Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: validate coordinator proposed bitcoin fees #1431

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: validate coordinator proposed bitcoin fees #1431

wants to merge 1 commit into from

Conversation

AshtonStephens
Copy link
Contributor

@AshtonStephens AshtonStephens commented Feb 24, 2025
edited
Loading

Description

Closes the Bitcoin half of: #1192

This PR is from another PR (#1392) that got split up to separate Bitcoin and Stacks behavior.

This part was separated from the Stacks half because there's an issue with the way the transaction will be represented in the Signer database when a transaction is marked as invalid based on the coordinator's proposed fee:

@djordon
The only trouble with this is that it's not clear why the the transaction is invalid when looking at the data in the signers' database. I wonder if we should do something else here instead. Maybe we could change the result for the signers' UTXO to be something other than Ok when the fee is too high?

Changes

  • Adds logic to bitcoin transaction validation that considers a transaction to be invalid if the fee on it is more than 5 times plus 5 satoshis greater than the Signer estimates it should cost.
  • Adds unit tests and integration tests

Testing Information

unit and integration tests

Checklist:

  • I have performed a self-review of my code
  • My changes generate no new warnings
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

@AshtonStephens AshtonStephens marked this pull request as ready for review February 24, 2025 13:07
@AshtonStephens AshtonStephens mentioned this pull request Feb 24, 2025
Closed
4 tasks
@AshtonStephens
Copy link
Contributor Author

Existing comments on this code can be found in the original PR of which this is half:

@AshtonStephens AshtonStephens self-assigned this Feb 24, 2025
cylewitruk
cylewitruk reviewed Feb 24, 2025
View reviewed changes
signer/src/bitcoin/rpc.rs
/// transactions which are spending the signer's UTXO, then this function
/// will return [`None`].
///
/// TODO: This method currently blindly assumes that the mempool transactions
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you create an issue and add it to the TODO? I think it sounds reasonable to have a sanity check..

cylewitruk
cylewitruk reviewed Feb 24, 2025
View reviewed changes
signer/src/bitcoin/validation.rs
/// The maximum acceptable multiplier fee difference between the signer and
/// coordinator estimates when the coordinator's estimate is greater than
/// the signer's.
const SIGNER_MAX_BITCOIN_FEE_MULTIPLIER: f64 = 5.0;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So I remember there being a discussion about config vs. not and landing in that these shouldn't be exposed as config. What's the thinking around having config for Stacks max transaction fee but not these parameters?

cylewitruk
cylewitruk reviewed Feb 24, 2025
View reviewed changes
signer/src/bitcoin/validation.rs
@@ -286,6 +316,7 @@ impl BitcoinPreSignRequest {
btc_ctx: &BitcoinTxContext,
requests: &'a TxRequestIds,
signer_state: SignerBtcState,
signers_view_of_last_fees: &mut Option<Fees>,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm, I'm not really following why this is &mut and then you're clearing it at the end? Is it that you only want this to be provided for the first transaction in the event of chained utxo's in mempool? If so then I would probably change the for loop above to use .enumerate() and only provide this on the first iteration instead of doing this dance.

@djordon djordon assigned djordon and unassigned AshtonStephens Mar 3, 2025
@djordon djordon changed the title Reject coordinator sweep txn when fee drastically exceeds Signer estimate feat: validate coordinator proposed bitcoin fees Mar 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cylewitruk cylewitruk cylewitruk left review comments

@matteojug matteojug Awaiting requested review from matteojug

@djordon djordon Awaiting requested review from djordon

At least 1 approving review is required to merge this pull request.

Assignees

@djordon djordon

Labels
None yet
Projects
sBTC
Status: Todo
Milestone
sBTC: Withdrawal fine tuning
Development

Successfully merging this pull request may close these issues.
3 participants
@AshtonStephens @cylewitruk @djordon