evmrpc: gate historical debug trace calls

[codchen]

Summary

• Add one non-negative EVM RPC config, disable_historical_debug_trace_block_age.
  • 0 leaves historical debug_trace* calls enabled.
  • >0 disables debug_trace* calls whose target block is older than that many blocks behind latest.
• Count historical debug_trace* attempts with an endpoint/connection-labelled OTel counter when the configured age threshold is active.
• Early-return historical debug_trace* calls once the configured block-age threshold is exceeded.

Tests

• go test ./evmrpc/config
• go test ./evmrpc -run 'Test(IsHistoricalDebugTraceBlock|GuardHistoricalDebugTraceHeight)$'
• go test ./evmrpc -run 'TestTrace(Transaction|Call|BlockByNumberLookbackLimit|BlockByNumberUnlimitedLookback)$'
• git diff --check

[cursor]

PR Summary

Medium Risk
Changes default-off RPC behavior for expensive debug_trace* workloads; operators enabling a positive age may break clients that rely on deep historical traces.

Overview
Adds disable_historical_debug_trace_block_age to EVM RPC config (default 0 = no restriction). When set to a positive value, debug_trace* requests whose target block is more than N blocks behind the chain tip are rejected before trace work runs, with a clear error naming the method and heights.

Guards resolve the block from tx hash, block number/hash, or debug_traceCall block spec (including latest/safe/finalized), then compare against latest height. Blocked attempts increment evmrpc_historical_debug_trace_attempts_total (endpoint + connection labels). Config loading rejects invalid/negative values; unit tests cover classification and guard behavior.

Not gated: sei_traceBlock*ExcludeTraceFail and other non-debug_trace* paths in this diff.

^{Reviewed by Cursor Bugbot for commit 28c8bbf. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

The latest Buf updates on your PR. Results from workflow Buf / buf (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	✅ passed	✅ passed	✅ passed	May 28, 2026, 1:36 PM

[codecov]

Codecov Report

❌ Patch coverage is 66.99029% with 34 lines in your changes missing coverage. Please review.
✅ Project coverage is 58.21%. Comparing base (1b322f0) to head (28c8bbf).

Files with missing lines	Patch %	Lines
evmrpc/tracers.go	64.04%	22 Missing and 10 partials ⚠️
evmrpc/trace_profile.go	0.00%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3515      +/-   ##
==========================================
- Coverage   59.04%   58.21%   -0.83%     
==========================================
  Files        2199     2129      -70     
  Lines      182096   174001    -8095     
==========================================
- Hits       107510   101295    -6215     
+ Misses      64935    63708    -1227     
+ Partials     9651     8998     -653     

Flag	Coverage Δ
sei-chain-pr	67.06% <66.99%> (?)
sei-db	70.41% <ø> (ø)
sei-db-state-db	?

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
evmrpc/config/config.go	71.66% <100.00%> (+1.23%)	⬆️
evmrpc/metrics.go	96.49% <100.00%> (+0.49%)	⬆️
evmrpc/trace_profile.go	68.60% <0.00%> (-1.64%)	⬇️
evmrpc/tracers.go	68.72% <64.04%> (-3.19%)	⬇️

... and 70 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[masih]

Thinking out loud: Do we want to apply the limit to sei_traceBlockByHashExcludeTraceFail and sei_traceBlockByNumberExcludeTraceFail too? I would just to have consistent behaviour even though I think we disabled those endpoints by default. The edge case I am thinking of is incase someone has them enabled. If we do decide to do this then I would drop the debug_ from config names and call it something like max_trace_lookback with docs explaining where it applies etc. etc.

[masih]

Instead of "Age" would it be clearer to use the term "lookback"?

Because the former usually caries a notion of time, whereas the config here is simply a counter of relative offset from latest height.

[masih]

When we use the term "historical" do we refer to an explicit system component with the same name? I think not. I think that "historical" is the lingo we used internally to talk about this subject; right?

If that's right, then my suggestion is to remove the term "historical" entirely from config and variable names. What we really mean here is a lookback limit. We can then get rid of the dual flag of one boolean and one int "lookback amount", in favour of a single config, named something like max_debug_trace_lookback. Zero means ignored. Positive value means limit is applied to whatever is configured.

That simplifies things operationally speaking.

[cursor]

Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 28c8bbf. Configure here.}

[cursor]

Guards perform unnecessary lookups when feature is disabled

Medium Severity

The guardHistoricalDebugTraceByTxHash, guardHistoricalDebugTraceByNumber, guardHistoricalDebugTraceByHash, and guardHistoricalDebugTraceByNumberOrHash functions unconditionally perform expensive lookups (GetReceipt, BlockByHash, tmClient.Genesis()) before reaching guardHistoricalDebugTraceHeight, which is the first place disableHistoricalDebugTraceBlockAge is checked. Since the default config is 0 (feature disabled), every debug_trace* call incurs unnecessary store reads or RPCs. Worse, resolveDebugTraceBlockNumber with EarliestBlockNumber calls Genesis(), and if that RPC fails, the error propagates even though the guard is a no-op — a regression for debug_traceBlockByNumber("earliest"). Each intermediate guard function needs an early if api.disableHistoricalDebugTraceBlockAge <= 0 { return nil } check.

Additional Locations (2)

• evmrpc/tracers.go#L106-L113
• evmrpc/tracers.go#L114-L124

 

^{Reviewed by Cursor Bugbot for commit 28c8bbf. Configure here.}