Validate gas limit of COA interactions according to Osaka's EIP-7825

Author: m-Peter

fvm/evm/emulator/emulator.go

@@ -2,11 +2,11 @@ package emulator
 
 import (
 	"errors"
+	"fmt"
 	"math/big"
 
 	gethCommon "github.com/ethereum/go-ethereum/common"
 	gethCore "github.com/ethereum/go-ethereum/core"
-	"github.com/ethereum/go-ethereum/core/tracing"
 	gethTracing "github.com/ethereum/go-ethereum/core/tracing"
 	gethTypes "github.com/ethereum/go-ethereum/core/types"
 	gethVM "github.com/ethereum/go-ethereum/core/vm"
@@ -120,6 +120,22 @@ func (bl *BlockView) DirectCall(call *types.DirectCall) (res *types.Result, err
 	// Set the nonce for the call (needed for some operations like deployment)
 	call.Nonce = proc.state.GetNonce(call.From.ToCommon())
 
+	if !call.ValidEIP7825GasLimit(proc.config.ChainRules()) {
+		res := &types.Result{
+			TxType: call.Type,
+			TxHash: call.Hash(),
+		}
+		res.SetValidationError(
+			fmt.Errorf(
+				"%w (cap: %d, tx: %d)",
+				gethCore.ErrGasLimitTooHigh,
+				gethParams.MaxTxGas,
+				call.GasLimit,
+			),
+		)
+		return res, nil
+	}
+
 	// Call tx tracer
 	if proc.evm.Config.Tracer != nil && proc.evm.Config.Tracer.OnTxStart != nil {
 		proc.evm.Config.Tracer.OnTxStart(proc.evm.GetVMContext(), call.Transaction(), call.From.ToCommon())
@@ -596,7 +612,7 @@ func (proc *procedure) deployAt(
 	res.DeployedContractAddress = &call.To
 	res.CumulativeGasUsed = proc.config.BlockTotalGasUsedSoFar + res.GasConsumed
 
-	proc.state.SetCode(addr, ret, tracing.CodeChangeContractCreation)
+	proc.state.SetCode(addr, ret, gethTracing.CodeChangeContractCreation)
 	res.StateChangeCommitment, err = proc.commit(true)
 	return res, err
 }

fvm/evm/emulator/emulator_test.go

@@ -3,7 +3,6 @@ package emulator_test
 import (
 	"encoding/hex"
 	"fmt"
-	"math"
 	"math/big"
 	"strings"
 	"testing"
@@ -211,7 +210,7 @@ func TestContractInteraction(t *testing.T) {
 						call := types.NewDeployCall(
 							testAccount,
 							testContract.ByteCode,
-							math.MaxUint64,
+							gethParams.MaxTxGas,
 							amountToBeTransfered,
 							testAccountNonce)
 						res, err := blk.DirectCall(call)
@@ -599,7 +598,7 @@ func TestDeployAtFunctionality(t *testing.T) {
 								testAccount,
 								target,
 								testContract.ByteCode,
-								math.MaxUint64,
+								gethParams.MaxTxGas,
 								amountToBeTransfered,
 								0,
 							),
@@ -629,7 +628,7 @@ func TestDeployAtFunctionality(t *testing.T) {
 								testAccount,
 								target,
 								testContract.ByteCode,
-								math.MaxUint64,
+								gethParams.MaxTxGas,
 								amountToBeTransfered,
 								0),
 						)
@@ -687,7 +686,7 @@ func TestSelfdestruct(t *testing.T) {
 							types.NewDeployCall(
 								testAddress,
 								testContract.ByteCode,
-								math.MaxUint64,
+								gethParams.MaxTxGas,
 								deployBalance,
 								0),
 						)
@@ -768,7 +767,7 @@ func TestFactoryPatterns(t *testing.T) {
 							types.NewDeployCall(
 								factoryDeployer,
 								factoryContract.ByteCode,
-								math.MaxUint64,
+								gethParams.MaxTxGas,
 								factoryBalance,
 								0),
 						)

fvm/evm/evm_test.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"encoding/binary"
 	"fmt"
-	"math"
 	"math/big"
 	"testing"
 
@@ -1915,6 +1914,134 @@ func TestCadenceOwnedAccountFunctionalities(t *testing.T) {
 				assert.Len(t, state.UpdatedRegisterIDs(), 0)
 			})
 	})
+
+	t.Run("test coa deploy with max gas limit cap", func(t *testing.T) {
+		RunWithNewEnvironment(t,
+			chain, func(
+				ctx fvm.Context,
+				vm fvm.VM,
+				snapshot snapshot.SnapshotTree,
+				testContract *TestContract,
+				testAccount *EOATestAccount,
+			) {
+				code := []byte(fmt.Sprintf(
+					`
+					import EVM from %s
+					import FlowToken from %s
+					access(all)
+					fun main(code: [UInt8]): EVM.Result {
+						let admin = getAuthAccount<auth(Storage) &Account>(%s)
+							.storage.borrow<&FlowToken.Administrator>(from: /storage/flowTokenAdmin)!
+						let minter <- admin.createNewMinter(allowedAmount: 2.34)
+						let vault <- minter.mintTokens(amount: 2.34)
+						destroy minter
+						let cadenceOwnedAccount <- EVM.createCadenceOwnedAccount()
+						cadenceOwnedAccount.deposit(from: <-vault)
+						let res = cadenceOwnedAccount.deploy(
+							code: code,
+							gasLimit: 16_777_216,
+							value: EVM.Balance(attoflow: 1230000000000000000)
+						)
+						destroy cadenceOwnedAccount
+						return res
+					}
+					`,
+					sc.EVMContract.Address.HexWithPrefix(),
+					sc.FlowToken.Address.HexWithPrefix(),
+					sc.FlowServiceAccount.Address.HexWithPrefix(),
+				))
+
+				script := fvm.Script(code).
+					WithArguments(json.MustEncode(
+						cadence.NewArray(
+							unittest.BytesToCdcUInt8(testContract.ByteCode),
+						).WithType(cadence.NewVariableSizedArrayType(cadence.UInt8Type)),
+					))
+
+				_, output, err := vm.Run(
+					ctx,
+					script,
+					snapshot,
+				)
+				require.NoError(t, err)
+				require.NoError(t, output.Err)
+
+				res, err := impl.ResultSummaryFromEVMResultValue(output.Value)
+				require.NoError(t, err)
+				require.Equal(t, types.StatusSuccessful, res.Status)
+				require.Equal(t, types.ErrCodeNoError, res.ErrorCode)
+				require.Empty(t, res.ErrorMessage)
+				require.NotNil(t, res.DeployedContractAddress)
+				// we strip away first few bytes because they contain deploy code
+				require.Equal(t, testContract.ByteCode[17:], []byte(res.ReturnedData))
+			})
+	})
+
+	t.Run("test coa deploy with bigger than max gas limit cap", func(t *testing.T) {
+		RunWithNewEnvironment(t,
+			chain, func(
+				ctx fvm.Context,
+				vm fvm.VM,
+				snapshot snapshot.SnapshotTree,
+				testContract *TestContract,
+				testAccount *EOATestAccount,
+			) {
+				code := []byte(fmt.Sprintf(
+					`
+					import EVM from %s
+					import FlowToken from %s
+					access(all)
+					fun main(code: [UInt8]): EVM.Result {
+						let admin = getAuthAccount<auth(Storage) &Account>(%s)
+							.storage.borrow<&FlowToken.Administrator>(from: /storage/flowTokenAdmin)!
+						let minter <- admin.createNewMinter(allowedAmount: 2.34)
+						let vault <- minter.mintTokens(amount: 2.34)
+						destroy minter
+						let cadenceOwnedAccount <- EVM.createCadenceOwnedAccount()
+						cadenceOwnedAccount.deposit(from: <-vault)
+						let res = cadenceOwnedAccount.deploy(
+							code: code,
+							gasLimit: 16_777_226,
+							value: EVM.Balance(attoflow: 1230000000000000000)
+						)
+						destroy cadenceOwnedAccount
+						return res
+					}
+					`,
+					sc.EVMContract.Address.HexWithPrefix(),
+					sc.FlowToken.Address.HexWithPrefix(),
+					sc.FlowServiceAccount.Address.HexWithPrefix(),
+				))
+
+				script := fvm.Script(code).
+					WithArguments(json.MustEncode(
+						cadence.NewArray(
+							unittest.BytesToCdcUInt8(testContract.ByteCode),
+						).WithType(cadence.NewVariableSizedArrayType(cadence.UInt8Type)),
+					))
+
+				_, output, err := vm.Run(
+					ctx,
+					script,
+					snapshot,
+				)
+				require.NoError(t, err)
+				require.NoError(t, output.Err)
+
+				res, err := impl.ResultSummaryFromEVMResultValue(output.Value)
+				require.NoError(t, err)
+				require.Equal(t, types.StatusInvalid, res.Status)
+				require.Equal(t, types.ValidationErrCodeMisc, res.ErrorCode)
+				require.Equal(
+					t,
+					"transaction gas limit too high (cap: 16777216, tx: 16777226)",
+					res.ErrorMessage,
+				)
+				require.Nil(t, res.DeployedContractAddress)
+				// we strip away first few bytes because they contain deploy code
+				require.Empty(t, []byte(res.ReturnedData))
+			})
+	})
 }
 
 func TestDryRun(t *testing.T) {
@@ -1977,7 +2104,8 @@ func TestDryRun(t *testing.T) {
 			) {
 				data := testContract.MakeCallData(t, "store", big.NewInt(1337))
 
-				limit := uint64(math.MaxUint64 - 1)
+				// EVM.dryRun must not be limited by the `gethParams.MaxTxGas`
+				limit := gethParams.MaxTxGas + 1_000
 				tx := gethTypes.NewTransaction(
 					0,
 					testContract.DeployedAt.ToCommon(),
@@ -2572,6 +2700,22 @@ func TestDryCall(t *testing.T) {
 				require.Equal(t, types.ExecutionErrCodeOutOfGas, result.ErrorCode)
 				require.Equal(t, types.StatusFailed, result.Status)
 				require.Equal(t, result.GasConsumed, limit)
+
+				// EVM.dryCall must not be limited to `gethParams.MaxTxGas`
+				limit = gethParams.MaxTxGas + 1_000
+				tx = gethTypes.NewTransaction(
+					0,
+					testContract.DeployedAt.ToCommon(),
+					big.NewInt(0),
+					limit,
+					big.NewInt(0),
+					data,
+				)
+				result, _ = dryCall(t, tx, ctx, vm, snapshot)
+				require.Equal(t, types.ErrCodeNoError, result.ErrorCode)
+				require.Equal(t, types.StatusSuccessful, result.Status)
+				require.Greater(t, result.GasConsumed, uint64(0))
+				require.Less(t, result.GasConsumed, limit)
 			})
 	})
 

fvm/evm/handler/handler_test.go

@@ -2,7 +2,6 @@ package handler_test
 
 import (
 	"fmt"
-	"math"
 	"math/big"
 	"testing"
 
@@ -599,7 +598,7 @@ func TestHandler_COA(t *testing.T) {
 				require.Equal(t, bal, foa.Balance())
 
 				testContract := testutils.GetStorageTestContract(t)
-				result := foa.Deploy(testContract.ByteCode, math.MaxUint64, types.NewBalanceFromUFix64(0))
+				result := foa.Deploy(testContract.ByteCode, types.GasLimit(gethParams.MaxTxGas), types.NewBalanceFromUFix64(0))
 				require.NotNil(t, result.DeployedContractAddress)
 				addr := *result.DeployedContractAddress
 				// skip first few bytes as they are deploy codes
@@ -610,13 +609,13 @@ func TestHandler_COA(t *testing.T) {
 				_ = foa.Call(
 					addr,
 					testContract.MakeCallData(t, "store", num),
-					math.MaxUint64,
+					types.GasLimit(gethParams.MaxTxGas),
 					types.NewBalanceFromUFix64(0))
 
 				res := foa.Call(
 					addr,
 					testContract.MakeCallData(t, "retrieve"),
-					math.MaxUint64,
+					types.GasLimit(gethParams.MaxTxGas),
 					types.NewBalanceFromUFix64(0))
 
 				require.Equal(t, num, res.ReturnedData.AsBigInt())
@@ -645,7 +644,7 @@ func TestHandler_COA(t *testing.T) {
 
 				arch := handler.MakePrecompileAddress(1)
 
-				ret := foa.Call(arch, precompiles.FlowBlockHeightFuncSig[:], math.MaxUint64, types.NewBalanceFromUFix64(0))
+				ret := foa.Call(arch, precompiles.FlowBlockHeightFuncSig[:], types.GasLimit(gethParams.MaxTxGas), types.NewBalanceFromUFix64(0))
 				require.Equal(t, big.NewInt(int64(blockHeight)), new(big.Int).SetBytes(ret.ReturnedData))
 
 				events := backend.Events()
@@ -697,7 +696,7 @@ func TestHandler_COA(t *testing.T) {
 				foa.Deposit(vault)
 
 				testContract := testutils.GetStorageTestContract(t)
-				result := foa.Deploy(testContract.ByteCode, math.MaxUint64, types.EmptyBalance)
+				result := foa.Deploy(testContract.ByteCode, types.GasLimit(gethParams.MaxTxGas), types.EmptyBalance)
 				require.NotNil(t, result.DeployedContractAddress)
 				addr := *result.DeployedContractAddress
 				require.Equal(t, types.StatusSuccessful, result.Status)
@@ -706,7 +705,7 @@ func TestHandler_COA(t *testing.T) {
 				ret := foa.Call(
 					addr,
 					testContract.MakeCallData(t, "random"),
-					math.MaxUint64,
+					types.GasLimit(gethParams.MaxTxGas),
 					types.EmptyBalance)
 
 				require.Equal(t, random.Bytes(), []byte(ret.ReturnedData))

fvm/evm/offchain/query/view.go

@@ -147,15 +147,20 @@ func (v *View) DryCall(
 		return nil, err
 	}
 
-	res, err := bv.DirectCall(
-		&types.DirectCall{
-			From:     types.NewAddress(from),
-			To:       types.NewAddress(to),
-			Data:     data,
-			Value:    value,
-			GasLimit: gasLimit,
-		},
-	)
+	call := &types.DirectCall{
+		From:     types.NewAddress(from),
+		To:       types.NewAddress(to),
+		Data:     data,
+		Value:    value,
+		GasLimit: gasLimit,
+	}
+	// We deliberately skip the EIP-7825 tx gas limit cap, because
+	// `DryCall` is used only for `eth_estimateGas` & `eth_call`
+	// JSON-RPC endpoints, for which the tx gas limit cap does
+	// not apply. These endpoints don't mutate the state, they
+	// simply read the state.
+	call.SkipTxGasLimitCheck()
+	res, err := bv.DirectCall(call)
 	if err != nil {
 		return nil, err
 	}