft.WithNewCommit(func() payload.Commit { return new(commit) }),
dbft.WithNewRecoveryRequest(func() payload.RecoveryRequest { return new(recoveryRequest) }), dbft.WithNewRecoveryRequest(func() payload.RecoveryRequest { return new(recoveryRequest) }),
dbft.WithNewRecoveryMessage(func() payload.RecoveryMessage { dbft.WithNewRecoveryMessage(func() payload.RecoveryMessage {
return &recoveryMessage{stateRootEnabled: srv.stateRootEnabled} return &recoveryMessage{stateRootEnabled: srv.ProtocolConfiguration.StateRootInHeader}
}), }),
dbft.WithVerifyPrepareRequest(srv.verifyRequest), dbft.WithVerifyPrepareRequest(srv.verifyRequest),
dbft.WithVerifyPrepareResponse(func(_ payload.ConsensusPayload) error { return nil }), dbft.WithVerifyPrepareResponse(func(_ payload.ConsensusPayload) error { return nil }),
@ -214,7 +211,7 @@ func NewPayload(m netmode.Magic, stateRootEnabled bool) *Payload {
} }
func (s *service) newPayload(c *dbft.Context, t payload.MessageType, msg interface{}) payload.ConsensusPayload { func (s *service) newPayload(c *dbft.Context, t payload.MessageType, msg interface{}) payload.ConsensusPayload {
cp := NewPayload(s.network, s.stateRootEnabled) cp := NewPayload(s.ProtocolConfiguration.Magic, s.ProtocolConfiguration.StateRootInHeader)
cp.SetHeight(c.BlockIndex) cp.SetHeight(c.BlockIndex)
cp.SetValidatorIndex(uint16(c.MyIndex)) cp.SetValidatorIndex(uint16(c.MyIndex))
cp.SetViewNumber(c.ViewNumber) cp.SetViewNumber(c.ViewNumber)
@ -234,7 +231,7 @@ func (s *service) newPayload(c *dbft.Context, t payload.MessageType, msg interfa
func (s *service) newPrepareRequest() payload.PrepareRequest { func (s *service) newPrepareRequest() payload.PrepareRequest {
r := new(prepareRequest) r := new(prepareRequest)
if s.stateRootEnabled { if s.ProtocolConfiguration.StateRootInHeader {
r.stateRootEnabled = true r.stateRootEnabled = true
if sr, err := s.Chain.GetStateModule().GetStateRoot(s.dbft.BlockIndex - 1); err == nil { if sr, err := s.Chain.GetStateModule().GetStateRoot(s.dbft.BlockIndex - 1); err == nil {
r.stateRoot = sr.Root r.stateRoot = sr.Root
@ -364,7 +361,7 @@ func (s *service) payloadFromExtensible(ep *npayload.Extensible) *Payload {
return &Payload{ return &Payload{
Extensible: *ep, Extensible: *ep,
message: message{ message: message{
stateRootEnabled: s.stateRootEnabled, stateRootEnabled: s.ProtocolConfiguration.StateRootInHeader,
}, },
} }
} }
@ -440,11 +437,21 @@ func (s *service) verifyBlock(b block.Block) bool {
return false return false
} }
size := coreb.GetExpectedBlockSize()
if size > int(s.ProtocolConfiguration.MaxBlockSize) {
s.log.Warn("proposed block size exceeds config MaxBlockSize",
zap.Uint32("max size allowed", s.ProtocolConfiguration.MaxBlockSize),
zap.Int("block size", size))
return false
}
var fee int64
var pool = mempool.New(len(coreb.Transactions), 0, false) var pool = mempool.New(len(coreb.Transactions), 0, false)
var mainPool = s.Chain.GetMemPool() var mainPool = s.Chain.GetMemPool()
for _, tx := range coreb.Transactions { for _, tx := range coreb.Transactions {
var err error var err error
fee += tx.SystemFee
if mainPool.ContainsKey(tx.Hash()) { if mainPool.ContainsKey(tx.Hash()) {
err = pool.Add(tx, s.Chain) err = pool.Add(tx, s.Chain)
if err == nil { if err == nil {
@ -465,6 +472,14 @@ func (s *service) verifyBlock(b block.Block) bool {
} }
} }
maxBlockSysFee := s.ProtocolConfiguration.MaxBlockSystemFee
if fee > maxBlockSysFee {
s.log.Warn("proposed block system fee exceeds config MaxBlockSystemFee",
zap.Int("max system fee allowed", int(maxBlockSysFee)),
zap.Int("block system fee", int(fee)))
return false
}
return true return true
} }
@ -472,6 +487,7 @@ var (
errInvalidPrevHash = errors.New("invalid PrevHash") errInvalidPrevHash = errors.New("invalid PrevHash")
errInvalidVersion = errors.New("invalid Version") errInvalidVersion = errors.New("invalid Version")
errInvalidStateRoot = errors.New("state root mismatch") errInvalidStateRoot = errors.New("state root mismatch")
errInvalidTransactionsCount = errors.New("invalid transactions count")
) )
func (s *service) verifyRequest(p payload.ConsensusPayload) error { func (s *service) verifyRequest(p payload.ConsensusPayload) error {
@ -482,7 +498,7 @@ func (s *service) verifyRequest(p payload.ConsensusPayload) error {
if req.version != s.dbft.Version { if req.version != s.dbft.Version {
return errInvalidVersion return errInvalidVersion
} }
if s.stateRootEnabled { if s.ProtocolConfiguration.StateRootInHeader {
sr, err := s.Chain.GetStateModule().GetStateRoot(s.dbft.BlockIndex - 1) sr, err := s.Chain.GetStateModule().GetStateRoot(s.dbft.BlockIndex - 1)
if err != nil { if err != nil {
return err return err
@ -490,6 +506,9 @@ func (s *service) verifyRequest(p payload.ConsensusPayload) error {
return fmt.Errorf("%w: %s != %s", errInvalidStateRoot, sr.Root, req.stateRoot) return fmt.Errorf("%w: %s != %s", errInvalidStateRoot, sr.Root, req.stateRoot)
} }
} }
if len(req.TransactionHashes()) > int(s.ProtocolConfiguration.MaxTransactionsPerBlock) {
return fmt.Errorf("%w: max = %d, got %d", errInvalidTransactionsCount, s.ProtocolConfiguration.MaxTransactionsPerBlock, len(req.TransactionHashes()))
}
// Save lastProposal for getVerified(). // Save lastProposal for getVerified().
s.lastProposal = req.transactionHashes s.lastProposal = req.transactionHashes
@ -633,10 +652,10 @@ func (s *service) newBlockFromContext(ctx *dbft.Context) block.Block {
return nil return nil
} }
block.Block.Network = s.network block.Block.Network = s.ProtocolConfiguration.Magic
block.Block.Timestamp = ctx.Timestamp / nsInMs block.Block.Timestamp = ctx.Timestamp / nsInMs
block.Block.Index = ctx.BlockIndex block.Block.Index = ctx.BlockIndex
if s.stateRootEnabled { if s.ProtocolConfiguration.StateRootInHeader {
sr, err := s.Chain.GetStateModule().GetStateRoot(ctx.BlockIndex - 1) sr, err := s.Chain.GetStateModule().GetStateRoot(ctx.BlockIndex - 1)
if err != nil { if err != nil {
return nil return nil

View file

@ -323,6 +323,13 @@ func TestService_PrepareRequest(t *testing.T) {
sr, err := srv.Chain.GetStateModule().GetStateRoot(srv.dbft.BlockIndex - 1) sr, err := srv.Chain.GetStateModule().GetStateRoot(srv.dbft.BlockIndex - 1)
require.NoError(t, err) require.NoError(t, err)
checkRequest(t, errInvalidTransactionsCount, &prepareRequest{stateRootEnabled: true,
prevHash: prevHash,
stateRoot: sr.Root,
transactionHashes: make([]util.Uint256, srv.ProtocolConfiguration.MaxTransactionsPerBlock+1),
})
checkRequest(t, nil, &prepareRequest{ checkRequest(t, nil, &prepareRequest{
stateRootEnabled: true, stateRootEnabled: true,
prevHash: prevHash, prevHash: prevHash,
@ -402,6 +409,16 @@ func TestVerifyBlock(t *testing.T) {
b.Index = srv.Chain.BlockHeight() b.Index = srv.Chain.BlockHeight()
require.False(t, srv.verifyBlock(&neoBlock{Block: *b})) require.False(t, srv.verifyBlock(&neoBlock{Block: *b}))
}) })
t.Run("bad big size", func(t *testing.T) {
script := make([]byte, int(srv.ProtocolConfiguration.MaxBlockSize))
script[0] = byte(opcode.RET)
tx := transaction.New(netmode.UnitTestNet, script, 100000)
tx.ValidUntilBlock = 1
addSender(t, tx)
signTx(t, srv.Chain, tx)
b := testchain.NewBlock(t, srv.Chain, 1, 0, tx)
require.False(t, srv.verifyBlock(&neoBlock{Block: *b}))
})
t.Run("bad timestamp", func(t *testing.T) { t.Run("bad timestamp", func(t *testing.T) {
b := testchain.NewBlock(t, srv.Chain, 1, 0) b := testchain.NewBlock(t, srv.Chain, 1, 0)
b.Timestamp = srv.lastTimestamp - 1 b.Timestamp = srv.lastTimestamp - 1
@ -416,6 +433,17 @@ func TestVerifyBlock(t *testing.T) {
b := testchain.NewBlock(t, srv.Chain, 1, 0, tx) b := testchain.NewBlock(t, srv.Chain, 1, 0, tx)
require.False(t, srv.verifyBlock(&neoBlock{Block: *b})) require.False(t, srv.verifyBlock(&neoBlock{Block: *b}))
}) })
t.Run("bad big sys fee", func(t *testing.T) {
txes := make([]*transaction.Transaction, 2)
for i := range txes {
txes[i] = transaction.New(netmode.UnitTestNet, []byte{byte(opcode.RET)}, srv.ProtocolConfiguration.MaxBlockSystemFee/2+1)
txes[i].ValidUntilBlock = 1
addSender(t, txes[i])
signTx(t, srv.Chain, txes[i])
}
b := testchain.NewBlock(t, srv.Chain, 1, 0, txes...)
require.False(t, srv.verifyBlock(&neoBlock{Block: *b}))
})
} }
func shouldReceive(t *testing.T, ch chan Payload) { func shouldReceive(t *testing.T, ch chan Payload) {
@ -447,6 +475,7 @@ func newTestServiceWithChain(t *testing.T, bc *core.Blockchain) *service {
Logger: zaptest.NewLogger(t), Logger: zaptest.NewLogger(t),
Broadcast: func(*npayload.Extensible) {}, Broadcast: func(*npayload.Extensible) {},
Chain: bc, Chain: bc,
ProtocolConfiguration: bc.GetConfig(),
RequestTx: func(...util.Uint256) {}, RequestTx: func(...util.Uint256) {},
TimePerBlock: time.Duration(bc.GetConfig().SecondsPerBlock) * time.Second, TimePerBlock: time.Duration(bc.GetConfig().SecondsPerBlock) * time.Second,
Wallet: &config.Wallet{ Wallet: &config.Wallet{

View file

@ -21,6 +21,12 @@ const (
// ErrMaxContentsPerBlock is returned when the maximum number of contents per block is reached. // ErrMaxContentsPerBlock is returned when the maximum number of contents per block is reached.
var ErrMaxContentsPerBlock = errors.New("the number of contents exceeds the maximum number of contents per block") var ErrMaxContentsPerBlock = errors.New("the number of contents exceeds the maximum number of contents per block")
var expectedHeaderSizeWithEmptyWitness int
func init() {
expectedHeaderSizeWithEmptyWitness = io.GetVarSize(new(Header))
}
// Block represents one block in the chain. // Block represents one block in the chain.
type Block struct { type Block struct {
// The base of the block. // The base of the block.
@ -211,3 +217,23 @@ func (b *Block) UnmarshalJSON(data []byte) error {
} }
return nil return nil
} }
// GetExpectedBlockSize returns expected block size which should be equal to io.GetVarSize(b)
func (b *Block) GetExpectedBlockSize() int {
var transactionsSize int
for _, tx := range b.Transactions {
transactionsSize += tx.Size()
}
return b.GetExpectedBlockSizeWithoutTransactions(len(b.Transactions)) + transactionsSize
}
// GetExpectedBlockSizeWithoutTransactions returns expected block size without transactions size.
func (b *Block) GetExpectedBlockSizeWithoutTransactions(txCount int) int {
size := expectedHeaderSizeWithEmptyWitness - 1 - 1 + // 1 is for the zero-length (new(Header)).Script.Invocation/Verification
io.GetVarSize(&b.Script) +
io.GetVarSize(txCount)
if b.StateRootEnabled {
size += util.Uint256Size
}
return size
}

View file

@ -13,6 +13,7 @@ import (
"github.com/nspcc-dev/neo-go/pkg/crypto/hash" "github.com/nspcc-dev/neo-go/pkg/crypto/hash"
"github.com/nspcc-dev/neo-go/pkg/encoding/address" "github.com/nspcc-dev/neo-go/pkg/encoding/address"
"github.com/nspcc-dev/neo-go/pkg/io" "github.com/nspcc-dev/neo-go/pkg/io"
"github.com/nspcc-dev/neo-go/pkg/util"
"github.com/nspcc-dev/neo-go/pkg/vm/opcode" "github.com/nspcc-dev/neo-go/pkg/vm/opcode"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
@ -234,3 +235,46 @@ func TestBlockEncodeDecode(t *testing.T) {
require.True(t, errors.Is(testserdes.DecodeBinary(data, new(Block)), ErrMaxContentsPerBlock)) require.True(t, errors.Is(testserdes.DecodeBinary(data, new(Block)), ErrMaxContentsPerBlock))
}) })
} }
func TestGetExpectedBlockSize(t *testing.T) {
check := func(t *testing.T, stateRootEnabled bool) {
t.Run("without transactions", func(t *testing.T) {
b := newDumbBlock()
b.StateRootEnabled = stateRootEnabled
b.Transactions = []*transaction.Transaction{}
require.Equal(t, io.GetVarSize(b), b.GetExpectedBlockSize())
require.Equal(t, io.GetVarSize(b), b.GetExpectedBlockSizeWithoutTransactions(0))
})
t.Run("with one transaction", func(t *testing.T) {
b := newDumbBlock()
b.StateRootEnabled = stateRootEnabled
expected := io.GetVarSize(b)
require.Equal(t, expected, b.GetExpectedBlockSize())
require.Equal(t, expected-b.Transactions[0].Size(), b.GetExpectedBlockSizeWithoutTransactions(len(b.Transactions)))
})
t.Run("with multiple transactions", func(t *testing.T) {
b := newDumbBlock()
b.StateRootEnabled = stateRootEnabled
b.Transactions = make([]*transaction.Transaction, 123)
for i := range b.Transactions {
tx := transaction.New(netmode.UnitTestNet, []byte{byte(opcode.RET)}, int64(i))
tx.Signers = []transaction.Signer{{Account: util.Uint160{1, 2, 3}}}
tx.Scripts = []transaction.Witness{{}}
b.Transactions[i] = tx
}
expected := io.GetVarSize(b)
require.Equal(t, expected, b.GetExpectedBlockSize())
for _, tx := range b.Transactions {
expected -= tx.Size()
}
require.Equal(t, expected, b.GetExpectedBlockSizeWithoutTransactions(len(b.Transactions)))
})
}
t.Run("StateRoot enabled", func(t *testing.T) {
check(t, true)
})
t.Run("StateRoot disabled", func(t *testing.T) {
check(t, false)
})
}

View file

@ -46,6 +46,8 @@ const (
defaultMemPoolSize = 50000 defaultMemPoolSize = 50000
defaultP2PNotaryRequestPayloadPoolSize = 1000 defaultP2PNotaryRequestPayloadPoolSize = 1000
defaultMaxBlockSize = 262144
defaultMaxBlockSystemFee = 900000000000
defaultMaxTraceableBlocks = 2102400 // 1 year of 15s blocks defaultMaxTraceableBlocks = 2102400 // 1 year of 15s blocks
defaultMaxTransactionsPerBlock = 512 defaultMaxTransactionsPerBlock = 512
verificationGasLimit = 100000000 // 1 GAS verificationGasLimit = 100000000 // 1 GAS
@ -134,6 +136,10 @@ type Blockchain struct {
extensible atomic.Value extensible atomic.Value
// defaultBlockWitness stores transaction.Witness with m out of n multisig,
// where n = ValidatorsCount.
defaultBlockWitness atomic.Value
stateRoot *stateroot.Module stateRoot *stateroot.Module
// Notification subsystem. // Notification subsystem.
@ -167,6 +173,14 @@ func NewBlockchain(s storage.Store, cfg config.ProtocolConfiguration, log *zap.L
cfg.P2PNotaryRequestPayloadPoolSize = defaultP2PNotaryRequestPayloadPoolSize cfg.P2PNotaryRequestPayloadPoolSize = defaultP2PNotaryRequestPayloadPoolSize
log.Info("P2PNotaryRequestPayloadPool size is not set or wrong, setting default value", zap.Int("P2PNotaryRequestPayloadPoolSize", cfg.P2PNotaryRequestPayloadPoolSize)) log.Info("P2PNotaryRequestPayloadPool size is not set or wrong, setting default value", zap.Int("P2PNotaryRequestPayloadPoolSize", cfg.P2PNotaryRequestPayloadPoolSize))
} }
if cfg.MaxBlockSize == 0 {
cfg.MaxBlockSize = defaultMaxBlockSize
log.Info("MaxBlockSize is not set or wrong, setting default value", zap.Uint32("MaxBlockSize", cfg.MaxBlockSize))
}
if cfg.MaxBlockSystemFee <= 0 {
cfg.MaxBlockSystemFee = defaultMaxBlockSystemFee
log.Info("MaxBlockSystemFee is not set or wrong, setting default value", zap.Int64("MaxBlockSystemFee", cfg.MaxBlockSystemFee))
}
if cfg.MaxTraceableBlocks == 0 { if cfg.MaxTraceableBlocks == 0 {
cfg.MaxTraceableBlocks = defaultMaxTraceableBlocks cfg.MaxTraceableBlocks = defaultMaxTraceableBlocks
log.Info("MaxTraceableBlocks is not set or wrong, using default value", zap.Uint32("MaxTraceableBlocks", cfg.MaxTraceableBlocks)) log.Info("MaxTraceableBlocks is not set or wrong, using default value", zap.Uint32("MaxTraceableBlocks", cfg.MaxTraceableBlocks))
@ -1339,6 +1353,31 @@ func (bc *Blockchain) ApplyPolicyToTxSet(txes []*transaction.Transaction) []*tra
if maxTx != 0 && len(txes) > int(maxTx) { if maxTx != 0 && len(txes) > int(maxTx) {
txes = txes[:maxTx] txes = txes[:maxTx]
} }
maxBlockSize := bc.GetConfig().MaxBlockSize
maxBlockSysFee := bc.GetConfig().MaxBlockSystemFee
defaultWitness := bc.defaultBlockWitness.Load()
if defaultWitness == nil {
m := smartcontract.GetDefaultHonestNodeCount(bc.config.ValidatorsCount)
verification, _ := smartcontract.CreateDefaultMultiSigRedeemScript(bc.contracts.NEO.GetNextBlockValidatorsInternal())
defaultWitness = transaction.Witness{
InvocationScript: make([]byte, 66*m),
VerificationScript: verification,
}
bc.defaultBlockWitness.Store(defaultWitness)
}
var (
b = &block.Block{Header: block.Header{Script: defaultWitness.(transaction.Witness)}}
blockSize = uint32(b.GetExpectedBlockSizeWithoutTransactions(len(txes)))
blockSysFee int64
)
for i, tx := range txes {
blockSize += uint32(tx.Size())
blockSysFee += tx.SystemFee
if blockSize > maxBlockSize || blockSysFee > maxBlockSysFee {
txes = txes[:i]
break
}
}
return txes return txes
} }

View file

@ -209,6 +209,7 @@ func newServerFromConstructors(config ServerConfig, chain blockchainer.Blockchai
Logger: log, Logger: log,
Broadcast: s.handleNewPayload, Broadcast: s.handleNewPayload,
Chain: chain, Chain: chain,
ProtocolConfiguration: chain.GetConfig(),
RequestTx: s.requestTx, RequestTx: s.requestTx,
Wallet: config.Wallet, Wallet: config.Wallet,