Allow relayer throttling params to be set through env vars (#112)

hazim-j · web-flow · commit 82df66155593 · 2023-03-03T04:55:09.000+11:00
diff --git a/internal/config/values.go b/internal/config/values.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"math/big"
 	"strings"
+	"time"
 
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/gin-gonic/gin"
@@ -23,6 +24,10 @@ type Values struct {
 	MaxOpsForUnstakedSender int
 	Beneficiary             string
 
+	// Private mode variables.
+	RelayerBannedThreshold  int
+	RelayerBannedTimeWindow time.Duration
+
 	// Searcher mode variables.
 	EthBuilderUrl     string
 	BlocksInTheFuture int
@@ -82,6 +87,8 @@ func GetValues() *Values {
 	_ = viper.BindEnv("erc4337_bundler_beneficiary")
 	_ = viper.BindEnv("erc4337_bundler_max_verification_gas")
 	_ = viper.BindEnv("erc4337_bundler_max_ops_for_unstaked_sender")
+	_ = viper.BindEnv("erc4337_bundler_relayer_banned_threshold")
+	_ = viper.BindEnv("erc4337_bundler_relayer_banned_time_window")
 	_ = viper.BindEnv("erc4337_bundler_eth_builder_url")
 	_ = viper.BindEnv("erc4337_bundler_blocks_in_the_future")
 	_ = viper.BindEnv("erc4337_bundler_debug_mode")
@@ -126,6 +133,8 @@ func GetValues() *Values {
 	beneficiary := viper.GetString("erc4337_bundler_beneficiary")
 	maxVerificationGas := big.NewInt(int64(viper.GetInt("erc4337_bundler_max_verification_gas")))
 	maxOpsForUnstakedSender := viper.GetInt("erc4337_bundler_max_ops_for_unstaked_sender")
+	relayerBannedThreshold := viper.GetInt("erc4337_bundler_relayer_banned_threshold")
+	relayerBannedTimeWindow := viper.GetInt("erc4337_bundler_relayer_banned_time_window") * int(time.Second)
 	ethBuilderUrl := viper.GetString("erc4337_bundler_eth_builder_url")
 	blocksInTheFuture := viper.GetInt("erc4337_bundler_blocks_in_the_future")
 	debugMode := viper.GetBool("erc4337_bundler_debug_mode")
@@ -139,6 +148,8 @@ func GetValues() *Values {
 		Beneficiary:             beneficiary,
 		MaxVerificationGas:      maxVerificationGas,
 		MaxOpsForUnstakedSender: maxOpsForUnstakedSender,
+		RelayerBannedThreshold:  relayerBannedThreshold,
+		RelayerBannedTimeWindow: time.Duration(relayerBannedTimeWindow),
 		EthBuilderUrl:           ethBuilderUrl,
 		BlocksInTheFuture:       blocksInTheFuture,
 		DebugMode:               debugMode,
diff --git a/internal/start/private.go b/internal/start/private.go
@@ -68,7 +68,15 @@ func PrivateMode() {
 		conf.MaxOpsForUnstakedSender,
 		conf.BundlerCollectorTracer,
 	)
+
 	relayer := relay.New(db, eoa, eth, chain, beneficiary, logr)
+	if conf.RelayerBannedThreshold > 0 {
+		relayer.SetBannedThreshold(conf.RelayerBannedThreshold)
+	}
+	if conf.RelayerBannedTimeWindow > 0 {
+		relayer.SetBannedTimeWindow(conf.RelayerBannedTimeWindow)
+	}
+
 	paymaster := paymaster.New(db)
 
 	// Init Client
diff --git a/pkg/modules/relay/relayer.go b/pkg/modules/relay/relayer.go
@@ -3,6 +3,7 @@
 package relay
 
 import (
+	"fmt"
 	"math/big"
 	"net/http"
 	"time"
@@ -35,13 +36,14 @@ import (
 // This will only work in the case of a private mempool and will not work in the P2P case where ops are
 // propagated through the network and it is impossible to trust a sender's identifier.
 type Relayer struct {
-	db              *badger.DB
-	eoa             *signer.EOA
-	eth             *ethclient.Client
-	chainID         *big.Int
-	beneficiary     common.Address
-	logger          logr.Logger
-	bannedThreshold int
+	db               *badger.DB
+	eoa              *signer.EOA
+	eth              *ethclient.Client
+	chainID          *big.Int
+	beneficiary      common.Address
+	logger           logr.Logger
+	bannedThreshold  int
+	bannedTimeWindow time.Duration
 }
 
 // New initializes a new EOA relayer for sending batches to the EntryPoint with IP throttling protection.
@@ -54,13 +56,14 @@ func New(
 	l logr.Logger,
 ) *Relayer {
 	return &Relayer{
-		db:              db,
-		eoa:             eoa,
-		eth:             eth,
-		chainID:         chainID,
-		beneficiary:     beneficiary,
-		logger:          l.WithName("relayer"),
-		bannedThreshold: DefaultBanThreshold,
+		db:               db,
+		eoa:              eoa,
+		eth:              eth,
+		chainID:          chainID,
+		beneficiary:      beneficiary,
+		logger:           l.WithName("relayer"),
+		bannedThreshold:  DefaultBanThreshold,
+		bannedTimeWindow: DefaultBanTimeWindow,
 	}
 }
 
@@ -71,6 +74,12 @@ func (r *Relayer) SetBannedThreshold(limit int) {
 	r.bannedThreshold = limit
 }
 
+// SetBannedTimeWindow sets the limit for how long a banned client will be rejected for. The default value is
+// 24 hours.
+func (r *Relayer) SetBannedTimeWindow(limit time.Duration) {
+	r.bannedTimeWindow = limit
+}
+
 // FilterByClientID is a custom Gin middleware used to prevent requests from banned clients from adding their
 // userOps to the mempool. Identifiers are prioritized by the following values:
 //  1. X-Forwarded-By header: The first IP address in the array which is assumed to be the client
@@ -82,6 +91,7 @@ func (r *Relayer) FilterByClientID() gin.HandlerFunc {
 		l := r.logger.WithName("filter_by_client")
 
 		isBanned := false
+		var os, oi int
 		cid := ginutils.GetClientIPFromXFF(c)
 		err := r.db.View(func(txn *badger.Txn) error {
 			opsSeen, opsIncluded, err := getOpsCountByClientID(txn, cid)
@@ -99,6 +109,8 @@ func (r *Relayer) FilterByClientID() gin.HandlerFunc {
 			}
 
 			isBanned = true
+			os = opsSeen
+			oi = opsIncluded
 			return nil
 		})
 		if err != nil {
@@ -110,6 +122,18 @@ func (r *Relayer) FilterByClientID() gin.HandlerFunc {
 		if isBanned {
 			l.Info("client banned")
 			c.Status(http.StatusForbidden)
+			c.JSON(
+				http.StatusForbidden,
+				gin.H{
+					"error": fmt.Sprintf(
+						"opsSeen (%d) exceeds opsIncluded (%d) by allowed threshold (%d). Wait %s to retry.",
+						os,
+						oi,
+						r.bannedThreshold,
+						r.bannedTimeWindow,
+					),
+				},
+			)
 			c.Abort()
 		} else {
 			l.Info("client ok")
@@ -150,7 +174,7 @@ func (r *Relayer) MapUserOpHashToClientID() gin.HandlerFunc {
 				return err
 			}
 
-			return incrementOpsSeenByClientID(txn, cid)
+			return incrementOpsSeenByClientID(txn, cid, r.bannedTimeWindow)
 		})
 		if err != nil {
 			l.Error(err, "map_userop_hash_to_client_id failed")
@@ -240,7 +264,7 @@ func (r *Relayer) SendUserOperation() modules.BatchHandlerFunc {
 
 			hashes := getUserOpHashesFromOps(ctx.EntryPoint, ctx.ChainID, ctx.Batch...)
 			del = append([]string{}, hashes...)
-			return incrementOpsIncludedByUserOpHashes(txn, hashes...)
+			return incrementOpsIncludedByUserOpHashes(txn, r.bannedTimeWindow, hashes...)
 		})
 		if err != nil {
 			return err
diff --git a/pkg/modules/relay/utils.go b/pkg/modules/relay/utils.go
@@ -13,7 +13,7 @@ import (
 
 const NoBanThreshold = 0
 const DefaultBanThreshold = 3
-const timeWindow = 7 * 24 * time.Hour
+const DefaultBanTimeWindow = 7 * 24 * time.Hour
 
 var (
 	keyPrefix        = dbutils.JoinValues("relay")
@@ -68,18 +68,18 @@ func getOpsCountByClientID(txn *badger.Txn, clientID string) (opsSeen int, opsIn
 	return opsSeen, opsIncluded, nil
 }
 
-func incrementOpsSeenByClientID(txn *badger.Txn, clientID string) error {
+func incrementOpsSeenByClientID(txn *badger.Txn, clientID string, ttl time.Duration) error {
 	opsSeen, opsIncluded, err := getOpsCountByClientID(txn, clientID)
 	if err != nil {
 		return err
 	}
 
 	val := dbutils.JoinValues(strconv.Itoa(opsSeen+1), strconv.Itoa(opsIncluded))
-	e := badger.NewEntry(getOpsCountKey(clientID), []byte(val)).WithTTL(timeWindow)
+	e := badger.NewEntry(getOpsCountKey(clientID), []byte(val)).WithTTL(ttl)
 	return txn.SetEntry(e)
 }
 
-func incrementOpsIncludedByUserOpHashes(txn *badger.Txn, userOpHashes ...string) error {
+func incrementOpsIncludedByUserOpHashes(txn *badger.Txn, ttl time.Duration, userOpHashes ...string) error {
 	for _, hash := range userOpHashes {
 		item, err := txn.Get(getUserOpHashKey(hash))
 		if err != nil && err == badger.ErrKeyNotFound {
@@ -106,13 +106,13 @@ func incrementOpsIncludedByUserOpHashes(txn *badger.Txn, userOpHashes ...string)
 
 		var opsCountValue string
 		if opsSeen == 0 && opsIncluded == 0 {
-			// Op has been in the mempool longer than timeWindow
+			// Op has been in the mempool longer than TTL
 			opsCountValue = dbutils.JoinValues(strconv.Itoa(opsSeen+1), strconv.Itoa(opsIncluded+1))
 		} else {
 			opsCountValue = dbutils.JoinValues(strconv.Itoa(opsSeen), strconv.Itoa(opsIncluded+1))
 		}
 
-		e := badger.NewEntry(getOpsCountKey(cid), []byte(opsCountValue)).WithTTL(timeWindow)
+		e := badger.NewEntry(getOpsCountKey(cid), []byte(opsCountValue)).WithTTL(ttl)
 		if err := txn.SetEntry(e); err != nil {
 			return err
 		}
