ChainSafe · sudo-shashank · Feb 11, 2026 · Feb 4, 2026 · Feb 4, 2026 · Feb 4, 2026
@@ -49,6 +49,8 @@
 
 - [#6498](https://github.com/ChainSafe/forest/pull/6498): Implemented `Filecoin.EthGetBlockReceiptsLimited` for API v2.
 
+- [#6524](https://github.com/ChainSafe/forest/pull/6524): Implemented `Filecoin.EthSendRawTransactionUntrusted` for API v2.
+
 ### Changed
 
 - [#6471](https://github.com/ChainSafe/forest/pull/6471): Moved `forest-tool state` subcommand to `forest-dev`.

@@ -277,7 +277,7 @@ where
     for (_, hm) in rmsgs {
         for (_, msg) in hm {
             let sequence = get_state_sequence(api, &msg.from(), &cur_tipset.read().clone())?;
-            if let Err(e) = add_helper(api, bls_sig_cache, pending, msg, sequence) {
+            if let Err(e) = add_helper(api, bls_sig_cache, pending, msg, sequence, false) {
                 error!("Failed to read message from reorg to mpool: {}", e);
             }
         }

@@ -89,7 +89,6 @@ impl MsgSet {
     /// Add a signed message to the `MsgSet`. Increase `next_sequence` if the
     /// message has a sequence greater than any existing message sequence.
     /// Use this method when pushing a message coming from untrusted sources.
-    #[allow(dead_code)]
     pub fn add_untrusted<T>(&mut self, api: &T, m: SignedMessage) -> Result<(), Error>
     where
         T: Provider,
@@ -220,11 +219,11 @@ where
 
     /// Push a signed message to the `MessagePool`. Additionally performs basic
     /// checks on the validity of a message.
-    pub async fn push(&self, msg: SignedMessage) -> Result<Cid, Error> {
+    pub async fn push_internal(&self, msg: SignedMessage, untrusted: bool) -> Result<Cid, Error> {
         self.check_message(&msg)?;
         let cid = msg.cid();
         let cur_ts = self.current_tipset();
-        let publish = self.add_tipset(msg.clone(), &cur_ts, true)?;
+        let publish = self.add_tipset(msg.clone(), &cur_ts, true, untrusted)?;
         let msg_ser = to_vec(&msg)?;
         let network_name = self.chain_config.network.genesis_name();
         self.add_local(msg)?;
@@ -240,6 +239,16 @@ where
         Ok(cid)
     }
 
+    /// Push a signed message to the `MessagePool` from an trusted source.
+    pub async fn push(&self, msg: SignedMessage) -> Result<Cid, Error> {
+        self.push_internal(msg, false).await
+    }
+
+    /// Push a signed message to the `MessagePool` from an untrusted source.
+    pub async fn push_untrusted(&self, msg: SignedMessage) -> Result<Cid, Error> {
+        self.push_internal(msg, true).await
+    }
+
     fn check_message(&self, msg: &SignedMessage) -> Result<(), Error> {
         if to_vec(msg)?.len() > MAX_MESSAGE_SIZE {
             return Err(Error::MessageTooBig);
@@ -259,7 +268,7 @@ where
     pub fn add(&self, msg: SignedMessage) -> Result<(), Error> {
         self.check_message(&msg)?;
         let ts = self.current_tipset();
-        self.add_tipset(msg, &ts, false)?;
+        self.add_tipset(msg, &ts, false, false)?;
         Ok(())
     }
 
@@ -284,7 +293,13 @@ where
     /// Verify the `state_sequence` and balance for the sender of the message
     /// given then call `add_locked` to finish adding the `signed_message`
     /// to pending.
-    fn add_tipset(&self, msg: SignedMessage, cur_ts: &Tipset, local: bool) -> Result<bool, Error> {
+    fn add_tipset(
+        &self,
+        msg: SignedMessage,
+        cur_ts: &Tipset,
+        local: bool,
+        untrusted: bool,
+    ) -> Result<bool, Error> {
         let sequence = self.get_state_sequence(&msg.from(), cur_ts)?;
 
         if sequence > msg.message().sequence {
@@ -317,15 +332,15 @@ where
         if balance < msg_balance {
             return Err(Error::NotEnoughFunds);
         }
-        self.add_helper(msg)?;
+        self.add_helper(msg, untrusted)?;
         Ok(publish)
     }
 
     /// Finish verifying signed message before adding it to the pending `mset`
     /// hash-map. If an entry in the hash-map does not yet exist, create a
     /// new `mset` that will correspond to the from message and push it to
     /// the pending hash-map.
-    fn add_helper(&self, msg: SignedMessage) -> Result<(), Error> {
+    fn add_helper(&self, msg: SignedMessage, untrusted: bool) -> Result<(), Error> {
         let from = msg.from();
         let cur_ts = self.current_tipset();
         add_helper(
@@ -334,6 +349,7 @@ where
             self.pending.as_ref(),
             msg,
             self.get_state_sequence(&from, &cur_ts)?,
+            untrusted,
         )
     }
 
@@ -599,6 +615,7 @@ pub(in crate::message_pool) fn add_helper<T>(
     pending: &SyncRwLock<HashMap<Address, MsgSet>>,
     msg: SignedMessage,
     sequence: u64,
+    untrusted: bool,
 ) -> Result<(), Error>
 where
     T: Provider,
@@ -611,15 +628,12 @@ where
     api.put_message(&ChainMessage::Unsigned(msg.message().clone()))?;
 
     let mut pending = pending.write();
-    let msett = pending.get_mut(&msg.from());
-    match msett {
-        Some(mset) => mset.add_trusted(api, msg)?,
-        None => {
-            let mut mset = MsgSet::new(sequence);
-            let from = msg.from();
-            mset.add_trusted(api, msg)?;
-            pending.insert(from, mset);
-        }
+    let from = msg.from();
+    let mset = pending.entry(from).or_insert_with(|| MsgSet::new(sequence));
+    if untrusted {
+        mset.add_untrusted(api, msg)?;
+    } else {
+        mset.add_trusted(api, msg)?;
     }
 
     Ok(())
@@ -701,7 +715,7 @@ mod tests {
         };
         let msg = SignedMessage::mock_bls_signed_message(message);
         let sequence = msg.message().sequence;
-        let res = add_helper(&api, &bls_sig_cache, &pending, msg, sequence);
+        let res = add_helper(&api, &bls_sig_cache, &pending, msg, sequence, false);
         assert!(res.is_ok());
     }
 

@@ -3433,6 +3433,28 @@ impl RpcMethod<1> for EthSendRawTransaction {
     }
 }
 
+pub enum EthSendRawTransactionUntrusted {}
+impl RpcMethod<1> for EthSendRawTransactionUntrusted {
+    const NAME: &'static str = "Filecoin.EthSendRawTransactionUntrusted";
+    const NAME_ALIAS: Option<&'static str> = Some("eth_sendRawTransactionUntrusted");
+    const PARAM_NAMES: [&'static str; 1] = ["rawTx"];
+    const API_PATHS: BitFlags<ApiPaths> = ApiPaths::all_with_v2();
+    const PERMISSION: Permission = Permission::Read;
+
+    type Params = (EthBytes,);
+    type Ok = EthHash;
+
+    async fn handle(
+        ctx: Ctx<impl Blockstore + Send + Sync + 'static>,
+        (raw_tx,): Self::Params,
+    ) -> Result<Self::Ok, ServerError> {
+        let tx_args = parse_eth_transaction(&raw_tx.0)?;
+        let smsg = tx_args.get_signed_message(ctx.chain_config().eth_chain_id)?;
+        let cid = ctx.mpool.as_ref().push_untrusted(smsg).await?;
+        Ok(cid.into())
+    }
+}
+
 #[derive(Clone, Debug, PartialEq)]
 pub struct CollectedEvent {
     pub(crate) entries: Vec<EventEntry>,

@@ -200,7 +200,8 @@ impl RpcMethod<1> for MpoolPushUntrusted {
         // Lotus implements a few extra sanity checks that we skip. We skip them
         // because those checks aren't used for messages received from peers and
         // therefore aren't safety critical.
-        MpoolPush::handle(ctx, (message,)).await
+        let cid = ctx.mpool.as_ref().push_untrusted(message).await?;
+        Ok(cid)
     }
 }
 

@@ -159,6 +159,7 @@ macro_rules! for_each_rpc_method {
         $callback!($crate::rpc::eth::EthTraceReplayBlockTransactionsV2);
         $callback!($crate::rpc::eth::Web3ClientVersion);
         $callback!($crate::rpc::eth::EthSendRawTransaction);
+        $callback!($crate::rpc::eth::EthSendRawTransactionUntrusted);
 
         // gas vertical
         $callback!($crate::rpc::gas::GasEstimateFeeCap);

@@ -19,6 +19,7 @@ Filecoin.EthEstimateGas
 Filecoin.EthGetFilterChanges
 Filecoin.EthGetFilterLogs
 Filecoin.EthSendRawTransaction
+Filecoin.EthSendRawTransactionUntrusted
 Filecoin.EthSubscribe
 Filecoin.EthSyncing
 Filecoin.EthUnsubscribe