get_resource_limits() in privileged api should be accessed by everyone

EOSIO / eos

An open source smart contract platform

https://developers.eos.io/manuals/eos

MIT License

11.28k stars 3.6k forks source link

get_resource_limits() in privileged api should be accessed by everyone #5319

Open qimiaoguo opened 6 years ago

qimiaoguo commented 6 years ago

Now only the privileged account can access the privileged api, this is true. However, I think the get_resource_limits should be take out of it because it is just a get-action.

Two reasons:

My contract can know how much ram or net or cpu has been used when an inline action is executed, then it can decide if to accept it or not.
When transfer token to others, if others' account take your ram, then you can monitor it and let the transfer fail.

Now we can only get account usage with the RPC, but not in the contract, is it right?

taokayan commented 6 years ago

agree with this. But it's not an easy change, as it might result in hard-fork or non-replayable chain.

qimiaoguo commented 6 years ago

@taokayan Why can it result in a hard-fork? It is a new action that no contract have used before. You can add a new action if you worried. In fact, you don't need worry about the hard-fork, because no transactions will be included in the block if it call the get_resource_limits() method.

wanderingbort commented 6 years ago

@qimiaoguo the issue that creates a hardfork is the change in access to the get_resource_limits intrinsic. consider a deployed un-privileged contract that uses this intrinsic in an action called forkchain which does nothing but call this intrinsic.

Any validator/producer that is running a version before this change would consider any transaction that includes forkchain to be a violation of the protocol as it calls an intrinsic that the software considers to be "privileged-only"

Any validator/producer that is running a version after this change would consider any transaction that includes forchain valid.

So, any block that includes said transaction is a hard-fork point where any old client will fork out of the network and only new clients will be able to proceed.

wanderingbort commented 6 years ago

additionally get_resource_limits provides limits, not usage. So it cannot detect when an account has used your accounts resources in an unexpected way.

qimiaoguo commented 6 years ago

@wanderingbort correct me if am wrong, I can call this method before and after an action, and calculate the difference, then I can decide to if accept the action. However, my intention is to let the contract know how much resource it has used, you can provide another method for us.

This is a step for contract developers, and I think in the more future, you can try to think how to provide the ability that everybody can set the max resource when call an action.

Thanks, hope the hard-fork can solve the problem.

liamcurry commented 5 years ago

Agreed that getters like get_resource_limits and get_blockchain_parameters_packed should be available to everyone.