-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Default Prepare/Process proposal to always ACCEPT #13810
Comments
Just some thoughts:
The are two reasons why we execute the AnteHandler flow during
You can write your own
Why? This should be punishable behavior. Why are you inserting invalid txs into proposals? However, is there is a strong desire from app devs to not run the AnteHandler flow during |
My suggestion for As far as Also, definitely always appreciate you all hearing out my suggestions. We understand we are just one user of Cosmos SDK, and our needs my not be reflective of the rest of the community. Still, I figure it's worth voicing my feedback so you have the most information possible to decide what works best for you and the SDK. |
How is it de-risking? The current behavior is correct (we synced with the TM team on this).
Note sure what you mean? What problem exists? IIRC, we only REJECT when we cannot decode the tx blob.
Recall, you define the AnteHandler and you're also aware of the execution context. So you can do whatever you want in that chain. |
That's true. I did not consider that initially. I think this effectively solves the problem as we can skip the entire AnteHandler chain during |
Summary
As described in #13453 (comment), an alternate default implementation for PrepareProposal is to ACCEPT all transactions returned from the mempool without any validity checking. Similarly ProcessProposal could do zero validation and return ACCEPT as well.
Problem Definition
The current behavior executes
runTx
inrunTxModeCheck
during 3 separate ABCI lifecycle methods (CheckTx, PrepareProposal, and ProcessProposal) which may be overly conservative. Note that validity here means "the full antehandler chain ran without error." Transaction messages are not executed.Perhaps this conservative behavior is too restrictive for chains who may want to include invalid transactions which they've inserted into their mempool. The current implementation supports overriding ProcessProposal behavior but not Prepare.
Proposal
One or more of these items may fulfill this issue:
Regardless of which direction we take please take care to not lose test coverage. The current implementation provides both prepare and process proposal with a branched state store from the last commit. This is exercised in our tests and should continue to be even if we default to a no-op, stateless prepare/process proposal.
The text was updated successfully, but these errors were encountered: