Conversation
…eth_simulateV1 (#1) * re-enable eth_simulateV1 with fixes * add ctx cancel errors on some rpc functions * use private runner for kurtosis e2e tests * bump golang and golangci-lint
…system txs (#3) * internal/ethapi, consensus/bor: only bypass rpc gas cap for internal system txs * internal/ethapi: update comments
v2.7.2 candidate
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Claude Code Review
This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.
Tip: disable this comment in your organization's Code Review settings.
manav2401
added
the
do not squash and merge
|
There was a problem hiding this comment.
Pull request overview
Backmerge of v2.7.2 changes into develop, including consensus finalization error propagation, stricter Bor state-sync validation, and RPC-level protections/behavior updates (simulate v1, gas cap bypass, cancellation handling).
Changes:
- Update consensus
Engine.Finalizeto return([]*types.Receipt, error)and propagate failures through state processors and engines. - Strengthen Bor state-sync handling post-Madhugiri with clearer error separation (
ErrStateSyncProcessingvsErrStateSyncMismatch) and new tests. - Re-enable/extend
eth_simulateV1on Bor with call-count limits and a cross-block gas budget; tighten RPC gas-cap bypass to internal-consensus calls only; add context-cancellation checks for log scans/replay.
Reviewed changes
Copilot reviewed 21 out of 23 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/bor/bor_test.go | Adjust expected error for invalid state-sync tx in block body. |
| params/version.go | Bump patch version to 2.7.2. |
| internal/ethapi/simulate_test.go | Initialize simulator with new gas budget in tests. |
| internal/ethapi/simulate.go | Add call-count caps, cross-block gas budget, and return maxUsedGas in simulate results. |
| internal/ethapi/bor_api_test.go | Add tests for context cancellation during log scans and for RPC gas-cap bypass rules. |
| internal/ethapi/bor_api.go | Introduce WithBorInternalCall context marker; make GetLogs/GetLatestLogs respect cancellation. |
| internal/ethapi/api_test.go | Unskip/enable simulate tests; add cancellation test for AccountAt; update simulator wiring. |
| internal/ethapi/api.go | Restrict RPC gas-cap bypass to internal consensus calls; re-enable SimulateV1 with limits and gas budgeting; add cancellation checks in AccountAt. |
| ethclient/ethclient_test.go | Unskip simulate-v1 integration tests. |
| eth/tracers/data.csv | Minor data adjustment/line normalization. |
| core/state_processor.go | Handle errors returned from consensus finalization; refine state-sync mismatch error. |
| core/parallel_state_processor.go | Same as above for parallel processor. |
| core/error.go | Split Bor state-sync errors into processing vs mismatch categories. |
| consensus/consensus.go | Update Engine interface Finalize signature to include error. |
| consensus/ethash/consensus.go | Adapt ethash finalization to new signature and propagate errors. |
| consensus/clique/clique.go | Adapt clique finalization to new signature and propagate errors. |
| consensus/beacon/consensus.go | Adapt beacon finalization to new signature and propagate errors. |
| consensus/bor/heimdall/span/spanner.go | Mark internal consensus contract calls to bypass RPC gas cap safely. |
| consensus/bor/contract/client.go | Mark internal consensus contract calls to bypass RPC gas cap safely. |
| consensus/bor/bor.go | Make Bor finalization return errors; validate state-sync tx presence/hash post-Madhugiri. |
| consensus/bor/bor_test.go | Update Bor finalize tests for new error-returning behavior; add state-sync mismatch/processing coverage. |
| cmd/keeper/go.sum | Dependency checksum updates. |
| Makefile | Update golangci-lint install version. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // Enforce the cross-block gas budget. | ||
| if err := sim.budget.consume(result.UsedGas); err != nil { |
There was a problem hiding this comment.
The cross-block gas budget is consumed using result.UsedGas, which is after refunds (see core.ExecutionResult.MaxUsedGas comment). This allows a simulation to perform high-cost execution and reclaim part of it via refunds while only decrementing the budget by the discounted amount, weakening the DoS protection. Consider consuming result.MaxUsedGas instead (and keep GasUsed/header gas accounting on UsedGas for receipt correctness).
| // Enforce the cross-block gas budget. | |
| if err := sim.budget.consume(result.UsedGas); err != nil { | |
| // Enforce the cross-block gas budget using pre-refund gas to avoid | |
| // undercharging simulations that reclaim part of the execution cost. | |
| if err := sim.budget.consume(result.MaxUsedGas); err != nil { |
| remaining := gp.Gas() | ||
| if call.Gas == nil { | ||
| remaining := blockContext.GasLimit - *gasUsed | ||
| call.Gas = (*hexutil.Uint64)(&remaining) | ||
| } | ||
| if *gasUsed+uint64(*call.Gas) > blockContext.GasLimit { | ||
| return &blockGasLimitReachedError{fmt.Sprintf("block gas limit reached: %d >= %d", gasUsed, blockContext.GasLimit)} | ||
| } | ||
| if err := call.CallDefaults(sim.gp.Gas(), header.BaseFee, sim.chainConfig.ChainID); err != nil { | ||
| return err | ||
| if remaining < uint64(*call.Gas) { | ||
| return false, &blockGasLimitReachedError{fmt.Sprintf("block gas limit reached: remaining: %d, required: %d", remaining, *call.Gas)} | ||
| } | ||
| return nil | ||
| // Clamp to the cross-block gas budget. | ||
| gas := sim.budget.cap(uint64(*call.Gas)) | ||
| gasCapped := gas < uint64(*call.Gas) | ||
| call.Gas = (*hexutil.Uint64)(&gas) |
There was a problem hiding this comment.
sanitizeCall checks remaining < *call.Gas before applying the RPC/global gas cap via sim.budget.cap(...). If a caller supplies a very large gas value that would be capped down below the block's remaining gas, this currently errors with block gas limit reached instead of proceeding with the capped value. Apply the budget clamp first (or clamp to min(requested, remaining, budgetRemaining)) and then validate against the per-block remaining gas.
Code reviewNo issues found. Checked for bugs and CLAUDE.md compliance. |
No description provided.