Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sequence number increment should not fail #203

Merged
merged 1 commit into from
Jan 18, 2022
Merged

Sequence number increment should not fail #203

merged 1 commit into from
Jan 18, 2022

Conversation

lxfind
Copy link
Contributor

@lxfind lxfind commented Jan 18, 2022

If we allow sequence number increment to fail, this could create two problems:

  1. We could be violating the invariant where some mutable objects must be written in the temporary store after an order execution.
  2. We could be prone to DDos attack (by keep using the MAX sequence number gas object)

We should assume it cannot overflow.
To enforce this, we could consider freeze the object when its sequence number reaches MAX.

@oxade
Copy link
Contributor

oxade commented Jan 18, 2022

Agree, increment failing will have bad side effects. I like the direction this is going.
++
This is more of a brainstorm:
I think this freezing at overflow is a worthwhile solution.
However can you think of any scenario where this could be catastrophic for user?
Also if an object freezes mid-transaction due to overflow, how do we properly surface this?
Since we have some level of determinism, can we predict that a transaction might cause an object to freeze, and provide some kind of warning early on?

sblackshear
sblackshear approved these changes Jan 18, 2022
View reviewed changes
Copy link
Collaborator

@sblackshear sblackshear left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, happy to see these unwraps go away.

We could be prone to DDos attack (by keep using the MAX sequence number gas object)

Another thing we could consider is rejecting a tx with any object inputs whose sequence number is MAX. I think we can do this very early on, basically at the same time we check the balance of the gas object today.

@oxade
Copy link
Contributor

oxade commented Jan 18, 2022

Nice, happy to see these unwraps go away.

We could be prone to DDos attack (by keep using the MAX sequence number gas object)

Another thing we could consider is rejecting a tx with any object inputs whose sequence number is MAX. I think we can do this very early on, basically at the same time we check the balance of the gas object today.

Right. Very simple but sufficient solution for now.

@lxfind lxfind merged commit e119c22 into MystenLabs:main Jan 18, 2022
@lxfind lxfind mentioned this pull request Jan 18, 2022
Closed
@kchalkias
Copy link
Collaborator

kchalkias commented Apr 21, 2022
edited
Loading

Another thing we could consider is rejecting a tx with any object inputs whose sequence number is MAX. I think we can do this very early on, basically at the same time we check the balance of the gas object today.

Also agree with @sblackshear, that's the easiest fail-fast workaround.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sblackshear sblackshear sblackshear approved these changes

@oxade oxade oxade approved these changes

@huitseeker huitseeker Awaiting requested review from huitseeker

@gdanezis gdanezis Awaiting requested review from gdanezis

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@lxfind @oxade @kchalkias @sblackshear