You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, TxPool doesn't have any mechanism to prevent its spamming with transactions. The attacker can submit a lot of transactions that require running of heavy predicates and block the node's TxPool from broadcasting transactions.
It is okay if the TxPool is filled with valid transactions. But the problem is that they could be invalid, and it is a waste of resources.
The predicate verification should be random to prevent cases where the transaction has 255 predicates, and the last predicate returns false.
We need to validate the existence of the inputs on-chain before executing predicates.
We need to track the reputation of input owners and decrease it based on the consumed gas. If the transaction is successfully included in the block, then we can refund the gas back. It basically will blacklist malicious inputs. We also need to have some mechanism that, with time, will increase the reputation of this owner, giving them a second chance.
All these techniques also will decrease the load for the network since we will not broadcast invalid transactions.
The text was updated successfully, but these errors were encountered:
Currently, TxPool doesn't have any mechanism to prevent its spamming with transactions. The attacker can submit a lot of transactions that require running of heavy predicates and block the node's TxPool from broadcasting transactions.
It is okay if the TxPool is filled with valid transactions. But the problem is that they could be invalid, and it is a waste of resources.
The predicate verification should be random to prevent cases where the transaction has 255 predicates, and the last predicate returns false.
We need to validate the existence of the inputs on-chain before executing predicates.
We need to track the reputation of input owners and decrease it based on the consumed gas. If the transaction is successfully included in the block, then we can refund the gas back. It basically will blacklist malicious inputs. We also need to have some mechanism that, with time, will increase the reputation of this owner, giving them a second chance.
All these techniques also will decrease the load for the network since we will not broadcast invalid transactions.
The text was updated successfully, but these errors were encountered: