MASP fee payment #3393
MASP fee payment #3393
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3393 +/- ##
==========================================
- Coverage 53.92% 53.50% -0.42%
==========================================
Files 317 317
Lines 107575 108596 +1021
==========================================
+ Hits 58011 58108 +97
- Misses 49564 50488 +924 ☔ View full report in Codecov by Sentry. |
grarco
force-pushed
the
grarco/masp-fee-payment
branch
from
b467bcd to
fb0df69
Compare
batconjurer
left a comment
batconjurer
left a comment
There was a problem hiding this comment.
The masp.rs file in the sdk crate is too damn large. Can we split out all tx building functionality (of which there is now a lot) into a separate file?
| MaspTxType::Shielded => { | ||
| tx.add_code_from_hash(code_hash, Some(TX_SHIELDED_TRANSFER_WASM.to_owned())); | ||
| let data = ShieldedTransfer { section_hash: shielded_section_hash }; | ||
| let data = ShieldedTransfer { fee_unshield: transfers.0.first().map(|transfer| UnshieldingTransferData { target: transfer.target.to_owned(), token: transfer.token.to_owned(), amount: transfer.amount }), section_hash: shielded_section_hash }; |
There was a problem hiding this comment.
how the hell did this get past cargo fmt?
| .unwrap_or_default(); | ||
| let total_fee = checked!(fee_amount.amount() * u64::from(args.gas_limit))?; | ||
|
|
||
| Ok(match total_fee.checked_sub(balance) { |
There was a problem hiding this comment.
nit: I think it's clearer to check total_fee > balance and then calculate the diff afterwards
| ) | ||
| .expect("Change is guaranteed to be non-negative"); | ||
| changes = changes | ||
| .map(|prev| prev + change_amt.clone()) |
There was a problem hiding this comment.
curious that unchecked arithmetic is ok here
There was a problem hiding this comment.
we don't have the strict clippy checks in the sdk :/ - ideally, we shouldn't be implementing any logic here
There was a problem hiding this comment.
imho we should move the sdk masp mod into the shielded_token crate
There was a problem hiding this comment.
It's actually checked if I recall correctly
I agree but can we do that in a separate PR that does only that? |
grarco
added
the
breaking:consensus
cwgoes
left a comment
cwgoes
left a comment
There was a problem hiding this comment.
Re-reviewed the core changes.
|
What's the status of this PR? Is it rdy for review and just waiting for some? |
* grarco/masp-fee-payment: Removes fallback logic when failed fee payment Renames misleading gas limit variable Removes useless write-log commit in fee payment Fixes typo Fixes masp amounts conversion Fixes broken docs Reuses token transfer Fixes typo Panics in fee payment if balance read fails Changelog #3393 Adds missing gas spending key arg to ibc tx Masp fee payment for shielded actions Fixes masp tx generation and integration tests Updates shielded wasm code to handle fee unshielding Removes unused denominate function Adds support for masp fee payment in sdk Refactors the write log api Different gas cost for storage deletes Removes write log precommit and leverages the batch log Adds integration tests for masp fee payment Refactors batch execution in case of masp fee payment Skips the execution of the first inner tx when masp fee payment Renames fee payment gas limit parameter Returns `BatchedTxResult` from masp fee payment `check_fees` drop the storage changes in case of failure `check_fees` checks masp fee payment Reworks masp fee payment to correctly handle errors. Misc refactors Passes the correct tx index to masp fee payment check Introduces masp fee payment
* origin/grarco/masp-fee-payment: Removes fallback logic when failed fee payment Renames misleading gas limit variable Removes useless write-log commit in fee payment Fixes typo Fixes masp amounts conversion Fixes broken docs Reuses token transfer Fixes typo Panics in fee payment if balance read fails Changelog #3393 Adds missing gas spending key arg to ibc tx Masp fee payment for shielded actions Fixes masp tx generation and integration tests Updates shielded wasm code to handle fee unshielding Removes unused denominate function Adds support for masp fee payment in sdk Refactors the write log api Different gas cost for storage deletes Removes write log precommit and leverages the batch log Adds integration tests for masp fee payment Refactors batch execution in case of masp fee payment Skips the execution of the first inner tx when masp fee payment Renames fee payment gas limit parameter Returns `BatchedTxResult` from masp fee payment `check_fees` drop the storage changes in case of failure `check_fees` checks masp fee payment Reworks masp fee payment to correctly handle errors. Misc refactors Passes the correct tx index to masp fee payment check Introduces masp fee payment
Describe your changes
Closes #2597.
Introduces fee payment via the MASP. If a transaction can pay fees via a transparent transfer from the wrapper signer's balance than the protocol proceeds like that. Otherwise, we look to see if the first transaction of the batch is a masp transfer and after its changes the transparent fee payment is possible (i.e. we check that the tx unshields enough funds to the fee payer).
Masp fee payment in the SDK is supported for the transactions for which it makes sense: shielded, unshielding and ibc transactions (when shielded action and only on the source chain, where the initial unshield happens).
To limit the DOS changes of an attacker, if masp fee payment is required than we set a custom gas limit (protocol param) to avoid attackers reducing the tps by requesting large gas limit: if fees are successfully paid we bring back the original gas limit set but the user.
Modification have been done to the way we construct masp transaction to account for multiple sources/targets which is required for fee shielded fee payment. Also, to pay fees, the SDK tries to collect the funds in this order:
There are a few of things that could be improved but are not part of this PR (since I thought it's already quite large). I'm going to open issues for these:
disposable-gas-payeris still aTxarg but we should instead pull it out of there and move it to the args of the specific transactions for which the SDK supports masp fee paymentChangestype used when constructing masp transactions could probably be aU128Suminstead of aI128SumArgMultiOptarg which we are currently lackingIndicate on which release or other PRs this topic is based on
#3356 (diffs for review: https://github.com/anoma/namada/pull/3393/files/1e98403560a297f56f38ff67397a4bb9182068aa..e1b5857845bafa1be9f4ee4500b5544b56bf926f)
Checklist before merging to
draft