eth: initial implementation of peer blacklist

.github/workflows/pre-release.yml

@@ -82,28 +82,28 @@ jobs:
       # ==============================
 
       - name: Upload Linux Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'ubuntu-latest'
         with:
           name: linux
           path: ./build/bin/geth
 
       - name: Upload MacOS Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'macos-latest'
         with:
           name: macos
           path: ./build/bin/geth
       
       - name: Upload Windows Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'windows-latest'
         with:
           name: windows
           path: ./build/bin/geth.exe
 
       - name: Upload ARM-64 Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'ubuntu-latest'
         with:
           name: arm64

.github/workflows/release.yml

@@ -81,28 +81,28 @@ jobs:
       # ==============================
 
       - name: Upload Linux Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'ubuntu-latest'
         with:
           name: linux
           path: ./build/bin/geth
 
       - name: Upload MacOS Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'macos-latest'
         with:
           name: macos
           path: ./build/bin/geth
       
       - name: Upload Windows Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'windows-latest'
         with:
           name: windows
           path: ./build/bin/geth.exe
 
       - name: Upload ARM-64 Build
-        uses: actions/upload-artifact@v4.3.3
+        uses: actions/upload-artifact@v3
         if: matrix.os == 'ubuntu-latest'
         with:
           name: arm64

.nancy-ignore

@@ -1,3 +1,2 @@
 CVE-2024-34478 # "CWE-754: Improper Check for Unusual or Exceptional Conditions." This vulnerability is BTC only, BSC does not have the issue.
 CVE-2024-6104 # "CWE-532: Information Exposure Through Log Files" This is caused by the vulnerabilities go-retryablehttp@v0.7.4, it is only used in cmd devp2p, impact is limited. will upgrade to v0.7.7 later
-CVE-2024-8421 # "CWE-400: Uncontrolled Resource Consumption (Resource Exhaustion)" This vulnerability is caused by issues in the golang.org/x/net package. Even the latest version(v0.29.0) has not yet addressed it, but we will continue to monitor updates closely.

CHANGELOG.md

@@ -1,26 +1,4 @@
 # Changelog
-## v1.4.15
-### BUGFIX
-* [\#2680](https://github.com/bnb-chain/bsc/pull/2680) txpool: apply miner's gasceil to txpool
-* [\#2688](https://github.com/bnb-chain/bsc/pull/2688) txpool: set default GasCeil from 30M to 0
-* [\#2696](https://github.com/bnb-chain/bsc/pull/2696) miner: limit block size to eth protocol msg size
-* [\#2684](https://github.com/bnb-chain/bsc/pull/2684) eth: Add sidecars when available to broadcasted current block
-
-### FEATURE
-* [\#2672](https://github.com/bnb-chain/bsc/pull/2672) faucet: with mainnet balance check, 0.002BNB at least
-* [\#2678](https://github.com/bnb-chain/bsc/pull/2678) beaconserver: simulated beacon api server for op-stack
-* [\#2687](https://github.com/bnb-chain/bsc/pull/2687) faucet: support customized token
-* [\#2698](https://github.com/bnb-chain/bsc/pull/2698) faucet: add example for custimized token
-* [\#2706](https://github.com/bnb-chain/bsc/pull/2706) faucet: update DIN token faucet support
-
-### IMPROVEMENT
-* [\#2677](https://github.com/bnb-chain/bsc/pull/2677) log: add some p2p log
-* [\#2679](https://github.com/bnb-chain/bsc/pull/2679) build(deps): bump actions/download-artifact in /.github/workflows
-* [\#2662](https://github.com/bnb-chain/bsc/pull/2662) metrics: add some extra feature flags as node stats
-* [\#2675](https://github.com/bnb-chain/bsc/pull/2675) fetcher: Sleep after marking block as done when requeuing
-* [\#2695](https://github.com/bnb-chain/bsc/pull/2695) CI: nancy ignore CVE-2024-8421
-* [\#2689](https://github.com/bnb-chain/bsc/pull/2689) consensus/parlia: wait more time when processing huge blocks
-
 ## v1.4.14
 
 ### BUGFIX

README.md

@@ -9,15 +9,16 @@ https://pkg.go.dev/badge/github.com/ethereum/go-ethereum
 )](https://pkg.go.dev/github.com/ethereum/go-ethereum?tab=doc)
 [![Discord](https://img.shields.io/badge/discord-join%20chat-blue.svg)](https://discord.gg/z2VpC455eU)
 
-But from that baseline of EVM compatible, BNB Smart Chain introduces a system of 21 validators with Proof of Staked Authority (PoSA) consensus that can support short block time and lower fees. The most bonded validator candidates of staking will become validators and produce blocks. The double-sign detection and other slashing logic guarantee security, stability, and chain finality.
+But from that baseline of EVM compatible, BNB Smart Chain introduces  a system of 21 validators with Proof of Staked Authority (PoSA) consensus that can support short block time and lower fees. The most bonded validator candidates of staking will become validators and produce blocks. The double-sign detection and other slashing logic guarantee security, stability, and chain finality.
 
-**The BNB Smart Chain** will be:
+Cross-chain transfer and other communication are possible due to native support of interoperability. Relayers and on-chain contracts are developed to support that. BNB Beacon Chain DEX remains a liquid venue of the exchange of assets on both chains. This dual-chain architecture will be ideal for users to take advantage of the fast trading on one side and build their decentralized apps on the other side. **The BNB Smart Chain** will be:
 
 - **A self-sovereign blockchain**: Provides security and safety with elected validators.
 - **EVM-compatible**: Supports all the existing Ethereum tooling along with faster finality and cheaper transaction fees.
+- **Interoperable**: Comes with efficient native dual chain communication; Optimized for scaling high-performance dApps that require fast and smooth user experience.
 - **Distributed with on-chain governance**: Proof of Staked Authority brings in decentralization and community participants. As the native token, BNB will serve as both the gas of smart contract execution and tokens for staking.
 
-More details in [White Paper](https://github.com/bnb-chain/whitepaper/blob/master/WHITEPAPER.md).
+More details in [White Paper](https://www.bnbchain.org/en#smartChain).
 
 ## Key features
 
@@ -33,8 +34,18 @@ To combine DPoS and PoA for consensus, BNB Smart Chain implement a novel consens
 
 1. Blocks are produced by a limited set of validators.
 2. Validators take turns to produce blocks in a PoA manner, similar to Ethereum's Clique consensus engine.
-3. Validator set are elected in and out based on a staking based governance on BNB Smart Chain.
-4. Parlia consensus engine will interact with a set of [system contracts](https://docs.bnbchain.org/bnb-smart-chain/staking/overview/#system-contracts) to achieve liveness slash, revenue distributing and validator set renewing func.
+3. Validator set are elected in and out based on a staking based governance on BNB Beacon Chain.
+4. The validator set change is relayed via a cross-chain communication mechanism.
+5. Parlia consensus engine will interact with a set of [system contracts](https://docs.bnbchain.org/bnb-smart-chain/staking/overview/#system-contracts) to achieve liveness slash, revenue distributing and validator set renewing func.
+
+ 
+### Light Client of BNB Beacon Chain
+
+To achieve the cross-chain communication from BNB Beacon Chain to BNB Smart Chain, need introduce a on-chain light client verification algorithm.
+It contains two parts:
+
+1. [Stateless Precompiled contracts](https://github.com/bnb-chain/bsc/blob/master/core/vm/contracts_lightclient.go) to do tendermint header verification and Merkle Proof verification.
+2. [Stateful solidity contracts](https://github.com/bnb-chain/bsc-genesis-contract/blob/master/contracts/TendermintLightClient.sol) to store validator set and trusted appHash.  
 
 ## Native Token
 
@@ -42,6 +53,7 @@ BNB will run on BNB Smart Chain in the same way as ETH runs on Ethereum so that
 BNB will be used to:
 
 1. pay `gas` to deploy or invoke Smart Contract on BSC
+2. perform cross-chain operations, such as transfer token assets across BNB Smart Chain and BNB Beacon Chain.
 
 ## Building the source
 
@@ -235,7 +247,9 @@ running web servers, so malicious web pages could try to subvert locally availab
 APIs!**
 
 ### Operating a private network
-- [BSC-Deploy](https://github.com/bnb-chain/node-deploy/): deploy tool for setting up BNB Smart Chain.
+- [BSC-Deploy](https://github.com/bnb-chain/node-deploy/): deploy tool for setting up both BNB Beacon Chain, BNB Smart Chain and the cross chain infrastructure between them.
+- [BSC-Docker](https://github.com/bnb-chain/bsc-docker): deploy tool for setting up local BSC cluster in container.
+
 
 ## Running a bootnode
 

cmd/faucet/customized/README.md

@@ -1,23 +0,0 @@
-# 1.Background
-This is to support some projects with customized tokens that they want to integrate into the BSC faucet tool.
-
-## 1.1. How to Integrate Your Token
-- Step 1: Fund the faucet address by sending a specific amount of your BEP-20 token to the faucet address (0xaa25aa7a19f9c426e07dee59b12f944f4d9f1dd3) on the BSC testnet.
-- Step 2: Update this README.md file and create a Pull Request on [bsc github](https://github.com/bnb-chain/bsc) with relevant information.
-
-We will review the request, and once it is approved, the faucet tool will start to support the customized token and list it on https://www.bnbchain.org/en/testnet-faucet.
-
-# 2.Token List
-## 2.1.DemoToken
-- symbol: DEMO
-- amount: 10000000000000000000
-- icon: ./demotoken.png
-- addr: https://testnet.bscscan.com/address/0xe15c158d768c306dae87b96430a94f884333e55d
-- fundTx: [0xa499dc9aaf918aff0507538a8aa80a88d0af6ca15054e6acc57b69c651945280](https://testnet.bscscan.com/tx/0x2a3f334b6ca756b64331bdec9e6cf3207ac50a4839fda6379e909de4d9a194ca)
-- 
-## 2.2.DIN token
-- symbol: DIN
-- amount: 10000000000000000000
-- icon: ./DIN.png
-- addr: https://testnet.bscscan.com/address/0xb8b40FcC5B4519Dba0E07Ac8821884CE90BdE677
-- fundTx: [0x17fc4c1db133830c7c146a0d41ca1df31cb446989ec11b382d58bb6176d6fde3](https://testnet.bscscan.com/tx/0x17fc4c1db133830c7c146a0d41ca1df31cb446989ec11b382d58bb6176d6fde3)

cmd/faucet/faucet.go

@@ -500,7 +500,7 @@ func (f *faucet) apiHandler(w http.ResponseWriter, r *http.Request) {
 			continue
 		}
 
-		// check #2: check IP and ID(address) to ensure the user didn't request funds too frequently
+		// check #2: check IP and ID(address) to ensure the user didn't request funds too recently,
 		f.lock.Lock()
 
 		if ipTimeout := f.timeouts[ips[len(ips)-2]]; time.Now().Before(ipTimeout) {

consensus/parlia/parlia.go

@@ -68,6 +68,7 @@ const (
 
 	wiggleTime         = uint64(1) // second, Random delay (per signer) to allow concurrent signers
 	initialBackOffTime = uint64(1) // second
+	processBackOffTime = uint64(1) // second
 
 	systemRewardPercent = 4 // it means 1/2^4 = 1/16 percentage of gas fee incoming will be distributed to system
 
@@ -1615,15 +1616,12 @@ func (p *Parlia) Seal(chain consensus.ChainHeaderReader, block *types.Block, res
 		copy(header.Extra[len(header.Extra)-extraSeal:], sig)
 
 		if p.shouldWaitForCurrentBlockProcess(chain, header, snap) {
-			highestVerifiedHeader := chain.GetHighestVerifiedHeader()
-			// including time for writing and committing blocks
-			waitProcessEstimate := math.Ceil(float64(highestVerifiedHeader.GasUsed) / float64(100_000_000))
-			log.Info("Waiting for received in turn block to process", "waitProcessEstimate(Seconds)", waitProcessEstimate)
+			log.Info("Waiting for received in turn block to process")
 			select {
 			case <-stop:
 				log.Info("Received block process finished, abort block seal")
 				return
-			case <-time.After(time.Duration(waitProcessEstimate) * time.Second):
+			case <-time.After(time.Duration(processBackOffTime) * time.Second):
 				if chain.CurrentHeader().Number.Uint64() >= header.Number.Uint64() {
 					log.Info("Process backoff time exhausted, and current header has updated to abort this seal")
 					return

core/block_validator.go

@@ -66,6 +66,31 @@ func NewBlockValidator(config *params.ChainConfig, blockchain *BlockChain, engin
 	return validator
 }
 
+// ValidateListsInBody validates that UncleHash, WithdrawalsHash, and WithdrawalsHash correspond to the lists in the block body, respectively.
+func ValidateListsInBody(block *types.Block) error {
+	header := block.Header()
+	if hash := types.CalcUncleHash(block.Uncles()); hash != header.UncleHash {
+		return fmt.Errorf("uncle root hash mismatch (header value %x, calculated %x)", header.UncleHash, hash)
+	}
+	if hash := types.DeriveSha(block.Transactions(), trie.NewStackTrie(nil)); hash != header.TxHash {
+		return fmt.Errorf("transaction root hash mismatch: have %x, want %x", hash, header.TxHash)
+	}
+	// Withdrawals are present after the Shanghai fork.
+	if header.WithdrawalsHash != nil {
+		// Withdrawals list must be present in body after Shanghai.
+		if block.Withdrawals() == nil {
+			return errors.New("missing withdrawals in block body")
+		}
+		if hash := types.DeriveSha(block.Withdrawals(), trie.NewStackTrie(nil)); hash != *header.WithdrawalsHash {
+			return fmt.Errorf("withdrawals root hash mismatch (header value %x, calculated %x)", *header.WithdrawalsHash, hash)
+		}
+	} else if block.Withdrawals() != nil { // Withdrawals turn into empty from nil when BlockBody has Sidecars
+		// Withdrawals are not allowed prior to shanghai fork
+		return errors.New("withdrawals present in block body")
+	}
+	return nil
+}
+
 // ValidateBody validates the given block's uncles and verifies the block
 // header's transaction and uncle roots. The headers are assumed to be already
 // validated at this point.
@@ -83,31 +108,12 @@ func (v *BlockValidator) ValidateBody(block *types.Block) error {
 	if err := v.engine.VerifyUncles(v.bc, block); err != nil {
 		return err
 	}
-	if hash := types.CalcUncleHash(block.Uncles()); hash != header.UncleHash {
-		return fmt.Errorf("uncle root hash mismatch (header value %x, calculated %x)", header.UncleHash, hash)
-	}
 
 	validateFuns := []func() error{
 		func() error {
-			if hash := types.DeriveSha(block.Transactions(), trie.NewStackTrie(nil)); hash != header.TxHash {
-				return fmt.Errorf("transaction root hash mismatch: have %x, want %x", hash, header.TxHash)
-			}
-			return nil
+			return ValidateListsInBody(block)
 		},
 		func() error {
-			// Withdrawals are present after the Shanghai fork.
-			if header.WithdrawalsHash != nil {
-				// Withdrawals list must be present in body after Shanghai.
-				if block.Withdrawals() == nil {
-					return errors.New("missing withdrawals in block body")
-				}
-				if hash := types.DeriveSha(block.Withdrawals(), trie.NewStackTrie(nil)); hash != *header.WithdrawalsHash {
-					return fmt.Errorf("withdrawals root hash mismatch (header value %x, calculated %x)", *header.WithdrawalsHash, hash)
-				}
-			} else if block.Withdrawals() != nil { // Withdrawals turn into empty from nil when BlockBody has Sidecars
-				// Withdrawals are not allowed prior to shanghai fork
-				return errors.New("withdrawals present in block body")
-			}
 			// Blob transactions may be present after the Cancun fork.
 			var blobs int
 			for i, tx := range block.Transactions() {

crypto/bn256/cloudflare/gfp12.go

@@ -1,7 +1,7 @@
 package bn256
 
 // For details of the algorithms used, see "Multiplication and Squaring on
-// Pairing-Friendly Fields", Devegili et al.
+// Pairing-Friendly Fields, Devegili et al.
 // http://eprint.iacr.org/2006/471.pdf.
 
 import (

crypto/bn256/cloudflare/gfp2.go

@@ -1,7 +1,7 @@
 package bn256
 
 // For details of the algorithms used, see "Multiplication and Squaring on
-// Pairing-Friendly Fields", Devegili et al.
+// Pairing-Friendly Fields, Devegili et al.
 // http://eprint.iacr.org/2006/471.pdf.
 
 // gfP2 implements a field of size p² as a quadratic extension of the base field

crypto/bn256/cloudflare/gfp6.go

@@ -1,7 +1,7 @@
 package bn256
 
 // For details of the algorithms used, see "Multiplication and Squaring on
-// Pairing-Friendly Fields", Devegili et al.
+// Pairing-Friendly Fields, Devegili et al.
 // http://eprint.iacr.org/2006/471.pdf.
 
 // gfP6 implements the field of size p⁶ as a cubic extension of gfP2 where τ³=ξ

crypto/bn256/google/gfp12.go

@@ -5,7 +5,7 @@
 package bn256
 
 // For details of the algorithms used, see "Multiplication and Squaring on
-// Pairing-Friendly Fields", Devegili et al.
+// Pairing-Friendly Fields, Devegili et al.
 // http://eprint.iacr.org/2006/471.pdf.
 
 import (

crypto/bn256/google/gfp2.go

@@ -5,7 +5,7 @@
 package bn256
 
 // For details of the algorithms used, see "Multiplication and Squaring on
-// Pairing-Friendly Fields", Devegili et al.
+// Pairing-Friendly Fields, Devegili et al.
 // http://eprint.iacr.org/2006/471.pdf.
 
 import (

crypto/bn256/google/gfp6.go

@@ -5,7 +5,7 @@
 package bn256
 
 // For details of the algorithms used, see "Multiplication and Squaring on
-// Pairing-Friendly Fields", Devegili et al.
+// Pairing-Friendly Fields, Devegili et al.
 // http://eprint.iacr.org/2006/471.pdf.
 
 import (

eth/blacklist.go

@@ -0,0 +1,114 @@
+package eth
+
+import (
+	"container/heap"
+	"sync"
+	"time"
+)
+
+// Implements the heap.Interface for *BlackListPeer based on LastSeen
+type PeerHeap []*BlackListPeer
+
+func (h PeerHeap) Len() int           { return len(h) }
+func (h PeerHeap) Less(i, j int) bool { return h[i].LastSeen.Before(h[j].LastSeen) }
+func (h PeerHeap) Swap(i, j int)      { h[i], h[j] = h[j], h[i]; h[i].index = i; h[j].index = j }
+
+func (h *PeerHeap) Push(x interface{}) {
+	n := len(*h)
+	item := x.(*BlackListPeer)
+	item.index = n
+	*h = append(*h, item)
+}
+
+func (h *PeerHeap) Pop() interface{} {
+	old := *h
+	n := len(old)
+	item := old[n-1]
+	item.index = -1 // for safety
+	*h = old[0 : n-1]
+	return item
+}
+
+// Peer represents the state of a peer in the network.
+type BlackListPeer struct {
+	ID             string    // Unique identifier for the peer
+	HeadBlock      int64     // Current head block of the peer
+	LastSeen       time.Time // Timestamp of the last head block update
+	BlacklistCount int       // Counter for failed head block updates
+	index          int       // Index of the peer in the heap
+}
+
+// blackList manages peers, both active and blacklisted.
+type blackList struct {
+	mu               sync.Mutex // To handle concurrent access
+	peers            map[string]*BlackListPeer
+	peerHeap         PeerHeap
+	maxPeers         int
+	expiryTime       time.Duration
+	blacklistedCount int
+}
+
+// NewBlackList creates a new instance of blackList.
+func NewBlackList(maxPeers int, expiryTime time.Duration, blacklistedCount int) *blackList {
+	bl := &blackList{
+		peers:            make(map[string]*BlackListPeer),
+		peerHeap:         make(PeerHeap, 0, maxPeers),
+		maxPeers:         maxPeers,
+		expiryTime:       expiryTime,
+		blacklistedCount: blacklistedCount,
+	}
+	heap.Init(&bl.peerHeap)
+	return bl
+}
+
+// AddOrUpdatePeer adds or updates a peer in the map, rejecting invalid IDs.
+func (bl *blackList) AddOrUpdatePeer(id string, headBlock int64) {
+	if id == "" {
+		return // Reject empty ID
+	}
+
+	bl.mu.Lock()
+	defer bl.mu.Unlock()
+
+	peer, exists := bl.peers[id]
+	if exists {
+		if peer.HeadBlock != headBlock {
+			peer.HeadBlock = headBlock
+			peer.LastSeen = time.Now()
+			peer.BlacklistCount = 0
+			heap.Fix(&bl.peerHeap, peer.index)
+		}
+	} else {
+		if len(bl.peers) >= bl.maxPeers {
+			oldest := heap.Pop(&bl.peerHeap).(*BlackListPeer)
+			delete(bl.peers, oldest.ID) // Corrected to use ID
+		}
+		newPeer := &BlackListPeer{
+			ID: id, HeadBlock: headBlock, LastSeen: time.Now(), BlacklistCount: 0,
+		}
+		bl.peers[id] = newPeer
+		heap.Push(&bl.peerHeap, newPeer)
+	}
+}
+
+// BlacklistStalePeers updates the blacklist count of stale peers.
+func (bl *blackList) BlacklistStalePeers() {
+	bl.mu.Lock()
+	defer bl.mu.Unlock()
+
+	now := time.Now()
+	for _, peer := range bl.peers {
+		if now.Sub(peer.LastSeen) > bl.expiryTime {
+			peer.BlacklistCount++
+		}
+	}
+}
+
+// IsBlacklisted checks if a peer is blacklisted.
+func (bl *blackList) IsBlacklisted(id string) bool {
+	bl.mu.Lock()
+	defer bl.mu.Unlock()
+
+	peer, exists := bl.peers[id]
+	return exists && peer.BlacklistCount >= bl.blacklistedCount
+}

eth/blacklist_test.go

@@ -0,0 +1,161 @@
+package eth
+
+import (
+	"sync"
+	"testing"
+	"time"
+)
+
+// TestAddOrUpdatePeer tests adding new peers and updating existing ones.
+func TestAddOrUpdatePeer(t *testing.T) {
+	bl := NewBlackList(2, 10*time.Minute, 3)
+	bl.AddOrUpdatePeer("peer1", 100)
+	if len(bl.peers) != 1 {
+		t.Errorf("Expected 1 peer, got %d", len(bl.peers))
+	}
+
+	// Test updating the same peer
+	bl.AddOrUpdatePeer("peer1", 101)
+	if bl.peers["peer1"].HeadBlock != 101 {
+		t.Errorf("Expected head block 101, got %d", bl.peers["peer1"].HeadBlock)
+	}
+
+	// Test adding another peer and triggering the maxPeers limit
+	bl.AddOrUpdatePeer("peer2", 102)
+	bl.AddOrUpdatePeer("peer3", 103) // This should remove the oldest (peer1)
+	if len(bl.peers) != 2 {
+		t.Errorf("Expected 2 peers, got %d", len(bl.peers))
+	}
+	if _, exists := bl.peers["peer1"]; exists {
+		t.Errorf("Expected peer1 to be removed")
+	}
+}
+
+// TestBlacklistStalePeers tests the automatic blacklisting of stale peers.
+func TestBlacklistStalePeers(t *testing.T) {
+	bl := NewBlackList(2, 1*time.Minute, 1)
+	bl.AddOrUpdatePeer("peer1", 100)
+	time.Sleep(2 * time.Minute) // simulate time passing
+	bl.BlacklistStalePeers()
+
+	if bl.peers["peer1"].BlacklistCount != 1 {
+		t.Errorf("Expected BlacklistCount of 1, got %d", bl.peers["peer1"].BlacklistCount)
+	}
+}
+
+// TestIsBlacklisted tests checking if a peer is blacklisted.
+func TestIsBlacklisted(t *testing.T) {
+	bl := NewBlackList(2, 1*time.Minute, 1)
+	bl.AddOrUpdatePeer("peer1", 100)
+	bl.peers["peer1"].LastSeen = time.Now().Add(-2 * time.Minute) // make peer stale
+	bl.BlacklistStalePeers()
+
+	if !bl.IsBlacklisted("peer1") {
+		t.Errorf("Expected peer1 to be blacklisted")
+	}
+}
+
+// TestEdgeCases tests handling of edge cases such as invalid IDs.
+func TestEdgeCases(t *testing.T) {
+	bl := NewBlackList(2, 1*time.Minute, 1)
+	bl.AddOrUpdatePeer("", 100) // testing with empty ID
+	if len(bl.peers) != 0 {
+		t.Errorf("Expected 0 peers, got %d", len(bl.peers))
+	}
+}
+
+// TestAddOrUpdatePeer_MaxPeers tests behavior when adding peers up to and beyond the maximum limit.
+func TestAddOrUpdatePeer_MaxPeers(t *testing.T) {
+	bl := NewBlackList(3, 10*time.Minute, 3)
+
+	bl.AddOrUpdatePeer("peer1", 100)
+	bl.AddOrUpdatePeer("peer2", 101)
+	bl.AddOrUpdatePeer("peer3", 102)
+	bl.AddOrUpdatePeer("peer4", 103) // This should remove peer1
+
+	if len(bl.peers) != 3 {
+		t.Errorf("Expected 3 peers, got %d", len(bl.peers))
+	}
+
+	if _, exists := bl.peers["peer1"]; exists {
+		t.Errorf("Expected peer1 to be removed")
+	}
+}
+
+// TestBlacklistCountOverflow checks how the system handles when a peer's BlacklistCount exceeds the threshold.
+func TestBlacklistCountOverflow(t *testing.T) {
+	bl := NewBlackList(2, 1*time.Second, 2)
+	bl.AddOrUpdatePeer("peer1", 100)
+
+	// Simulate multiple blacklist increments
+	time.Sleep(2 * time.Second)
+	bl.BlacklistStalePeers()
+	bl.BlacklistStalePeers()
+
+	if !bl.IsBlacklisted("peer1") {
+		t.Errorf("Expected peer1 to be blacklisted after exceeding blacklist count")
+	}
+}
+
+// TestExpiryTimeBoundary tests behavior when a peer's LastSeen is exactly at the expiry boundary.
+func TestExpiryTimeBoundary(t *testing.T) {
+	bl := NewBlackList(2, 1*time.Second, 2)
+	bl.AddOrUpdatePeer("peer1", 100)
+	time.Sleep(1 * time.Second)
+
+	bl.BlacklistStalePeers() // Should increment blacklist count but not blacklisted yet
+
+	if bl.peers["peer1"].BlacklistCount != 1 {
+		t.Errorf("Expected BlacklistCount of 1, got %d", bl.peers["peer1"].BlacklistCount)
+	}
+
+	if bl.IsBlacklisted("peer1") {
+		t.Errorf("Peer1 should not be blacklisted yet")
+	}
+}
+
+// TestConcurrentAccess tests concurrent access to the blackList.
+func TestConcurrentAccess(t *testing.T) {
+	bl := NewBlackList(100, 10*time.Minute, 3)
+	var wg sync.WaitGroup
+
+	for i := 0; i < 50; i++ {
+		wg.Add(1)
+		go func(id string) {
+			defer wg.Done()
+			bl.AddOrUpdatePeer(id, int64(i))
+		}(string(rune('a' + i)))
+	}
+
+	wg.Wait()
+
+	if len(bl.peers) != 50 {
+		t.Errorf("Expected 50 peers, got %d", len(bl.peers))
+	}
+}
+
+// TestReaddingBlacklistedPeer tests the behavior when a blacklisted peer is re-added.
+func TestReaddingBlacklistedPeer(t *testing.T) {
+	bl := NewBlackList(2, 1*time.Second, 1)
+	bl.AddOrUpdatePeer("peer1", 100)
+
+	// Simulate time passing to trigger blacklist
+	time.Sleep(2 * time.Second)
+	bl.BlacklistStalePeers()
+
+	// Ensure peer1 is blacklisted
+	if !bl.IsBlacklisted("peer1") {
+		t.Errorf("Expected peer1 to be blacklisted")
+	}
+
+	// Re-add the same peer
+	bl.AddOrUpdatePeer("peer1", 101)
+
+	if bl.peers["peer1"].BlacklistCount != 0 {
+		t.Errorf("Expected BlacklistCount to be reset, got %d", bl.peers["peer1"].BlacklistCount)
+	}
+
+	if bl.IsBlacklisted("peer1") {
+		t.Errorf("Peer1 should not be blacklisted after re-adding with updated information")
+	}
+}

eth/fetcher/block_fetcher.go

@@ -868,9 +868,9 @@ func (f *BlockFetcher) importHeaders(op *blockOrHeaderInject) {
 		parent := f.getHeader(header.ParentHash)
 		if parent == nil {
 			log.Debug("Unknown parent of propagated header", "peer", peer, "number", header.Number, "hash", hash, "parent", header.ParentHash)
+			time.Sleep(reQueueBlockTimeout)
 			// forget block first, then re-queue
 			f.done <- hash
-			time.Sleep(reQueueBlockTimeout)
 			f.requeue <- op
 			return
 		}
@@ -909,9 +909,9 @@ func (f *BlockFetcher) importBlocks(op *blockOrHeaderInject) {
 		parent := f.getBlock(block.ParentHash())
 		if parent == nil {
 			log.Debug("Unknown parent of propagated block", "peer", peer, "number", block.Number(), "hash", hash, "parent", block.ParentHash())
+			time.Sleep(reQueueBlockTimeout)
 			// forget block first, then re-queue
 			f.done <- hash
-			time.Sleep(reQueueBlockTimeout)
 			f.requeue <- op
 			return
 		}

eth/handler.go

@@ -172,6 +172,8 @@ type handler struct {
 
 	handlerStartCh chan struct{}
 	handlerDoneCh  chan struct{}
+
+	blackList *blackList
 }
 
 // newHandler returns a handler for all Ethereum chain management protocol.
@@ -321,14 +323,21 @@ func newHandler(config *handlerConfig) (*handler, error) {
 
 	broadcastBlockWithCheck := func(block *types.Block, propagate bool) {
 		if propagate {
-			if !(block.Header().WithdrawalsHash == nil && block.Withdrawals() == nil) &&
-				!(block.Header().EmptyWithdrawalsHash() && block.Withdrawals() != nil && len(block.Withdrawals()) == 0) {
-				log.Error("Propagated block has invalid withdrawals")
-				return
-			}
-			if err := core.IsDataAvailable(h.chain, block); err != nil {
-				log.Error("Propagating block with invalid sidecars", "number", block.Number(), "hash", block.Hash(), "err", err)
-				return
+			checkErrs := make(chan error, 2)
+
+			go func() {
+				checkErrs <- core.ValidateListsInBody(block)
+			}()
+			go func() {
+				checkErrs <- core.IsDataAvailable(h.chain, block)
+			}()
+
+			for i := 0; i < cap(checkErrs); i++ {
+				err := <-checkErrs
+				if err != nil {
+					log.Error("Propagating invalid block", "number", block.Number(), "hash", block.Hash(), "err", err)
+					return
+				}
 			}
 		}
 		h.BroadcastBlock(block, propagate)
@@ -695,6 +704,7 @@ func (h *handler) unregisterPeer(id string) {
 func (h *handler) Start(maxPeers int, maxPeersPerIP int) {
 	h.maxPeers = maxPeers
 	h.maxPeersPerIP = maxPeersPerIP
+	h.blackList = NewBlackList(maxPeers, 1*time.Hour, 3)
 	// broadcast and announce transactions (only new ones, not resurrected ones)
 	h.wg.Add(1)
 	h.txsCh = make(chan core.NewTxsEvent, txChanSize)

eth/protocols/eth/protocol.go

@@ -25,7 +25,6 @@ import (
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/core/forkid"
 	"github.com/ethereum/go-ethereum/core/types"
-	"github.com/ethereum/go-ethereum/params"
 	"github.com/ethereum/go-ethereum/rlp"
 )
 
@@ -47,7 +46,7 @@ var ProtocolVersions = []uint{ETH68}
 var protocolLengths = map[uint]uint64{ETH68: 17}
 
 // maxMessageSize is the maximum cap on the size of a protocol message.
-var maxMessageSize = params.MaxMessageSize
+const maxMessageSize = 10 * 1024 * 1024
 
 const (
 	StatusMsg                     = 0x00

eth/sync.go

@@ -248,9 +248,6 @@ func (h *handler) doSync(op *chainSyncOp) error {
 		// degenerate connectivity, but it should be healthy for the mainnet too to
 		// more reliably update peers or the local TD state.
 		if block := h.chain.GetBlock(head.Hash(), head.Number.Uint64()); block != nil {
-			if h.chain.Config().IsCancun(block.Number(), block.Time()) {
-				block = block.WithSidecars(h.chain.GetSidecarsByHash(block.Hash()))
-			}
 			h.BroadcastBlock(block, false)
 		}
 	}

miner/bid_simulator.go

@@ -692,14 +692,6 @@ func (b *bidSimulator) simBid(interruptCh chan int32, bidRuntime *BidRuntime) {
 		return
 	}
 
-	// check bid size
-	if bidRuntime.env.size+blockReserveSize > params.MaxMessageSize {
-		log.Error("BidSimulator: failed to check bid size", "builder", bidRuntime.bid.Builder,
-			"bidHash", bidRuntime.bid.Hash(), "env.size", bidRuntime.env.size)
-		err = errors.New("invalid bid size")
-		return
-	}
-
 	bestBid := b.GetBestBid(parentHash)
 	if bestBid == nil {
 		log.Info("[BID RESULT]", "win", "true[first]", "builder", bidRuntime.bid.Builder, "hash", bidRuntime.bid.Hash().TerminalString())
@@ -866,7 +858,6 @@ func (r *BidRuntime) commitTransaction(chain *core.BlockChain, chainConfig *para
 	}
 
 	r.env.tcount++
-	r.env.size += uint32(tx.Size())
 
 	return nil
 }

miner/worker.go

@@ -70,12 +70,6 @@ const (
 
 	// the default to wait for the mev miner to finish
 	waitMEVMinerEndTimeLimit = 50 * time.Millisecond
-
-	// Reserve block size for the following 3 components:
-	// a. System transactions at the end of the block
-	// b. Seal in the block header
-	// c. Overhead from RLP encoding
-	blockReserveSize = 100 * 1024
 )
 
 var (
@@ -95,7 +89,6 @@ type environment struct {
 	signer   types.Signer
 	state    *state.StateDB // apply state changes here
 	tcount   int            // tx count in cycle
-	size     uint32         // almost accurate block size,
 	gasPool  *core.GasPool  // available gas used to pack transactions
 	coinbase common.Address
 
@@ -112,7 +105,6 @@ func (env *environment) copy() *environment {
 		signer:   env.signer,
 		state:    env.state.Copy(),
 		tcount:   env.tcount,
-		size:     env.size,
 		coinbase: env.coinbase,
 		header:   types.CopyHeader(env.header),
 		receipts: copyReceipts(env.receipts),
@@ -903,13 +895,6 @@ LOOP:
 			txs.Pop()
 			continue
 		}
-		// If we don't have enough size left for the next transaction, skip it.
-		if env.size+uint32(tx.Size())+blockReserveSize > params.MaxMessageSize {
-			log.Trace("Not enough size left for transaction", "hash", ltx.Hash,
-				"env.size", env.size, "needed", uint32(tx.Size()))
-			txs.Pop()
-			continue
-		}
 		// Error may be ignored here. The error has already been checked
 		// during transaction acceptance is the transaction pool.
 		from, _ := types.Sender(env.signer, tx)
@@ -935,7 +920,6 @@ LOOP:
 			// Everything ok, collect the logs and shift in the next transaction from the same account
 			coalescedLogs = append(coalescedLogs, logs...)
 			env.tcount++
-			env.size += uint32(tx.Size()) // size of BlobTxSidecar included
 			txs.Shift()
 
 		default:
@@ -1071,9 +1055,6 @@ func (w *worker) prepareWork(genParams *generateParams) (*environment, error) {
 		vmenv := vm.NewEVM(context, vm.TxContext{}, env.state, w.chainConfig, vm.Config{})
 		core.ProcessBeaconBlockRoot(*header.ParentBeaconRoot, vmenv, env.state)
 	}
-
-	env.size = uint32(env.header.Size())
-
 	return env, nil
 }
 

params/protocol_params.go

@@ -29,8 +29,6 @@ const (
 	GenesisGasLimit      uint64 = 4712388            // Gas limit of the Genesis block.
 	PayBidTxGasLimit     uint64 = 25000              // Gas limit of the PayBidTx in the types.BidArgs.
 
-	MaxMessageSize uint32 = 10 * 1024 * 1024 // MaxMessageSize is the maximum cap on the size of a eth protocol message.
-
 	MaximumExtraDataSize  uint64 = 32       // Maximum size extra data may be after Genesis.
 	ForkIDSize            uint64 = 4        // The length of fork id
 	ExpByteGas            uint64 = 10       // Times ceil(log256(exponent)) for the EXP instruction.

params/version.go

@@ -23,7 +23,7 @@ import (
 const (
 	VersionMajor = 1  // Major version component of the current release
 	VersionMinor = 4  // Minor version component of the current release
-	VersionPatch = 15 // Patch version component of the current release
+	VersionPatch = 14 // Patch version component of the current release
 	VersionMeta  = "" // Version metadata to append to the version string
 )