Limit the size and age of the ZIP-401 rejected transaction ID list #2932
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
teor2345
added
C-enhancement
teor2345
reviewed
Oct 22, 2021
3 tasks
Co-authored-by: teor <teor@riseup.net>
…limit-age-rejected-list
teor2345
reviewed
Oct 24, 2021
There was a problem hiding this comment.
Nice catch that we might need to remove multiple entries in insert()!
I think we might need to prune_old() in len() to meet our DoS performance goals.
(I didn't realise this until you fixed len().)
I also think we need to limit the length of ordered_entries, even if its entries haven't expired.
Co-authored-by: teor <teor@riseup.net>
…limit-age-rejected-list
…limit-age-rejected-list
…limit-age-rejected-list
Done |
3 tasks
Co-authored-by: teor <teor@riseup.net>
teor2345
approved these changes
Oct 27, 2021
dconnolly
reviewed
Oct 27, 2021
dconnolly
reviewed
Oct 27, 2021
dconnolly
reviewed
Oct 27, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
ZIP-401 specifies that the list of TXIDs must have a maximum size and entries older than a specified threshold must be removed.
Specifications
https://zips.z.cash/zip-0401#specification
Designs
Some of the design was discussed in #2759
Solution
EvictedListthat encapsulates both behavioursEvictedListfor both rejected and expired transactionsStoragedesign, and seems harmless (expired transactions will also have a timeout)I tried creating a generic
OrderedMapdata structure, thatEvictedListwould use, in order to organize the code. However I noticed it would be more work since it's tricky to handle/document the behavior that removing a item from the list might not really remove a item from the list (when a value was refreshed and an stale entry is left behind). So I left the entire logic insideEvictedList(where the removal methods are not exposed).Closes #2759
Closes #2958
Review
Anyone can review. @teor2345 discussed the design.
This may require adjustments after #2889 so it may be better to wait for that to be merged first.
Reviewer Checklist
EvictListfor the expired transaction, or should changeStorageso that only rejected list uses it?Follow Up Work