Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

generic verify_precompiles #3055

Merged
merged 4 commits into from
Oct 4, 2024
Merged

generic verify_precompiles #3055

merged 4 commits into from
Oct 4, 2024

Conversation

apfitzge
Copy link

@apfitzge apfitzge commented Oct 2, 2024
edited
Loading

Problem

  • verify_precompiles needs to have a generic counterpart so that new transaction type(s) can verify them

Summary of Changes

  • add solana_runtime::verify_precompiles::verify_precompiles fn
  • use the generic function in all places SanitizedTransaction::verify_precompiles was previously used
  • optimization to lazily collect instruction datas
  • basic tests of precompile success/failure

Fixes #

@mergify Mergify
Copy link

mergify bot commented Oct 2, 2024

If this PR represents a change to the public RPC API:

  1. Make sure it includes a complementary update to rpc-client/ (example)
  2. Open a follow-up PR to update the JavaScript client @solana/web3.js (example)

Thank you for keeping the RPC clients in sync with the server API @apfitzge.

apfitzge
apfitzge commented Oct 2, 2024
View reviewed changes
rpc/src/rpc.rs
@@ -2260,7 +2261,7 @@ fn verify_transaction(
let move_precompile_verification_to_svm =
feature_set.is_active(&feature_set::move_precompile_verification_to_svm::id());
if !move_precompile_verification_to_svm {
if let Err(e) = transaction.verify_precompiles(feature_set) {
if let Err(e) = verify_precompiles(transaction, feature_set) {
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

implementation change, no affect on the RPC interface.

apfitzge
apfitzge commented Oct 2, 2024
View reviewed changes
runtime/Cargo.toml
@@ -107,6 +107,7 @@ assert_matches = { workspace = true }
ed25519-dalek = { workspace = true }
libsecp256k1 = { workspace = true }
memoffset = { workspace = true }
rand0-7 = { package = "rand", version = "0.7" }
Copy link
Author

@apfitzge apfitzge Oct 2, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

need this to create the precompile instructions for testing.

logic was mainly copied from the individual precompile tests - if there's a better way without this old version would be happy to change & remove this

apfitzge
apfitzge commented Oct 2, 2024
View reviewed changes
runtime/src/verify_precompiles.rs
.get_or_insert_with(|| message.instructions_iter().map(|ix| ix.data).collect());
precompile
.verify(instruction.data, all_instruction_data, feature_set)
.map_err(|_| TransactionError::InvalidAccountIndex)?;
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

kept error type here consistent with what tx.verify_precompiles returns...but this does not seem like the correct variant to me.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah I think we should fix that up, no idea why that was chosen

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like the existing TransactionError::SignatureFailure is reasonable.

Do you feel that one is fine or should we add a new PrecompileFailure variant?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TransactionError::InstructionError also seems reasonable to me

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

InstructionError is probably best because invalid data offsets is not technically a signature error

@apfitzge apfitzge self-assigned this Oct 2, 2024
@apfitzge apfitzge marked this pull request as ready for review October 2, 2024 16:45
@apfitzge apfitzge requested a review from jstarry October 2, 2024 16:46
jstarry
jstarry reviewed Oct 3, 2024
View reviewed changes
runtime/src/verify_precompiles.rs Outdated
let precompiles = get_precompiles();
for (program_id, instruction) in message.program_instructions_iter() {
for precompile in precompiles {
if program_id == &precompile.program_id {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to check if the precompile is enabled by a feature gate first here. Otherwise a newly added precompile would break consensus

runtime/src/verify_precompiles.rs
.get_or_insert_with(|| message.instructions_iter().map(|ix| ix.data).collect());
precompile
.verify(instruction.data, all_instruction_data, feature_set)
.map_err(|_| TransactionError::InvalidAccountIndex)?;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah I think we should fix that up, no idea why that was chosen

@apfitzge apfitzge merged commit f38fe41 into anza-xyz:master Oct 4, 2024
49 checks passed
@apfitzge apfitzge deleted the svm_message_precompiles branch October 4, 2024 00:47
ray-kast pushed a commit to abklabs/agave that referenced this pull request Nov 27, 2024
@apfitzge @ray-kast
generic verify_precompiles (anza-xyz#3055)
95c6239
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jstarry jstarry jstarry approved these changes

Assignees

@apfitzge apfitzge

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@apfitzge @jstarry