-
Notifications
You must be signed in to change notification settings - Fork 20.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
eth/gasprice: add query limit for FeeHistory to defend DDOS attack #29644
eth/gasprice: add query limit for FeeHistory to defend DDOS attack #29644
Conversation
Please rebase your commit. Your branch is 236 commits behind the master branch. And the return values of function |
5600e1e
to
fce2b5b
Compare
This new limit is not necessary because it is already covered by other limits. The percentiles have to be in increasing order, and < 100. It is therefore impossible to submit more than 100. There was a bug in the validation until recently, but it got fixed in #28954 . |
the element of rewardPercentiles is type float64 now, not integer, so is it impossible to submit more than 100? @fjl |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
…thereum#29644) * eth/gasprice: add query limit for FeeHistory to defend DDOS attack * fix return values after cherry-pick --------- Co-authored-by: Eric <45141191+zlacfzy@users.noreply.github.com>
…thereum#29644) * eth/gasprice: add query limit for FeeHistory to defend DDOS attack * fix return values after cherry-pick --------- Co-authored-by: Eric <45141191+zlacfzy@users.noreply.github.com>
Add query limit to defend DDoS attack. Max allow 100 different percentiles in rewardPercentiles.
this PR is ported from bsc 2423