search

alchemyplatform / rundler

An ERC-4337 Bundler in Rust
GNU Lesser General Public License v3.0
250 stars 30 forks source link

pool: Support for out of order nonces #250

Open dancoombs opened 1 year ago

dancoombs commented 1 year ago

Describe the feature Allow users to submit out of order nonces and have the mempool order them.

How this could work:

  1. When a user op is added to the mempool, first check its nonce.
  2. If the nonce is next nonce, proceed as normal
  3. If the nonce is higher than next, but within some small bound, move it to the waiting pool
  4. Once the nonce directly before it is mined, move the op from the waiting pool to the main pool
  5. Before adding to the main pool, simulate the op's validation to ensure valid.

Details:

These issues arise because validation will revert if the nonce is out of order.

  1. Gas estimation relies on validation field not reverting in order to get a true gas estimation.
  2. Since simulation cannot succeed until the nonce is ready, we cannot run and synchronously return any failures back to the user. The op will just get dropped when its time to mine.

Potential solutions:

  1. For gas estimation we can always override the nonce storage slot for nonce check with the previous nonce.
  2. When adding to the mempool, if the nonce is within a reasonable range, we can override the nonce storage slot and run validation before adding to the initial pool. This assumes that the user doesn't do any weird logic in their validation regarding nonces.

Best solution:

We should petition to modify the entry point to have the validation function return that the nonce was incorrect instead of revert, similar to what it does with signatures. At the same time we can make the same argument for ops that have a time range that is valid at some point in the future.

dancoombs commented 1 year ago

Blocked by https://github.com/OMGWINNING/rundler/issues/75

dancoombs commented 11 months ago

Running validation on a nonce that is out of order never will work generically. Its completely valid for a previous nonce to modify the account such that the subsequent nonce becomes valid/invalid.

We will always need to delay simulation until a nonce is ready to be mined.

github-actions[bot] commented 9 months ago

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

dancoombs commented 9 months ago

Running validation on a nonce that is out of order never will work generically. Its completely valid for a previous nonce to modify the account such that the subsequent nonce becomes valid/invalid.

We will always need to delay simulation until a nonce is ready to be mined.

I think this is the correct approach. We should couple this with a mempool status endpoint so users can see the status of queued UOs and track when they are dropped.