* txpool svc * change mod github path * tag-tool * codeowners
2.1 KiB
op-txproxy
A supplemental passthrough proxy for some execution engine endpoints. This proxy does not forward all rpc traffic and only exposes a specific set of endpoints. Operationally, the public ingress proxy should only re-route requests for these endpoints.
stateDiagram-v2
proxyd --> txproxy: intercepted methods
proxyd --> backend: unintercepted methods
txproxy --> backend
Setup
Install go 1.21
make build
./bin/op-txproxy --help
Endpoints
eth_sendRawTransactionConditional
An outcome of how to integrate this spec safely for permissionless 4337 bundler participation. This solution in the design doc proposal requires a validating proxy that can be horizontally scaled and pre-emptively reject invalid conditional transaction. The implemented endpoint covers these objectives:
-
Auth. preemptively put in place to enable a variety of auth policies (allowlist, rate limits, etc).
The caller authenticates themselves with any valid ECDSA-secp256k1 key, like an Ethereum key. The computed signature is over the EIP-191 hash of the request body (up to the 5MB request body limit).
With the signature and signing address, the request is authenticated via the
X-Optimism-Signature
header of the request with the value<public key address>: <signature>
. -
Rate Limits. global rate limits on the endpoint are applied here.
-
Rejection Switch. this proxy can be rolled with a flag/env switch to reject conditional transaction without needing to interrupt the execution engine.
-
Basic Validation. stateless validation is done in the endpoint to reject invalid conditional transactions and apply additional restricts on the usage (only 4337 entrypoint tx target support).
-
Metrics. performance of this endpoint can be observed in order to inform adjustments to rate limits, shutoff, or auth policies to implement.