SIMD-0290: Relax Fee Payer Constraint #290
+80
−0
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,80 @@ | ||
| --- | ||
| simd: '0290' | ||
| title: Relax Fee Payer Constraint | ||
| authors: | ||
| - Andrew Fitzgerald (Anza) | ||
| category: Standard | ||
| type: Core | ||
| status: Review | ||
| created: 2025-05-29 | ||
| feature: | ||
| --- | ||
|
|
||
| ## Summary | ||
|
|
||
| This proposal aims to relax the handling of invalid fee payers in Solana. | ||
| Currently, if a transaction with an invalid fee payer is included in a block, | ||
| the entire block is rejected. | ||
| This proposal suggests that instead of rejecting the entire block, the | ||
| transaction with the invalid fee payer should simply skip execution. | ||
|
|
||
| ## Motivation | ||
|
|
||
| The current constraint forces block-validation to be synchronous since in order | ||
| to determine if a block is valid or not, some subset of transactions must be | ||
| executed in order to determine if the fee payer has sufficient funds to pay the | ||
| transaction fees. | ||
| By relaxing this constraint, we move one step closer towards asynchronous | ||
| validation/execution. | ||
|
|
||
| ## New Terminology | ||
|
|
||
| None. | ||
|
|
||
| ## Detailed Design | ||
|
|
||
| A transaction has a statically determined fee `fee` lamports. | ||
| A transaction can successfully pay fees if: | ||
|
|
||
| - The fee payer account has exactly `fee` lamports. | ||
| - The fee payer account has at least X + `rent_exempt_reserve` lamports. | ||
|
|
||
| If the fee payer account does not meet either of these conditions, the transaction | ||
| may be included in a block, but it must not be executed. | ||
| The transaction will have no effect on the state. | ||
|
|
||
| Invalid fee payer transactions will count their requested, | ||
| or default, compute units (CUs) towards block limits. | ||
| This is intended to make it strictly cheaper to process invalid fee payer | ||
| transactions compared to valid fee payer transactions of the same construction. | ||
|
There was a problem hiding this comment.
Can you say more about why "cheaper to process" invalid transaction that uses request (or default) CUs? Does it refer to request_cu usually greater than actual_cu, therefore fee/requested_cu will be smaller than fee/actual_cu (which is the case for valid transaction), therefore invalid fee payer transactions will have lower priority? There was a problem hiding this comment. Using assumption that checking fee payer is a constant cost regardless of whether it can pay fees or not (not really true, but for the cost-model it is what we assume). Then we 3 paths, and the things we do:
^ we do less work, i.e. don't need to do any execution checks if the fee payer cannot pay. |
||
|
|
||
| ## Alternatives Considered | ||
|
|
||
| - Requiring some sort of fee-payer lock up/bonding mechanism to ensure that fee | ||
| payers have sufficient funds to pay for the transaction fees. | ||
| - This is more complex compared to this proposal. | ||
|
|
||
| ## Impact | ||
|
|
||
| Transactions that are unable to pay fees may be included in blocks. | ||
|
|
||
| ## Security Considerations | ||
|
|
||
| - Possible attack vector where a malicious leader can spam transactions with | ||
| invalid fee payers. Mitigation for this is charging full CUs for these. | ||
|
|
||
| ## Drawbacks | ||
|
|
||
| - If there is no interest in simplifying block-validation to allow for | ||
| asynchronous, this proposal is not necesary. | ||
| - Concern about data propagation for without paying fees to the network (burn): | ||
| - This concern has been raised in the past when this has been discussed. | ||
| - However, the concern is largely invalid since even without this proposal, | ||
| a malicious leader could still propagate data through the network for free | ||
| by simply using an invalid fee payer. | ||
|
|
||
| ## Backwards Compatibility | ||
|
|
||
| - All previously valid transactions and blocks are still valid. | ||
| - Blocks produced after the change may be rejected by previous versions of the | ||
| validator client(s). | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
wrt "default", if SIMD-0172 is approved, default will be zero, or a small number (chances are smaller than its would-be actual CUs).