Skip to content

basefee + debug logs #725

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: optimism
Choose a base branch
from
Open

basefee + debug logs #725

wants to merge 1 commit into from
+128 −55

Conversation

@jurajpiar
Copy link

@jurajpiar jurajpiar commented Nov 19, 2025

Description

Tests

Additional context

Metadata

@jurajpiar jurajpiar requested a review from a team as a code owner November 19, 2025 10:23
almanax-ai[bot]
almanax-ai bot reviewed Nov 19, 2025
View reviewed changes
core/vm/evm.go
// the necessary steps to create accounts and reverses the state in case of an
// execution error or failed value transfer.
func (evm *EVM) Call(caller common.Address, addr common.Address, input []byte, gas uint64, value *uint256.Int) (ret []byte, leftOverGas uint64, err error) {
fmt.Println("evm.go ~ EVM ~ Call ~ Calling contract", caller, addr, string(input[:10]), gas, value)
Copy link

@almanax-ai almanax-ai bot Nov 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Medium Severity severity

Denial of Service (DoS): unbounded debug logging in EVM.Call

A stray fmt.Println in core/vm/evm.go within the hot-path EVM.Call method emits a log on every contract invocation, risking I/O saturation and node unresponsiveness under high load.

Remove or gate the debug fmt.Println calls behind a configurable log level (e.g., debug-only) to avoid unbounded logging in production.

Suggested change
fmt.Println("evm.go ~ EVM ~ Call ~ Calling contract", caller, addr, string(input[:10]), gas, value)

Don't like this finding? Reply "dismiss" and it won't appear again in future scans.

If it's acknowledged or addressed, reply "resolve" to mark it resolved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sebastianst sebastianst Awaiting requested review from sebastianst sebastianst is a code owner automatically assigned from ethereum-optimism/op-geth-maintainers

1 more reviewer

@almanax-ai almanax-ai[bot] almanax-ai[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jurajpiar