Skip to content

[4/x][signing] Don't sign mutable access to the Clock #8092

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 14, 2023
Merged

[4/x][signing] Don't sign mutable access to the Clock #8092

merged 1 commit into from
Feb 14, 2023

Conversation

amnn
Copy link
Contributor

@amnn amnn commented Feb 4, 2023

User transactions that request mutable access (requiring a write lock) to the singleton Clock at address 0x6 will not be signed by honest validators.

This prevents those transactions from (intentionally or otherwise) bottlenecking throughput on transactions that reference the Clock by taking an exclusive lock on it.

Test Plan

New unit tests in authority_tests:

$ cargo nextest run -- test_invalid_mutable_clock_parameter
$ cargo nextest run -- test_valid_immutable_clock_parameter

Stack

@amnn amnn requested review from tnowacki and andll February 4, 2023 00:26
@amnn amnn self-assigned this Feb 4, 2023
@vercel
Copy link

vercel bot commented Feb 4, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

4 Ignored Deployments
Name Status Preview Comments Updated
explorer ⬜️ Ignored (Inspect) Feb 14, 2023 at 0:00AM (UTC)
explorer-storybook ⬜️ Ignored (Inspect) Feb 14, 2023 at 0:00AM (UTC)
frenemies ⬜️ Ignored (Inspect) Feb 14, 2023 at 0:00AM (UTC)
wallet-adapter ⬜️ Ignored (Inspect) Feb 14, 2023 at 0:00AM (UTC)

@amnn amnn force-pushed the clock-txn-input branch 2 times, most recently from fba7952 to ca6acfb Compare February 13, 2023 17:00
tnowacki
tnowacki reviewed Feb 13, 2023
View reviewed changes
crates/sui-core/src/transaction_input_checker.rs
@@ -343,6 +344,15 @@ fn check_one_object(
}
};
}
InputObjectKind::SharedMoveObject {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we do anything similar for the system object? Is it only mutated in system transactions?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, sadly not -- (at least not currently) -- delegation requests will touch it, IIRC.

@amnn
[4/x][signing] Don't sign mutable access to the Clock
42bb5df 
User transactions that request mutable access (requiring a write lock)
to the singleton `Clock` at address `0x6` will not be signed by honest
validators.

This prevents those transactions from (intentionally or otherwise)
bottlenecking throughput on transactions that reference the `Clock` by
taking an exclusive lock on it.

Test Plan:

New unit tests in `authority_tests`:

```
$ cargo nextest run -- test_invalid_mutable_clock_parameter
$ cargo nextest run -- test_valid_immutable_clock_parameter
```
@amnn amnn merged commit ee8503b into MystenLabs:main Feb 14, 2023
@amnn amnn deleted the clock-txn-input branch February 14, 2023 00:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tnowacki tnowacki tnowacki left review comments

@andll andll andll approved these changes

@tharbert tharbert Awaiting requested review from tharbert

@randall-Mysten randall-Mysten Awaiting requested review from randall-Mysten

@ronny-mysten ronny-mysten Awaiting requested review from ronny-mysten

Assignees

@amnn amnn

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@amnn @tnowacki @andll