CheckOnlySudoAccount: Provide some tags#7838
Conversation
|
/cmd prdoc --audience runtime_user --bump patch |
…time_user --bump patch'
|
All GitHub workflows were cancelled due to failure one of the required jobs. |
| Ok(( | ||
| ValidTransaction { | ||
| priority: info.total_weight().ref_time() as TransactionPriority, | ||
| provides: vec![(who, call).encode()], |
There was a problem hiding this comment.
Sometimes tag are prefixed to avoid collision, but here it is not necessary.
| provides: vec![(who, call).encode()], | |
| provides: vec![("Sudo", who, call).encode()], |
| Ok(( | ||
| ValidTransaction { | ||
| priority: info.total_weight().ref_time() as TransactionPriority, | ||
| provides: vec![(who, call).encode()], |
There was a problem hiding this comment.
dq: is call guaranteed to be unique here?
Otherwise we won't be able to send numerous sudo calls (with the same operation, e.g.: I can imagine someone calling same sudo operation few times like transfer funds).
There was a problem hiding this comment.
AFAIU it is not, but for chains that also have the CheckNonce extension there is another unique tag provided. A chain with only the CheckOnlySudoAccount extension but without CheckNonce will have to work around this uniqueness guarantee (e.g., batch transactions).
There was a problem hiding this comment.
dq: is call guaranteed to be unique here?
Otherwise we won't be able to send numerous sudo calls
Fair enough. Does it help, say, to add the block number here?
There was a problem hiding this comment.
Hmm, not really I suppose, as it is going to be the identical too for the duration of one block. If the inherents are available, we could add the timestamp though.
There was a problem hiding this comment.
as it is going to be the identical too for the duration of one block
True, but being able to make the same sudo calls once per block is better than not being able to do them at all 🤔
There was a problem hiding this comment.
but for chains that also have the CheckNonce
So I assume that chains w/o CheckNonce are rather for development purpose. And typically runtime should provide other mean to distinguish transaction sent from the same account, not necessarily responsibility of the sudo itself.
We could use hash of call to avoid sending all the bytes across a runtime boundary, also txpool will have smaller amount of data to track.
There was a problem hiding this comment.
I can imagine someone calling same sudo operation few times like transfer funds
Always to the same address?
There was a problem hiding this comment.
Someone would need to send the exact same call multiple times. Just sending multiple transfer calls is not the same. Each call has the arguments directly "baked in".
There was a problem hiding this comment.
Yes, I meant exactly the same call - for transfer that would be same amount, same address.
There was a problem hiding this comment.
I see this happening quite unlikely.
|
It will only close the #7816 if you also remove the |
| @@ -110,6 +111,7 @@ where | |||
| Ok(( | |||
There was a problem hiding this comment.
We could also add a sufficient reference to the signer here automatically. Sounds cleaner than removing CheckNonce.
There was a problem hiding this comment.
We remove CheckNonce because CheckNonce requires the account to exist.
But if we put CheckOnlySudoAccount before CheckNonce and CheckOnlySudoAccount creates the account with inc_sufficient (if it doesn't exist yet):
polkadot-sdk/substrate/frame/system/src/lib.rs
Line 1656 in 007565a
Then the account exists and the nonce is checked.
There was a problem hiding this comment.
And when is dec_sufficients called? :D
There was a problem hiding this comment.
yes true forget it :-), he could live forever
7 participants
Close: #7816