Dapp spamming eth_getCode

Question

Dapp spamming eth_getCode

DanielVF opened this issue 5 years ago · comments

I loaded up the shoporigin dapp on rinkeby, and it's spamming about one request a second to alchemy, doing a call to eth_getCode. Always for the same eth address.

Franck · Answer 1 · Fri Jan 03 2020 03:46:08 GMT+0800 (China Standard Time)

That's weird...
Any idea what this address is?
I don't see it in our config and etherscan doesn't show anything for it neither....

Daniel Von Fange · Answer 2 · Fri Jan 03 2020 04:54:29 GMT+0800 (China Standard Time)

I'm guessing it's a calculated proxy address for my new testing eth address, and there is not matching proxy. Total guess with no data.

Franck · Answer 3 · Fri Jan 03 2020 12:58:30 GMT+0800 (China Standard Time)

@nick or @mikeshultz Any idea what could be causing this?
Low priority since it is not eating much of our Alchemy quota at all.
But would still be interesting though to understand better what's going on in case it starts causing more trouble...

Mike Shultz · Answer 4 · Tue Jan 07 2020 02:54:51 GMT+0800 (China Standard Time)

@DanielVF probably hit the nail on the head. And "zero responses" are explicitly not cached because there were constant issues when proxy contracts were finally deployed and the dapp still falsely thinks it hasn't.

That said, that doesn't really mean the dapp needs to be polling this every second for new users. So perhaps that should still be investigated but these proxy checks are basically everywhere.

Ref:

https://github.com/OriginProtocol/origin/blob/master/packages/graphql/src/utils/proxy.js
https://github.com/OriginProtocol/origin/blob/master/packages/graphql/src/utils/memorize.js

Franck · Answer 5 · Tue Jan 07 2020 03:22:32 GMT+0800 (China Standard Time)

I wonder why we are not seeing the same behavior on Mainnet?

Mike Shultz · Answer 6 · Tue Jan 07 2020 03:26:13 GMT+0800 (China Standard Time)

Maybe the accounts/users in question already have proxies deployed.

Franck · Answer 7 · Tue Jan 07 2020 14:32:05 GMT+0800 (China Standard Time)

I'm seeing the same behavior on Mainnet. For my account 0x428A1442113e833134CC564599C39Ab309ed565D it is querying ethGetCode for address 0xbeb7d9fd59e142e284fe096091502b3feeb56459

Franck · Answer 8 · Tue Jan 07 2020 14:33:12 GMT+0800 (China Standard Time)

Bumped up the priority since it is not Rinkeby only and could ultimately lead to some queries getting rate limited by Alchemy.

Mike Shultz · Answer 9 · Tue Jan 07 2020 14:44:26 GMT+0800 (China Standard Time)

0xBEb7d9fD59e142e284fE096091502B3fEEb56459 is the predicted proxy address for 0x428A1442113e833134CC564599C39Ab309ed565D. It's some kind of identity query and you don't have a proxy yet.

Franck · Answer 10 · Tue Jan 07 2020 14:51:01 GMT+0800 (China Standard Time)

Yep. With the new identity implementation that does not require a blockchain write, most users won't have a proxy (until they make an offer or create a listing). So this will likely impact large majority of new users.

Shahul Hameed · Answer 11 · Wed Jan 08 2020 08:33:53 GMT+0800 (China Standard Time)

On the DApp, we poll the wallet query every second.

https://github.com/OriginProtocol/origin/blob/master/dapps/marketplace/src/hoc/withWallet.js#L11

The query also requests proxy address.

https://github.com/OriginProtocol/origin/blob/master/dapps/shop/src/queries/Wallet.js#L15

That's the reason getCode gets called every second.

Shahul Hameed · Answer 12 · Wed Jan 08 2020 08:36:18 GMT+0800 (China Standard Time)

I don't think MetaMask and a few other providers notify wallet address change through an event or subscription. That might be the reason polling was added. Not sure but @nick could confirm this.