celestiaorg · ninabarbakadze · Oct 11, 2024 · Sep 25, 2024 · Sep 25, 2024 · Sep 25, 2024
@@ -32,6 +32,8 @@ func NewAnteHandler(
 		// Set up the context with a gas meter.
 		// Must be called before gas consumption occurs in any other decorator.
 		ante.NewSetUpContextDecorator(),
+		// Ensure the tx is not larger than the configured threshold.
+		NewMaxTxSizeDecorator(),
 		// Ensure the tx does not contain any extension options.
 		ante.NewExtensionOptionsDecorator(nil),
 		// Ensure the tx passes ValidateBasic.

@@ -0,0 +1,28 @@
+package ante
+
+import (
+	"github.com/celestiaorg/celestia-app/v3/pkg/appconsts"
+	v3 "github.com/celestiaorg/celestia-app/v3/pkg/appconsts/v3"
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+)
+
+// MaxTxSizeDecorator ensures that a tx can not be larger than
+// application's configured versioned constant.
+type MaxTxSizeDecorator struct{}
+
+func NewMaxTxSizeDecorator() MaxTxSizeDecorator {
+	return MaxTxSizeDecorator{}
+}
+
+// AnteHandle implements the AnteHandler interface. It ensures that tx size is under application's configured threshold.
+func (d MaxTxSizeDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, next sdk.AnteHandler) (sdk.Context, error) {
+	// This is a tx validity check, therefore it only applies to CheckTx.
+	// Tx size rule applies to app versions v3 and onwards.
+	if ctx.IsCheckTx() && ctx.BlockHeader().Version.App >= v3.Version {
+		if len(ctx.TxBytes()) >= appconsts.TxMaxBytes(ctx.BlockHeader().Version.App) {
+			return ctx, sdkerrors.ErrTxTooLarge
+		}
+	}
+	return next(ctx, tx, simulate)
+}
@@ -0,0 +1,84 @@
+package ante_test
+
+import (
+	"testing"
+
+	"github.com/celestiaorg/celestia-app/v3/app/ante"
+	v2 "github.com/celestiaorg/celestia-app/v3/pkg/appconsts/v2"
+	v3 "github.com/celestiaorg/celestia-app/v3/pkg/appconsts/v3"
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+	"github.com/stretchr/testify/require"
+	tmproto "github.com/tendermint/tendermint/proto/tendermint/types"
+	version "github.com/tendermint/tendermint/proto/tendermint/version"
+)
+
+func TestMaxTxSizeDecorator(t *testing.T) {
+	decorator := ante.NewMaxTxSizeDecorator()
+	anteHandler := sdk.ChainAnteDecorators(decorator)
+
+	testCases := []struct {
+		name        string
+		txSize      int
+		isCheckTx   bool
+		expectError bool
+		appVersion  uint64
+	}{
+		{
+			name:        "good tx: under max tx bytes threshold",
+			txSize:      v3.MaxTxBytes - 1,
+			isCheckTx:   true,
+			appVersion:  v3.Version,
+			expectError: false,
+		},
+		{
+			name:        "bad tx; over max tx bytes threshold",
+			txSize:      v3.MaxTxBytes + 1,
+			isCheckTx:   true,
+			appVersion:  v3.Version,
+			expectError: true,
+		},
+		{
+			name:        "bad tx; equal to max tx bytes threshold",
+			txSize:      v3.MaxTxBytes,
+			isCheckTx:   true,
+			appVersion:  v3.Version,
+			expectError: true,
+		},
+		{
+			name:        "bad tx; should not error when not CheckTx",
+			txSize:      v3.MaxTxBytes,
+			isCheckTx:   false,
+			appVersion:  v3.Version,
+			expectError: false,
+		},
+		{
+			name:        "only applies to v3 and above",
+			txSize:      v3.MaxTxBytes,
+			isCheckTx:   true,
+			appVersion:  v2.Version,
+			expectError: false,
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			ctx := sdk.NewContext(nil, tmproto.Header{
+				Version: version.Consensus{
+					App: tc.appVersion,
+				},
+			}, tc.isCheckTx, nil)
+
+			txBytes := make([]byte, tc.txSize)
+
+			ctx = ctx.WithTxBytes(txBytes)
+			_, err := anteHandler(ctx, nil, false)
+			if tc.expectError {
+				require.Error(t, err)
+				require.Contains(t, err.Error(), sdkerrors.ErrTxTooLarge.Error())
+			} else {
+				require.NoError(t, err)
+			}
+		})
+	}
+}
@@ -6,4 +6,5 @@ const (
 	SubtreeRootThreshold int    = 64
 	TxSizeCostPerByte    uint64 = 10
 	GasPerBlobByte       uint32 = 8
+	MaxTxBytes           int    = 2097152 // 2MG (2 * 1024 * 1024)
 )
@@ -42,6 +42,10 @@ func GasPerBlobByte(_ uint64) uint32 {
 	return v3.GasPerBlobByte
 }
 
+func TxMaxBytes(_ uint64) int {
+	return v3.MaxTxBytes
+}
+
 var (
 	DefaultSubtreeRootThreshold = SubtreeRootThreshold(LatestVersion)
 	DefaultSquareSizeUpperBound = SquareSizeUpperBound(LatestVersion)

@@ -66,6 +66,12 @@ func TestVersionedConsts(t *testing.T) {
 			expectedConstant: v3.GasPerBlobByte,
 			got:              appconsts.GasPerBlobByte(v3.Version),
 		},
+		{
+			name:             "MaxTxBytes v3",
+			version:          v3.Version,
+			expectedConstant: v3.MaxTxBytes,
+			got:              appconsts.TxMaxBytes(v3.Version),
+		},
 	}
 
 	for _, tc := range testCases {

@@ -0,0 +1,31 @@
+# AnteHandler v3
+
+The AnteHandler chains together several decorators to ensure the following criteria are met for app version 3:
+
+- The tx does not contain any messages that are unsupported by the current app version. See `MsgVersioningGateKeeper`.
+<!-- link the MaxTxSize from appconsts -->
+- The tx size is not larger than the application's configured versioned constant MaxTxSize.
+- The tx does not contain any [extension options](https://github.com/cosmos/cosmos-sdk/blob/22c28366466e64ebf0df1ce5bec8b1130523552c/proto/cosmos/tx/v1beta1/tx.proto#L119-L122).
+- The tx passes `ValidateBasic()`.
+- The tx's [timeout_height](https://github.com/cosmos/cosmos-sdk/blob/22c28366466e64ebf0df1ce5bec8b1130523552c/proto/cosmos/tx/v1beta1/tx.proto#L115-L117) has not been reached if one is specified.
+- The tx's [memo](https://github.com/cosmos/cosmos-sdk/blob/22c28366466e64ebf0df1ce5bec8b1130523552c/proto/cosmos/tx/v1beta1/tx.proto#L110-L113) is <= the max memo characters where [`MaxMemoCharacters = 256`](<https://github.com/cosmos/cosmos-sdk/blob/a429238fc267da88a8548bfebe0ba7fb28b82a13/x/auth/README.md?plain=1#L230>).
+- The tx's [gas_limit](https://github.com/cosmos/cosmos-sdk/blob/22c28366466e64ebf0df1ce5bec8b1130523552c/proto/cosmos/tx/v1beta1/tx.proto#L211-L213) is > the 
+<!-- change this to a recent link in consts -->
+gas consumed based on the tx's size where [`TxSizeCostPerByte = 10`](https://github.com/cosmos/cosmos-sdk/blob/a429238fc267da88a8548bfebe0ba7fb28b82a13/x/auth/README.md?plain=1#L232).
+- The tx's feepayer has enough funds to pay fees for the tx. The tx's feepayer is the feegranter (if specified) or the tx's first signer. Note the [feegrant](https://github.com/cosmos/cosmos-sdk/blob/v0.46.15/x/feegrant/README.md) module is enabled.
+- The tx's gas price is >= the network minimum gas price where [`NetworkMinGasPrice = 0.000001` utia](https://github.com/celestiaorg/celestia-app/blob/8caa5807df8d15477554eba953bd056ae72d4503/pkg/appconsts/v2/app_consts.go#L9).
+- The tx's count of signatures <= the max number of signatures. The max number of signatures is [`TxSigLimit = 7`](https://github.com/cosmos/cosmos-sdk/blob/a429238fc267da88a8548bfebe0ba7fb28b82a13/x/auth/README.md?plain=1#L231).
+- The tx's [gas_limit](https://github.com/cosmos/cosmos-sdk/blob/22c28366466e64ebf0df1ce5bec8b1130523552c/proto/cosmos/tx/v1beta1/tx.proto#L211-L213) is > the gas consumed based on the tx's signatures.
+- The tx's [signatures](https://github.com/cosmos/cosmos-sdk/blob/22c28366466e64ebf0df1ce5bec8b1130523552c/types/tx/signing/signature.go#L10-L26) are valid. For each signature, ensure that the signature's sequence number (a.k.a nonce) matches the account sequence number of the signer.
+- The tx's [gas_limit](https://github.com/cosmos/cosmos-sdk/blob/22c28366466e64ebf0df1ce5bec8b1130523552c/proto/cosmos/tx/v1beta1/tx.proto#L211-L213) is > the gas consumed based on the blob size(s). Since blobs are charged based on the number of shares they occupy, the gas consumed is calculated as follows: `gasToConsume = sharesNeeded(blob) * bytesPerShare * gasPerBlobByte`. Where `bytesPerShare` is a global constant (an alias for [`ShareSize = 512`](https://github.com/celestiaorg/celestia-app/blob/c90e61d5a2d0c0bd0e123df4ab416f6f0d141b7f/pkg/appconsts/global_consts.go#L27-L28)) and 
+<!-- change this to be accurate to v3 -->
+`gasPerBlobByte` is a governance parameter that can be modified (the [`DefaultGasPerBlobByte = 8`](https://github.com/celestiaorg/celestia-app/blob/c90e61d5a2d0c0bd0e123df4ab416f6f0d141b7f/pkg/appconsts/initial_consts.go#L16-L18)).
+- The tx's total blob share count is <= the max blob share count. The max blob share count is derived from the maximum valid square size. The max valid square size is the minimum of: `GovMaxSquareSize` and `SquareSizeUpperBound`.
+- The tx does not contain a message of type [MsgSubmitProposal](https://github.com/cosmos/cosmos-sdk/blob/d6d929843bbd331b885467475bcb3050788e30ca/proto/cosmos/gov/v1/tx.proto#L33-L43) with zero proposal messages.
+- The tx is not an IBC packet or update message that has already been processed.
+
+In addition to the above criteria, the AnteHandler also has a number of side-effects:
+
+- Tx fees are deducted from the tx's feepayer and added to the fee collector module account.
+- Tx priority is calculated based on the smallest denomination of gas price in the tx and set in context.
+- The nonce of all tx signers is incremented by 1.