Skip to content

feat(l1): enforce per-transaction wire-size cap in mempool admission #6599

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ilitteri merged 6 commits into from
May 12, 2026
Merged

feat(l1): enforce per-transaction wire-size cap in mempool admission #6599

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
4570a8a
feat(l1): enforce per-transaction wire-size cap in mempool admission
ilitteri May 11, 2026
b2054ac
fix(l1): remove redundant MAX_TRANSACTION_DATA_SIZE; add size-cap int…
ilitteri May 11, 2026
8833853
fix(l1): apply blob-tx size cap to wire-wrapper (core + sidecar)
ilitteri May 11, 2026
a731790
perf(l1): add Transaction::encode_canonical_len to avoid allocating j…
ilitteri May 12, 2026
3ee3f72
test(l1): drop encode-size sanity tests in transaction.rs
ilitteri May 12, 2026
9d21d06
perf(l1): run mempool admission size cap before sender recovery
ilitteri May 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion crates/blockchain/blockchain.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ use ethrex_common::types::{
};
use ethrex_common::types::{ELASTICITY_MULTIPLIER, P2PTransaction};
use ethrex_common::types::{Fork, MempoolTransaction};
use ethrex_common::types::{MAX_BLOB_TX_SIZE, MAX_TX_SIZE};
use ethrex_common::utils::keccak;
use ethrex_common::{Address, H256, TrieLogger, U256};
pub use ethrex_common::{
Expand Down Expand Up @@ -2432,7 +2433,23 @@ impl Blockchain {
.ok_or(MempoolError::NoBlockHeaderError)?;
let config = self.storage.get_chain_config();

// NOTE: We could add a tx size limit here, but it's not in the actual spec
// Wire size cap: peer-policy default, not consensus. Matches geth
// `txMaxSize` (legacypool / blobpool), reth `DEFAULT_MAX_TX_INPUT_BYTES`,
// nethermind `MaxTxSize` / `MaxBlobTxSize`. For EIP-4844 the canonical
// encoding of `Transaction` excludes the sidecar (which lives in the
// adjacent `BlobsBundle`), so this caps the core tx only.
let encoded_len = tx.encode_canonical_to_vec().len();
Copy link
Copy Markdown
Collaborator Author

@ilitteri ilitteri May 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a731790

Copy link
Copy Markdown
Collaborator

@MegaRedHand MegaRedHand May 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might want to find another way to compute this.

Copy link
Copy Markdown
Collaborator Author

@ilitteri ilitteri May 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a731790

let size_limit = if matches!(tx, Transaction::EIP4844Transaction(_)) {
MAX_BLOB_TX_SIZE
} else {
MAX_TX_SIZE
};
if encoded_len > size_limit {
return Err(MempoolError::TxSizeExceeded {
actual: encoded_len,
limit: size_limit,
});
}

// Check init code size
// [EIP-7954] - Amsterdam increases the limit
Expand Down
2 changes: 2 additions & 0 deletions crates/blockchain/error.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,8 @@ pub enum MempoolError {
TxMaxInitCodeSizeError,
#[error("Transaction max data size exceeded")]
TxMaxDataSizeError,
#[error("Transaction encoded size ({actual} bytes) exceeds the {limit}-byte limit")]
TxSizeExceeded { actual: usize, limit: usize },
#[error("Transaction gas limit exceeded")]
TxGasLimitExceededError,
#[error(
Expand Down
10 changes: 10 additions & 0 deletions crates/common/types/constants.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,3 +32,13 @@ pub const FIELD_ELEMENTS_PER_EXT_BLOB: usize = 2 * FIELD_ELEMENTS_PER_BLOB;
pub const FIELD_ELEMENTS_PER_CELL: usize = 64;
pub const BYTES_PER_CELL: usize = FIELD_ELEMENTS_PER_CELL * BYTES_PER_FIELD_ELEMENT;
pub const CELLS_PER_EXT_BLOB: usize = FIELD_ELEMENTS_PER_EXT_BLOB / FIELD_ELEMENTS_PER_CELL;

// Mempool admission size caps — peer-policy defaults, not consensus.
// Matches geth `txMaxSize` (legacypool) and `txMaxSize` (blobpool), reth
// `DEFAULT_MAX_TX_INPUT_BYTES`, nethermind `MaxTxSize` / `MaxBlobTxSize`.
/// Maximum RLP-encoded wire size for a non-blob transaction (128 KiB).
pub const MAX_TX_SIZE: usize = 131_072;
/// Maximum RLP-encoded core size for an EIP-4844 blob transaction (1 MiB),
/// excluding the blob sidecar. Sidecar size is bounded separately by the
/// per-blob byte count and the fork's max blob count.
pub const MAX_BLOB_TX_SIZE: usize = 1_048_576;
27 changes: 27 additions & 0 deletions crates/common/types/transaction.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3764,4 +3764,31 @@ mod tests {
"blob-gas term missing from cost_without_base_fee() for EIP-4844"
);
}

#[test]
fn test_encoded_size_exceeds_max_tx_size() {
// Confirms the wire-size signal used by the mempool admission cap:
// an EIP-1559 tx with > 128 KiB of `data` encodes to > MAX_TX_SIZE bytes.
use crate::types::MAX_TX_SIZE;

let payload = vec![0u8; MAX_TX_SIZE + 1];
let tx = Transaction::EIP1559Transaction(EIP1559Transaction {
data: Bytes::from(payload),
..Default::default()
});

assert!(
tx.encode_canonical_to_vec().len() > MAX_TX_SIZE,
"tx with > 128 KiB calldata must encode larger than MAX_TX_SIZE"
);
Comment thread
MegaRedHand marked this conversation as resolved.
Outdated
}

#[test]
fn test_encoded_size_below_max_tx_size() {
// A small tx encodes well below the cap.
use crate::types::MAX_TX_SIZE;

let tx = Transaction::EIP1559Transaction(EIP1559Transaction::default());
assert!(tx.encode_canonical_to_vec().len() <= MAX_TX_SIZE);
}
Copy link
Copy Markdown

@greptile-apps greptile-apps Bot May 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 No test for the MAX_BLOB_TX_SIZE cap

Both new tests exercise MAX_TX_SIZE via EIP-1559 transactions, but there is no corresponding test that constructs an EIP4844Transaction with an encoded size just over MAX_BLOB_TX_SIZE (1 MiB) and verifies the signal fires. The blob tx branch in validate_transaction is the riskier path (1 MiB limit vs 128 KiB), so a parallel "exceeds / below" pair for blob txs would meaningfully close the coverage gap.

Prompt To Fix With AI 
This is a comment left during a code review.
Path: crates/common/types/transaction.rs
Line: 3786-3793

Comment:
**No test for the `MAX_BLOB_TX_SIZE` cap**

Both new tests exercise `MAX_TX_SIZE` via EIP-1559 transactions, but there is no corresponding test that constructs an `EIP4844Transaction` with an encoded size just over `MAX_BLOB_TX_SIZE` (1 MiB) and verifies the signal fires. The blob tx branch in `validate_transaction` is the riskier path (1 MiB limit vs 128 KiB), so a parallel "exceeds / below" pair for blob txs would meaningfully close the coverage gap.

How can I resolve this? If you propose a fix, please make it concise.

}
Loading