From 3d7a7a72e98d644582c582733f508977e715f539 Mon Sep 17 00:00:00 2001
From: Bryan Stitt <bryan@satoshiandkin.com>
Date: Wed, 13 Jul 2022 23:25:01 +0000
Subject: [PATCH] add stub for transaction firewall

---
 web3-proxy/src/app.rs        | 29 ++++++++++++++++++++++-------
 web3-proxy/src/connection.rs |  4 ++--
 2 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/web3-proxy/src/app.rs b/web3-proxy/src/app.rs
index 31697262..91646ef2 100644
--- a/web3-proxy/src/app.rs
+++ b/web3-proxy/src/app.rs
@@ -1,7 +1,7 @@
 use axum::extract::ws::Message;
 use dashmap::mapref::entry::Entry as DashMapEntry;
 use dashmap::DashMap;
-use ethers::prelude::{Address, Transaction};
+use ethers::prelude::{Address, Bytes, Transaction};
 use ethers::prelude::{Block, TxHash, H256};
 use futures::future::Abortable;
 use futures::future::{join_all, AbortHandle};
@@ -15,6 +15,7 @@ use redis_cell_client::{bb8, RedisCellClient, RedisConnectionManager};
 use serde_json::json;
 use std::fmt;
 use std::pin::Pin;
+use std::str::FromStr;
 use std::sync::atomic::{self, AtomicUsize};
 use std::sync::Arc;
 use std::time::Duration;
@@ -27,6 +28,7 @@ use tracing::{info, info_span, instrument, trace, warn, Instrument};
 use crate::bb8_helpers;
 use crate::config::AppConfig;
 use crate::connections::Web3Connections;
+use crate::firewall::check_firewall_raw;
 use crate::jsonrpc::JsonRpcForwardedResponse;
 use crate::jsonrpc::JsonRpcForwardedResponseEnum;
 use crate::jsonrpc::JsonRpcRequest;
@@ -732,12 +734,25 @@ impl Web3ProxyApp {
             }
             // TODO: eth_sendBundle (flashbots command)
             // broadcast transactions to all private rpcs at once
-            "eth_sendRawTransaction" => {
-                self.private_rpcs
-                    .try_send_all_upstream_servers(request, false)
-                    .instrument(span)
-                    .await
-            }
+            "eth_sendRawTransaction" => match &request.params {
+                Some(serde_json::Value::Array(params)) => {
+                    if params.len() != 1 || !params[0].is_string() {
+                        return Err(anyhow::anyhow!("invalid request"));
+                    }
+
+                    let raw_tx = Bytes::from_str(params[0].as_str().unwrap())?;
+
+                    if check_firewall_raw(&raw_tx).await? {
+                        self.private_rpcs
+                            .try_send_all_upstream_servers(request, false)
+                            .instrument(span)
+                            .await
+                    } else {
+                        Err(anyhow::anyhow!("transaction blocked by firewall"))
+                    }
+                }
+                _ => Err(anyhow::anyhow!("invalid request")),
+            },
             "eth_syncing" => {
                 // TODO: return a real response if all backends are syncing or if no servers in sync
                 let partial_response = json!(false);
diff --git a/web3-proxy/src/connection.rs b/web3-proxy/src/connection.rs
index f70a991f..ec09fbbd 100644
--- a/web3-proxy/src/connection.rs
+++ b/web3-proxy/src/connection.rs
@@ -1,7 +1,7 @@
 ///! Rate-limited communication with a web3 provider
 use anyhow::Context;
 use derive_more::From;
-use ethers::prelude::{Block, Bytes, Middleware, ProviderError, TxHash, U256};
+use ethers::prelude::{Block, Bytes, Middleware, ProviderError, TxHash};
 use futures::future::try_join_all;
 use futures::StreamExt;
 use redis_cell_client::RedisCellClient;
@@ -14,7 +14,7 @@ use std::{cmp::Ordering, sync::Arc};
 use tokio::sync::broadcast;
 use tokio::sync::RwLock;
 use tokio::time::{interval, sleep, Duration, MissedTickBehavior};
-use tracing::{debug, error, info, instrument, trace, warn};
+use tracing::{error, info, instrument, trace, warn};
 
 use crate::app::{flatten_handle, AnyhowJoinHandle};