is account sequence validation logic wrong? #13621
Comments
ice-cronus
changed the title
|
We get a lot of these kind of errors in the Hermes relayer. The relayer is quite aggressive in submitting transactions, similarly to your use-case.
do you mean In case this helps, in our case what we did the following:
The above is far from ideal, so we're still iterating on a solution pending some changes from the SDK. See #13009 |
|
Yep, I mean broadcast_tx_commit. But we we have to wait for updated state, so broadcast_tx_sync is not an option for us. |
|
commit is deprecated and wont be supported in the next release. If you are not handling your nonce incrementing manually then this problem is a lot worse, other wise network distribution is part of the problem. We have had discussions on how to approach this in the future (needs research) but for now handling your own nonce and watching blocks on the web socket for tx inclusion is one approach, the second is to use multiple accounts. We can look into your suggestion for now. |
|
@tac0turtle I played a bit with my suggested approach via a fork - it reduces error rate for error code 32 ("account sequence mismatch") significantly. With 1000 goroutines I have about 400-500 errors with regular cosmos SDK with non-equals condition (which is 40-50%) and about 5-7 errors with the patched one (which is 0.5%). But I am new to cosmos ecosystem and aware of any side-effects. |
|
As @tac0turtle pointed out, the In any case, more generally speaking, since you're on 0.46.x, that includes TM with a priority mempool, which does NOT support multi-sender txs. So please be sure to have the legacy/old mempool enabled in Finally, with SDK 0.47 soon being released, the mempool will exist completely app-side and will also give you full control! In fact, the default app mempool will support guaranteed multi-sender txs so this should no longer be a concern for you or any relayers (cc @adizere)! 😄 |
|
Is there any approximate date of 0.47 release ? |
|
This quarter. Planned RC in a week or two. |
|
@tac0turtle, what's the rationale behind the deprecation of |
Tendermint/Comet deprecated it. Also, it was never meant to be used as RPC timeouts would often trigger prior to tx block commitment. |
block was meant for testing, but it snuck into production. Secondly it actually causes more problems than we may think since its unknown if the timeout is long enough to get included in a block. Its simpler to submit and poll the blocks and potential mempool api to see when its included |
|
with the creation of the accounts module teams are free to implement custom nonce designs, we also have unorderedtxs coming out in the next release this should fix the issue here |
Summary of Bug
Hello! I trying to submit a lot of transactions concurrently from the same account (signer) with broadcast mode block. And I got a lot of "account sequence mismatch" errors, however I prepared transactions properly with provided sequence (.WithSequence(atomic counter)), so they should be fine.
But I still get those errors because of blockchain is slowed down because of a lot of transactions (for example I get "account sequence mismatch, expected 27, got 28: incorrect account sequence", so I submitted tx with sequence num 28, but blockchain still did not process ante handlers for the 27th one).
I found account sequence validation logic in sigverify.go and I wonder why it validates with not equals. To prevent double replay attacks it is enough to validate with less than: sig.Sequence < acc.GetSequence() isn't it? To stop execution of TXs with previous sequences.
Version
0.46.1
Steps to Reproduce
The text was updated successfully, but these errors were encountered: