bobanetwork · boyuan-chen · Nov 22, 2024 · Oct 31, 2024 · Oct 31, 2024 · Oct 29, 2024
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -4,6 +4,11 @@ orbs:
   gcp-cli: circleci/[email protected]
   slack: circleci/[email protected]
 
+parameters:
+  go_version:
+    type: string
+    default: 1.22.7 # update CI Go version here
+
 commands:
   gcp-oidc-authenticate:
     description: "Authenticate with GCP using a CircleCI OIDC token."
@@ -134,7 +139,7 @@ jobs:
 
   build-geth:
     docker:
-      - image: cimg/go:1.21
+      - image: cimg/go:<<pipeline.parameters.go_version>>
     resource_class: xlarge
     steps:
       - checkout
@@ -143,30 +148,30 @@ jobs:
   unit-test:
     resource_class: xlarge
     docker:
-      - image: cimg/go:1.21
+      - image: cimg/go:<<pipeline.parameters.go_version>>
     steps:
       - checkout
       - run:
           command: go run build/ci.go test
   lint-geth:
     resource_class: medium
     docker:
-      - image: cimg/go:1.21
+      - image: cimg/go:<<pipeline.parameters.go_version>>
     steps:
       - checkout
       - run:
           command: go run build/ci.go lint
   tidy-geth:
     resource_class: small
     docker:
-      - image: cimg/go:1.21
+      - image: cimg/go:<<pipeline.parameters.go_version>>
     steps:
       - checkout
       - run:
           command: go mod tidy && git diff --exit-code
   check-releases:
     docker:
-      - image: cimg/go:1.21
+      - image: cimg/go:<<pipeline.parameters.go_version>>
     steps:
       - checkout
       - run:

diff --git a/cmd/geth/main.go b/cmd/geth/main.go
@@ -159,6 +159,8 @@ var (
 		utils.RollupSequencerTxConditionalCostRateLimitFlag,
 		utils.RollupHistoricalRPCFlag,
 		utils.RollupHistoricalRPCTimeoutFlag,
+		utils.RollupInteropRPCFlag,
+		utils.RollupInteropMempoolFilteringFlag,
 		utils.RollupDisableTxPoolGossipFlag,
 		utils.RollupComputePendingBlock,
 		utils.RollupHaltOnIncompatibleProtocolVersionFlag,

diff --git a/cmd/utils/flags.go b/cmd/utils/flags.go
@@ -939,6 +939,18 @@ var (
 		Category: flags.RollupCategory,
 	}
 
+	RollupInteropRPCFlag = &cli.StringFlag{
+		Name:     "rollup.interoprpc",
+		Usage:    "RPC endpoint for interop message verification (experimental).",
+		Category: flags.RollupCategory,
+	}
+
+	RollupInteropMempoolFilteringFlag = &cli.BoolFlag{
+		Name:     "rollup.interopmempoolfiltering",
+		Usage:    "If using interop, transactions are checked for interop validity before being added to the mempool (experimental).",
+		Category: flags.RollupCategory,
+	}
+
 	RollupDisableTxPoolGossipFlag = &cli.BoolFlag{
 		Name:     "rollup.disabletxpoolgossip",
 		Usage:    "Disable transaction pool gossip.",
@@ -1941,6 +1953,12 @@ func SetEthConfig(ctx *cli.Context, stack *node.Node, cfg *ethconfig.Config) {
 	if ctx.IsSet(RollupHistoricalRPCTimeoutFlag.Name) {
 		cfg.RollupHistoricalRPCTimeout = ctx.Duration(RollupHistoricalRPCTimeoutFlag.Name)
 	}
+	if ctx.IsSet(RollupInteropRPCFlag.Name) {
+		cfg.InteropMessageRPC = ctx.String(RollupInteropRPCFlag.Name)
+	}
+	if ctx.IsSet(RollupInteropMempoolFilteringFlag.Name) {
+		cfg.InteropMempoolFiltering = ctx.Bool(RollupInteropMempoolFilteringFlag.Name)
+	}
 	cfg.RollupDisableTxPoolGossip = ctx.Bool(RollupDisableTxPoolGossipFlag.Name)
 	cfg.RollupDisableTxPoolAdmission = cfg.RollupSequencerHTTP != "" && !ctx.Bool(RollupEnableTxPoolAdmissionFlag.Name)
 	cfg.RollupHaltOnIncompatibleProtocolVersion = ctx.String(RollupHaltOnIncompatibleProtocolVersionFlag.Name)

diff --git a/core/error.go b/core/error.go
@@ -84,6 +84,10 @@ var (
 	// current network configuration.
 	ErrTxTypeNotSupported = types.ErrTxTypeNotSupported
 
+	// ErrTxFilteredOut indicates an ingress filter has rejected the transaction from
+	// being included in the pool.
+	ErrTxFilteredOut = errors.New("transaction filtered out")
+
 	// ErrTipAboveFeeCap is a sanity error to ensure no one is able to specify a
 	// transaction with a tip higher than the total fee cap.
 	ErrTipAboveFeeCap = errors.New("max priority fee per gas higher than max fee per gas")

diff --git a/core/state_processor.go b/core/state_processor.go
@@ -210,10 +210,21 @@ func MakeReceipt(evm *vm.EVM, result *ExecutionResult, statedb *state.StateDB, b
 // for the transaction, gas used and an error if the transaction failed,
 // indicating the block was invalid.
 func ApplyTransaction(config *params.ChainConfig, bc ChainContext, author *common.Address, gp *GasPool, statedb *state.StateDB, header *types.Header, tx *types.Transaction, usedGas *uint64, cfg vm.Config) (*types.Receipt, error) {
+	return ApplyTransactionExtended(config, bc, author, gp, statedb, header, tx, usedGas, cfg, nil)
+}
+
+type ApplyTransactionOpts struct {
+	PostValidation func(evm *vm.EVM, result *ExecutionResult) error
+}
+
+func ApplyTransactionExtended(config *params.ChainConfig, bc ChainContext, author *common.Address, gp *GasPool, statedb *state.StateDB, header *types.Header, tx *types.Transaction, usedGas *uint64, cfg vm.Config, extraOpts *ApplyTransactionOpts) (*types.Receipt, error) {
 	msg, err := TransactionToMessage(tx, types.MakeSigner(config, header.Number, header.Time), header.BaseFee)
 	if err != nil {
 		return nil, err
 	}
+	if extraOpts != nil {
+		msg.PostValidation = extraOpts.PostValidation
+	}
 	// Create a new context to be used in the EVM environment
 	blockContext := NewEVMBlockContext(header, bc, author, config, statedb)
 	txContext := NewEVMTxContext(msg)

diff --git a/core/state_transition.go b/core/state_transition.go
@@ -154,6 +154,8 @@ type Message struct {
 	IsDepositTx    bool                 // IsDepositTx indicates the message is force-included and can persist a mint.
 	Mint           *big.Int             // Mint is the amount to mint before EVM processing, or nil if there is no minting.
 	RollupCostData types.RollupCostData // RollupCostData caches data to compute the fee we charge for data availability
+
+	PostValidation func(evm *vm.EVM, result *ExecutionResult) error
 }
 
 // TransactionToMessage converts a transaction into a Message.
@@ -447,6 +449,13 @@ func (st *StateTransition) TransitionDb() (*ExecutionResult, error) {
 		}
 		err = nil
 	}
+
+	if st.msg.PostValidation != nil {
+		if err := st.msg.PostValidation(st.evm, result); err != nil {
+			return nil, err
+		}
+	}
+
 	return result, err
 }
 

diff --git a/core/txpool/ingress_filters.go b/core/txpool/ingress_filters.go
@@ -0,0 +1,57 @@
+package txpool
+
+import (
+	"context"
+	"time"
+
+	"github.com/ethereum/go-ethereum/core/types"
+	"github.com/ethereum/go-ethereum/core/types/interoptypes"
+	"github.com/ethereum/go-ethereum/log"
+)
+
+// IngressFilter is an interface that allows filtering of transactions before they are added to the transaction pool.
+// Implementations of this interface can be used to filter transactions based on various criteria.
+// FilterTx will return true if the transaction should be allowed, and false if it should be rejected.
+type IngressFilter interface {
+	FilterTx(ctx context.Context, tx *types.Transaction) bool
+}
+
+type interopFilter struct {
+	logsFn  func(tx *types.Transaction) ([]*types.Log, error)
+	checkFn func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error
+}
+
+func NewInteropFilter(
+	logsFn func(tx *types.Transaction) ([]*types.Log, error),
+	checkFn func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error) IngressFilter {
+	return &interopFilter{
+		logsFn:  logsFn,
+		checkFn: checkFn,
+	}
+}
+
+// FilterTx implements IngressFilter.FilterTx
+// it gets logs checks for message safety based on the function provided
+func (f *interopFilter) FilterTx(ctx context.Context, tx *types.Transaction) bool {
+	logs, err := f.logsFn(tx)
+	if err != nil {
+		log.Debug("Failed to retrieve logs of tx", "txHash", tx.Hash(), "err", err)
+		return false // default to deny if logs cannot be retrieved
+	}
+	if len(logs) == 0 {
+		return true // default to allow if there are no logs
+	}
+	ems, err := interoptypes.ExecutingMessagesFromLogs(logs)
+	if err != nil {
+		log.Debug("Failed to parse executing messages of tx", "txHash", tx.Hash(), "err", err)
+		return false // default to deny if logs cannot be parsed
+	}
+	if len(ems) == 0 {
+		return true // default to allow if there are no executing messages
+	}
+
+	ctx, cancel := context.WithTimeout(ctx, time.Second*2)
+	defer cancel()
+	// check with the supervisor if the transaction should be allowed given the executing messages
+	return f.checkFn(ctx, ems, interoptypes.Unsafe) == nil
+}
diff --git a/core/txpool/ingress_filters_test.go b/core/txpool/ingress_filters_test.go
@@ -0,0 +1,188 @@
+package txpool
+
+import (
+	"context"
+	"errors"
+	"math/big"
+	"net"
+	"testing"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/core/types"
+	"github.com/ethereum/go-ethereum/core/types/interoptypes"
+	"github.com/ethereum/go-ethereum/params"
+	"github.com/stretchr/testify/require"
+)
+
+func TestInteropFilter(t *testing.T) {
+	// some placeholder transaction to test with
+	tx := types.NewTx(&types.DynamicFeeTx{
+		ChainID: big.NewInt(1),
+		Nonce:   1,
+		To:      &common.Address{},
+		Value:   big.NewInt(1),
+		Data:    []byte{},
+	})
+	t.Run("Tx has no logs", func(t *testing.T) {
+		logFn := func(tx *types.Transaction) ([]*types.Log, error) {
+			return []*types.Log{}, nil
+		}
+		checkFn := func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error {
+			// make this return error, but it won't be called because logs are empty
+			return errors.New("error")
+		}
+		// when there are no logs to process, the transaction should be allowed
+		filter := NewInteropFilter(logFn, checkFn)
+		require.True(t, filter.FilterTx(context.Background(), tx))
+	})
+	t.Run("Tx errored when getting logs", func(t *testing.T) {
+		logFn := func(tx *types.Transaction) ([]*types.Log, error) {
+			return []*types.Log{}, errors.New("error")
+		}
+		checkFn := func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error {
+			// make this return error, but it won't be called because logs retrieval errored
+			return errors.New("error")
+		}
+		// when log retrieval errors, the transaction should be denied
+		filter := NewInteropFilter(logFn, checkFn)
+		require.False(t, filter.FilterTx(context.Background(), tx))
+	})
+	t.Run("Tx has no executing messages", func(t *testing.T) {
+		logFn := func(tx *types.Transaction) ([]*types.Log, error) {
+			l1 := &types.Log{
+				Topics: []common.Hash{common.BytesToHash([]byte("topic1"))},
+			}
+			return []*types.Log{l1}, nil
+		}
+		checkFn := func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error {
+			// make this return error, but it won't be called because logs retrieval doesn't have executing messages
+			return errors.New("error")
+		}
+		// when no executing messages are included, the transaction should be allowed
+		filter := NewInteropFilter(logFn, checkFn)
+		require.True(t, filter.FilterTx(context.Background(), tx))
+	})
+	t.Run("Tx has valid executing message", func(t *testing.T) {
+		// build a basic executing message
+		// the executing message must pass basic decode validation,
+		// but the validity check is done by the checkFn
+		l1 := &types.Log{
+			Address: params.InteropCrossL2InboxAddress,
+			Topics: []common.Hash{
+				common.BytesToHash(interoptypes.ExecutingMessageEventTopic[:]),
+				common.BytesToHash([]byte("payloadHash")),
+			},
+			Data: []byte{},
+		}
+		// using all 0s for data allows all takeZeros to pass
+		for i := 0; i < 32*5; i++ {
+			l1.Data = append(l1.Data, 0)
+		}
+		logFn := func(tx *types.Transaction) ([]*types.Log, error) {
+			return []*types.Log{l1}, nil
+		}
+		var spyEMs []interoptypes.Message
+		checkFn := func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error {
+			spyEMs = ems
+			return nil
+		}
+		// when there is one executing message, the transaction should be allowed
+		// if the checkFn returns nil
+		filter := NewInteropFilter(logFn, checkFn)
+		require.True(t, filter.FilterTx(context.Background(), tx))
+		// confirm that one executing message was passed to the checkFn
+		require.Equal(t, 1, len(spyEMs))
+	})
+	t.Run("Tx has invalid executing message", func(t *testing.T) {
+		// build a basic executing message
+		// the executing message must pass basic decode validation,
+		// but the validity check is done by the checkFn
+		l1 := &types.Log{
+			Address: params.InteropCrossL2InboxAddress,
+			Topics: []common.Hash{
+				common.BytesToHash(interoptypes.ExecutingMessageEventTopic[:]),
+				common.BytesToHash([]byte("payloadHash")),
+			},
+			Data: []byte{},
+		}
+		// using all 0s for data allows all takeZeros to pass
+		for i := 0; i < 32*5; i++ {
+			l1.Data = append(l1.Data, 0)
+		}
+		logFn := func(tx *types.Transaction) ([]*types.Log, error) {
+			return []*types.Log{l1}, nil
+		}
+		var spyEMs []interoptypes.Message
+		checkFn := func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error {
+			spyEMs = ems
+			return errors.New("error")
+		}
+		// when there is one executing message, and the checkFn returns an error,
+		// (ie the supervisor rejects the transaction) the transaction should be denied
+		filter := NewInteropFilter(logFn, checkFn)
+		require.False(t, filter.FilterTx(context.Background(), tx))
+		// confirm that one executing message was passed to the checkFn
+		require.Equal(t, 1, len(spyEMs))
+	})
+}
+
+func TestInteropFilterRPCFailures(t *testing.T) {
+	tests := []struct {
+		name        string
+		networkErr  bool
+		timeout     bool
+		invalidResp bool
+	}{
+		{
+			name:       "Network Error",
+			networkErr: true,
+		},
+		{
+			name:    "Timeout",
+			timeout: true,
+		},
+		{
+			name:        "Invalid Response",
+			invalidResp: true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Create mock log function that always returns our test log
+			logFn := func(tx *types.Transaction) ([]*types.Log, error) {
+				log := &types.Log{
+					Address: params.InteropCrossL2InboxAddress,
+					Topics: []common.Hash{
+						common.BytesToHash(interoptypes.ExecutingMessageEventTopic[:]),
+						common.BytesToHash([]byte("payloadHash")),
+					},
+					Data: make([]byte, 32*5),
+				}
+				return []*types.Log{log}, nil
+			}
+
+			// Create mock check function that simulates RPC failures
+			checkFn := func(ctx context.Context, ems []interoptypes.Message, safety interoptypes.SafetyLevel) error {
+				if tt.networkErr {
+					return &net.OpError{Op: "dial", Err: errors.New("connection refused")}
+				}
+
+				if tt.timeout {
+					return context.DeadlineExceeded
+				}
+
+				if tt.invalidResp {
+					return errors.New("invalid response format")
+				}
+
+				return nil
+			}
+
+			// Create and test filter
+			filter := NewInteropFilter(logFn, checkFn)
+			result := filter.FilterTx(context.Background(), &types.Transaction{})
+			require.Equal(t, false, result, "FilterTx result mismatch")
+		})
+	}
+}