[CHIA-2503] make the super set rule stricter (#19352)

* make the super set rule a stricter

* use BundleCoinSpend bools rather than the flags to determine whether a spend supports fast forward and dedup

Author: arvidn

chia/_tests/core/mempool/test_mempool_manager.py

@@ -207,7 +207,7 @@ def make_test_conds(
     before_seconds_relative: Optional[int] = None,
     before_seconds_absolute: Optional[int] = None,
     cost: int = 0,
-    spend_ids: list[bytes32] = [TEST_COIN_ID],
+    spend_ids: list[tuple[bytes32, int]] = [(TEST_COIN_ID, 0)],
 ) -> SpendBundleConditions:
     return SpendBundleConditions(
         [
@@ -230,9 +230,9 @@ def make_test_conds(
                 [],
                 [],
                 [],
-                0,
+                flags,
             )
-            for spend_id in spend_ids
+            for spend_id, flags in spend_ids
         ],
         0,
         uint32(height_absolute),
@@ -751,19 +751,25 @@ def mk_item(
     assert_height: Optional[int] = None,
     assert_before_height: Optional[int] = None,
     assert_before_seconds: Optional[int] = None,
+    flags: list[int] = [],
 ) -> MempoolItem:
     # we don't actually care about the puzzle and solutions for the purpose of
     # can_replace()
-    spend_ids = []
+    spend_ids: list[tuple[bytes32, int]] = []
     coin_spends = []
     bundle_coin_spends = {}
-    for c in coins:
+    if len(flags) < len(coins):
+        flags.extend([0] * (len(coins) - len(flags)))
+    for c, f in zip(coins, flags):
         coin_id = c.name()
-        spend_ids.append(coin_id)
+        spend_ids.append((coin_id, f))
         spend = make_spend(c, SerializedProgram.to(None), SerializedProgram.to(None))
         coin_spends.append(spend)
         bundle_coin_spends[coin_id] = BundleCoinSpend(
-            coin_spend=spend, eligible_for_dedup=False, eligible_for_fast_forward=False, additions=[]
+            coin_spend=spend,
+            eligible_for_dedup=bool(f & ELIGIBLE_FOR_DEDUP),
+            eligible_for_fast_forward=bool(f & ELIGIBLE_FOR_FF),
+            additions=[],
         )
     spend_bundle = SpendBundle(coin_spends, G2Element())
     conds = make_test_conds(cost=cost, spend_ids=spend_ids)
@@ -817,6 +823,46 @@ def make_test_coins() -> list[Coin]:
         ([mk_item(coins[0:2])], mk_item(coins[0:2], fee=10000000), True),
         # or if we spend the same coins with additional coins
         ([mk_item(coins[0:2])], mk_item(coins[0:3], fee=10000000), True),
+        # you're not allowed to clear the fast-forward or dedup flag. It's OK to set it
+        # and leave it unchanged
+        ([mk_item(coins[0:2])], mk_item(coins[0:3], flags=[ELIGIBLE_FOR_DEDUP, 0, 0], fee=10000000), True),
+        ([mk_item(coins[0:2])], mk_item(coins[0:3], flags=[ELIGIBLE_FOR_FF, 0, 0], fee=10000000), True),
+        # flag cleared
+        ([mk_item(coins[0:2], flags=[ELIGIBLE_FOR_DEDUP, 0])], mk_item(coins[0:3], fee=10000000), False),
+        ([mk_item(coins[0:2], flags=[ELIGIBLE_FOR_FF, 0])], mk_item(coins[0:3], fee=10000000), False),
+        # unchanged
+        (
+            [mk_item(coins[0:2], flags=[ELIGIBLE_FOR_DEDUP, 0])],
+            mk_item(coins[0:3], flags=[ELIGIBLE_FOR_DEDUP, 0, 0], fee=10000000),
+            True,
+        ),
+        (
+            [mk_item(coins[0:2], flags=[ELIGIBLE_FOR_FF, 0])],
+            mk_item(coins[0:3], flags=[ELIGIBLE_FOR_FF, 0, 0], fee=10000000),
+            True,
+        ),
+        # the spends are independent
+        (
+            [mk_item(coins[0:2], flags=[ELIGIBLE_FOR_DEDUP, 0])],
+            mk_item(coins[0:3], flags=[0, ELIGIBLE_FOR_DEDUP, 0], fee=10000000),
+            False,
+        ),
+        (
+            [mk_item(coins[0:2], flags=[ELIGIBLE_FOR_FF, 0])],
+            mk_item(coins[0:3], flags=[0, ELIGIBLE_FOR_FF, 0], fee=10000000),
+            False,
+        ),
+        # the bits are independent
+        (
+            [mk_item(coins[0:2], flags=[ELIGIBLE_FOR_DEDUP, 0])],
+            mk_item(coins[0:3], flags=[ELIGIBLE_FOR_FF, 0, 0], fee=10000000),
+            False,
+        ),
+        (
+            [mk_item(coins[0:2], flags=[ELIGIBLE_FOR_DEDUP, 0])],
+            mk_item(coins[0:3], flags=[ELIGIBLE_FOR_FF, 0, 0], fee=10000000),
+            False,
+        ),
         # FEE- AND FEE RATE RULES
         # if we're replacing two items, each paying a fee of 100, we need to
         # spend (at least) the same coins and pay at least 10000000 higher fee

chia/full_node/mempool_manager.py

@@ -861,6 +861,13 @@ def can_replace(
     assert_height: Optional[uint32] = None
     assert_before_height: Optional[uint32] = None
     assert_before_seconds: Optional[uint64] = None
+    # we don't allow replacing mempool items with new ones that remove
+    # eligibility for dedup and fast-forward. Doing so could be abused by
+    # denying such spends from operating as intended
+    # collect all coins that are eligible for dedup and FF in the existing items
+    existing_ff_spends: set[bytes32] = set()
+    existing_dedup_spends: set[bytes32] = set()
+
     for item in conflicting_items:
         conflicting_fees += item.fee
         conflicting_cost += item.cost
@@ -870,10 +877,14 @@ def can_replace(
         # bundle with AB with a higher fee. An attacker then replaces the bundle with just B with a higher
         # fee than AB therefore kicking out A altogether. The better way to solve this would be to keep a cache
         # of booted transactions like A, and retry them after they get removed from mempool due to a conflict.
-        for coin in item.removals:
-            if coin.name() not in removal_names:
-                log.debug(f"Rejecting conflicting tx as it does not spend conflicting coin {coin.name()}")
+        for coin_id, bcs in item.bundle_coin_spends.items():
+            if coin_id not in removal_names:
+                log.debug("Rejecting conflicting tx as it does not spend conflicting coin %s", coin_id)
                 return False
+            if bcs.eligible_for_fast_forward:
+                existing_ff_spends.add(bytes32(coin_id))
+            if bcs.eligible_for_dedup:
+                existing_dedup_spends.add(bytes32(coin_id))
 
         assert_height = optional_max(assert_height, item.assert_height)
         assert_before_height = optional_min(assert_before_height, item.assert_before_height)
@@ -919,5 +930,15 @@ def can_replace(
         )
         return False
 
+    if len(existing_ff_spends) > 0 or len(existing_dedup_spends) > 0:
+        for coin_id, bcs in new_item.bundle_coin_spends.items():
+            if not bcs.eligible_for_fast_forward and coin_id in existing_ff_spends:
+                log.debug("Rejecting conflicting tx due to changing ELIGIBLE_FOR_FF of coin spend %s", coin_id)
+                return False
+
+            if not bcs.eligible_for_dedup and coin_id in existing_dedup_spends:
+                log.debug("Rejecting conflicting tx due to changing ELIGIBLE_FOR_DEDUP of coin spend %s", coin_id)
+                return False
+
     log.info(f"Replacing conflicting tx in mempool. New tx fee: {new_item.fee}, old tx fees: {conflicting_fees}")
     return True