Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Contract redirection implement #1384

Closed
doubiliu opened this issue Dec 26, 2019 · 1 comment
Closed

Contract redirection implement #1384

doubiliu opened this issue Dec 26, 2019 · 1 comment
Labels
Discussion Initial issue state - proposed but not yet accepted

Comments

@doubiliu
Copy link
Contributor

doubiliu commented Dec 26, 2019
edited
Loading

Background

Currently, when a contract is upgraded, it will replace the data prefix of all data in current contract storage area to move the data into new contract storage area. However, if there is a large amount of data in the storage area of current contract, this will make the contract upgrade need to consume a lot of resources, and even the possibility of a DOS attack, so we need to optimize the upgrade logic of the existing contract.

Thanks to @erikzhang @vncoelho @igormcoelho @shargon for the discussion in #694. And @erikzhang proposed a redirection idea, which is a very effective method. Therefore, based on this idea, we designed a redirection implement . Feel free to discuss.

Specification

Currently,contracts use the data prefix (ScriptHash) + key as the actual key for data storage. This method effectively separates independent storage space for each contract in the database, making it impossible for other contracts to directly read and modify the content of the contract's storage area, ensuring data security. But it also makes the contract must replace the data prefix during the upgrade process, so that the new contract can inherit the data of the old contract. When the amount of data is large, this will cause a lot of resource consumption and exist the risk of DOS attack.
image

@erikzhang gave the idea of redirection. This method allows any modification of the contract data to be redirected to the data storage area of the original contract, so that the contract does not need to replace the data prefix of the original data when upgrading. This method is very efficient and is a very important optimization point, but there are some problems that need to be considered.
image

Thanks to @igormcoelho, the core developers of the community have raised some issues to be considered, which are summarized as follows:

  1. Old contracts cannot be redeployed
  2. Transparent data storage and contract method calls
  3. Verification
  4. The method of the old contract cannot be invoked after the contract is upgraded
    Based on the above, we designed the redirection implement.

Implement

We need to add 2 new attributes to the contract: redirection and isDeleted
redirection represents the contract hash used to mark redirects.
isDeleted represents whether the contract was deleted (0: not deleted; 1: deleted)

Eg: Now that there is an old contract A and a new contract B, then contract B is redirected to contract A, Contract B-> Contract A. Then the redirection value in contract B is the hash of contract A.

A) Contract upgrade

Check if the redirect property of the old contract is null.

  1. If is null, it means the old contract is the initial contract, and the redirection value of the new contract is set to the old contract address
    image

  2. Else, it means that old contract is not a initial contract, and the redirection of the new contract is set to the redirection value of the old contract, that is, multiple redirection operations have occurred.
    image

    Continue to execute the existing logic afterwards, but if the old contract is the initial contract, it will not be deleted but marked with isDeleted as 1.

B) Contract deployment

When the contract is deployed, check whether the contract exists.

  1. If it exists, the deployment fails.

  2. Else, continue with the existing logic

C) Contract deletion

When the contract is deleted, the initial contract is deleted together with the redirection property.

D) CRUD operation on contract storage area

Check whether the current contract has been redirected through the redirect property

  1. If this contract does not redirect to other contracts, continue execution according to existing logic.

  2. Else, replace the existing data prefix with `redirection and perform the corresponding CRUD operation.
    The CRUD operation is transparent and insensitive to the user during this process.

E) Contract invocation

When the contract is invoked, it is necessary to determine whether the contract is marked by isDeleted. The call to the contract that has been marked by isDeleted will fail.

Neo Version

  • Neo 3

Where in the software does this update applies to?

  • Smart Contract
@doubiliu doubiliu added the Discussion Initial issue state - proposed but not yet accepted label Dec 26, 2019
@doubiliu doubiliu mentioned this issue Dec 31, 2019
Closed
@doubiliu
Copy link
Contributor Author

Problem has been solved.
#1400 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Discussion Initial issue state - proposed but not yet accepted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@doubiliu