Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance System Robustness with Improved Validations and Configuration Management #2284

Closed
Psykepro opened this issue Jul 14, 2023 · 1 comment · Fixed by #2298
Closed

Enhance System Robustness with Improved Validations and Configuration Management #2284

Psykepro opened this issue Jul 14, 2023 · 1 comment · Fixed by #2298
Assignees
@Psykepro
Labels
bug Something isn't working config pool rpc sequencer
Milestone
v0.4.0

Comments

@Psykepro
Copy link
Contributor

Psykepro commented Jul 14, 2023
edited
Loading

Overview:

We need to enhance the robustness of our system by including more stringent validations. Our current framework does not have a mechanism to authenticate X-Forwarded-For headers or manage an overload of transactions that surpass our zkCounter limitations.

Recommended Changes:

  1. Verify IP in the Transaction Pool:

    • Introduce a function within the tryToAddTxToPool method to authenticate IP addresses retrieved from the X-Forwarded-For header.

  2. Verify IP in the Worker:

    • Confirm IP addresses in the Worker.AddTxTracker prior to appending them to the efficiency list. This acts as a secondary check against invalid or suspicious IP addresses.

  3. Refinement of ZKCounters and Shared Configuration:

    • Restructure the BatchConstraints and BatchResourceWeights config parameters into a mutual BatchConfig structure. This structure will be employed by the JSON-RPC to confirm that the resources consumed by a transaction do not exceed the prescribed limits. If a transaction surpasses these limitations, it will be bypassed and not included in the transaction pool. In the same vein, the Sequencer will skip such transactions and not add them to the Worker's efficiencyList.

Objective:

Implementing these changes will contribute to the fortification of our services by safeguarding against potential system overloads and ensuring steady operations. These steps will help prevent undue resource consumption and ensure the maintenance of data consistency.
@Psykepro Psykepro self-assigned this Jul 14, 2023
@Psykepro Psykepro added bug Something isn't working sequencer rpc pool labels Jul 14, 2023
@Psykepro Psykepro added this to the v0.2.0 milestone Jul 14, 2023
@Psykepro
Copy link
Contributor Author

Psykepro commented Jul 14, 2023
edited
Loading

.

@Psykepro Psykepro mentioned this issue Jul 14, 2023
Merged
@Psykepro Psykepro modified the milestones: v0.2.0, v0.3.0 Jul 14, 2023
This was referenced Jul 17, 2023
Open
Merged
@Psykepro Psykepro changed the title Fixing security Issues reported in ASF-315 Enhance System Robustness with Improved Validations and Configuration Management Aug 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Psykepro Psykepro

Labels
bug Something isn't working config pool rpc sequencer
Projects
None yet
Milestone
v0.4.0
Development

Successfully merging a pull request may close this issue.

Add IP and ZKCounter Validation, Refactor Batch Configs 0xPolygonHermez/zkevm-node
1 participant
@Psykepro