From 5dacf44209e4027b491804d2b656118db2733dba Mon Sep 17 00:00:00 2001 From: Daniel Wang Date: Mon, 13 Nov 2023 17:09:51 +0300 Subject: [PATCH 1/3] Restrict max gas paying prover --- .../protocol/contracts/L1/libs/LibProposing.sol | 7 ++++++- packages/protocol/contracts/libs/LibAddress.sol | 15 +++++++++++---- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/packages/protocol/contracts/L1/libs/LibProposing.sol b/packages/protocol/contracts/L1/libs/LibProposing.sol index 070993ef945..d5443fd7d84 100644 --- a/packages/protocol/contracts/L1/libs/LibProposing.sol +++ b/packages/protocol/contracts/L1/libs/LibProposing.sol @@ -28,6 +28,11 @@ library LibProposing { // field element has 32 bytes. uint256 public constant MAX_BYTES_PER_BLOB = 4096 * 32; + // Max gas paying the prover. This should be large enough to prevent the + // worst cases, usually block proposer shall be aware the risks and only + // choose provers that cannot consume too much gas when receiving Ether. + uint256 public constant MAX_GAS_PAYING_PROVER = 200_000; + // Warning: Any events defined here must also be defined in TaikoEvents.sol. event BlockProposed( uint256 indexed blockId, @@ -334,7 +339,7 @@ library LibProposing { if (assignment.feeToken == address(0)) { // Paying Ether if (msg.value < proverFee) revert L1_ASSIGNMENT_INSUFFICIENT_FEE(); - assignment.prover.sendEther(proverFee); + assignment.prover.sendEther(proverFee, MAX_GAS_PAYING_PROVER); unchecked { // Return the extra Ether to the proposer uint256 refund = msg.value - proverFee; diff --git a/packages/protocol/contracts/libs/LibAddress.sol b/packages/protocol/contracts/libs/LibAddress.sol index d52201f03bd..001eac98fd8 100644 --- a/packages/protocol/contracts/libs/LibAddress.sol +++ b/packages/protocol/contracts/libs/LibAddress.sol @@ -22,10 +22,7 @@ library LibAddress { error ETH_TRANSFER_FAILED(); - /// @dev Sends Ether to the specified address. It is recommended to avoid - /// using `.transfer()` due to potential reentrancy issues. - /// Reference: - /// https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now + /// @dev Sends Ether to the specified address. /// @param to The recipient address. /// @param amount The amount of Ether to send in wei. function sendEther(address to, uint256 amount) internal { @@ -42,6 +39,16 @@ library LibAddress { if (!success) revert ETH_TRANSFER_FAILED(); } + /// @dev Sends Ether to the specified address. + /// @param to The recipient address. + /// @param amount The amount of Ether to send in wei. + /// @param gasLimit The max amount gas to pay for this transaction. + function sendEther(address to, uint256 amount, uint256 gasLimit) internal { + if (to == address(0)) revert ETH_TRANSFER_FAILED(); + (bool success,) = payable(to).call{ value: amount, gas: gasLimit }(""); + if (!success) revert ETH_TRANSFER_FAILED(); + } + function supportsInterface( address addr, bytes4 interfaceId From 63b0dd9e55a297eb8c481c81912052f677bf718f Mon Sep 17 00:00:00 2001 From: Daniel Wang Date: Mon, 13 Nov 2023 21:32:29 +0300 Subject: [PATCH 2/3] Update LibAddress.sol --- packages/protocol/contracts/libs/LibAddress.sol | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/packages/protocol/contracts/libs/LibAddress.sol b/packages/protocol/contracts/libs/LibAddress.sol index 001eac98fd8..0402013a0b5 100644 --- a/packages/protocol/contracts/libs/LibAddress.sol +++ b/packages/protocol/contracts/libs/LibAddress.sol @@ -25,7 +25,8 @@ library LibAddress { /// @dev Sends Ether to the specified address. /// @param to The recipient address. /// @param amount The amount of Ether to send in wei. - function sendEther(address to, uint256 amount) internal { + /// @param gasLimit The max amount gas to pay for this transaction. + function sendEther(address to, uint256 amount, uint256 gasLimit) internal { // Check for zero-value or zero-address transactions if (to == address(0)) revert ETH_TRANSFER_FAILED(); @@ -33,7 +34,7 @@ library LibAddress { // WARNING: call() functions do not have an upper gas cost limit, so // it's important to note that it may not reliably execute as expected // when invoked with untrusted addresses. - (bool success,) = payable(to).call{ value: amount }(""); + (bool success,) = payable(to).call{ value: amount, gas: gasLimit }(""); // Ensure the transfer was successful if (!success) revert ETH_TRANSFER_FAILED(); @@ -42,11 +43,8 @@ library LibAddress { /// @dev Sends Ether to the specified address. /// @param to The recipient address. /// @param amount The amount of Ether to send in wei. - /// @param gasLimit The max amount gas to pay for this transaction. - function sendEther(address to, uint256 amount, uint256 gasLimit) internal { - if (to == address(0)) revert ETH_TRANSFER_FAILED(); - (bool success,) = payable(to).call{ value: amount, gas: gasLimit }(""); - if (!success) revert ETH_TRANSFER_FAILED(); + function sendEther(address to, uint256 amount) internal { + sendEther(to, amount, gasleft()); } function supportsInterface( From d8087487859be59a838f6baf9f3ded44fb3bffac Mon Sep 17 00:00:00 2001 From: Daniel Wang Date: Mon, 13 Nov 2023 21:40:16 +0300 Subject: [PATCH 3/3] Update LibProposing.sol --- packages/protocol/contracts/L1/libs/LibProposing.sol | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/protocol/contracts/L1/libs/LibProposing.sol b/packages/protocol/contracts/L1/libs/LibProposing.sol index 2e295ea1b56..2a507775699 100644 --- a/packages/protocol/contracts/L1/libs/LibProposing.sol +++ b/packages/protocol/contracts/L1/libs/LibProposing.sol @@ -264,8 +264,7 @@ library LibProposing { // Validate the prover assignment, then charge Ether or ERC20 as the // prover fee based on the block's minTier. - uint256 proverFee = - _payProverFeeAndTip( + uint256 proverFee = _payProverFeeAndTip( meta.minTier, meta.blobHash, blk.blockId, params.assignment );