Skip to content

Enforce configurable maximum ledger transaction size#7992

Draft
achamayou with Copilot wants to merge 6 commits into
mainfrom
copilot/enforce-configurable-max-transaction-size
Draft

Enforce configurable maximum ledger transaction size#7992
achamayou with Copilot wants to merge 6 commits into
mainfrom
copilot/enforce-configurable-max-transaction-size

Conversation

Copilot AI commented Jun 27, 2026

Copy link
Copy Markdown
Contributor

Ledger entries store transaction body size in a 6-byte field, but CCF did not enforce a configurable bound before allocation. Corrupt or oversized entries can now be rejected with clear errors, and oversized user transactions do not prevent later transactions from processing.

  • Configuration
    • Added ledger.max_transaction_size, defaulting to 100MB.
    • Exposed the setting in host config schema and test infrastructure.
"ledger": {
  "chunk_size": "5MB",
  "max_transaction_size": "100MB"
}
  • Enforcement

    • Applies to the serialized transaction body size stored in the ledger entry header.
    • Excludes the fixed 8-byte ledger entry header.
    • Includes ledger encryption header, public domain size field, public domain, and encrypted private domain.
    • Checked on serialization, deserialization, snapshot handling, and ledger recovery entry extraction.
  • Failure behavior

    • Oversized local transactions roll back KV mutations and return 413 Payload Too Large.
    • Oversized deserialized/recovered entries fail with explicit size-limit errors rather than large allocations.
  • Coverage and docs

    • Added KV serialization/deserialization tests for the cap.
    • Added e2e coverage confirming a rejected oversized transaction does not stop subsequent transactions.
    • Documented the new configuration limit in the changelog and generated config schema.

Co-authored-by: achamayou <4016369+achamayou@users.noreply.github.com>
Copilot AI changed the title [WIP] Add configurable maximum transaction size enforcement Enforce configurable maximum ledger transaction size Jun 27, 2026
Copilot AI requested a review from achamayou June 27, 2026 07:30
achamayou and others added 3 commits June 29, 2026 15:59
…nsaction_size_limit e2e test

- clang-tidy (modernize-use-nodiscard) required get_max_transaction_size()
  to be marked [[nodiscard]], matching the convention already used for
  other const getters in AbstractStore.
- The transaction_size_limit e2e test configured ledger.max_transaction_size
  to 20KB before starting the network, which is smaller than the
  constitution scripts written to the KV store during service creation,
  causing genesis to fail. Raise the configured limit to 512KB (comfortably
  above the genesis transaction size) and the oversized test payload to 1MB
  so the 413 path is still exercised.
@achamayou

Copy link
Copy Markdown
Member

@copilot look at the CI failure during documentation build, and make the necessary fix.

Co-authored-by: achamayou <4016369+achamayou@users.noreply.github.com>

Copilot AI commented Jul 4, 2026

Copy link
Copy Markdown
Contributor Author

@copilot look at the CI failure during documentation build, and make the necessary fix.

Fixed in 80bad36 by documenting the new max_transaction_size parameter that Doxygen reported as missing. I also validated with sphinx-build --fail-on-warning -b html doc /tmp/ccf-doc-html.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants