Skip to content

core/txpool/blobpool: disallow legacy sidecar after osaka #32534

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Sep 10, 2025
Merged

core/txpool/blobpool: disallow legacy sidecar after osaka #32534

merged 4 commits into from
Sep 10, 2025

Conversation

@mask-pp
Copy link
Contributor

@mask-pp mask-pp commented Sep 2, 2025

This PR aims to avoid being attached by illegal blob txs.

@lightclient
Copy link
Member

lightclient commented Sep 2, 2025

I think this also isn't that great because it causes us to validate the transaction twice. Once here, then again during add(..).

@mask-pp
Copy link
Contributor Author

mask-pp commented Sep 3, 2025
edited
Loading

This also isn't that great because it causes us to validate the transaction twice. Once here, then again during add(..).

Yeah, It's that. If there is no check, the API can be easily attacked by sending illegal blob transactions.

@lightclient
Copy link
Member

lightclient commented Sep 3, 2025

@rjl493456442 how important do you think it is to convert sidecars in this codepath? It feels almost like it is better to not allow v0 sidecars after the fork. We can convert blobs that are sent to us via RPC and blobs already in our txpool, but maybe we just don't allow v0 to be propagated after the fork?

If it is important, we should probably merge this or something like it.

@lightclient lightclient self-assigned this Sep 4, 2025
@rjl493456442
Copy link
Member

rjl493456442 commented Sep 8, 2025

@lightclient I agree, we should prevent the blob txs with legacy sidecar been included after the Osaka.

I think both you and @mask-pp are correct. The sidecar conversion is extremely expensive and can take several seconds for a single transaction. This opens an attack vector, allowing an attacker to easily drain a machine's resources by sending specially crafted blob transactions to the victim node.

@cskiraly
Copy link
Contributor

cskiraly commented Sep 8, 2025

If we do upgrade on RPC and in the txpool, that should be enough, I think. I don't see the case where we need v0 to still circulate in the network after the fork.

@lightclient
Copy link
Member

lightclient commented Sep 9, 2025

We will resolve this issue by removing the conversion on the Add(..) path. I'll push this change here shortly.

@lightclient lightclient changed the title core/txpool/blobpool: validate the blob tx at first to avoid unnecessary conversion core/txpool/blobpool: disallow legacy sidecar after osaka Sep 10, 2025
@lightclient lightclient merged commit 5cc4436 into ethereum:master Sep 10, 2025
5 of 7 checks passed
@lightclient lightclient added this to the 1.16.4 milestone Sep 10, 2025
Sahil-4555 pushed a commit to Sahil-4555/go-ethereum that referenced this pull request Oct 12, 2025
@mask-pp @lightclient @Sahil-4555
core/txpool/blobpool: disallow legacy sidecar after osaka (ethereum#3…
42a11fe 
…2534)

This PR removes the conversion of legacy sidecars after Osaka and instead rejects them to the pool.

---------

Co-authored-by: lightclient <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lightclient lightclient lightclient approved these changes

@rjl493456442 rjl493456442 Awaiting requested review from rjl493456442 rjl493456442 is a code owner

Assignees

@lightclient lightclient

Labels

status:triage

Projects

None yet

Milestone

1.16.4

Development

Successfully merging this pull request may close these issues.

4 participants

@mask-pp @lightclient @rjl493456442 @cskiraly