Open dasanra opened 3 years ago
Is there a way that we can identify which app sent which request? Is it possible to block just a single app?
How would we handle cases where one app causes unexpected extreme traffic and minimize the impact on other Safe apps?
While it is ok if we don't solve all of the question in 1 issue, we should generate a concrete plan that we can implement step by step.
Is there a way that we can identify which app sent which request? Is it possible to block just a single app?
Would a proxy between interface <-> rpc endpoint help in this case?
Alchemy supports blocklists, but I'm not sure if they allow functionality for differentiating Safe Apps (maybe custom HTTP header)
I think is not related, but it might help. While developing the Uniswap Safe App i noticed that once a tx was made using the Gnosis provider, i wouldn't have the tx information inmediately. Maybe this is an issue other safe apps have and that's why they are making so many calls. If there was a way of making a tx and then asynchronously get the tx information, that would solve this type of problem
Is this still relevant given that #2558 is closed? Rate-limiting could be now added on the backend and the RPC URL modified accordingly in the admin. Sounds like nothing to do on the frontend.
Is this still relevant given that #2558 is closed? Rate-limiting could be now added on the backend and the RPC URL modified accordingly in the admin. Sounds like nothing to do on the frontend.
it is still relevant, the second point from the ticket (Look into rate limiting/analytics/proxy/etc
) wasn't addressed but we'd still like to have it. Perhaps we can close this one and create a separate, more specific one
cc @dasanra
Title/Description
Some full featured safe apps rely on our web3 instance to fetch information from blockchain. This is something out of our control and it's usually a heavy usage. We are already pushing many queries to our RPC provider, so having more apps that don't optimize this enough will add cost for us.
Steps to reproduce
Try http://staking.synthetix.io/ using it as a safe app Open developer tools. Check that on each navigation the amount of requests is already pretty heavy Execute a transaction and check that queries are sent every few seconds to get the state of the transaction, at an approximate rate of 200 each 1 minute
The same behavior was detected with other full featured apps like Sorbet Finance https://www.sorbet.finance/
Expected result
We should find a way of limiting the amount of request or provide a different RPC endpoint to avoid that an external app overflows the api key we use for the Safe web
Backend involvement
Proxy specs: https://docs.google.com/document/d/1euMeCIH4FJxhuXCsKht_3HjPLZ6gC5od2odfQHuRJWY/edit?usp=sharing
Steps