MASP fee payment #3393
Merged
MASP fee payment #3393
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Closed
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3393 +/- ##
==========================================
- Coverage 53.92% 53.50% -0.42%
==========================================
Files 317 317
Lines 107575 108596 +1021
==========================================
+ Hits 58011 58108 +97
- Misses 49564 50488 +924 ☔ View full report in Codecov by Sentry. |
grarco
force-pushed
the
grarco/masp-fee-payment
branch
from
b467bcd
to
fb0df69
Compare
batconjurer
requested changes
Jun 14, 2024
| @@ -1130,7 +1135,7 @@ pub mod testing { | |||
| let tx_data = match masp_tx_type { | |||
| MaspTxType::Shielded => { | |||
| tx.add_code_from_hash(code_hash, Some(TX_SHIELDED_TRANSFER_WASM.to_owned())); | |||
| let data = ShieldedTransfer { section_hash: shielded_section_hash }; | |||
| let data = ShieldedTransfer { fee_unshield: transfers.0.first().map(|transfer| UnshieldingTransferData { target: transfer.target.to_owned(), token: transfer.token.to_owned(), amount: transfer.amount }), section_hash: shielded_section_hash }; | |||
There was a problem hiding this comment.
how the hell did this get past cargo fmt?
| .unwrap_or_default(); | ||
| let total_fee = checked!(fee_amount.amount() * u64::from(args.gas_limit))?; | ||
|
|
||
| Ok(match total_fee.checked_sub(balance) { |
There was a problem hiding this comment.
nit: I think it's clearer to check total_fee > balance and then calculate the diff afterwards
| ) | ||
| .expect("Change is guaranteed to be non-negative"); | ||
| changes = changes | ||
| .map(|prev| prev + change_amt.clone()) |
There was a problem hiding this comment.
curious that unchecked arithmetic is ok here
There was a problem hiding this comment.
we don't have the strict clippy checks in the sdk :/ - ideally, we shouldn't be implementing any logic here
There was a problem hiding this comment.
imho we should move the sdk masp mod into the shielded_token crate
There was a problem hiding this comment.
It's actually checked if I recall correctly
I agree but can we do that in a separate PR that does only that? |
cwgoes
reviewed
Jun 17, 2024
This was referenced Jun 18, 2024
cwgoes
reviewed
Jun 24, 2024
|
What's the status of this PR? Is it rdy for review and just waiting for some? |
brentstone
added a commit
that referenced
this pull request
Jun 28, 2024
* grarco/masp-fee-payment: Removes fallback logic when failed fee payment Renames misleading gas limit variable Removes useless write-log commit in fee payment Fixes typo Fixes masp amounts conversion Fixes broken docs Reuses token transfer Fixes typo Panics in fee payment if balance read fails Changelog #3393 Adds missing gas spending key arg to ibc tx Masp fee payment for shielded actions Fixes masp tx generation and integration tests Updates shielded wasm code to handle fee unshielding Removes unused denominate function Adds support for masp fee payment in sdk Refactors the write log api Different gas cost for storage deletes Removes write log precommit and leverages the batch log Adds integration tests for masp fee payment Refactors batch execution in case of masp fee payment Skips the execution of the first inner tx when masp fee payment Renames fee payment gas limit parameter Returns `BatchedTxResult` from masp fee payment `check_fees` drop the storage changes in case of failure `check_fees` checks masp fee payment Reworks masp fee payment to correctly handle errors. Misc refactors Passes the correct tx index to masp fee payment check Introduces masp fee payment
2 tasks
brentstone
added a commit
that referenced
this pull request
Jul 4, 2024
* origin/grarco/masp-fee-payment: Removes fallback logic when failed fee payment Renames misleading gas limit variable Removes useless write-log commit in fee payment Fixes typo Fixes masp amounts conversion Fixes broken docs Reuses token transfer Fixes typo Panics in fee payment if balance read fails Changelog #3393 Adds missing gas spending key arg to ibc tx Masp fee payment for shielded actions Fixes masp tx generation and integration tests Updates shielded wasm code to handle fee unshielding Removes unused denominate function Adds support for masp fee payment in sdk Refactors the write log api Different gas cost for storage deletes Removes write log precommit and leverages the batch log Adds integration tests for masp fee payment Refactors batch execution in case of masp fee payment Skips the execution of the first inner tx when masp fee payment Renames fee payment gas limit parameter Returns `BatchedTxResult` from masp fee payment `check_fees` drop the storage changes in case of failure `check_fees` checks masp fee payment Reworks masp fee payment to correctly handle errors. Misc refactors Passes the correct tx index to masp fee payment check Introduces masp fee payment
brentstone
added a commit
that referenced
this pull request
Jul 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Describe your changes
Closes #2597.
Introduces fee payment via the MASP. If a transaction can pay fees via a transparent transfer from the wrapper signer's balance than the protocol proceeds like that. Otherwise, we look to see if the first transaction of the batch is a masp transfer and after its changes the transparent fee payment is possible (i.e. we check that the tx unshields enough funds to the fee payer).
Masp fee payment in the SDK is supported for the transactions for which it makes sense: shielded, unshielding and ibc transactions (when shielded action and only on the source chain, where the initial unshield happens).
To limit the DOS changes of an attacker, if masp fee payment is required than we set a custom gas limit (protocol param) to avoid attackers reducing the tps by requesting large gas limit: if fees are successfully paid we bring back the original gas limit set but the user.
Modification have been done to the way we construct masp transaction to account for multiple sources/targets which is required for fee shielded fee payment. Also, to pay fees, the SDK tries to collect the funds in this order:
There are a few of things that could be improved but are not part of this PR (since I thought it's already quite large). I'm going to open issues for these:
disposable-gas-payeris still aTxarg but we should instead pull it out of there and move it to the args of the specific transactions for which the SDK supports masp fee paymentChangestype used when constructing masp transactions could probably be aU128Suminstead of aI128SumArgMultiOptarg which we are currently lackingIndicate on which release or other PRs this topic is based on
#3356 (diffs for review: https://github.com/anoma/namada/pull/3393/files/1e98403560a297f56f38ff67397a4bb9182068aa..e1b5857845bafa1be9f4ee4500b5544b56bf926f)
Checklist before merging to
draft