Add Transaction Permissioning Hook to PermissioningService Interface

CHANGELOG.md

@@ -32,6 +32,7 @@
   - Fast Sync
 
 ### Additions and Improvements
+- Add support for registeringTransactionPermissionProvider in Plugin API to define and validate transaction rules [#7952](https://github.com/hyperledger/besu/pull/7952)
 - Fine tune already seen txs tracker when a tx is removed from the pool [#7755](https://github.com/hyperledger/besu/pull/7755)
 - Support for enabling and configuring TLS/mTLS in WebSocket service. [#7854](https://github.com/hyperledger/besu/pull/7854)
 - Create and publish Besu BOM (Bill of Materials) [#7615](https://github.com/hyperledger/besu/pull/7615) 

acceptance-tests/test-plugins/build.gradle

@@ -9,6 +9,7 @@ dependencies {
   implementation project(':ethereum:rlp')
   implementation project(':ethereum:api')
   implementation project(':plugin-api')
+  implementation project(':ethereum:permissioning')
   implementation 'com.google.auto.service:auto-service'
   implementation 'info.picocli:picocli'
 

acceptance-tests/test-plugins/src/main/java/org/hyperledger/besu/tests/acceptance/plugins/TestPermissioningPlugin.java

@@ -19,6 +19,7 @@
 import org.hyperledger.besu.plugin.services.PermissioningService;
 import org.hyperledger.besu.plugin.services.PicoCLIOptions;
 
+
 import com.google.auto.service.AutoService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -76,6 +77,17 @@ public void beforeExternalServices() {
             }
             return true;
           });
+
+      service.registerTransactionPermissioningProvider(
+              transaction -> {
+                long configuredGasLimitThreshold = 12000L;
+                long gasLimit = transaction.getGasLimit();
+                LOG.info("Transaction gas limit: {} | Configured threshold: {} ", gasLimit, configuredGasLimitThreshold);
+                return gasLimit > configuredGasLimitThreshold;
+              }
+      );
+
+
     }
   }
 

acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/plugins/PermissioningPluginTest.java

@@ -27,13 +27,17 @@
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
 public class PermissioningPluginTest extends AcceptanceTestBase {
   private BesuNode minerNode;
 
   private BesuNode aliceNode;
   private BesuNode bobNode;
   private BesuNode charlieNode;
 
+  private static final long GAS_LIMIT_THRESHOLD = 12000L;
+
   @BeforeEach
   public void setUp() throws Exception {
     minerNode = besu.create(createNodeBuilder().name("miner").build());
@@ -96,4 +100,20 @@ public void transactionsAreNotSendToBlockPendingTransactionsNode() {
     charlieNode.verify(txPoolConditions.notInTransactionPool(txHash));
     minerNode.verify(txPoolConditions.inTransactionPool(txHash));
   }
+
+  @Test
+  public void testGasLimitLogic() {
+    final long transactionGasLimit = 10000L;
+    boolean isTransactionPermitted = checkTransactionGasLimit(transactionGasLimit);
+
+    assertThat(isTransactionPermitted).isTrue();
+  }
+
+  private boolean checkTransactionGasLimit(long gasLimit) {
+    if (gasLimit > GAS_LIMIT_THRESHOLD) {
+      return true;
+    } else {
+      return false;
+    }
+  }
 }

besu/src/main/java/org/hyperledger/besu/services/PermissioningServiceImpl.java

@@ -14,20 +14,27 @@
  */
 package org.hyperledger.besu.services;
 
+import org.hyperledger.besu.ethereum.core.Transaction;
+import org.hyperledger.besu.ethereum.permissioning.account.TransactionPermissioningProvider;
 import org.hyperledger.besu.plugin.services.PermissioningService;
 import org.hyperledger.besu.plugin.services.permissioning.NodeConnectionPermissioningProvider;
 import org.hyperledger.besu.plugin.services.permissioning.NodeMessagePermissioningProvider;
 
+import java.util.ArrayList;
 import java.util.List;
 import javax.inject.Inject;
 
 import com.google.common.collect.Lists;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /** The Permissioning service implementation. */
 public class PermissioningServiceImpl implements PermissioningService {
+  private static final Logger LOG = LoggerFactory.getLogger(PermissioningServiceImpl.class);
 
   private final List<NodeConnectionPermissioningProvider> connectionPermissioningProviders =
       Lists.newArrayList();
+  private final List<TransactionPermissioningProvider> transactionPermissioningProviders = new ArrayList<>();
 
   /** Default Constructor. */
   @Inject
@@ -39,6 +46,12 @@ public void registerNodePermissioningProvider(
     connectionPermissioningProviders.add(provider);
   }
 
+  @Override
+  public void registerTransactionPermissioningProvider(TransactionPermissioningProvider provider) {
+    transactionPermissioningProviders.add(provider);
+    LOG.info("Registered new transaction permissioning provider.");
+  }
+
   /**
    * Gets connection permissioning providers.
    *
@@ -65,4 +78,20 @@ public void registerNodeMessagePermissioningProvider(
   public List<NodeMessagePermissioningProvider> getMessagePermissioningProviders() {
     return messagePermissioningProviders;
   }
+
+  /**
+   * Gets transaction rules.
+   *
+   * @return if the transaction is valid
+   */
+  public boolean isTransactionPermitted(Transaction transaction) {
+    for (TransactionPermissioningProvider provider : transactionPermissioningProviders) {
+      if (!provider.isPermitted(transaction)) {
+        LOG.debug("Transaction {} not permitted by one of the providers.", transaction.getHash());
+        return false;
+      }
+    }
+    LOG.debug("Transaction {} permitted.", transaction.getHash());
+    return true;
+  }
 }

plugin-api/build.gradle

@@ -71,7 +71,7 @@ Calculated : ${currentHash}
 tasks.register('checkAPIChanges', FileStateChecker) {
   description = "Checks that the API for the Plugin-API project does not change without deliberate thought"
   files = sourceSets.main.allJava.files
-  knownHash = 'f6fi+lsYVZtFjmGOyiMPPCfNDie4SIPpj6HVgXRxF8Q='
+  knownHash = '3LJPysmUYg0xxYVX7SkUs0qD9WUzOm45/+8RnB2DpHI='
 }
 check.dependsOn('checkAPIChanges')
 

plugin-api/src/main/java/org/hyperledger/besu/plugin/services/PermissioningService.java

@@ -14,6 +14,7 @@
  */
 package org.hyperledger.besu.plugin.services;
 
+import org.hyperledger.besu.ethereum.permissioning.account.TransactionPermissioningProvider;
 import org.hyperledger.besu.plugin.services.permissioning.NodeConnectionPermissioningProvider;
 import org.hyperledger.besu.plugin.services.permissioning.NodeMessagePermissioningProvider;
 
@@ -38,6 +39,13 @@ public interface PermissioningService extends BesuService {
    */
   void registerNodePermissioningProvider(NodeConnectionPermissioningProvider provider);
 
+  /**
+   * Registers a callback for transaction permission.
+   *
+   * @param provider The provider to register
+   */
+  void registerTransactionPermissioningProvider(TransactionPermissioningProvider provider);
+
   /**
    * Registers a callback to allow the interception of a devp2p message sending request
    *