release: draft release v1.2.9

.github/release.env

@@ -1,2 +1,2 @@
-MAINNET_FILE_URL="https://github.com/binance-chain/bsc/releases/latest/download/mainnet.zip"
-TESTNET_FILE_URL="https://github.com/binance-chain/bsc/releases/latest/download/testnet.zip"
+MAINNET_FILE_URL="https://github.com/bnb-chain/bsc/releases/latest/download/mainnet.zip"
+TESTNET_FILE_URL="https://github.com/bnb-chain/bsc/releases/latest/download/testnet.zip"

CHANGELOG.md

@@ -1,4 +1,8 @@
 # Changelog
+## v1.2.9
+FEATURE
+* [\#1775](https://github.com/bnb-chain/bsc/pull/1775) upgrade: several hardfork block height on mainnet: Plato, Hertz(Berlin, London)
+
 ## v1.2.8
 FEATURE
 * [\#1626](https://github.com/bnb-chain/bsc/pull/1626) eth/filters, ethclient/gethclient: add fullTx option to pending tx filter

SECURITY.md

@@ -2,21 +2,21 @@
 
 ## Supported Versions
 
-Please see [Releases](https://github.com/binance-chain/bsc/releases). We recommend using the [most recently released version](https://github.com/binance-chain/bsc/releases/latest).
+Please see [Releases](https://github.com/bnb-chain/bsc/releases). We recommend using the [most recently released version](https://github.com/bnb-chain/bsc/releases/latest).
 
 ## Audit reports
 
-Audit reports are published in the `docs` folder: https://github.com/binance-chain/bsc/tree/master/docs/audits 
+Audit reports are published in the `docs` folder: https://github.com/bnb-chain/bsc/tree/master/docs/audits
 
-| Scope | Date | Report Link |
-| ------- | ------- | ----------- |
+| Scope  | Date     | Report Link                                                                                              |
+| ------ | -------- | -------------------------------------------------------------------------------------------------------- |
 | `geth` | 20170425 | [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2017-04-25_Geth-audit_Truesec.pdf) |
-| `clef` | 20180914 | [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2018-09-14_Clef-audit_NCC.pdf) |
+| `clef` | 20180914 | [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2018-09-14_Clef-audit_NCC.pdf)     |
 
 ## Reporting a Vulnerability
 
 **Please do not file a public ticket** mentioning the vulnerability.
 
-To find out how to disclose a vulnerability in Ethereum visit [https://bugcrowd.com/binance](https://bugcrowd.com/binance) or email bounty@ethereum.org. Please read the [disclosure page](https://github.com/binance-chain/bsc/security/advisories) for more information about publicly disclosed security vulnerabilities.
+To find out how to disclose a vulnerability in Ethereum visit [https://bugcrowd.com/binance](https://bugcrowd.com/binance) or email bounty@ethereum.org. Please read the [disclosure page](https://github.com/bnb-chain/bsc/security/advisories) for more information about publicly disclosed security vulnerabilities.
 
 Use the built-in `geth version-check` feature to check whether the software is affected by any known vulnerability. This command will fetch the latest [`vulnerabilities.json`](https://geth.ethereum.org/docs/vulnerabilities/vulnerabilities.json) file which contains known security vulnerabilities concerning `geth`, and cross-check the data against its own version number.

cmd/bootnode/main.go

@@ -134,6 +134,7 @@ func main() {
 		PrivateKey:     nodeKey,
 		NetRestrict:    restrictList,
 		FilterFunction: filterFunction,
+		IsBootnode:     true,
 	}
 	if *runv5 {
 		if _, err := discover.ListenV5(conn, ln, cfg); err != nil {

consensus/parlia/parlia.go

@@ -67,7 +67,7 @@ const (
 
 	systemRewardPercent = 4 // it means 1/2^4 = 1/16 percentage of gas fee incoming will be distributed to system
 
-	collectAdditionalVotesRewardRatio = float64(1) // ratio of additional reward for collecting more votes than needed
+	collectAdditionalVotesRewardRatio = 100 // ratio of additional reward for collecting more votes than needed, the denominator is 100
 )
 
 var (
@@ -1027,7 +1027,7 @@ func (p *Parlia) distributeFinalityReward(chain consensus.ChainHeaderReader, sta
 		}
 		quorum := cmath.CeilDiv(len(snap.Validators)*2, 3)
 		if validVoteCount > quorum {
-			accumulatedWeights[head.Coinbase] += uint64(float64(validVoteCount-quorum) * collectAdditionalVotesRewardRatio)
+			accumulatedWeights[head.Coinbase] += uint64((validVoteCount - quorum) * collectAdditionalVotesRewardRatio / 100)
 		}
 	}
 
@@ -1788,7 +1788,7 @@ func encodeSigHeader(w io.Writer, header *types.Header, chainId *big.Int) {
 		header.GasLimit,
 		header.GasUsed,
 		header.Time,
-		header.Extra[:len(header.Extra)-65], // this will panic if extra is too short, should check before calling encodeSigHeader
+		header.Extra[:len(header.Extra)-extraSeal], // this will panic if extra is too short, should check before calling encodeSigHeader
 		header.MixDigest,
 		header.Nonce,
 	})

core/blockchain.go

@@ -529,7 +529,7 @@ func (bc *BlockChain) GetVMConfig() *vm.Config {
 
 func (bc *BlockChain) cacheReceipts(hash common.Hash, receipts types.Receipts) {
 	// TODO, This is a hot fix for the block hash of logs is `0x0000000000000000000000000000000000000000000000000000000000000000` for system tx
-	// Please check details in https://github.com/binance-chain/bsc/issues/443
+	// Please check details in https://github.com/bnb-chain/bsc/issues/443
 	// This is a temporary fix, the official fix should be a hard fork.
 	const possibleSystemReceipts = 3 // One slash tx, two reward distribute txs.
 	numOfReceipts := len(receipts)

core/tx_pool.go

@@ -727,7 +727,7 @@ func (pool *TxPool) add(tx *types.Transaction, local bool) (replaced bool, err e
 	// If the transaction is already known, discard it
 	hash := tx.Hash()
 	if pool.all.Get(hash) != nil {
-		//log.Trace("Discarding already known transaction", "hash", hash)
+		log.Trace("Discarding already known transaction", "hash", hash)
 		knownTxMeter.Mark(1)
 		return false, ErrAlreadyKnown
 	}
@@ -737,7 +737,7 @@ func (pool *TxPool) add(tx *types.Transaction, local bool) (replaced bool, err e
 
 	// If the transaction fails basic validation, discard it
 	if err := pool.validateTx(tx, isLocal); err != nil {
-		//log.Trace("Discarding invalid transaction", "hash", hash, "err", err)
+		log.Trace("Discarding invalid transaction", "hash", hash, "err", err)
 		invalidTxMeter.Mark(1)
 		return false, err
 	}
@@ -749,7 +749,7 @@ func (pool *TxPool) add(tx *types.Transaction, local bool) (replaced bool, err e
 	if uint64(pool.all.Slots()+numSlots(tx)) > pool.config.GlobalSlots+pool.config.GlobalQueue {
 		// If the new transaction is underpriced, don't accept it
 		if !isLocal && pool.priced.Underpriced(tx) {
-			//log.Trace("Discarding underpriced transaction", "hash", hash, "gasTipCap", tx.GasTipCap(), "gasFeeCap", tx.GasFeeCap())
+			log.Trace("Discarding underpriced transaction", "hash", hash, "gasTipCap", tx.GasTipCap(), "gasFeeCap", tx.GasFeeCap())
 			underpricedTxMeter.Mark(1)
 			return false, ErrUnderpriced
 		}
@@ -770,7 +770,7 @@ func (pool *TxPool) add(tx *types.Transaction, local bool) (replaced bool, err e
 
 		// Special case, we still can't make the room for the new remote one.
 		if !isLocal && !success {
-			//log.Trace("Discarding overflown transaction", "hash", hash)
+			log.Trace("Discarding overflown transaction", "hash", hash)
 			overflowedTxMeter.Mark(1)
 			return false, ErrTxPoolOverflow
 		}
@@ -797,7 +797,7 @@ func (pool *TxPool) add(tx *types.Transaction, local bool) (replaced bool, err e
 
 		// Kick out the underpriced remote transactions.
 		for _, tx := range drop {
-			//log.Trace("Discarding freshly underpriced transaction", "hash", tx.Hash(), "gasTipCap", tx.GasTipCap(), "gasFeeCap", tx.GasFeeCap())
+			log.Trace("Discarding freshly underpriced transaction", "hash", tx.Hash(), "gasTipCap", tx.GasTipCap(), "gasFeeCap", tx.GasFeeCap())
 			underpricedTxMeter.Mark(1)
 			dropped := pool.removeTx(tx.Hash(), false)
 			pool.changesSinceReorg += dropped
@@ -822,7 +822,7 @@ func (pool *TxPool) add(tx *types.Transaction, local bool) (replaced bool, err e
 		pool.priced.Put(tx, isLocal)
 		pool.journalTx(from, tx)
 		pool.queueTxEvent(tx)
-		//log.Trace("Pooled new executable transaction", "hash", hash, "from", from, "to", tx.To())
+		log.Trace("Pooled new executable transaction", "hash", hash, "from", from, "to", tx.To())
 
 		// Successful promotion, bump the heartbeat
 		pool.beats[from] = time.Now()
@@ -844,7 +844,7 @@ func (pool *TxPool) add(tx *types.Transaction, local bool) (replaced bool, err e
 	}
 	pool.journalTx(from, tx)
 
-	//log.Trace("Pooled new future transaction", "hash", hash, "from", from, "to", tx.To())
+	log.Trace("Pooled new future transaction", "hash", hash, "from", from, "to", tx.To())
 	return replaced, nil
 }
 

docker/Dockerfile

@@ -16,7 +16,7 @@ FROM ethereum/solc:0.6.4-alpine as bsc-genesis
 
 RUN apk add --no-cache ca-certificates npm nodejs bash alpine-sdk expect
 
-RUN git clone https://github.com/binance-chain/bsc-genesis-contract.git /root/genesis \
+RUN git clone https://github.com/bnb-chain/bsc-genesis-contract.git /root/genesis \
     && cd /root/genesis && npm install
 
 COPY docker/init_holders.template /root/genesis/init_holders.template

docker/Dockerfile.truffle

@@ -2,7 +2,7 @@ FROM ethereum/solc:0.6.4-alpine
 
 RUN apk add --no-cache ca-certificates npm nodejs bash alpine-sdk git
 
-RUN git clone https://github.com/binance-chain/canonical-upgradeable-bep20.git /usr/app/canonical-upgradeable-bep20
+RUN git clone https://github.com/bnb-chain/canonical-upgradeable-bep20.git /usr/app/canonical-upgradeable-bep20
 
 WORKDIR /usr/app/canonical-upgradeable-bep20
 COPY docker/truffle-config.js /usr/app/canonical-upgradeable-bep20

eth/handler.go

@@ -944,6 +944,8 @@ func (h *handler) voteBroadcastLoop() {
 	for {
 		select {
 		case event := <-h.voteCh:
+			// The timeliness of votes is very important,
+			// so one vote will be sent instantly without waiting for other votes for batch sending by design.
 			h.BroadcastVote(event.Vote)
 		case <-h.votesSub.Err():
 			return

eth/handler_bsc.go

@@ -61,9 +61,15 @@ func (h *bscHandler) Handle(peer *bsc.Peer, packet bsc.Packet) error {
 // handleVotesBroadcast is invoked from a peer's message handler when it transmits a
 // votes broadcast for the local node to process.
 func (h *bscHandler) handleVotesBroadcast(peer *bsc.Peer, votes []*types.VoteEnvelope) error {
-	// Try to put votes into votepool
-	for _, vote := range votes {
-		h.votepool.PutVote(vote)
+	if peer.IsOverLimitAfterReceiving() {
+		peer.Log().Warn("peer sending votes too much, votes dropped; it may be a ddos attack, please check!")
+		return nil
 	}
+	// Here we only put the first vote, to avoid ddos attack by sending a large batch of votes.
+	// This won't abandon any valid vote, because one vote is sent every time referring to func voteBroadcastLoop
+	if len(votes) > 0 {
+		h.votepool.PutVote(votes[0])
+	}
+
 	return nil
 }

eth/protocols/bsc/peer.go

@@ -1,6 +1,8 @@
 package bsc
 
 import (
+	"time"
+
 	mapset "github.com/deckarep/golang-set"
 
 	"github.com/ethereum/go-ethereum/common"
@@ -16,6 +18,15 @@ const (
 
 	// voteBufferSize is the maximum number of batch votes can be hold before sending
 	voteBufferSize = 21 * 2
+
+	// used to avoid of DDOS attack
+	// It's the max number of received votes per second from one peer
+	// 21 validators exist now, so 21 votes will be produced every one block interval
+	// so the limit is 7 = 21/3, here set it to 10 with a buffer.
+	receiveRateLimitPerSecond = 10
+
+	// the time span of one period
+	secondsPerPeriod = float64(10)
 )
 
 // max is a helper function which returns the larger of the two given integers.
@@ -31,6 +42,8 @@ type Peer struct {
 	id            string                     // Unique ID for the peer, cached
 	knownVotes    *knownCache                // Set of vote hashes known to be known by this peer
 	voteBroadcast chan []*types.VoteEnvelope // Channel used to queue votes propagation requests
+	periodBegin   time.Time                  // Begin time of the latest period for votes counting
+	periodCounter uint                       // Votes number in the latest period
 
 	*p2p.Peer                   // The embedded P2P package peer
 	rw        p2p.MsgReadWriter // Input/output streams for bsc
@@ -47,6 +60,8 @@ func NewPeer(version uint, p *p2p.Peer, rw p2p.MsgReadWriter) *Peer {
 		id:            id,
 		knownVotes:    newKnownCache(maxKnownVotes),
 		voteBroadcast: make(chan []*types.VoteEnvelope, voteBufferSize),
+		periodBegin:   time.Now(),
+		periodCounter: 0,
 		Peer:          p,
 		rw:            rw,
 		version:       version,
@@ -114,6 +129,18 @@ func (p *Peer) AsyncSendVotes(votes []*types.VoteEnvelope) {
 	}
 }
 
+// Step into the next period when secondsPerPeriod seconds passed,
+// Otherwise, check whether the number of received votes extra (secondsPerPeriod * receiveRateLimitPerSecond)
+func (p *Peer) IsOverLimitAfterReceiving() bool {
+	if timeInterval := time.Since(p.periodBegin).Seconds(); timeInterval >= secondsPerPeriod {
+		p.periodBegin = time.Now()
+		p.periodCounter = 0
+		return false
+	}
+	p.periodCounter += 1
+	return p.periodCounter > uint(secondsPerPeriod*receiveRateLimitPerSecond)
+}
+
 // broadcastVotes is a write loop that schedules votes broadcasts
 // to the remote peer. The goal is to have an async writer that does not lock up
 // node internals and at the same time rate limits queued data.

eth/tracers/api.go

@@ -908,6 +908,8 @@ func (api *API) traceTx(ctx context.Context, message core.Message, txctx *Contex
 			return nil, err
 		}
 	}
+	vmenv := vm.NewEVM(vmctx, txContext, statedb, api.backend.ChainConfig(), vm.Config{Debug: true, Tracer: tracer, NoBaseFee: true})
+
 	// Define a meaningful timeout of a single transaction trace
 	if config.Timeout != nil {
 		if timeout, err = time.ParseDuration(*config.Timeout); err != nil {
@@ -919,13 +921,13 @@ func (api *API) traceTx(ctx context.Context, message core.Message, txctx *Contex
 		<-deadlineCtx.Done()
 		if errors.Is(deadlineCtx.Err(), context.DeadlineExceeded) {
 			tracer.Stop(errors.New("execution timeout"))
+			// Stop evm execution. Note cancellation is not necessarily immediate.
+			vmenv.Cancel()
 		}
 	}()
 	defer cancel()
 
 	// Run the transaction with tracing enabled.
-	vmenv := vm.NewEVM(vmctx, txContext, statedb, api.backend.ChainConfig(), vm.Config{Debug: true, Tracer: tracer, NoBaseFee: true})
-
 	if posa, ok := api.backend.Engine().(consensus.PoSA); ok && message.From() == vmctx.Coinbase &&
 		posa.IsSystemContract(message.To()) && message.GasPrice().Cmp(big.NewInt(0)) == 0 {
 		balance := statedb.GetBalance(consensus.SystemAddress)

eth/tracers/logger/logger.go

@@ -150,7 +150,6 @@ func (l *StructLogger) CaptureStart(env *vm.EVM, from common.Address, to common.
 func (l *StructLogger) CaptureState(pc uint64, op vm.OpCode, gas, cost uint64, scope *vm.ScopeContext, rData []byte, depth int, err error) {
 	// If tracing was interrupted, set the error and stop
 	if atomic.LoadUint32(&l.interrupt) > 0 {
-		l.env.Cancel()
 		return
 	}
 	// check if already accumulated the specified number of logs

eth/tracers/native/4byte.go

@@ -46,7 +46,6 @@ func init() {
 //	  0xc281d19e-0: 1
 //	}
 type fourByteTracer struct {
-	env               *vm.EVM
 	ids               map[string]int   // ids aggregates the 4byte ids found
 	interrupt         uint32           // Atomic flag to signal execution interruption
 	reason            error            // Textual reason for the interruption
@@ -80,8 +79,6 @@ func (t *fourByteTracer) store(id []byte, size int) {
 
 // CaptureStart implements the EVMLogger interface to initialize the tracing operation.
 func (t *fourByteTracer) CaptureStart(env *vm.EVM, from common.Address, to common.Address, create bool, input []byte, gas uint64, value *big.Int) {
-	t.env = env
-
 	// Update list of precompiles based on current block
 	rules := env.ChainConfig().Rules(env.Context.BlockNumber, env.Context.Random != nil)
 	t.activePrecompiles = vm.ActivePrecompiles(rules)
@@ -100,7 +97,6 @@ func (t *fourByteTracer) CaptureState(pc uint64, op vm.OpCode, gas, cost uint64,
 func (t *fourByteTracer) CaptureEnter(op vm.OpCode, from common.Address, to common.Address, input []byte, gas uint64, value *big.Int) {
 	// Skip if tracing was interrupted
 	if atomic.LoadUint32(&t.interrupt) > 0 {
-		t.env.Cancel()
 		return
 	}
 	if len(input) < 4 {