Added a guradian module. #82
Conversation
evan57-liu
requested review from
kingster-will,
LeoHChen,
stevemilk,
0xHansLee,
edisonz0718,
limengformal and
sebsadface
as code owners
guardian/guardian.go
Outdated
| FilterFilePath string // File path to the bloom filter file | ||
| PrivateKeyPath string // Path to the private key file | ||
| PublicKeyPath string // Path to the public key file | ||
| Passphrase string // Passphrase for the private key |
There was a problem hiding this comment.
Are these required? If not, better remove them to decrease operational complexity
guardian/guardian.go
Outdated
|
|
||
| // Reset allows you to reset the Guardian instance. | ||
| // This stops the current instance and resets it to nil. | ||
| func Reset() { |
There was a problem hiding this comment.
I assume Reset should only be called in unit tests, right?
If so, move this function to test dir.
core/txpool/blobpool/blobpool.go
Outdated
| @@ -1241,6 +1242,14 @@ func (p *BlobPool) add(tx *types.Transaction) (err error) { | |||
| addtimeHist.Update(time.Since(start).Nanoseconds()) | |||
| }(time.Now()) | |||
|
|
|||
| // When the guardian module is enabled, check if the sender or recipient in the | |||
| // transaction is in the filter file | |||
| if instance, err := guardian.GetInstance(); err == nil { | |||
There was a problem hiding this comment.
no need for filtering blob transactions as eip4844 is not enabled in story right now
guardian/guardian.go
Outdated
| // GetInstance returns the singleton Guardian instance, or an error if it is not initialized. | ||
| func GetInstance() (*Guardian, error) { | ||
| if instance == nil { | ||
| return nil, errors.New("guardian is not initialized") |
There was a problem hiding this comment.
not initialized is not an error while guardian mode is disabled
guardian/guardian.go
Outdated
|
|
||
| // checkAddress checks if the given address is in the filter list. | ||
| func (p *Guardian) checkAddress(tx *types.Transaction, from, addr string) (bool, error) { | ||
| ok, err := p.filter.CheckAddress(strings.ToLower(addr)) |
There was a problem hiding this comment.
here the check is case insensitive
Used to filter transactions from sanctioned addresses.
| // newGuardian creates a new Guardian instance from the provided config. | ||
| func newGuardian(config Config) (*Guardian, error) { | ||
| // Create the secure data handler | ||
| handler, err := securedata.NewPGPSecureHandler( |
There was a problem hiding this comment.
we prefer not using secureHandler currently.
let's delete all related code and test without secureHandler
| func InitInstance(config Config) { | ||
| initOnce.Do(func() { | ||
| if !config.Enabled { | ||
| log.Warn("Guardian is disabled") |
There was a problem hiding this comment.
As Guardian mode is disabled by default, this log should be info level.
Better output a log whether it's disabled or enabled.
| // transaction is in the filter file | ||
| if instance := guardian.GetInstance(); instance != nil { | ||
| if instance.CheckTransaction(pool.signer, tx) { | ||
| validTxMeter.Mark(1) |
There was a problem hiding this comment.
we should not use this metric since it's for valid transaction.
I suggest to create a new metric likesanctionedTx
Used to filter transactions from sanctioned addresses.