This repository has been archived by the owner on Nov 15, 2023. It is now read-only.
contracts: Lazy contract removal #6594
Labels
I2-security
The client fails to follow expected, security-sensitive, behaviour.
Comments
athei
added
the
I2-security
athei
added
J0-enhancement
This was referenced Nov 23, 2020
Closed
athei
added
I2-security
ghost
closed this as This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
With
O(1)child trie removal not happening anytime soon ( see discussion in #5280 ) we need to cope with the fact that contract removal takes linear time depending on how much storage a contract accumulated. This can be a problem because the removal can take longer than a single block and makes the chain subject to DoS because no-one is there to pay for the removal of an evicted contract.For that reason we should move to a model where contracts are removed lazily. When the removal of a contract is decided through one of the various entry points (discussed later), we immediately remove the contract itself (
ContractInfo) and schedule the actual storage removal to happen asynchronously possibly over multiple blocks. This operation is bounded and not DoSable because every storage item scheduled for removal is subject to rent payment making it expensive to accumulate huge amounts of storage.The following entry points can trigger the removal of a contract and must transfer to an asynchronous model:
ext_terminate: Contract triggers the removal of an contractclaim_surchargedispatchable: Some external caller triggers the eviction of a contract that did not pay rentDepends on: #7671
The text was updated successfully, but these errors were encountered: