Create AnteDecorator to reject rendundant relayer messages #224
Comments
|
Great idea! How would you know if a tx is redundant? |
|
At a high level, the goal is that it checks whether the incoming commit is for a packet that has already been processed by IBC (e.g., channel/sequencenumber). The details may be more challenging. This should avoid anyone spoofing that they already addressed a packet. It should be about the actual IBC connection state. |
|
This would be a great addition |
|
One thing to note is that this would reject the entire tx. Imagine if a relayer is trying to relay packets with sequence: Packet Sequence Here the relayer trying to submit the tx, would have the entire tx rejected. They wouldn't pay fees, but they would lose out on being able to submit packet 4. In the time it takes for them to resubmit packet |
|
This sounds like a valuable addition. I don't understand all the details of what a rejected tx looks like, so could we go into some details there? Specifically, it would be good to have a well-defined Err::Code to represent the notion of rejected. Also, is it possible to return (e.g., as part of the response data or log) the seq nr. or identifiers of the rejected transactions? |
I think we saw this at the osmosis launch |
Oh that's interesting. Specifically, if a transaction submits 2 packets and one is rejected, is the txn failed? That would make competitive relayers push for one packet per txn regardless of this fix. That's compatible with this proposal. It also sounds like we should further consider quick, low-gas skip of packets that are redundant in txns that are actually processed, without failing the txn. |
Yup I considered that. Though that would be a breaking change, since a transaction that used to fail will now pass. If the above can get solved soon, just having a successful low-gas skip is the best option. |
This has already been implemented by @colin-axner . However, this currently gets returned on DeliverTx instead of CheckTx so relayers still pay fees on the failed tx. https://github.com/cosmos/ibc-go/blob/main/modules/core/04-channel/keeper/packet.go#L253 https://github.com/cosmos/ibc-go/blob/main/modules/core/04-channel/keeper/packet.go#L483 |
|
I believe given that currently there isn't a way to refund unused fee on successful txs, we should just reject redundant packets. This will cause the entire tx to fail, and relayers are advised to not have multiple Once fees are refunded, we can remove this antedecorator (both adding and removing are non-breaking changes), and turn the behaviour into a successful no-op (this is a breaking change). |
|
After discussing with relayer teams, supporting multiple receive packets in a single transaction is a priority. To support this, we will only reject a transaction if ALL receive packets are redundant. If a single transaction is not redundant, then the entire transaction will go through and the relayer pays the entire fee. A profit-optimizing relayer will still want to send a single packet per tx. However, relayers that send multiple packets per tx can still have their new packets committed on the first attempt. NOTE: This will be a breaking change. |
|
closed via #235 |
Use commit from PR cosmos#6855 to enable --unsafe-cors early
By creating an antedecorator that rejects redundant relayer messages, we can prevent relayers from wasting fees on trying to relay packets that have been relayed by another relayer.
This antedecorator can be chained to the app's Antehandler.
This is a non-breaking change.
cc: @dtribble
The text was updated successfully, but these errors were encountered: