rpc: add limit for batch request items and response size

CHANGELOG.md

@@ -49,6 +49,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
 ### Features
 
 * (rpc) [#1682](https://github.com/evmos/ethermint/pull/1682) Add config for maximum number of bytes returned from eth_call.
+* (rpc) [#268](https://github.com/crypto-org-chain/ethermint/pull/268) Add config for maximum number of requests and bytes returned from a batched call.
 
 ### Bug Fixes
 

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/btcsuite/btcd/btcutil v1.1.3
 	github.com/cosmos/cosmos-sdk v0.46.13-0.20230524145004-5b02d46853ba
 	github.com/cosmos/go-bip39 v1.0.0
+	github.com/cosmos/gogoproto v1.4.10
 	github.com/cosmos/ibc-go/v5 v5.0.0-rc0
 	github.com/davecgh/go-spew v1.1.1
 	github.com/ethereum/go-ethereum v1.10.19
@@ -37,7 +38,7 @@ require (
 	golang.org/x/net v0.9.0
 	golang.org/x/text v0.9.0
 	google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4
-	google.golang.org/grpc v1.54.0
+	google.golang.org/grpc v1.55.0
 	google.golang.org/protobuf v1.30.0
 	sigs.k8s.io/yaml v1.3.0
 )
@@ -104,7 +105,7 @@ require (
 	github.com/go-stack/stack v1.8.0 // indirect
 	github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
 	github.com/gogo/gateway v1.1.0 // indirect
-	github.com/golang/glog v1.0.0 // indirect
+	github.com/golang/glog v1.1.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/btree v1.1.2 // indirect
@@ -184,7 +185,7 @@ require (
 	go.opencensus.io v0.24.0 // indirect
 	golang.org/x/crypto v0.7.0 // indirect
 	golang.org/x/exp v0.0.0-20230310171629-522b1b587ee0 // indirect
-	golang.org/x/oauth2 v0.5.0 // indirect
+	golang.org/x/oauth2 v0.6.0 // indirect
 	golang.org/x/sync v0.1.0 // indirect
 	golang.org/x/sys v0.7.0 // indirect
 	golang.org/x/term v0.7.0 // indirect
@@ -202,6 +203,7 @@ replace (
 	// use cosmos keyring
 	github.com/99designs/keyring => github.com/cosmos/keyring v1.1.7-0.20210622111912-ef00f8ac3d76
 	github.com/cosmos/cosmos-sdk => github.com/cosmos/cosmos-sdk v0.46.13-0.20230524145004-5b02d46853ba
+	github.com/ethereum/go-ethereum => github.com/mmsqe/go-ethereum v1.10.19-0.20230614011134-2cfbc432f7a5
 	// Fix upstream GHSA-h395-qcrw-5vmq and GHSA-3vp4-m3rf-835h vulnerabilities.
 	// TODO Remove it: https://github.com/cosmos/cosmos-sdk/issues/10409
 	github.com/gin-gonic/gin => github.com/gin-gonic/gin v1.9.0

gomod2nix.toml

@@ -123,6 +123,9 @@ schema = 3
   [mod."github.com/cosmos/go-bip39"]
     version = "v1.0.0"
     hash = "sha256-Qm2aC2vaS8tjtMUbHmlBSagOSqbduEEDwc51qvQaBmA="
+  [mod."github.com/cosmos/gogoproto"]
+    version = "v1.4.10"
+    hash = "sha256-Anm4O3bUONsN7J9Psg9E+oQasmUyoGc7UE1aaHJaehE="
   [mod."github.com/cosmos/iavl"]
     version = "v0.19.5"
     hash = "sha256-8PerCyxQrBCtr2zkhgriqauhCSoIe580dsYpZ44o+cE="
@@ -175,8 +178,9 @@ schema = 3
     version = "v1.0.0"
     hash = "sha256-k1DYvCqO3BKNcGEve/nMW0RxzMkK2tGfXbUbycqcVSo="
   [mod."github.com/ethereum/go-ethereum"]
-    version = "v1.10.19"
-    hash = "sha256-7FPnTGcCb8Xd1QVR+6PmGTaHdTY1mm/8osFTW1JLuG8="
+    version = "v1.10.19-0.20230614011134-2cfbc432f7a5"
+    hash = "sha256-2t0vpaDAGgm8T3QK7L6SClZg6hlpnk+ZxX6LMzEgqpE="
+    replaced = "github.com/mmsqe/go-ethereum"
   [mod."github.com/felixge/httpsnoop"]
     version = "v1.0.1"
     hash = "sha256-TNXnnC/ZGNY9lInAcES1cBGqIdEljKuh5LH/khVFjVk="
@@ -218,8 +222,8 @@ schema = 3
     hash = "sha256-TKa//aFXpWH+yK/cN1oaaqhipZpPUovekP6oA9vLIHY="
     replaced = "github.com/regen-network/protobuf"
   [mod."github.com/golang/glog"]
-    version = "v1.0.0"
-    hash = "sha256-bglITqRgzi52zc6FoYYnfCvrjFWV4RVOacPCnbEBom4="
+    version = "v1.1.0"
+    hash = "sha256-FgkBzn32nsq5Fpz0KKOrOqKap6pa2A1P3N2C0/Qp820="
   [mod."github.com/golang/groupcache"]
     version = "v0.0.0-20210331224755-41bb18bfe9da"
     hash = "sha256-7Gs7CS9gEYZkbu5P4hqPGBpeGZWC64VDwraSKFF+VR0="
@@ -527,8 +531,8 @@ schema = 3
     version = "v0.9.0"
     hash = "sha256-EG5GRDq282twyce8uugsDTjMz1pNn6zPcyVTZmSiJ14="
   [mod."golang.org/x/oauth2"]
-    version = "v0.5.0"
-    hash = "sha256-+ns+lPELOJdb1YpIxQRBVQeSEsn0VhnKPnHg5Q0NOH4="
+    version = "v0.6.0"
+    hash = "sha256-M6yqSRqMcgp4bOCa4ey8/13z/0BrjQgyUQXJZU1hmnw="
   [mod."golang.org/x/sync"]
     version = "v0.1.0"
     hash = "sha256-Hygjq9euZ0qz6TvHYQwOZEjNiTbTh1nSLRAWZ6KFGR8="
@@ -554,8 +558,8 @@ schema = 3
     version = "v0.0.0-20230306155012-7f2fa6fef1f4"
     hash = "sha256-mFnDrRD0B/fL+om/wkU/6ODFMzjaoeyoWy0vsmzQh1I="
   [mod."google.golang.org/grpc"]
-    version = "v1.54.0"
-    hash = "sha256-2HzpK4s9zAGUv/26wChxbfkX3t4WB1bLM96O5gkQmro="
+    version = "v1.55.0"
+    hash = "sha256-UT1/x6XSkv1o2rJC2DI8CPvyB+nsFYUcZqtCPOdg42M="
   [mod."google.golang.org/protobuf"]
     version = "v1.30.0"
     hash = "sha256-Y07NKhSuJQ2w7F7MAINQyBf+/hdMHOrxwA3B4ljQQKs="

server/config/config.go

@@ -6,13 +6,13 @@
 	"path"
 	"time"
 
 	"github.com/spf13/viper"
 
 	"github.com/tendermint/tendermint/libs/strings"
 
 	"github.com/cosmos/cosmos-sdk/server/config"
 
 	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
 )
 
 const (
@@ -63,6 +63,12 @@
 
 	// DefaultReturnDataLimit is maximum number of bytes returned from eth_call or similar invocations
 	DefaultReturnDataLimit = 100000
+
+	// DefaultBatchRequestLimit is maximum number of requests in a batch
+	DefaultBatchRequestLimit = 1000
+
+	// DefaultBatchResponseMaxSize maximum number of bytes returned from a batched call
+	DefaultBatchResponseMaxSize = 25 * 1000 * 1000
 )
 
 var evmTracers = []string{"json", "markdown", "struct", "access_list"}
@@ -126,6 +132,10 @@
 	MetricsAddress string `mapstructure:"metrics-address"`
 	// ReturnDataLimit defines maximum number of bytes returned from `eth_call` or similar invocations
 	ReturnDataLimit int64 `mapstructure:"return-data-limit"`
+	// BatchRequestLimit maximum number of requests in a batch
+	BatchRequestLimit int64 `mapstructure:"batch-request-limit"`
+	// BatchResponseMaxSize maximum number of bytes returned from a batched call
+	BatchResponseMaxSize int64 `mapstructure:"batch-response-max-size"`
 	// FixRevertGasRefundHeight defines the upgrade height for fix of revert gas refund logic when transaction reverted
 	FixRevertGasRefundHeight int64 `mapstructure:"fix-revert-gas-refund-height"`
 }
@@ -231,6 +241,8 @@
 		EnableIndexer:            false,
 		MetricsAddress:           DefaultJSONRPCMetricsAddress,
 		ReturnDataLimit:          DefaultReturnDataLimit,
+		BatchRequestLimit:        DefaultBatchRequestLimit,
+		BatchResponseMaxSize:     DefaultBatchResponseMaxSize,
 		FixRevertGasRefundHeight: DefaultFixRevertGasRefundHeight,
 	}
 }
@@ -343,6 +355,8 @@
 			MetricsAddress:           v.GetString("json-rpc.metrics-address"),
 			ReturnDataLimit:          v.GetInt64("json-rpc.return-data-limit"),
 			FixRevertGasRefundHeight: v.GetInt64("json-rpc.fix-revert-gas-refund-height"),
+			BatchRequestLimit:        v.GetInt64("json-rpc.batch-request-limit"),
+			BatchResponseMaxSize:     v.GetInt64("json-rpc.batch-response-max-size"),
 		},
 		TLS: TLSConfig{
 			CertificatePath: v.GetString("tls.certificate-path"),
@@ -363,11 +377,11 @@
 // ValidateBasic returns an error any of the application configuration fields are invalid
 func (c Config) ValidateBasic() error {
 	if err := c.EVM.Validate(); err != nil {
 		return sdkerrors.Wrapf(sdkerrors.ErrAppConfig, "invalid evm config value: %s", err.Error())
 	}
 
 	if err := c.JSONRPC.Validate(); err != nil {
 		return sdkerrors.Wrapf(sdkerrors.ErrAppConfig, "invalid json-rpc config value: %s", err.Error())
 	}
 
 	if err := c.TLS.Validate(); err != nil {

server/config/toml.go

@@ -80,6 +80,12 @@ metrics-address = "{{ .JSONRPC.MetricsAddress }}"
 # Maximum number of bytes returned from eth_call or similar invocations.
 return-data-limit = {{ .JSONRPC.ReturnDataLimit }}
 
+# Maximum number of requests in a batch.
+batch-request-limit = {{ .JSONRPC.BatchRequestLimit }}
+
+# Maximum number of bytes returned from a batched call.
+batch-response-max-size = {{ .JSONRPC.BatchResponseMaxSize }}
+
 # Upgrade height for fix of revert gas refund logic when transaction reverted.
 fix-revert-gas-refund-height = {{ .JSONRPC.FixRevertGasRefundHeight }}
 

server/flags/flags.go

@@ -1,10 +1,10 @@
 package flags
 
 import (
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
 
 // Tendermint/cosmos-sdk full-node start flags
@@ -55,6 +55,8 @@
 	// https://github.com/ethereum/go-ethereum/blob/master/metrics/metrics.go#L35-L55
 	JSONRPCEnableMetrics            = "metrics"
 	JSONRPCReturnDataLimit          = "json-rpc.return-data-limit"
+	JSONRPCBatchRequestLimit        = "json-rpc.batch-request-limit"
+	JSONRPCBatchResponseMaxSize     = "json-rpc.batch-response-max-size"
 	JSONRPCFixRevertGasRefundHeight = "json-rpc.fix-revert-gas-refund-height"
 )
 

server/json_rpc.go

@@ -42,7 +42,7 @@ func StartJSONRPC(ctx *server.Context,
 	}))
 
 	rpcServer := ethrpc.NewServer()
-
+	rpcServer.SetBatchLimits(int(config.JSONRPC.BatchRequestLimit), int(config.JSONRPC.BatchResponseMaxSize)) // add 0x: (3594240 + 2) * 4
 	allowUnprotectedTxs := config.JSONRPC.AllowUnprotectedTxs
 	rpcAPIArr := config.JSONRPC.API
 

tests/integration_tests/configs/exploit.jsonnet

@@ -5,6 +5,8 @@ config {
     'app-config'+: {
       'json-rpc'+: {
         'return-data-limit': 3594241,  // memory_byte_size + 1
+        'batch-request-limit': 2,
+        'batch-response-max-size': 10,
       },
     },
   },

tests/integration_tests/test_exploit.py

@@ -73,3 +73,28 @@ def expect_cb(result):
             assert "error" not in item
 
     run_test(custom_ethermint, concurrent, batch, expect_cb)
+
+
+def test_batch_call(custom_ethermint):
+    concurrent = 1
+    batch = 3
+
+    def expect_cb(result):
+        for item in result:
+            assert "error" in item
+            assert "batch too large" in item["error"]["message"]
+    run_test(custom_ethermint, concurrent, batch, expect_cb)
+
+
+def test_batch_large_call(custom_ethermint):
+    concurrent = 1
+    batch = 2
+
+    def expect_cb(result):
+        for i, item in enumerate(result):
+            if i == 0:
+                assert "error" not in item
+            else:
+                assert "error" in item
+                assert "response too large" in item["error"]["message"]
+    run_test(custom_ethermint, concurrent, batch, expect_cb)