Validate Wasm on Program deployment?

[mixmix]

Right now you can deploy any old jank as a "wasm binary". This seems dangerous / wasteful? Yes the person pays for this, but I would rather:

• if I make a mistake as a user I am told before wasting money
• we keep the chain lighter by keeping it free from useless clutter/spam?

Me testing CLI right now:

echo "wasm junk - $(date)"  > /tmp/entropy.fake.wasm

entropy program deploy -a naynay  /tmp/entropy.fake.wasm /tmp/configSchema.json /tmp/aucDataSchema.json

[mixmix]

Ideas:

• magic numbers for wasm?
• a quick tool-run wasm-objdump faucet_program.wasm --details (wabt)
• run the wasm with random input once before deploy (confirm you get bool back)

[johnnymatthews]

This sounds like a good idea, but isn't this what the local network and testnet are for? Like, me as a dev should deploy locally and run tests to make sure my Entropy program actually works how it should do. I then deploy it to the testnet to reconfirm everything works. Once that's done, deploy to mainnet.

Reducing the chance of deploying a borked Entropy program to mainnet is a good idea. But I wonder if this is too much hand-holding, and we should direct devs to appropriate tools (like WABL) through good docs.

[ameba23]

I think this has come up before and the idea was that that this validation should happen in the tooling for building programs and/or the SDK or other client software, rather than on chain, because on-chain computation is expensive and happens in a restrictive environment where some things cannot be done.

For example, probably the best way to check if a program is valid is to load it into the programs runtime and try to run it. But im not sure if we can do this from within the blockchain runtime.

The program-building template repo provides a way to build and deploy your program giving some guarantee that the program will only deploy if it builds correctly, and the program-metadata-http-service gives some (perhaps not very strong) guarantee that a particular on-chain program corresponds to a particular source code repo.

But yes, at the chain-api level there is nothing to stop you uploading garbage, and currently no plans to do anything about it.

[mixmix]

:clown_face:

cp ~/Music/Killing_in_the_name.mp3 /tmp/Killing_in_the_name.wasm

entropy program deploy -a naynay \
  /tmp/Killing_in_the_name.wasm \
  /tmp/entropy.configSchema.fake.json \
  /tmp/entropy.auxDataSchema.fake.json

How much does it cost for me to host whatever I want on the blockchain forever?

[mixmix]

NOTE: this is me role-playing a cheeky user/ attacker. I'm obviously not advocating doing this. I'm demonstrating we might need to think about this as an attack / abuse vector. (Maybe we already have). I suppose there is a blob size limit for that wasm?

[HCastano]

@mixmix the Program pallet charges a deposit and enforces a maximum program length.

In the runtime we have these limits set to 1MiB max upload.

So yes, you can upload random stuff but you gotta pay for it. Whether or not the deposit costs are actually high enough to deter any spam is unclear, but I'm sure it'll be more clear with time.

[johnnymatthews]

Whether or not the deposit costs are actually high enough to deter any spam is unclear, but I'm sure it'll be more clear with time. -- @HCastano

And this, arguably, is an answer for a crypto-econ person. Lots of funky nerd math to figure out how much is enough.