fix: override eth_callMany to apply seismic preprocessing#388
fix: override eth_callMany to apply seismic preprocessing#388matthias-wright wants to merge 6 commits into
Conversation
Signed-read seismic transactions were previously rejected only at mempool admission. Block producers ingesting txs through non-mempool paths — builder API, private orderflow, or the EIP-712 `TypedData` variant of `eth_sendRawTransaction` which bypassed `Decodable2718` — could include a signed-read tx directly, letting an attacker who intercepted a signed `eth_call` payload replay it as an actual state-changing transaction. Consumes seismic-alloy's decoder-level rejection (#104, c1ce533) and updates this crate accordingly: * `send_raw_transaction`: the `TypedData` arm now decodes the EIP-712 payload into a `SeismicTxEnvelope`, re-encodes as RLP, and delegates to `EthTransactions::send_raw_transaction(bytes)`. All signed-tx ingress now funnels through a single `Decodable2718::typed_decode` pipeline, so decode-time invariants (including the new signed-read rejection) apply uniformly. Removes the parallel pool-admission pipeline that was the bypass. * For `eth_call`'s Bytes path, a new `recover_raw_seismic_call_tx` helper uses seismic-alloy's permissive `decode_2718_permit_seismic_calls` so legitimate signed-read payloads are still accepted. * Removes the now-redundant mempool-level `validate_signed_read_for_write` check and its associated error variant. Depends on seismic-alloy PR #104; the \`rev\` in Cargo.toml is temporary and should be bumped to the merged-main commit before landing.
|
Adds Phase 1
Phase 2
LGTM |
2 participants
Overwrites the
eth_callManyendpoint to apply the same sanitization steps that are applied toeth_call,eth_simulateV1, andeth_estimateGas`.Changes:
call_manymethod on theEthApiOverridetrait, takingVec<Bundle<SeismicCallRequest>>.EthApiExt::call_manyruns each call throughconvert_seismic_call_to_tx_requestandsigned_read_to_plaintext_txbefore delegating toEthCall::call_many, then encrypts per-callvaluefor signed reads.