Synchronously check all transactions to have non-zero length
#573
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As part of `newPayload` block hash verification, the `transactionsRoot` is computed by the EL. Because Merkle-Patricia Tries cannot contain `[]` entries, MPT implementations typically treat setting a key to `[]` as deleting the entry for the key. This means that if a CL receives a block with `transactions` containing one or more zero-length transactions, that such transactions will effectively be skipped when computing the `transactionsRoot`. Note that `transactions` are opaque to the CL and zero-length transactions are not filtered out before `newPayload`. ```python # https://eips.ethereum.org/EIPS/eip-2718 def compute_trie_root_from_indexed_data(data): """ Computes the root hash of `patriciaTrie(rlp(Index) => Data)` for a data array. """ t = HexaryTrie(db={}) for i, obj in enumerate(data): k = encode(i, big_endian_int) t.set(k, obj) # Implicitly skipped if `obj == b''` (invalid RLP) return t.root_hash ``` In any case, the `blockHash` validation may still succeed, resulting in a potential `SYNCING/ACCEPTED` result to `newPayload` by spec. Note, however, that there is an effective hash collision if a payload is modified by appending one or more zero-length transactions to the end of `transactions` list: In the trivial case, a block with zero transactions has the same `transactionsRoot` (and `blockHash`) as one of a block with one `[]` transaction (as that one is skipped). This means that the same `blockHash` can refer to a valid block (without extra `[]` transactions added), but also can refer to an invalid block. Because `forkchoiceUpdated` refers to blocks by `blockHash`, outcome may be nondeterministic and implementation dependent. If `forkchoiceUpdated` deems the `blockHash` to refer to a `VALID` object (obtained from a src that does not have the extra `[]` transactions, e.g., devp2p), then this could result in honest attestations to a CL beacon block with invalid `[]` transactions in its `ExecutionPayload`, risking finalizing it. The problem can be avoided by returning `INVALID` in `newPayload` if there are any zero-length `transactions` entries, preventing optimistic import of such blocks by the CL.
g11tech
reviewed
Aug 14, 2024
| * `{status: INVALID_BLOCK_HASH, latestValidHash: null, validationError: errorMessage | null}` if the `blockHash` validation has failed | ||
| * `{status: INVALID, latestValidHash: 0x0000000000000000000000000000000000000000000000000000000000000000, validationError: errorMessage | null}` if terminal block conditions are not satisfied | ||
| * `{status: SYNCING, latestValidHash: null, validationError: null}` if requisite data for the payload's acceptance or validation is missing | ||
| * with the payload status obtained from the [Payload validation](#payload-validation) process if the payload has been fully validated while processing the call | ||
| * `{status: ACCEPTED, latestValidHash: null, validationError: null}` if the following conditions are met: | ||
| - all `transactions` have non-zero length |
There was a problem hiding this comment.
or we can change it to: all transactions de-serialize to valid transactions
There was a problem hiding this comment.
while that would also cover the non-zero case, it's not strictly needed in newPayload and could be reported in forkchoiceUpdated as well. So far, the synchronous errors seem to cover the absolute minimum to ensure security, as in, to link the EL data with the blockHash.
There was a problem hiding this comment.
agree though that it should at least be possible to return an INVALID if transactions fail to deserialize (even if not required)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As part of
newPayloadblock hash verification, thetransactionsRootis computed by the EL. Because Merkle-Patricia Tries cannot contain[]entries, MPT implementations typically treat setting a key to[]as deleting the entry for the key. This means that if a CL receives a block withtransactionscontaining one or more zero-length transactions, that such transactions will effectively be skipped when computing thetransactionsRoot. Note thattransactionsare opaque to the CL and zero-length transactions are not filtered out beforenewPayload.In any case, the
blockHashvalidation may still succeed, resulting in a potentialSYNCING/ACCEPTEDresult tonewPayloadby spec.Note, however, that there is an effective hash collision if a payload is modified by appending one or more zero-length transactions to the end of
transactionslist: In the trivial case, a block with zero transactions has the sametransactionsRoot(andblockHash) as one of a block with one[]transaction (as that one is skipped).This means that the same
blockHashcan refer to a valid block (without extra[]transactions added), but also can refer to an invalid block. BecauseforkchoiceUpdatedrefers to blocks byblockHash, outcome may be nondeterministic and implementation dependent. IfforkchoiceUpdateddeems theblockHashto refer to aVALIDobject (obtained from a src that does not have the extra[]transactions, e.g., devp2p), then this could result in honest attestations to a CL beacon block with invalid[]transactions in itsExecutionPayload, risking finalizing it.The problem can be avoided by returning
INVALIDinnewPayloadif there are any zero-lengthtransactionsentries, preventing optimistic import of such blocks by the CL.