Gas fees for gno.land versus transaction for calls to Render(path string)
#947
Comments
|
The direct answer to the question is that there is a way to call Render without using gas (after all, gnoweb is in essence a frontend to the RPC API). The logic is in handleRealmRender, but in essence, we can do this: One key difference (AFAIK, either current or desired) between Render and a tx call is that Render cannot modify state when called outside a transaction. So this makes the whole content of a realm's state read-only. And currently a call to Render still "uses" gas in terms of CPU cycles that need to be run on one node, which does open up a possibility for abuse if the Render function does more than a simple markdown rendering of content but requires instead complex computation. The same could be said about vm/qeval, which kind of allows to do the same thing. Seeing as these are essentially public API calls, potentially exploitable, we'll probably need to figure out a good strategy before mainnet. Related: #649 |
|
Thanks @thehowl, that is super helpful. I was thinking of prototyping a Gno-backed database, using the smart-contract to store data but utilizing the gas-free reads. The gas-free reading in that is really nice. As a manner of exploits, it is less nice - one could make a realm that just causes CPU overruns and hits allocation limits: package crash
func Render(p string) string {
s := ""
if p == "cpuoverrun" {
for {
}
} else if p == "allocationlimit" {
for {
s += "z"
}
}
return s
}which is easily spammed from gno.land. The exploit itself is annoying, but, to me, the main issue it brings is the level of allocation limit and level CPU overrun and the tradeoff with normal code. Currently the Gno limits seem reasonable as protection, but I have run up against them already once or twice with normal code. I don't know how it could be done, but I wish there was a way to have higher limits for "safe" code and tighter limits on "dubious"/"exploitive" code. |
Well, it's hard to do. Probably things which are "expensive" to generate (like bytebeat audio) should be generated by the author (or by a paying tx, anyway), and instead public RPC calls follow the normal path for web2 like I suggested on #649: rate limiting.
|
This realm implements the `avl.Tree` as a user-addressable key-store. I wanted to have this realm to possibly use `gno.land` as a database where writes may cost gnots but reads are free because they can be performed through `Render` (related discussion: #947). As a nice additional feature it provides a UI for the database (through `gno.land`). Data can be set/removed if the caller is the same as the owner of the key-store (i.e. only owner's have write-access). For example: ```bash # Set key,value for user at YOURKEY (write-protected) gnokey maketx call --pkgpath "gno.land/r/demo/keystore" \ --func "Set" --args "hello" --args "world" \ --gas-fee "1000000ugnot" --gas-wanted "8000000" \ --broadcast --chainid dev --remote localhost:26657 YOURKEY ``` ```bash # Remove key for user at YOURKEY (write-protected) gnokey maketx call --pkgpath "gno.land/r/demo/keystore" \ --func "Remove" --args "hello" \ --gas-fee "1000000ugnot" --gas-wanted "8000000" \ --broadcast --chainid dev --remote localhost:26657 YOURKEY ``` ```bash # Get key gnokey maketx call --pkgpath "gno.land/r/demo/keystore" \ --func "Get" --args "hello" \ --gas-fee "1000000ugnot" --gas-wanted "8000000" \ --broadcast --chainid dev --remote localhost:26657 YOURKEY ``` All data is public and accessible as read-only from any user, as well as from gno.land. The main page lists all the available databases by owner (`/r/demo/keystore`):  Clicking on a user will show all the keys in their key-store (`/r/demo/keystore:USER`):  And the key values are accessible as well (`r/demo/keystore:USER:get:KEY`)  ## Contributors Checklist - [x] Added new tests, or not needed, or not feasible - [x] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [x] Updated the official documentation or not needed - [x] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [x] Added references to related issues and PRs - [x] Provided any useful hints for running manual tests - [x] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](../.benchmarks/README.md). ## Maintainers Checklist - [ ] Checked that the author followed the guidelines in `CONTRIBUTING.md` - [ ] Checked the conventional-commit (especially PR title and verb, presence of `BREAKING CHANGE:` in the body) - [ ] Ensured that this PR is not a significant change or confirmed that the review/consideration process was appropriate for the change --------- Co-authored-by: Manfred Touron <[email protected]>
|
Related: #1523 TL:DR any exported function will use gas if called with |
When browsing gno.land realms, the realms are essentially calling the
Render(path string)function based on a path in the browser, e.g.: https://test3.gno.land/r/demo/users calls this function.The same thing can be done on the command line, but in this case it will require using Gas:
Is there a command-line way of calling the specific
Render(path string)function without having to have a Gas fee? Otherwise it seems like it might be viable for someone to make gas-free API calls to gno.land and parse the returned HTML for the response. Or, in the future, is it that the gno.land browsing will require gas?The text was updated successfully, but these errors were encountered: