Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding transaction_call endpoint #832

Open
wants to merge 17 commits into
base: master
Choose a base branch
from
Open

Adding transaction_call endpoint #832

wants to merge 17 commits into from

Conversation

otherview
Copy link
Member

Description

This PR adds a new endpoint that allows to simulate and estimate based on transactions instead of clauses.
The added value is to bring api communication to the transaction level. This allows for gotchas like, chaintag, expiration, nonce, etc to be more visible and allows executing transactions in a given block revision

Summary of the endpoint:

URL :         POST /transactions/call?revision=best
Payload :   transaction.Transaction (existing type)
Response:   transaction.CallReceipt (transaction.Receipt minus Block info)
type CallReceipt struct {
	GasUsed  uint64                `json:"gasUsed"`
	GasPayer thor.Address          `json:"gasPayer"`
	Paid     *math.HexOrDecimal256 `json:"paid"`
	Reward   *math.HexOrDecimal256 `json:"reward"`
	Reverted bool                  `json:"reverted"`
	TxID     thor.Bytes32          `json:"txID"`
	TxOrigin thor.Address          `json:"txOrigin"`
	Outputs  []*Output             `json:"outputs"`
	VmError  string                `json:"vmError"`
}

Goal: Execute a transaction at the head of a specified block. Retrieve the total gas cost at the transaction level.
(Note: Can be expanded to execute in a block at a given tx position.)

Fixes # (issue)

Type of change

  • New feature (non-breaking change which adds functionality)

How Has This Been Tested?

  • Tests

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • New and existing E2E tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules
  • I have not added any vulnerable dependencies to my code

@codecov-commenter
Copy link

codecov-commenter commented Aug 28, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 32.41758% with 246 lines in your changes missing coverage. Please review.

Project coverage is 60.48%. Comparing base (51f4c07) to head (cb0e53d).

Files with missing lines Patch % Lines
runtime/runtime.go 0.00% 107 Missing ⚠️
api/transactions/types.go 59.57% 34 Missing and 4 partials ⚠️
runtime/resolved_tx.go 0.00% 28 Missing ⚠️
api/transactions/transactions.go 63.51% 19 Missing and 8 partials ⚠️
api/metrics.go 0.00% 22 Missing and 1 partial ⚠️
tx/block_ref.go 0.00% 13 Missing ⚠️
thorclient/httpclient/client.go 57.14% 4 Missing and 2 partials ⚠️
thorclient/thorclient.go 70.00% 3 Missing ⚠️
api/api.go 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #832      +/-   ##
==========================================
- Coverage   60.95%   60.48%   -0.48%     
==========================================
  Files         220      220              
  Lines       23425    23773     +348     
==========================================
+ Hits        14278    14378     +100     
- Misses       7982     8214     +232     
- Partials     1165     1181      +16

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@victhorbi victhorbi mentioned this pull request Sep 12, 2024
Open
@github-actions GitHub Actions
Copy link

This pull request has been marked as stale due to inactivity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale PR/ Issue has been marked as stale label Oct 28, 2024
@github-actions github-actions bot removed the stale PR/ Issue has been marked as stale label Nov 1, 2024
@MakisChristou MakisChristou force-pushed the pedro/transactions_call branch from 6e7853e to da734f1 Compare December 5, 2024 08:01
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 5, 2024
View reviewed changes
api/metrics.go
}
}

return c.ResponseWriter.Write(b)

Check warning

Code scanning / CodeQL

Reflected cross-site scripting Medium

Cross-site scripting vulnerability due to
user-provided value
Loading
.
Cross-site scripting vulnerability due to
user-provided value
Loading
.

Copilot Autofix AI 2 days ago

To fix the reflected cross-site scripting vulnerability, we need to ensure that any user input is properly sanitized or escaped before being written to the HTTP response. In this case, we can use the html.EscapeString function from the html package to escape the user input before writing it to the response.

  • We will modify the Write method in the callTxResponseWriter struct to escape the user input before writing it to the response.
  • Specifically, we will escape the VMError field in the resp struct before writing the response.
Suggested changeset 1
api/metrics.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/api/metrics.go b/api/metrics.go
--- a/api/metrics.go
+++ b/api/metrics.go
@@ -19,2 +19,3 @@
 	"github.com/vechain/thor/v2/metrics"
+	"html"
 )
@@ -66,3 +67,3 @@
 		if resp.VMError != "" {
-			c.VMError = resp.VMError
+			c.VMError = html.EscapeString(resp.VMError)
 		}
EOF
@@ -19,2 +19,3 @@
"github.com/vechain/thor/v2/metrics"
"html"
)
@@ -66,3 +67,3 @@
if resp.VMError != "" {
c.VMError = resp.VMError
c.VMError = html.EscapeString(resp.VMError)
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@MakisChristou MakisChristou marked this pull request as ready for review December 17, 2024 11:44
@MakisChristou MakisChristou requested a review from a team as a code owner December 17, 2024 11:44
leszek-vechain
leszek-vechain reviewed Dec 17, 2024
View reviewed changes
thorclient/httpclient/client_test.go
@@ -300,6 +301,25 @@ func TestClient_GetTransaction(t *testing.T) {
assert.Equal(t, expectedTx, tx)
}

func TestClient_CallTransaction(t *testing.T) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we also add negative tests ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess we can but those are mock tests afaik. So not sure what the benefit of returning a hardcoded "error" response will be and checking if its what we expect.

otherview
otherview commented Jan 17, 2025
View reviewed changes
Copy link
Member Author

@otherview otherview left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very minor bits, but lgtm - should there be a couple of e2e to go with this as well ?
I can't approve, but perhaps @libotony can have a final review and approve ?

api/doc/thor.yaml
@@ -191,6 +191,177 @@ paths:
type: string
example: 'Invalid transaction ID'

/transactions/call:
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't tried but when this yml gets generated, does it contain a working example ? (like the other endpoints)

api/metrics.go

// Record VM error if present
if ctxWriter.VMError != "" {
metricTxCallVMErrors().AddWithLabel(1, map[string]string{
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What happens if there are a high number of different errors here ?

api/metrics.go
if rt != nil && rt.GetName() != "" {
enabled = true
name = rt.GetName()
if name == "transactions_call_tx" {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the goal of this particular case ?

api/transactions/transactions_test.go
@@ -74,6 +79,16 @@ func TestTransaction(t *testing.T) {
} {
t.Run(name, tt)
}

// Call transaction
for name, tt := range map[string]func(*testing.T){
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can another test be added here that does the same checks, or a summarized version, of the checks that the mempool does to verify tx integrity ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah! These seem to be covered already yeah ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leszek-vechain leszek-vechain leszek-vechain left review comments

@MakisChristou MakisChristou MakisChristou left review comments

@riikolilover riikolilover riikolilover approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@otherview @codecov-commenter @MakisChristou @riikolilover @leszek-vechain @YeahNotSewerSide