Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarify gossip limits #4045

Merged
merged 16 commits into from
Jan 9, 2025
Merged

Clarify gossip limits #4045

Changes from 1 commit
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
85eff0c
Clarify gossip limits
arnetheduck Dec 12, 2024
022bb22
Use single constant for gossip/req/resp, clarify encoded sizes
arnetheduck Dec 17, 2024
44ab11d
doctoc
arnetheduck Dec 17, 2024
eff02a1
Merge branch 'dev' into max-gossip-limit
arnetheduck Dec 17, 2024
305f30e
Bump circleci's cached venv key
jtraglia Dec 17, 2024
702722f
Bump circleci's cached repo key
jtraglia Dec 17, 2024
b1205ef
Revert "Bump circleci's cached venv key"
jtraglia Dec 17, 2024
46f1dde
Revert "Bump circleci's cached repo key"
jtraglia Dec 17, 2024
cb4ed99
Fix linting errors for new functions
jtraglia Dec 17, 2024
d41b7bd
Bump venv cache key again
jtraglia Dec 17, 2024
44cecd2
fix bellatrix constant too
arnetheduck Jan 7, 2025
f6aef82
Merge branch 'max-gossip-limit' of github.com:status-im/eth2.0-specs …
arnetheduck Jan 7, 2025
454bd57
Update config files & fix some nits
jtraglia Jan 8, 2025
5127929
Try to polish new paragraphs a bit
jtraglia Jan 8, 2025
e8eb367
Fix two more small nits
jtraglia Jan 8, 2025
d867b84
Add back remark about compression bombs
jtraglia Jan 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 17 additions & 3 deletions specs/phase0/p2p-interface.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -268,12 +268,22 @@ This defines both the type of data being sent on the topic and how the data fiel
- `Encoding` - the encoding strategy describes a specific representation of bytes that will be transmitted over the wire.
See the [Encodings](#Encodings) section for further details.

Clients MUST reject messages with unknown topic.

*Note*: `ForkDigestValue` is composed of values that are not known until the genesis block/state are available.
Due to this, clients SHOULD NOT subscribe to gossipsub topics until these genesis values are known.

Each gossipsub [message](https://github.com/libp2p/go-libp2p-pubsub/blob/master/pb/rpc.proto#L17-L24) has a maximum size of `GOSSIP_MAX_SIZE`.
Clients MUST reject (fail validation) messages that are over this size limit.
Likewise, clients MUST NOT emit or propagate messages larger than this limit.
The uncompressed payload in the [`data`](https://github.com/libp2p/go-libp2p-pubsub/blob/c06df2f9a38e9382e644b241adf0e96e5ca00955/pb/rpc.proto#L19)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

isn't this same as the current scenario for many clients? uncompressed limit 10MB (lodestar for e.g.) and this means for 60m gas uncompressed may have >=10MB with zero call data tx

we need bump to 15MB no?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need bump to 15MB no?

the current idea is to work on a better long-term solution instead and rely on the pectra repricing in the shorter term - the 15mb limit has several downsides.

must have has a size no greater than `GOSSIP_MAX_SIZE`.

After compression, the payload in the `data` field must have a size no greater than
`32 + GOSSIP_MAX_SIZE + GOSSIP_MAX_SIZE / 6` (rounded down), as given by the
[snappy maximum compressed size function](https://github.com/google/snappy/blob/32ded457c0b1fe78ceb8397632c416568d6714a0/snappy.cc#L218C1-L218C47).

Clients MUST reject (fail validation) messages with payloads that are over these size limits.
Likewise, clients MUST NOT emit or propagate messages larger than these limits.

Clients MAY use [size bounds derived from the payload SSZ type](#what-are-ssz-type-size-bounds) to determine the payload size limit, when this size is lower than `GOSSIP_MAX_SIZE`.

The optional `from` (1), `seqno` (3), `signature` (5) and `key` (6) protobuf fields are omitted from the message,
since messages are identified by content, anonymous, and signed where necessary in the application layer.
Expand All @@ -288,6 +298,10 @@ The `message-id` of a gossipsub message MUST be the following 20 byte value comp
the concatenation of `MESSAGE_DOMAIN_INVALID_SNAPPY` with the raw message data,
i.e. `SHA256(MESSAGE_DOMAIN_INVALID_SNAPPY + message.data)[:20]`.

Where relevant, clients MUST reject messages with `message-id` sizes other than 20 bytes.

Clients MAY reject messages whose protobuf-encoded size exceeds the maximum possible size based on the limits above.

*Note*: The above logic handles two exceptional cases:
(1) multiple snappy `data` can decompress to the same value,
and (2) some message `data` can fail to snappy decompress altogether.
Expand Down