From 3d7a7a72e98d644582c582733f508977e715f539 Mon Sep 17 00:00:00 2001 From: Bryan Stitt Date: Wed, 13 Jul 2022 23:25:01 +0000 Subject: [PATCH] add stub for transaction firewall --- web3-proxy/src/app.rs | 29 ++++++++++++++++++++++------- web3-proxy/src/connection.rs | 4 ++-- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/web3-proxy/src/app.rs b/web3-proxy/src/app.rs index 31697262..91646ef2 100644 --- a/web3-proxy/src/app.rs +++ b/web3-proxy/src/app.rs @@ -1,7 +1,7 @@ use axum::extract::ws::Message; use dashmap::mapref::entry::Entry as DashMapEntry; use dashmap::DashMap; -use ethers::prelude::{Address, Transaction}; +use ethers::prelude::{Address, Bytes, Transaction}; use ethers::prelude::{Block, TxHash, H256}; use futures::future::Abortable; use futures::future::{join_all, AbortHandle}; @@ -15,6 +15,7 @@ use redis_cell_client::{bb8, RedisCellClient, RedisConnectionManager}; use serde_json::json; use std::fmt; use std::pin::Pin; +use std::str::FromStr; use std::sync::atomic::{self, AtomicUsize}; use std::sync::Arc; use std::time::Duration; @@ -27,6 +28,7 @@ use tracing::{info, info_span, instrument, trace, warn, Instrument}; use crate::bb8_helpers; use crate::config::AppConfig; use crate::connections::Web3Connections; +use crate::firewall::check_firewall_raw; use crate::jsonrpc::JsonRpcForwardedResponse; use crate::jsonrpc::JsonRpcForwardedResponseEnum; use crate::jsonrpc::JsonRpcRequest; @@ -732,12 +734,25 @@ impl Web3ProxyApp { } // TODO: eth_sendBundle (flashbots command) // broadcast transactions to all private rpcs at once - "eth_sendRawTransaction" => { - self.private_rpcs - .try_send_all_upstream_servers(request, false) - .instrument(span) - .await - } + "eth_sendRawTransaction" => match &request.params { + Some(serde_json::Value::Array(params)) => { + if params.len() != 1 || !params[0].is_string() { + return Err(anyhow::anyhow!("invalid request")); + } + + let raw_tx = Bytes::from_str(params[0].as_str().unwrap())?; + + if check_firewall_raw(&raw_tx).await? { + self.private_rpcs + .try_send_all_upstream_servers(request, false) + .instrument(span) + .await + } else { + Err(anyhow::anyhow!("transaction blocked by firewall")) + } + } + _ => Err(anyhow::anyhow!("invalid request")), + }, "eth_syncing" => { // TODO: return a real response if all backends are syncing or if no servers in sync let partial_response = json!(false); diff --git a/web3-proxy/src/connection.rs b/web3-proxy/src/connection.rs index f70a991f..ec09fbbd 100644 --- a/web3-proxy/src/connection.rs +++ b/web3-proxy/src/connection.rs @@ -1,7 +1,7 @@ ///! Rate-limited communication with a web3 provider use anyhow::Context; use derive_more::From; -use ethers::prelude::{Block, Bytes, Middleware, ProviderError, TxHash, U256}; +use ethers::prelude::{Block, Bytes, Middleware, ProviderError, TxHash}; use futures::future::try_join_all; use futures::StreamExt; use redis_cell_client::RedisCellClient; @@ -14,7 +14,7 @@ use std::{cmp::Ordering, sync::Arc}; use tokio::sync::broadcast; use tokio::sync::RwLock; use tokio::time::{interval, sleep, Duration, MissedTickBehavior}; -use tracing::{debug, error, info, instrument, trace, warn}; +use tracing::{error, info, instrument, trace, warn}; use crate::app::{flatten_handle, AnyhowJoinHandle};