From c9bc603bae6f22d1850e04d37383c7b68082e787 Mon Sep 17 00:00:00 2001 From: Bruce Riley Date: Fri, 6 Sep 2024 10:48:27 -0500 Subject: [PATCH 1/5] Node/EVM: Batch poller publish initial blocks --- node/pkg/watchers/evm/connectors/batch_poller.go | 11 +++++++++++ node/pkg/watchers/evm/connectors/batch_poller_test.go | 5 +++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/node/pkg/watchers/evm/connectors/batch_poller.go b/node/pkg/watchers/evm/connectors/batch_poller.go index adabc05d26..1262350cac 100644 --- a/node/pkg/watchers/evm/connectors/batch_poller.go +++ b/node/pkg/watchers/evm/connectors/batch_poller.go @@ -82,6 +82,17 @@ func (b *BatchPollConnector) SubscribeForBlocks(ctx context.Context, errC chan e errCount := 0 + // Publish the initial finalized and safe blocks so we have a starting point for reobservation requests. + for idx, block := range lastBlocks { + b.logger.Info(fmt.Sprintf("publishing initial %s block", b.batchData[idx].finality), zap.Uint64("initial_block", block.Number.Uint64())) + sink <- block + if b.generateSafe && b.batchData[idx].finality == Finalized { + safe := block.Copy(Safe) + b.logger.Info("publishing generated initial safe block", zap.Uint64("initial_block", safe.Number.Uint64())) + sink <- safe + } + } + common.RunWithScissors(ctx, errC, "block_poll_subscribe_for_blocks", func(ctx context.Context) error { timer := time.NewTimer(b.Delay) defer timer.Stop() diff --git a/node/pkg/watchers/evm/connectors/batch_poller_test.go b/node/pkg/watchers/evm/connectors/batch_poller_test.go index 8f39495fd3..8cf7052290 100644 --- a/node/pkg/watchers/evm/connectors/batch_poller_test.go +++ b/node/pkg/watchers/evm/connectors/batch_poller_test.go @@ -281,12 +281,13 @@ func TestBatchPoller(t *testing.T) { } }() - // First sleep a bit and make sure there were no start up errors and no blocks got published. + // First sleep a bit and make sure there were no start up errors and the initial blocks were published. time.Sleep(10 * time.Millisecond) mutex.Lock() require.NoError(t, publishedErr) require.NoError(t, publishedSubErr) - assert.Nil(t, block) + batchShouldHaveSafeAndFinalizedButNotLatest(t, block, 0x309a0c, baseConnector.expectedHash()) + block = nil mutex.Unlock() // Post the first new block and verify we get it. From 68a7a1ede7b6387e91bce75812e787c50bd77959 Mon Sep 17 00:00:00 2001 From: Evan Gray Date: Mon, 9 Sep 2024 10:27:58 -0400 Subject: [PATCH 2/5] clients/js: switch eth rpc --- clients/js/src/consts/networks.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clients/js/src/consts/networks.ts b/clients/js/src/consts/networks.ts index 3bf6f7b70c..63c3b729bc 100644 --- a/clients/js/src/consts/networks.ts +++ b/clients/js/src/consts/networks.ts @@ -26,7 +26,7 @@ const Mainnet = { key: getEnvVar("TERRA_MNEMONIC"), }, Ethereum: { - rpc: `https://rpc.ankr.com/eth`, + rpc: `https://ethereum-rpc.publicnode.com`, key: getEnvVar("ETH_KEY"), chain_id: 1, }, From 2a22603d5a812dd72fee6d4110547e9da7eade8f Mon Sep 17 00:00:00 2001 From: Bruce Riley Date: Mon, 9 Sep 2024 12:41:40 -0500 Subject: [PATCH 3/5] Node/CCQ/EVM: Logging changes --- node/pkg/watchers/evm/ccq.go | 76 ++++++++++++++++++------------------ 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/node/pkg/watchers/evm/ccq.go b/node/pkg/watchers/evm/ccq.go index 8faa5a4516..9d9e5eb5d1 100644 --- a/node/pkg/watchers/evm/ccq.go +++ b/node/pkg/watchers/evm/ccq.go @@ -143,7 +143,7 @@ func (w *Watcher) ccqHandleEthCallQueryRequest(ctx context.Context, queryRequest // Verify that the block read was successful. if err := w.ccqVerifyBlockResult(blockError, blockResult); err != nil { - w.ccqLogger.Debug("failed to verify block for eth_call query", + w.ccqLogger.Error("failed to verify block for eth_call query", zap.String("requestId", requestId), zap.String("block", block), zap.Any("batch", batch), @@ -153,19 +153,10 @@ func (w *Watcher) ccqHandleEthCallQueryRequest(ctx context.Context, queryRequest return } - w.ccqLogger.Info("query complete for eth_call", - zap.String("requestId", requestId), - zap.String("block", block), - zap.String("blockNumber", blockResult.Number.String()), - zap.String("blockHash", blockResult.Hash.Hex()), - zap.String("blockTime", blockResult.Time.String()), - zap.Int64("duration", time.Since(start).Milliseconds()), - ) - // Verify all the call results and build the batch of results. results, err := w.ccqVerifyAndExtractQueryResults(requestId, evmCallData) if err != nil { - w.ccqLogger.Debug("failed to process eth_call query call request", + w.ccqLogger.Error("failed to process eth_call query call request", zap.String("requestId", requestId), zap.String("block", block), zap.Any("batch", batch), @@ -175,6 +166,15 @@ func (w *Watcher) ccqHandleEthCallQueryRequest(ctx context.Context, queryRequest return } + w.ccqLogger.Info("query complete for eth_call", + zap.String("requestId", requestId), + zap.String("block", block), + zap.String("blockNumber", blockResult.Number.String()), + zap.String("blockHash", blockResult.Hash.Hex()), + zap.String("blockTime", blockResult.Time.String()), + zap.Int64("duration", time.Since(start).Milliseconds()), + ) + // Finally, build the response and publish it. resp := query.EthCallQueryResponse{ BlockNumber: blockResult.Number.ToInt().Uint64(), @@ -388,7 +388,7 @@ func (w *Watcher) ccqHandleEthCallByTimestampQueryRequest(ctx context.Context, q // Verify the following block read was successful. if err := w.ccqVerifyBlockResult(nextBlockError, nextBlockResult); err != nil { - w.ccqLogger.Debug("failed to verify next block for eth_call_by_timestamp query", + w.ccqLogger.Error("failed to verify next block for eth_call_by_timestamp query", zap.String("requestId", requestId), zap.String("block", block), zap.String("nextBlock", nextBlock), @@ -446,6 +446,20 @@ func (w *Watcher) ccqHandleEthCallByTimestampQueryRequest(ctx context.Context, q return } + // Verify all the call results and build the batch of results. + results, err := w.ccqVerifyAndExtractQueryResults(requestId, evmCallData) + if err != nil { + w.ccqLogger.Error("failed to process eth_call_by_timestamp query call request", + zap.String("requestId", requestId), + zap.String("block", block), + zap.String("nextBlock", nextBlock), + zap.Any("batch", batch), + zap.Error(err), + ) + w.ccqSendQueryResponse(queryRequest, query.QueryRetryNeeded, nil) + return + } + w.ccqLogger.Info("query complete for eth_call_by_timestamp", zap.String("requestId", requestId), zap.Uint64("desiredTimestamp", req.TargetTimestamp), @@ -460,20 +474,6 @@ func (w *Watcher) ccqHandleEthCallByTimestampQueryRequest(ctx context.Context, q zap.Int64("duration", time.Since(start).Milliseconds()), ) - // Verify all the call results and build the batch of results. - results, err := w.ccqVerifyAndExtractQueryResults(requestId, evmCallData) - if err != nil { - w.ccqLogger.Debug("failed to process eth_call_by_timestamp query call request", - zap.String("requestId", requestId), - zap.String("block", block), - zap.String("nextBlock", nextBlock), - zap.Any("batch", batch), - zap.Error(err), - ) - w.ccqSendQueryResponse(queryRequest, query.QueryRetryNeeded, nil) - return - } - // Finally, build the response and publish it. resp := query.EthCallByTimestampQueryResponse{ TargetBlockNumber: targetBlockNum, @@ -557,7 +557,7 @@ func (w *Watcher) ccqHandleEthCallWithFinalityQueryRequest(ctx context.Context, // Verify that the block read was successful. if err := w.ccqVerifyBlockResult(blockError, blockResult); err != nil { - w.ccqLogger.Debug("failed to verify block for eth_call_with_finality query", + w.ccqLogger.Error("failed to verify block for eth_call_with_finality query", zap.String("requestId", requestId), zap.String("block", block), zap.Any("batch", batch), @@ -590,20 +590,10 @@ func (w *Watcher) ccqHandleEthCallWithFinalityQueryRequest(ctx context.Context, return } - w.ccqLogger.Info("query complete for eth_call_with_finality", - zap.String("requestId", requestId), - zap.String("finality", req.Finality), - zap.Uint64("requestedBlockNumber", blockNumber), - zap.Uint64("latestBlockNumber", latestBlockNum), - zap.String("blockHash", blockResult.Hash.Hex()), - zap.String("blockTime", blockResult.Time.String()), - zap.Int64("duration", time.Since(start).Milliseconds()), - ) - // Verify all the call results and build the batch of results. results, err := w.ccqVerifyAndExtractQueryResults(requestId, evmCallData) if err != nil { - w.ccqLogger.Debug("failed to process eth_call_with_finality query call request", + w.ccqLogger.Error("failed to process eth_call_with_finality query call request", zap.String("requestId", requestId), zap.String("finality", req.Finality), zap.Uint64("requestedBlockNumber", blockNumber), @@ -616,6 +606,16 @@ func (w *Watcher) ccqHandleEthCallWithFinalityQueryRequest(ctx context.Context, return } + w.ccqLogger.Info("query complete for eth_call_with_finality", + zap.String("requestId", requestId), + zap.String("finality", req.Finality), + zap.Uint64("requestedBlockNumber", blockNumber), + zap.Uint64("latestBlockNumber", latestBlockNum), + zap.String("blockHash", blockResult.Hash.Hex()), + zap.String("blockTime", blockResult.Time.String()), + zap.Int64("duration", time.Since(start).Milliseconds()), + ) + // Finally, build the response and publish it. resp := query.EthCallWithFinalityQueryResponse{ BlockNumber: blockNumber, From 6b810acbecf67e1bb8a663db97dc352e13589529 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxwell=20=22=EA=93=98=22=20Dulin?= Date: Tue, 10 Sep 2024 08:58:02 -0700 Subject: [PATCH 4/5] Lower governor limits of chains based upon usage (#4102) * Lower governor limits of chains based upon usage * Change Polygon and Avalanche back to 5M * Fix Governor tests that broke with 0 value in dailyLimit --------- Co-authored-by: Maxwell Dulin Co-authored-by: Maxwell Dulin --- node/pkg/governor/mainnet_chains.go | 22 +++++++++++----------- node/pkg/governor/mainnet_chains_test.go | 16 +++++++++++++--- 2 files changed, 24 insertions(+), 14 deletions(-) diff --git a/node/pkg/governor/mainnet_chains.go b/node/pkg/governor/mainnet_chains.go index e6e4dc597c..c2dce4defe 100644 --- a/node/pkg/governor/mainnet_chains.go +++ b/node/pkg/governor/mainnet_chains.go @@ -12,33 +12,33 @@ func chainList() []chainConfigEntry { return []chainConfigEntry{ {emitterChainID: vaa.ChainIDSolana, dailyLimit: 25_000_000, bigTransactionSize: 2_500_000}, {emitterChainID: vaa.ChainIDEthereum, dailyLimit: 50_000_000, bigTransactionSize: 5_000_000}, - {emitterChainID: vaa.ChainIDTerra, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDTerra, dailyLimit: 150_000, bigTransactionSize: 15_000}, {emitterChainID: vaa.ChainIDBSC, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, {emitterChainID: vaa.ChainIDPolygon, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, {emitterChainID: vaa.ChainIDAvalanche, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, - {emitterChainID: vaa.ChainIDOasis, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDOasis, dailyLimit: 250_000, bigTransactionSize: 25_000}, {emitterChainID: vaa.ChainIDAlgorand, dailyLimit: 1_000_000, bigTransactionSize: 100_000}, - {emitterChainID: vaa.ChainIDAurora, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDAurora, dailyLimit: 0, bigTransactionSize: 0}, {emitterChainID: vaa.ChainIDFantom, dailyLimit: 500_000, bigTransactionSize: 50_000}, - {emitterChainID: vaa.ChainIDKarura, dailyLimit: 500_000, bigTransactionSize: 50_000}, - {emitterChainID: vaa.ChainIDAcala, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDKarura, dailyLimit: 150_000, bigTransactionSize: 15_000}, + {emitterChainID: vaa.ChainIDAcala, dailyLimit: 100_000, bigTransactionSize: 10_000}, {emitterChainID: vaa.ChainIDKlaytn, dailyLimit: 500_000, bigTransactionSize: 50_000}, {emitterChainID: vaa.ChainIDCelo, dailyLimit: 2_000_000, bigTransactionSize: 200_000}, - {emitterChainID: vaa.ChainIDNear, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDNear, dailyLimit: 150_000, bigTransactionSize: 15_000}, {emitterChainID: vaa.ChainIDMoonbeam, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, - {emitterChainID: vaa.ChainIDTerra2, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDTerra2, dailyLimit: 100_000, bigTransactionSize: 10_000}, {emitterChainID: vaa.ChainIDInjective, dailyLimit: 500_000, bigTransactionSize: 50_000}, {emitterChainID: vaa.ChainIDSui, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, {emitterChainID: vaa.ChainIDAptos, dailyLimit: 1_000_000, bigTransactionSize: 100_000}, {emitterChainID: vaa.ChainIDArbitrum, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, {emitterChainID: vaa.ChainIDOptimism, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, - {emitterChainID: vaa.ChainIDXpla, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDXpla, dailyLimit: 50_000, bigTransactionSize: 5_000}, {emitterChainID: vaa.ChainIDBase, dailyLimit: 2_000_000, bigTransactionSize: 200_000}, {emitterChainID: vaa.ChainIDSei, dailyLimit: 5_000_000, bigTransactionSize: 500_000}, {emitterChainID: vaa.ChainIDScroll, dailyLimit: 500_000, bigTransactionSize: 50_000}, - {emitterChainID: vaa.ChainIDMantle, dailyLimit: 500_000, bigTransactionSize: 50_000}, - {emitterChainID: vaa.ChainIDBlast, dailyLimit: 500_000, bigTransactionSize: 50_000}, - {emitterChainID: vaa.ChainIDXLayer, dailyLimit: 500_000, bigTransactionSize: 50_000}, + {emitterChainID: vaa.ChainIDMantle, dailyLimit: 100_000, bigTransactionSize: 10_000}, + {emitterChainID: vaa.ChainIDBlast, dailyLimit: 100_000, bigTransactionSize: 10_000}, + {emitterChainID: vaa.ChainIDXLayer, dailyLimit: 100_000, bigTransactionSize: 10_000}, {emitterChainID: vaa.ChainIDWormchain, dailyLimit: 500_000, bigTransactionSize: 50_000}, {emitterChainID: vaa.ChainIDSnaxchain, dailyLimit: 500_000, bigTransactionSize: 50_000}, } diff --git a/node/pkg/governor/mainnet_chains_test.go b/node/pkg/governor/mainnet_chains_test.go index 71e5c8aeb0..5607c8a9c8 100644 --- a/node/pkg/governor/mainnet_chains_test.go +++ b/node/pkg/governor/mainnet_chains_test.go @@ -20,8 +20,11 @@ func TestChainListSize(t *testing.T) { func TestChainDailyLimitRange(t *testing.T) { chainConfigEntries := chainList() - /* This IS a hard limit, if daily limit is set to zero it would - basically mean no value movement is allowed for that chain*/ + /* + If a chain is deprecated, we want to make sure its still governed + in the case that it is used. This will effectively stall all + transfers for 24 hours on a deprecated chain. + */ min_daily_limit := uint64(0) /* This IS NOT a hard limit, we can adjust it up as we see fit, @@ -36,7 +39,7 @@ func TestChainDailyLimitRange(t *testing.T) { /* Assuming that a governed chains should always be more than zero and less than 50,000,001 */ for _, chainConfigEntry := range chainConfigEntries { t.Run(chainConfigEntry.emitterChainID.String(), func(t *testing.T) { - assert.Greater(t, chainConfigEntry.dailyLimit, min_daily_limit) + assert.GreaterOrEqual(t, chainConfigEntry.dailyLimit, min_daily_limit) assert.Less(t, chainConfigEntry.dailyLimit, max_daily_limit) }) } @@ -62,6 +65,13 @@ func TestChainListBigTransfers(t *testing.T) { chainConfigEntries := chainList() for _, e := range chainConfigEntries { + + // If the daily limit is 0 then both the big TX and daily limit should be 0. + if e.dailyLimit == 0 { + assert.Equal(t, e.bigTransactionSize, e.dailyLimit) + continue + } + // it's always ideal to have bigTransactionSize be less than dailyLimit assert.Less(t, e.bigTransactionSize, e.dailyLimit) From 91ec4d1dc01f8b690f0492815407505fb4587520 Mon Sep 17 00:00:00 2001 From: Sebastian Banescu Date: Mon, 16 Sep 2024 17:27:46 +0200 Subject: [PATCH 5/5] Update bug bounty reward limit in SECURITY.md The max reward on immunefi is $5M --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 2bb4fe6f8e..937e5d144e 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -54,7 +54,7 @@ The Wormhole project operates a bug bounty program to financially incentivize in - [Immunefi-Hosted Program](https://immunefi.com/bounty/wormhole/) - **Scopes**: Guardian and Smart Contracts - - **Rewards**: Up to $2,500,000 USDC + - **Rewards**: Up to $5,000,000 USDC - **KYC**: Required If you find a security issue in Wormhole, please report the issue immediately using the bug bounty program above.