Check fee_recipient returned from EE
#3156
Comments
paulhauner
added
enhancement
## Issue Addressed #3156 ## Proposed Changes Emit a `WARN` log whenever the value of `fee_recipient` as returned from the EE is different from the value of `suggested_fee_recipient` as set on the BN, for example by the `--suggested-fee-recipient` CLI flag. ## Additional Info I have set the log level to `WARN` since it is legal behaviour (meaning it isn't really an error but is important to know when it is occurring). If we feel like this behaviour is almost always undesired (caused by a misconfiguration or malicious EE) then an `ERRO` log would be more appropriate. Happy to change it in that case.
|
IMO we might want a flag that prevents the VC from signing any block with a divergent fee recipient. This would apply to blocks from builders too, which I think the check from #3202 does not. Filtering available blocks by their fee recipient would be superior, but I don't think the current builder APIs really allow that (unless you use multiple relays?). (I've been thinking about this in the context of MEV smoothing: https://twitter.com/sproulM_/status/1548900364342009857) |
I agree! If we add this flag, we can make a fee recipient mismatch on a block from the builder API a
Yeah, this one sounds like it'd be a good feature in |
## Issue Addressed Resolves #3267 Resolves #3156 ## Proposed Changes - Move the log for fee recipient checks from proposer cache insertion into block proposal so we are directly checking what we get from the EE - Only log when there is a discrepancy with the local EE, not when using the builder API. In the `builder-api` branch there is an `info` log when there is a discrepancy, I think it is more likely there will be a difference in fee recipient with the builder api because proposer payments might be made via a transaction in the block. Not really sure what patterns will become commong. - Upgrade the log from a `warn` to an `error` - not actually sure which we want, but I think this is worth an error because the local EE with default transaction ordering I think should pretty much always use the provided fee recipient - add a `strict-fee-recipient` flag to the VC so we only sign blocks with matching fee recipients. Falls back from the builder API to the local API if there is a discrepancy . Co-authored-by: realbigsean <sean@sigmaprime.io>
|
Resolved via #3363 🎉 |
Description
It's possible that an EE will return a different fee recipient to the one provided (the
suggested_fee_recipient) inget_payload. Whilst this is legal behaviour, I think it would make sense to raise some sort of log whenever the EE returns a different value. It might help users detect when their fees are being hijacked.I'm not sure the log level, I'm tempted to go with an
ERRObut I'm open to suggestion.The text was updated successfully, but these errors were encountered: