This repository was archived by the owner on Feb 17, 2025. It is now read-only.
This repository was archived by the owner on Feb 17, 2025. It is now read-only.
Enhance System Robustness with Improved Validations and Configuration Management #2284
Description
Overview:
We need to enhance the robustness of our system by including more stringent validations. Our current framework does not have a mechanism to authenticate X-Forwarded-For headers or manage an overload of transactions that surpass our zkCounter limitations.
Recommended Changes:
-
Verify IP in the Transaction Pool:
- Introduce a function within the
tryToAddTxToPoolmethod to authenticate IP addresses retrieved from theX-Forwarded-Forheader.
- Introduce a function within the
-
Verify IP in the Worker:
- Confirm IP addresses in the
Worker.AddTxTrackerprior to appending them to the efficiency list. This acts as a secondary check against invalid or suspicious IP addresses.
- Confirm IP addresses in the
-
Refinement of ZKCounters and Shared Configuration:
- Restructure the
BatchConstraintsandBatchResourceWeightsconfig parameters into a mutualBatchConfigstructure. This structure will be employed by theJSON-RPCto confirm that the resources consumed by a transaction do not exceed the prescribed limits. If a transaction surpasses these limitations, it will be bypassed and not included in the transactionpool. In the same vein, theSequencerwill skip such transactions and not add them to theWorker'sefficiencyList.
- Restructure the
Objective:
Implementing these changes will contribute to the fortification of our services by safeguarding against potential system overloads and ensuring steady operations. These steps will help prevent undue resource consumption and ensure the maintenance of data consistency.