Skip to content

eth, cmd: add RollupNetrestrictTxPoolGossipFlag and RollupTxPoolTrustedPeersOnlyFlag #706

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 14 commits into
base: optimism
Choose a base branch
from
Open

eth, cmd: add RollupNetrestrictTxPoolGossipFlag and RollupTxPoolTrustedPeersOnlyFlag #706

wants to merge 14 commits into from

Conversation

@nonsense
Copy link
Contributor

@nonsense nonsense commented Oct 24, 2025
edited
Loading

This PR is:

1 . Adding a rollup.netrestricttxpoolgossip string flag, so that the node gossips and accepts gossips of transactions only to a restricted set, if one is specified.
2. Adding a rollup.txpooltrustedpeersonly bool flag, so that the node gossips and accepts gossips of transactions only to and from its trusted peers.

If none of the flags is specified, no peers are filtered, i.e. gossiping works for all peers.

  • Introduces the RollupNetrestrictTxPoolGossipFlag flag
  • Introduces the RollupTxPoolTrustedPeersOnlyFlag flag
  • Modifies TxPool(peer) in Backend to return an actual transaction pool or nil transaction pool, depending if filtering is enabled with a given flag.
  • TxPool(peer) also returns if the peer is allowed for gossiping (used for short-circuiting incoming messages, so that they get dropped)

Related: ethereum-optimism/optimism#17751

Fixes: #717

op-devstack test: ethereum-optimism/optimism#18072

@pcw109550
Copy link
Contributor

pcw109550 commented Oct 27, 2025

We may update the forkdiff(https://github.com/ethereum-optimism/op-geth/blob/optimism/fork.yaml) to track the geth diff.

@nonsense nonsense force-pushed the nonsense/netrestrict-txpool-gossip branch from e06f64a to e3042c2 Compare October 27, 2025 12:29
pcw109550
pcw109550 reviewed Oct 27, 2025
View reviewed changes
Copy link
Contributor

@pcw109550 pcw109550 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This only takes care of outbound connections. To truly restrict tx gossiping, we must also prohibit inbound connections from disallowed peers. In other words, external peers' transactions must not be gossiped in to the node.

We may need to explore other control flows that may create outbound connections for tx gossiping.

@pcw109550
Copy link
Contributor

pcw109550 commented Oct 27, 2025

Worth to mention that the new flag will be the same information restriction level with GETH_ROLLUP_DISABLETXPOOLGOSSIP, which restricts inbound AND outbound (for the gossip)

@nonsense nonsense force-pushed the nonsense/netrestrict-txpool-gossip branch 2 times, most recently from edf0d1e to 2e01ede Compare October 27, 2025 16:51
@pcw109550 pcw109550 mentioned this pull request Oct 28, 2025
Merged
@pcw109550
Copy link
Contributor

pcw109550 commented Oct 28, 2025

I have written the PoC code based on this, at #713, using txpool to not manually short circuit tx gossiping.

@nonsense
Copy link
Contributor Author

nonsense commented Oct 28, 2025

Thanks @pcw109550 , returning a Nil or real transaction pool per peer is a nicer and more succinct solution!

@nonsense nonsense force-pushed the nonsense/netrestrict-txpool-gossip branch from 0ca4903 to 09c3616 Compare October 28, 2025 17:28
@nonsense nonsense marked this pull request as ready for review October 28, 2025 17:29
@nonsense nonsense requested a review from a team as a code owner October 28, 2025 17:29
@nonsense nonsense mentioned this pull request Oct 29, 2025
Draft
@nonsense
Copy link
Contributor Author

nonsense commented Oct 30, 2025
edited
Loading

Change-set here is pretty trivial, but we nevertheless validated it with a test at ethereum-optimism/optimism#18072 . Adding an acceptance test on op-geth side is a bit more elaborate, and I am not sure if it is worth the effort to increase the diff for this functionality. I see we didn't add one for NilPool.

I added a unit test for TxGossipNetRestrict.

sebastianst
sebastianst reviewed Oct 30, 2025
View reviewed changes
@sebastianst
Copy link
Member

sebastianst commented Oct 30, 2025

And as discussed in Slack, we also want to restrict receiving & accepting incoming tx gossip. @nonsense

@nonsense nonsense marked this pull request as draft October 30, 2025 18:05
@nonsense nonsense force-pushed the nonsense/netrestrict-txpool-gossip branch 3 times, most recently from a71fe51 to b87d4c4 Compare October 31, 2025 13:16
@nonsense nonsense marked this pull request as ready for review October 31, 2025 13:18
@nonsense nonsense force-pushed the nonsense/netrestrict-txpool-gossip branch 2 times, most recently from b87d4c4 to 0e113cf Compare October 31, 2025 13:56
@nonsense nonsense mentioned this pull request Nov 4, 2025
Open
@nonsense nonsense force-pushed the nonsense/netrestrict-txpool-gossip branch from efe2aa7 to 66ef6ac Compare November 5, 2025 17:56
@nonsense nonsense changed the title eth, cmd: add RollupNetrestrictTxPoolGossipFlag eth, cmd: add RollupNetrestrictTxPoolGossipFlag and RollupTxPoolTrustedPeersOnlyFlag Nov 5, 2025
pcw109550
pcw109550 reviewed Nov 6, 2025
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sebastianst sebastianst sebastianst left review comments

@pcw109550 pcw109550 pcw109550 left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add flag to limit tx mempool only to trusted peers

4 participants

@nonsense @pcw109550 @sebastianst