Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[HackerOne-2300725] Limit the number of allowed constraints for deployments #2271

Merged
merged 40 commits into from
Feb 9, 2024
Merged

[HackerOne-2300725] Limit the number of allowed constraints for deployments #2271

merged 40 commits into from
Feb 9, 2024

Conversation

vicsn
Copy link
Contributor

@vicsn vicsn commented Dec 29, 2023
edited
Loading

Motivation

Large deployments may take a lot of time to synthesize, so as an initial stopgap we can limit their size, as measurement by the number of constraints.

Note that the current approach panics on failure, but because check_transaction_basic is called from snarkOS in a tokio task, this panic is gracefully handled. Returning a Result would cascade to 100 other functions using the Circuit api.

Test Plan

  • Manually test deploying to a validator via RPC. Prevents large deployments succesfully. Even with a manipulated verifying_key.
  • Check that the synthesizer benchmarks don't take a big hit
  • Add a test deploying a program which is too big.

Related PRs

https://github.com/AleoHQ/snarkOS/pull/2961

@vicsn vicsn mentioned this pull request Dec 29, 2023
Closed
@vicsn vicsn mentioned this pull request Jan 3, 2024
Closed
@vicsn vicsn marked this pull request as ready for review January 5, 2024 12:39
@howardwu howardwu requested a review from ljedrz January 9, 2024 03:58
ljedrz
ljedrz reviewed Jan 9, 2024
View reviewed changes
Copy link
Collaborator

@ljedrz ljedrz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left a few comments and suggestions.

@ljedrz ljedrz mentioned this pull request Jan 10, 2024
Closed
This was referenced Jan 10, 2024
Closed
Merged
@vicsn vicsn changed the title Limit the number of allowed constraints for deployments WIP: Limit the number of allowed constraints for deployments Jan 10, 2024
@vicsn vicsn changed the title WIP: Limit the number of allowed constraints for deployments Limit the number of allowed constraints for deployments Jan 10, 2024
@evan-schott
Copy link
Contributor

@evan-schott can you help finish the two tests in 01b95d2 and look at fixing any broken CI tests? We can discuss further in person.

I will investigate

@raychu86
Copy link
Contributor

Is there a reason more CI tests are failing? Do we need to resample anything?

@vicsn
Copy link
Contributor Author

vicsn commented Feb 2, 2024

LGTM!

howardwu
howardwu reviewed Feb 9, 2024
View reviewed changes
synthesizer/process/src/stack/call/mod.rs
Comment on lines +385 to +389
// If in 'CheckDeployment' mode, set the expected constraint limit.
if let CallStack::CheckDeployment(_, _, _, constraint_limit) = &registers.call_stack() {
A::set_constraint_limit(*constraint_limit);
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not convinced this logic is necessary.

When triggering call, no logic above this resets the constraint limit AFAIK.

@howardwu howardwu mentioned this pull request Feb 9, 2024
Closed
@howardwu howardwu merged commit ee6b2da into mainnet Feb 9, 2024
64 of 78 checks passed
@howardwu howardwu deleted the limit_deployment_num_constraints branch February 9, 2024 02:26
@howardwu howardwu mentioned this pull request Feb 9, 2024
Draft
@raychu86 raychu86 changed the title Limit the number of allowed constraints for deployments [HackerOne-2300725] Limit the number of allowed constraints for deployments Feb 12, 2024
@vicsn vicsn mentioned this pull request Mar 7, 2024
Closed
2 tasks
@vicsn vicsn mentioned this pull request Apr 10, 2024
Closed
@howardwu howardwu mentioned this pull request Apr 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iamalwaysuncomfortable iamalwaysuncomfortable iamalwaysuncomfortable left review comments

@ljedrz ljedrz ljedrz left review comments

@howardwu howardwu howardwu approved these changes

@raychu86 raychu86 Awaiting requested review from raychu86

Assignees
No one assigned
Labels
mainnet-candidate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@vicsn @howardwu @raychu86 @evan-schott @ljedrz @iamalwaysuncomfortable