fix: Improve cast
performance on macos - Only load root TLS certificates with HTTPs rpc-url
#6350
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi, this is my first contribution to foundry so hello everyone 👋 ! The explanation for this simple fix is pretty long, so please bear with me 😅 , because performance is greatly increased.
I was looking at issue #6204 and noticed the profiler logs that @DaniPopes provided:
#6204 (comment)
rustls_native_certs::load_native_certs
will load the root TLS certificates of the system in order to use them when making HTTPs requests. This happens when we build our HTTP request provider forethers_providers
usingreqwest
inside theRuntimeClient
(and coincidentally, where my fix is made).rustls_native_certs::load_native_certs
is subsequently called inside thereqwest
client builder (source) iftls_built_in_root_certs
is set to true.However,
rustls_native_certs::load_native_certs
is a pretty expensive function:Source
I believe (and please correct me if I'm wrong, this is just a guess), that this part slows down
cast bn
and other rpc based commands on MacOS and not on Linux because of how MacOS stores the certificates in the Keychain module. Maybe loading the certificates from this module is more complex than how other systems handle loading certificates. Or maybe therustls_native_certs
crate is not optimised for this architecture. I could research this more but it seems out of scope for this issue.Motivation
Performance improvement
closes #6204
Solution
The fix is really simple and should not compromise anything. It simply tells the
reqwest
client builder to not load TLS certificates if the jsonrpc node url ishttp
and nothttps
(most common use case, when using a local node) by settingtls_built_in_root_certs
to false. This increases performance significantly for local cast requests (~9 times faster).Keep in mind this doesn't only improve the performance of
cast bn
, but should improve the performance for allcast
commands that use thereqwest
client. Also, the performane for HTTPs requests stays the same, and is NOT improved.Another solution which should also increase performance for HTTPs requests would be to only load the TLS certificate for the URL of the node we will be talking to, but this is more complex (not sure if even possible without loading all the certificates).
Benchmarks
Environment: M1 Macbook Pro - Sonoma 14.0
cast 0.2.0 (3e12d88 2023-11-17T00:33:21.466278000Z)
tls_built_in_root_certs
false with http - this PR