internal/ethapi: disable sending of non eip155 replay protected tx by MariusVanDerWijden · Pull Request #22339 · ethereum/go-ethereum

MariusVanDerWijden · 2021-02-17T11:59:41Z

This PR prevents users from submitting transactions without EIP-155 enabled.
Replay protection is important so we should gently force our users to use it.

It changes the JSON-RPC API quite significantly, so if you see the "only replay-protected (EIP-155) transactions allowed over RPC" error, you know that you need to update your signer.

To test:

cl, sk := getRealBackend()
fakeTx := types.NewTransaction(0, common.HexToAddress(ADDR), big.NewInt(0), 21000, big.NewInt(1), nil)
noneip, err := types.SignTx(fakeTx, types.HomesteadSigner{}, sk)
if err != nil {
	panic(err)
}
if err := cl.SendTransaction(context.Background(), noneip); err != nil {
	fmt.Println(err) // Prints "only replay-protected (EIP-155) transactions allowed over RPC"
}
eip155, err := types.SignTx(fakeTx, types.NewEIP155Signer(big.NewInt(1337)), sk)
if err != nil {
	panic(err)
}
if err := cl.SendTransaction(context.Background(), eip155); err != nil {
	panic(err)
}

…actions

karalabe · 2021-02-17T13:02:10Z

Do we want to add a flag to disable this protection?

holiman · 2021-02-17T13:49:51Z

Do we want to add a flag to disable this protection?

I suggest rpc.allow-unprotected-txs which defaults to false

holiman

$ geth --dev --rpc.allow-unprotected-txs console 2>&1 | tail -n2
   
flag provided but not defined: -rpc.allow-unprotected-txs

You forgot to add it to the enabled flags, I think

karalabe · 2021-02-18T08:11:22Z

 		cfg.HTTPPathPrefix = ctx.GlobalString(HTTPPathPrefixFlag.Name)
 	}
+
+	if ctx.GlobalIsSet(AllowUnprotectedTxs.Name) {


There is no reason to check if it's set or not. That's only needed if the default has some special meaning. We only care about the actual value of the flag, so pls just use cfg.UnprotectedAllowed = ctx.GlobalBool(AllowUnprotectedTxs.Name)

Yes there is, when we simply override it here, then we will always overwrite the value we read out of the config.
See martins comments below

MariusVanDerWijden · 2021-02-18T09:29:28Z

@holiman Duh, I enabled it now and tested it

holiman · 2021-02-18T10:24:17Z

Almost, but not quite :)
With

[user@work go-ethereum]$ git diff 
diff --git a/eth/backend.go b/eth/backend.go
index d20920df0b..0c5e53b171 100644
--- a/eth/backend.go
+++ b/eth/backend.go
@@ -223,6 +223,7 @@ func New(stack *node.Node, config *ethconfig.Config) (*Ethereum, error) {
        eth.miner.SetExtra(makeExtraData(config.Miner.ExtraData))
 
        eth.APIBackend = &EthAPIBackend{stack.Config().ExtRPCEnabled(), stack.Config().UnprotectedAllowed, eth, nil}
+       log.Info("unprotected allowed", "value", eth.APIBackend.unprotectedAllowed)
        gpoParams := config.GPO
        if gpoParams.Default == nil {
                gpoParams.Default = config.Miner.GasPrice

And

[user@work go-ethereum]$ geth --rpc.allow-unprotected-txs=true --maxpeers 0 --nodiscover dumpconfig > conf.test
INFO [02-18|11:21:53.931] Maximum peer count                       ETH=0 LES=0 total=0
INFO [02-18|11:21:53.931] Smartcard socket not found, disabling    err="stat /run/pcscd/pcscd.comm: no such file or directory"
INFO [02-18|11:21:53.932] Set global gas cap                       cap=25000000

Stored to config?

[user@work go-ethereum]$ cat conf.test | grep Unpro
UnprotectedAllowed = true

Yes. However:

[user@work go-ethereum]$ geth --config conf.test --maxpeers 0 --nodiscover 
INFO [02-18|11:22:12.110] Starting Geth on Ethereum mainnet... 
...
INFO [02-18|11:22:12.300] Allocated fast sync bloom                size=1.26GiB
INFO [02-18|11:22:12.305] unprotected allowed                      value=false

karalabe · 2021-02-18T16:55:52Z

 	}
-
-	cfg.UnprotectedAllowed = ctx.GlobalBool(AllowUnprotectedTxs.Name)
+	if ctx.GlobalIsSet(HTTPPathPrefixFlag.Name) {


Why is this tied to the http flag?

karalabe · 2021-02-18T16:56:44Z


-	eth.APIBackend = &EthAPIBackend{stack.Config().ExtRPCEnabled(), stack.Config().UnprotectedAllowed, eth, nil}
+	eth.APIBackend = &EthAPIBackend{stack.Config().ExtRPCEnabled(), stack.Config().AllowUnprotectedTxs, eth, nil}
+	log.Info("Unprotected TXs allowed", "value", eth.APIBackend.allowUnprotectedTxs)


please type it out, transactions :P

holiman · 2021-02-18T17:59:25Z

Oh, that log line, I just usee it for testing, didn't mean it had to be incorporated.... But actually it might be good to have somewhere

holiman

LGTM

csquan · 2022-05-26T03:06:29Z

when I send tx,I still got error:"Cannot submit unprotected transaction".
what should I do?

MariusVanDerWijden · 2022-05-26T16:39:15Z

Don't use non-eip155 replay protected transactions. They are unsafe as they can be replayed on a different chain.

csquan · 2022-10-11T07:10:46Z

but seng tx as I usually do,usually I successsend tx. This time just to metis mannet.what should I do ? mars ***@***.***  

…

------------------ 原始邮件 ------------------ 发件人: "ethereum/go-ethereum" ***@***.***>; 发送时间: 2022年5月27日(星期五) 凌晨0:39 ***@***.***>; ***@***.******@***.***>; 主题: Re: [ethereum/go-ethereum] internal/ethapi: disable sending of non eip155 replay protected tx (#22339) Don't use non-eip155 replay protected transactions. They are unsafe as they can be replayed on a different chain. — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: ***@***.***>

…hereum#22339

…hereum#22339 (#971) * internal/ethapi: disable sending of non eip155 replay protected tx ethereum#22339 * eth: optimize the initialization logic of EthAPIBackend * fix

internal/ethapi: disable sending of non eip155 replay protected trans…

1d71eb7

…actions

holiman reviewed Feb 17, 2021

View reviewed changes

Comment thread internal/ethapi/api.go Outdated

MariusVanDerWijden added 2 commits February 17, 2021 13:08

internal/ethapi: improved error message

b1f1634

internal/ethapi: improved error message

56ff034

karalabe added this to the 1.10.0 milestone Feb 17, 2021

node: add EIP155Required option

ede6175

MariusVanDerWijden requested review from fjl, karalabe, renaynay, rjl493456442 and zsfelfoldi as code owners February 17, 2021 16:16

holiman reviewed Feb 17, 2021

View reviewed changes

Comment thread eth/api_backend.go Outdated

node: rename EIP155Required to UnprotectedAllowed

90f7ab2

holiman suggested changes Feb 18, 2021

View reviewed changes

karalabe reviewed Feb 18, 2021

View reviewed changes

Comment thread node/config.go Outdated

cmd: add flag

671e748

MariusVanDerWijden added 2 commits February 18, 2021 12:15

fixed read from config, renamed

82208ad

typo

d73a0ea

karalabe reviewed Feb 18, 2021

View reviewed changes

cmd: wrong logic

80b4c42

holiman approved these changes Feb 22, 2021

View reviewed changes

holiman merged commit 142fbcf into ethereum:master Feb 23, 2021

renaynay mentioned this pull request Mar 3, 2021

Disable sending of non eip155 replay protected tx by default besu-eth/besu#1975

Closed

Jovonni mentioned this pull request Mar 9, 2021

"truffle migrate —reset" failed from "geth 1.10.0" ConsenSys-archive/truffle#3913

Closed

1 task

gabmontes mentioned this pull request Mar 10, 2021

Investigate Truffle's incompatibilities with Geth 1.10.0 ConsenSys-archive/truffle#3912

Closed

quorumbot mentioned this pull request Sep 3, 2021

[Upgrade] Go-Ethereum release v1.10.0 Consensys/quorum#1249

Merged

9 tasks

baptiste-b-pegasys mentioned this pull request Sep 3, 2021

[Upgrade] Go-Ethereum release v1.10.0 baptiste-b-pegasys/quorum#16

Closed

9 tasks

MariusVanDerWijden deleted the rpc-non-eip155 branch November 30, 2021 15:24

This was referenced Sep 23, 2022

Metadium to master METADIUM/go-metadium#24

Closed

Metadium to master METADIUM/go-metadium#25

Merged

Simpdaddyjosh approved these changes Apr 21, 2023

View reviewed changes

pcaversaccio mentioned this pull request Sep 10, 2024

tracking: default to CreateX for CREATE2/3 factory for new scripts foundry-rs/foundry#2638

Open

4 tasks

pcaversaccio mentioned this pull request Dec 12, 2024

EOFCREATE: Don't hash the init-container ipsilon/eof#162

Closed

JukLee0ira added a commit to JukLee0ira/XDPoSChain that referenced this pull request Apr 25, 2025

internal/ethapi: disable sending of non eip155 replay protected tx et…

1153701

…hereum#22339

Conversation

MariusVanDerWijden commented Feb 17, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

karalabe commented Feb 17, 2021

Uh oh!

holiman commented Feb 17, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

holiman left a comment

Choose a reason for hiding this comment

Uh oh!

karalabe Feb 18, 2021

Choose a reason for hiding this comment

Uh oh!

MariusVanDerWijden Feb 18, 2021

Choose a reason for hiding this comment

Uh oh!

Uh oh!

MariusVanDerWijden commented Feb 18, 2021

Uh oh!

holiman commented Feb 18, 2021

Uh oh!

karalabe Feb 18, 2021

Choose a reason for hiding this comment

Uh oh!

karalabe Feb 18, 2021

Choose a reason for hiding this comment

Uh oh!

holiman commented Feb 18, 2021 via email

Uh oh!

holiman left a comment

Choose a reason for hiding this comment

Uh oh!

csquan commented May 26, 2022

Uh oh!

MariusVanDerWijden commented May 26, 2022

Uh oh!

csquan commented Oct 11, 2022 via email

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

MariusVanDerWijden commented Feb 17, 2021 •

edited

Loading

holiman commented Feb 17, 2021 •

edited

Loading