CORDA-1353: Notaries should reject transactions that contain too… (#2986)

CORDA-1353: Notaries should reject transactions that contain too many inputs. Otherwise, it may cause a slowdown or make the service hang.
2025-06-23 17:53:31 +00:00 · 2018-04-25 17:29:19 +01:00
parent f89b3b3e0f
commit 7ad19af93f
5 changed files with 268 additions and 229 deletions
--- a/core/src/main/kotlin/net/corda/core/flows/NotaryFlow.kt
+++ b/core/src/main/kotlin/net/corda/core/flows/NotaryFlow.kt
@ -131,19 +131,21 @@ class NotaryFlow {
     */
    // See AbstractStateReplacementFlow.Acceptor for why it's Void?
    abstract class Service(val otherSideSession: FlowSession, val service: TrustedAuthorityNotaryService) : FlowLogic<Void?>() {
+        companion object {
+            // TODO: Determine an appropriate limit and also enforce in the network parameters and the transaction builder.
+            private const val maxAllowedInputs = 10_000
+        }

        @Suspendable
        override fun call(): Void? {
            check(serviceHub.myInfo.legalIdentities.any { serviceHub.networkMapCache.isNotary(it) }) {
                "We are not a notary on the network"
            }
-
            val requestPayload = otherSideSession.receive<NotarisationPayload>().unwrap { it }
            var txId: SecureHash? = null
            try {
                val parts = validateRequest(requestPayload)
                txId = parts.id
-                checkNotary(parts.notary)
                service.validateTimeWindow(parts.timestamp)
                service.commitInputStates(parts.inputs, txId, otherSideSession.counterparty, requestPayload.requestSignature)
                signTransactionAndSendResponse(txId)
@ -153,6 +155,16 @@ class NotaryFlow {
            return null
        }

+        /** Checks whether the number of input states is too large. */
+        protected fun checkInputs(inputs: List<StateRef>) {
+            if (inputs.size > maxAllowedInputs) {
+                val error = NotaryError.TransactionInvalid(
+                        IllegalArgumentException("A transaction cannot have more than $maxAllowedInputs inputs, received: ${inputs.size}")
+                )
+                throw NotaryInternalException(error)
+            }
+        }
+
        /**
         * Implement custom logic to perform transaction verification based on validity and privacy requirements.
         */