You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sometimes dapps and scripted clients will send transactions using a payer account that does not have enough FLOW balance to pay for the transaction fee. In these cases, the tx will not succeed and nodes on the network spend resources handling the tx.
Now that Access nodes have data about account balances, they can be configured to screen for these tx and return a useful error to the client about why their tx is rejected.
There are limitations to how well this would protect the network from an actual malicious actor, but there is still some value protecting from the more common unintentional spam.
Proposed Solution
Add a check to the transaction validation done during SendTransaction, that ensures the payer has sufficient balance to pay for the transaction.
Access nodes currently validate a transaction here:
Add a new check that calls GetAccount on a execution.ScriptExecutor resource for the transaction's payer. If the available balance is below some constant, the validation fails.
Note:
the execution.ScriptExecutor should be configured in "local only" mode. We do not want scripts to failover to an execution nodes
If the lookup fails, we should fail open and allow the transaction
we can cache the balance lookups where balances are over some threshold. this will be important since payers are often wallets, so the majority of submitted tx will have payers with relatively larger balances.
We do not need this to test, but if this goes into GA use, we will want to create a new method in FVM that an Access node could use to query an account's balance without querying for all fields (keys, contracts, sequence number, etc).
Definition of Done
Access nodes can enable a feature to validate the transaction payers have sufficient balance to submit the tx
There are unit and integration tests covering the new behavior
The text was updated successfully, but these errors were encountered:
Problem Definition
See #5683 for details.
Sometimes dapps and scripted clients will send transactions using a payer account that does not have enough FLOW balance to pay for the transaction fee. In these cases, the tx will not succeed and nodes on the network spend resources handling the tx.
Now that Access nodes have data about account balances, they can be configured to screen for these tx and return a useful error to the client about why their tx is rejected.
There are limitations to how well this would protect the network from an actual malicious actor, but there is still some value protecting from the more common unintentional spam.
Proposed Solution
Add a check to the transaction validation done during
SendTransaction
, that ensures the payer has sufficient balance to pay for the transaction.Access nodes currently validate a transaction here:
flow-go/engine/access/rpc/backend/backend_transactions.go
Line 59 in 6f0e33a
which calls this method:
flow-go/access/validator.go
Line 112 in c4fe1c6
Add a new check that calls
GetAccount
on aexecution.ScriptExecutor
resource for the transaction's payer. If the available balance is below some constant, the validation fails.Note:
execution.ScriptExecutor
should be configured in "local only" mode. We do not want scripts to failover to an execution nodesWe do not need this to test, but if this goes into GA use, we will want to create a new method in FVM that an Access node could use to query an account's balance without querying for all fields (keys, contracts, sequence number, etc).
Definition of Done
The text was updated successfully, but these errors were encountered: