Skip to content

feat: restrict response sizes to expected sizes #20287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mrzeszutko merged 1 commit into from
Feb 10, 2026
Merged

feat: restrict response sizes to expected sizes #20287

mrzeszutko merged 1 commit into from
Feb 10, 2026
+210 −8

Conversation

@mrzeszutko
Copy link
Contributor

@mrzeszutko mrzeszutko commented Feb 9, 2026

P2P ReqResp: Restrict response sizes to expected sizes

Summary

P2P request responses were previously limited to a default max size of 10MB for all ReqResp protocols. This change makes the limits dynamic based on what was actually requested. For example, if requesting 8 transactions, the limit is now 8 × MAX_TX_SIZE_KB + 1 KB instead of a blanket 10MB.

This reduces the attack surface for oversized response DoS and ensures predictable memory usage.

Changes

Size calculation per protocol

Protocol Request Contains Max Response Size
TX TxHashArray count × 512 KB + 1 KB
BLOCK_TXS BitVector requestedCount × 512 KB + 1 KB
BLOCK Fr (block number) Fixed 3 MB (TxEffects only, no proofs)
STATUS StatusMessage 1 KB
PING minimal 1 KB
AUTH AuthRequest 1 KB
GOODBYE minimal 1 KB

Files changed

  • stdlib/src/p2p/constants.ts — Added MAX_L2_BLOCK_SIZE_KB constant (3 MB)
  • p2p/src/services/encoding.ts — Added maxSizeKbOverride parameter to inboundTransformData() so callers can override topic-based limits
  • p2p/src/services/reqresp/protocols/tx.ts — Added calculateTxResponseSize() that computes expected size from TxHashArray length
  • p2p/src/services/reqresp/protocols/block_txs/block_txs_reqresp.ts — Added calculateBlockTxsResponseSize() that computes expected size from BitVector indices
  • p2p/src/services/reqresp/interface.ts — Added subProtocolSizeCalculators map linking each protocol to its size calculator
  • p2p/src/services/reqresp/reqresp.tssendRequestToPeer() now computes expected response size from request payload and passes it through to decompression validation

Tests added

  • protocols/tx.test.ts (new) — Unit tests for calculateTxResponseSize covering single hash, multiple hashes, batch size, raw hash fallback, garbage input, and empty array
  • protocols/block_txs/block_txs.test.ts — Unit tests for calculateBlockTxsResponseSize covering various BitVector configurations and error cases
  • encoding.test.ts — Tests for maxSizeKbOverride parameter precedence over topic and default limits

Notes

  • Gossip sub topic limits (block_proposal, checkpoint_proposal, etc.) are not changed in this PR — only ReqResp protocols
  • The existing MAX_TX_SIZE_KB (512 KB) constant is reused for all transaction size calculations
  • Size calculators gracefully handle unparseable request buffers by falling back to a single transaction size limit

Resolves A-469

@mrzeszutko mrzeszutko force-pushed the mrzeszutko/reqresp-size-limit branch from 03750df to 8aff4ac Compare February 10, 2026 15:39
@AztecBot
Copy link
Collaborator

AztecBot commented Feb 10, 2026

Flakey Tests

🤖 says: This CI run detected 1 tests that failed, but were tolerated due to a .test_patterns.yml entry.

\033FLAKED\033 (8;;http://ci.aztec-labs.com/d6e889bfead37005�d6e889bfead370058;;�):  yarn-project/end-to-end/scripts/run_test.sh simple src/e2e_epochs/epochs_mbps.parallel.test.ts "builds multiple blocks per slot with transactions anchored to proposed blocks" (231s) (code: 1) group:e2e-p2p-epoch-flakes

@mrzeszutko
Copy link
Contributor Author

mrzeszutko commented Feb 10, 2026

@PhilWindle merging - just rebased on merge-train/spartan to fix CI issues

@mrzeszutko mrzeszutko merged commit 33b8b53 into merge-train/spartan Feb 10, 2026
11 checks passed
@mrzeszutko mrzeszutko deleted the mrzeszutko/reqresp-size-limit branch February 10, 2026 16:05
@AztecBot AztecBot mentioned this pull request Feb 10, 2026
Merged
github-merge-queue bot pushed a commit that referenced this pull request Feb 11, 2026
@ludamad
feat: merge-train/spartan (#20337)
02172e1 
BEGIN_COMMIT_OVERRIDE
chore(ci3): add optional local cache for bootstrap artifacts (#20305)
fix: Fix p2p integration test (#20331)
chore: reduce fee log severity (#20336)
feat: restrict response sizes to expected sizes (#20287)
feat: retry web3signer connection (#20342)
feat(p2p): Integrate TxPoolV2 across codebase (#20172)
feat: review and optimize Claude configuration, agents, and skills
(#20270)
fix(prover): handle cross-chain messages when proving mbps (#20354)
chore: retry flakes. if retry pass, is a flake as we know it now. fail
both is hard fail (#19322)
chore(p2p): add mock reqresp layer for tests (#20370)
fix: (A-370) don't propagate on tx mempool add failure (#20374)
chore: Skip the HA test (#20376)
feat: Retain pruned transactions until pruned block is finalised
(#20237)
END_COMMIT_OVERRIDE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PhilWindle PhilWindle PhilWindle approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mrzeszutko @AztecBot @PhilWindle