@aztec/p2p 0.53.0 → 0.55.0

package/src/config.ts

@@ -6,10 +6,12 @@ import {
   pickConfigMappings,
 } from '@aztec/foundation/config';
 
+import { type P2PReqRespConfig, p2pReqRespConfigMappings } from './service/reqresp/config.js';
+
 /**
  * P2P client configuration values.
  */
-export interface P2PConfig {
+export interface P2PConfig extends P2PReqRespConfig {
   /**
    * A flag dictating whether the P2P subsystem should be enabled.
    */
@@ -170,6 +172,7 @@ export const p2pConfigMappings: ConfigMappingsType<P2PConfig> = {
       'How many blocks have to pass after a block is proven before its txs are deleted (zero to delete immediately once proven)',
     ...numberConfigHelper(0),
   },
+  ...p2pReqRespConfigMappings,
 };
 
 /**

package/src/errors/reqresp.error.ts

@@ -0,0 +1,21 @@
+/** Individual request timeout error
+ *
+ * This error will be thrown when a request to a specific peer times out.
+ * @category Errors
+ */
+export class IndiviualReqRespTimeoutError extends Error {
+  constructor() {
+    super(`Request to peer timed out`);
+  }
+}
+
+/** Collective request timeout error
+ *
+ * This error will be thrown when a req resp request times out regardless of the peer.
+ * @category Errors
+ */
+export class CollectiveReqRespTimeoutError extends Error {
+  constructor() {
+    super(`Request to all peers timed out`);
+  }
+}

package/src/mocks/index.ts

@@ -4,6 +4,7 @@ import { bootstrap } from '@libp2p/bootstrap';
 import { tcp } from '@libp2p/tcp';
 import { type Libp2p, type Libp2pOptions, createLibp2p } from 'libp2p';
 
+import { type P2PReqRespConfig } from '../service/reqresp/config.js';
 import { pingHandler, statusHandler } from '../service/reqresp/handlers.js';
 import {
   PING_PROTOCOL,
@@ -80,7 +81,11 @@ export const stopNodes = async (nodes: ReqRespNode[]): Promise<void> => {
 // Create a req resp node, exposing the underlying p2p node
 export const createReqResp = async (): Promise<ReqRespNode> => {
   const p2p = await createLibp2pNode();
-  const req = new ReqResp(p2p);
+  const config: P2PReqRespConfig = {
+    overallRequestTimeoutMs: 4000,
+    individualRequestTimeoutMs: 2000,
+  };
+  const req = new ReqResp(config, p2p);
   return {
     p2p,
     req,

package/src/service/libp2p_service.ts

@@ -94,7 +94,7 @@ export class LibP2PService implements P2PService {
     private logger = createDebugLogger('aztec:libp2p_service'),
   ) {
     this.peerManager = new PeerManager(node, peerDiscoveryService, config, logger);
-    this.reqresp = new ReqResp(node);
+    this.reqresp = new ReqResp(config, node);
 
     this.blockReceivedCallback = (block: BlockProposal): Promise<BlockAttestation | undefined> => {
       this.logger.verbose(
@@ -390,7 +390,7 @@ export class LibP2PService implements P2PService {
     this.logger.verbose(`Sending message ${identifier} to peers`);
 
     const recipientsNum = await this.publishToTopic(parent.p2pTopic, message.toBuffer());
-    this.logger.verbose(`Sent tx ${identifier} to ${recipientsNum} peers`);
+    this.logger.verbose(`Sent message ${identifier} to ${recipientsNum} peers`);
   }
 
   // Libp2p seems to hang sometimes if new peers are initiating connections.

package/src/service/reqresp/config.ts

@@ -0,0 +1,35 @@
+import { type ConfigMapping, numberConfigHelper } from '@aztec/foundation/config';
+
+export const DEFAULT_INDIVIDUAL_REQUEST_TIMEOUT_MS = 2000;
+export const DEFAULT_OVERALL_REQUEST_TIMEOUT_MS = 4000;
+
+// For use in tests.
+export const DEFAULT_P2P_REQRESP_CONFIG: P2PReqRespConfig = {
+  overallRequestTimeoutMs: DEFAULT_OVERALL_REQUEST_TIMEOUT_MS,
+  individualRequestTimeoutMs: DEFAULT_INDIVIDUAL_REQUEST_TIMEOUT_MS,
+};
+
+export interface P2PReqRespConfig {
+  /**
+   * The overall timeout for a request response operation.
+   */
+  overallRequestTimeoutMs: number;
+
+  /**
+   * The timeout for an individual request response peer interaction.
+   */
+  individualRequestTimeoutMs: number;
+}
+
+export const p2pReqRespConfigMappings: Record<keyof P2PReqRespConfig, ConfigMapping> = {
+  overallRequestTimeoutMs: {
+    env: 'P2P_REQRESP_OVERALL_REQUEST_TIMEOUT_MS',
+    description: 'The overall timeout for a request response operation.',
+    ...numberConfigHelper(DEFAULT_OVERALL_REQUEST_TIMEOUT_MS),
+  },
+  individualRequestTimeoutMs: {
+    env: 'P2P_REQRESP_INDIVIDUAL_REQUEST_TIMEOUT_MS',
+    description: 'The timeout for an individual request response peer interaction.',
+    ...numberConfigHelper(DEFAULT_INDIVIDUAL_REQUEST_TIMEOUT_MS),
+  },
+};

package/src/service/reqresp/interface.ts

@@ -3,9 +3,9 @@ import { Tx, TxHash } from '@aztec/circuit-types';
 /*
  * Request Response Sub Protocols
  */
-export const PING_PROTOCOL = '/aztec/ping/0.1.0';
-export const STATUS_PROTOCOL = '/aztec/status/0.1.0';
-export const TX_REQ_PROTOCOL = '/aztec/tx_req/0.1.0';
+export const PING_PROTOCOL = '/aztec/req/ping/0.1.0';
+export const STATUS_PROTOCOL = '/aztec/req/status/0.1.0';
+export const TX_REQ_PROTOCOL = '/aztec/req/tx/0.1.0';
 
 // Sum type for sub protocols
 export type ReqRespSubProtocol = typeof PING_PROTOCOL | typeof STATUS_PROTOCOL | typeof TX_REQ_PROTOCOL;
@@ -16,6 +16,36 @@ export type ReqRespSubProtocol = typeof PING_PROTOCOL | typeof STATUS_PROTOCOL |
  */
 export type ReqRespSubProtocolHandler = (msg: Buffer) => Promise<Uint8Array>;
 
+/**
+ * A type mapping from supprotocol to it's rate limits
+ */
+export type ReqRespSubProtocolRateLimits = Record<ReqRespSubProtocol, ProtocolRateLimitQuota>;
+
+/**
+ * A rate limit quota
+ */
+export interface RateLimitQuota {
+  /**
+   * The time window in ms
+   */
+  quotaTimeMs: number;
+  /**
+   * The number of requests allowed within the time window
+   */
+  quotaCount: number;
+}
+
+export interface ProtocolRateLimitQuota {
+  /**
+   * The rate limit quota for a single peer
+   */
+  peerLimit: RateLimitQuota;
+  /**
+   * The rate limit quota for the global peer set
+   */
+  globalLimit: RateLimitQuota;
+}
+
 /**
  * A type mapping from supprotocol to it's handling funciton
  */

package/src/service/reqresp/rate_limiter/index.ts

@@ -0,0 +1 @@
+export { RequestResponseRateLimiter } from './rate_limiter.js';

package/src/service/reqresp/rate_limiter/rate_limiter.ts

@@ -0,0 +1,198 @@
+/**
+ * @attribution Rate limiter approach implemented in the lodestar ethereum 2 client.
+ * Rationale is that if it was good enough for them, then it should be good enough for us.
+ * https://github.com/ChainSafe/lodestar
+ */
+import { type PeerId } from '@libp2p/interface';
+
+import { type ReqRespSubProtocol, type ReqRespSubProtocolRateLimits } from '../interface.js';
+import { DEFAULT_RATE_LIMITS } from './rate_limits.js';
+
+// Check for disconnected peers every 10 minutes
+const CHECK_DISCONNECTED_PEERS_INTERVAL_MS = 10 * 60 * 1000;
+
+/**
+ * GCRARateLimiter: A Generic Cell Rate Algorithm (GCRA) based rate limiter.
+ *
+ * How it works:
+ * 1. The rate limiter allows a certain number of operations (quotaCount) within a specified
+ *    time interval (quotaTimeMs).
+ * 2. It uses a "virtual scheduling time" (VST) to determine when the next operation should be allowed.
+ * 3. When an operation is requested, the limiter checks if enough time has passed since the last
+ *    allowed operation.
+ * 4. If sufficient time has passed, the operation is allowed, and the VST is updated.
+ * 5. If not enough time has passed, the operation is denied.
+ *
+ * The limiter also allows for short bursts of activity, as long as the overall rate doesn't exceed
+ * the specified quota over time.
+ *
+ * Usage example:
+ * ```
+ * const limiter = new GCRARateLimiter(100, 60000); // 100 operations per minute
+ * ```
+ */
+export class GCRARateLimiter {
+  // Virtual scheduling time: i.e. the time at which we should allow the next request
+  private vst: number;
+  // The interval at which we emit a new token
+  private readonly emissionInterval: number;
+  // The interval over which we limit the number of requests
+  private readonly limitInterval: number;
+
+  /**
+   * @param quotaCount - The number of requests to allow over the limit interval
+   * @param quotaTimeMs - The time interval over which the quotaCount applies
+   */
+  constructor(quotaCount: number, quotaTimeMs: number) {
+    this.emissionInterval = quotaTimeMs / quotaCount;
+    this.limitInterval = quotaTimeMs;
+    this.vst = Date.now();
+  }
+
+  allow(): boolean {
+    const now = Date.now();
+
+    const newVst = Math.max(this.vst, now) + this.emissionInterval;
+    if (newVst - now <= this.limitInterval) {
+      this.vst = newVst;
+      return true;
+    }
+
+    return false;
+  }
+}
+
+interface PeerRateLimiter {
+  // The rate limiter for this peer
+  limiter: GCRARateLimiter;
+  // The last time the peer was accessed - used to determine if the peer is still connected
+  lastAccess: number;
+}
+
+/**
+ * SubProtocolRateLimiter: A rate limiter for managing request rates on a per-peer and global basis for a specific subprotocol.
+ *
+ * This class provides a two-tier rate limiting system:
+ * 1. A global rate limit for all requests across all peers for this subprotocol.
+ * 2. Individual rate limits for each peer.
+ *
+ * How it works:
+ * - When a request comes in, it first checks against the global rate limit.
+ * - If the global limit allows, it then checks against the specific peer's rate limit.
+ * - The request is only allowed if both the global and peer-specific limits allow it.
+ * - It automatically creates and manages rate limiters for new peers as they make requests.
+ * - It periodically cleans up rate limiters for inactive peers to conserve memory.
+ *
+ * Note: Remember to call `start()` to begin the cleanup process and `stop()` when shutting down to clear the cleanup interval.
+ */
+export class SubProtocolRateLimiter {
+  private peerLimiters: Map<string, PeerRateLimiter> = new Map();
+  private globalLimiter: GCRARateLimiter;
+  private readonly peerQuotaCount: number;
+  private readonly peerQuotaTimeMs: number;
+
+  constructor(peerQuotaCount: number, peerQuotaTimeMs: number, globalQuotaCount: number, globalQuotaTimeMs: number) {
+    this.peerLimiters = new Map();
+    this.globalLimiter = new GCRARateLimiter(globalQuotaCount, globalQuotaTimeMs);
+    this.peerQuotaCount = peerQuotaCount;
+    this.peerQuotaTimeMs = peerQuotaTimeMs;
+  }
+
+  allow(peerId: PeerId): boolean {
+    if (!this.globalLimiter.allow()) {
+      return false;
+    }
+
+    const peerIdStr = peerId.toString();
+    let peerLimiter: PeerRateLimiter | undefined = this.peerLimiters.get(peerIdStr);
+    if (!peerLimiter) {
+      // Create a limiter for this peer
+      peerLimiter = {
+        limiter: new GCRARateLimiter(this.peerQuotaCount, this.peerQuotaTimeMs),
+        lastAccess: Date.now(),
+      };
+      this.peerLimiters.set(peerIdStr, peerLimiter);
+    } else {
+      peerLimiter.lastAccess = Date.now();
+    }
+    return peerLimiter.limiter.allow();
+  }
+
+  cleanupInactivePeers() {
+    const now = Date.now();
+    this.peerLimiters.forEach((peerLimiter, peerId) => {
+      if (now - peerLimiter.lastAccess > CHECK_DISCONNECTED_PEERS_INTERVAL_MS) {
+        this.peerLimiters.delete(peerId);
+      }
+    });
+  }
+}
+
+/**
+ * RequestResponseRateLimiter.
+ *
+ * A rate limiter that is protocol aware, then peer aware.
+ * SubProtocols can have their own global / peer level rate limits.
+ *
+ * How it works:
+ * - Initializes with a set of rate limit configurations for different subprotocols.
+ * - Creates a separate SubProtocolRateLimiter for each configured subprotocol.
+ * - When a request comes in, it routes the rate limiting decision to the appropriate subprotocol limiter.
+ *
+ * Usage:
+ * ```
+ * const rateLimits = {
+ *   subprotocol1: { peerLimit: { quotaCount: 10, quotaTimeMs: 1000 }, globalLimit: { quotaCount: 100, quotaTimeMs: 1000 } },
+ *   subprotocol2: { peerLimit: { quotaCount: 5, quotaTimeMs: 1000 }, globalLimit: { quotaCount: 50, quotaTimeMs: 1000 } }
+ * };
+ * const limiter = new RequestResponseRateLimiter(rateLimits);
+ *
+ * Note: Ensure to call `stop()` when shutting down to properly clean up all subprotocol limiters.
+ */
+export class RequestResponseRateLimiter {
+  private subProtocolRateLimiters: Map<ReqRespSubProtocol, SubProtocolRateLimiter>;
+
+  private cleanupInterval: NodeJS.Timeout | undefined = undefined;
+
+  constructor(rateLimits: ReqRespSubProtocolRateLimits = DEFAULT_RATE_LIMITS) {
+    this.subProtocolRateLimiters = new Map();
+
+    for (const [subProtocol, protocolLimits] of Object.entries(rateLimits)) {
+      this.subProtocolRateLimiters.set(
+        subProtocol as ReqRespSubProtocol,
+        new SubProtocolRateLimiter(
+          protocolLimits.peerLimit.quotaCount,
+          protocolLimits.peerLimit.quotaTimeMs,
+          protocolLimits.globalLimit.quotaCount,
+          protocolLimits.globalLimit.quotaTimeMs,
+        ),
+      );
+    }
+  }
+
+  start() {
+    this.cleanupInterval = setInterval(() => {
+      this.cleanupInactivePeers();
+    }, CHECK_DISCONNECTED_PEERS_INTERVAL_MS);
+  }
+
+  allow(subProtocol: ReqRespSubProtocol, peerId: PeerId): boolean {
+    const limiter = this.subProtocolRateLimiters.get(subProtocol);
+    if (!limiter) {
+      // TODO: maybe throw an error here if no rate limiter is configured?
+      return true;
+    }
+    return limiter.allow(peerId);
+  }
+
+  cleanupInactivePeers() {
+    this.subProtocolRateLimiters.forEach(limiter => limiter.cleanupInactivePeers());
+  }
+
+  /**
+   * Make sure to call destroy on each of the sub protocol rate limiters when cleaning up
+   */
+  stop() {
+    clearInterval(this.cleanupInterval);
+  }
+}

package/src/service/reqresp/rate_limiter/rate_limits.ts

@@ -0,0 +1,35 @@
+import { PING_PROTOCOL, type ReqRespSubProtocolRateLimits, STATUS_PROTOCOL, TX_REQ_PROTOCOL } from '../interface.js';
+
+// TODO(md): these defaults need to be tuned
+export const DEFAULT_RATE_LIMITS: ReqRespSubProtocolRateLimits = {
+  [PING_PROTOCOL]: {
+    peerLimit: {
+      quotaTimeMs: 1000,
+      quotaCount: 5,
+    },
+    globalLimit: {
+      quotaTimeMs: 1000,
+      quotaCount: 10,
+    },
+  },
+  [STATUS_PROTOCOL]: {
+    peerLimit: {
+      quotaTimeMs: 1000,
+      quotaCount: 5,
+    },
+    globalLimit: {
+      quotaTimeMs: 1000,
+      quotaCount: 10,
+    },
+  },
+  [TX_REQ_PROTOCOL]: {
+    peerLimit: {
+      quotaTimeMs: 1000,
+      quotaCount: 5,
+    },
+    globalLimit: {
+      quotaTimeMs: 1000,
+      quotaCount: 10,
+    },
+  },
+};

package/src/service/reqresp/reqresp.ts

@@ -1,16 +1,20 @@
 // @attribution: lodestar impl for inspiration
 import { type Logger, createDebugLogger } from '@aztec/foundation/log';
+import { executeTimeoutWithCustomError } from '@aztec/foundation/timer';
 
-import { type IncomingStreamData, type PeerId } from '@libp2p/interface';
+import { type IncomingStreamData, type PeerId, type Stream } from '@libp2p/interface';
 import { pipe } from 'it-pipe';
 import { type Libp2p } from 'libp2p';
 import { type Uint8ArrayList } from 'uint8arraylist';
 
+import { CollectiveReqRespTimeoutError, IndiviualReqRespTimeoutError } from '../../errors/reqresp.error.js';
+import { type P2PReqRespConfig } from './config.js';
 import {
   DEFAULT_SUB_PROTOCOL_HANDLERS,
   type ReqRespSubProtocol,
   type ReqRespSubProtocolHandlers,
 } from './interface.js';
+import { RequestResponseRateLimiter } from './rate_limiter/rate_limiter.js';
 
 /**
  * The Request Response Service
@@ -28,10 +32,19 @@ export class ReqResp {
 
   private abortController: AbortController = new AbortController();
 
+  private overallRequestTimeoutMs: number;
+  private individualRequestTimeoutMs: number;
+
   private subProtocolHandlers: ReqRespSubProtocolHandlers = DEFAULT_SUB_PROTOCOL_HANDLERS;
+  private rateLimiter: RequestResponseRateLimiter;
 
-  constructor(protected readonly libp2p: Libp2p) {
+  constructor(config: P2PReqRespConfig, protected readonly libp2p: Libp2p) {
     this.logger = createDebugLogger('aztec:p2p:reqresp');
+
+    this.overallRequestTimeoutMs = config.overallRequestTimeoutMs;
+    this.individualRequestTimeoutMs = config.individualRequestTimeoutMs;
+
+    this.rateLimiter = new RequestResponseRateLimiter();
   }
 
   /**
@@ -43,6 +56,7 @@ export class ReqResp {
     for (const subProtocol of Object.keys(this.subProtocolHandlers)) {
       await this.libp2p.handle(subProtocol, this.streamHandler.bind(this, subProtocol as ReqRespSubProtocol));
     }
+    this.rateLimiter.start();
   }
 
   /**
@@ -53,6 +67,7 @@ export class ReqResp {
     for (const protocol of Object.keys(this.subProtocolHandlers)) {
       await this.libp2p.unhandle(protocol);
     }
+    this.rateLimiter.stop();
     await this.libp2p.stop();
     this.abortController.abort();
   }
@@ -65,20 +80,33 @@ export class ReqResp {
    * @returns - The response from the peer, otherwise undefined
    */
   async sendRequest(subProtocol: ReqRespSubProtocol, payload: Buffer): Promise<Buffer | undefined> {
-    // Get active peers
-    const peers = this.libp2p.getPeers();
-
-    // Attempt to ask all of our peers
-    for (const peer of peers) {
-      const response = await this.sendRequestToPeer(peer, subProtocol, payload);
-
-      // If we get a response, return it, otherwise we iterate onto the next peer
-      // We do not consider it a success if we have an empty buffer
-      if (response && response.length > 0) {
-        return response;
+    const requestFunction = async () => {
+      // Get active peers
+      const peers = this.libp2p.getPeers();
+
+      // Attempt to ask all of our peers
+      for (const peer of peers) {
+        const response = await this.sendRequestToPeer(peer, subProtocol, payload);
+
+        // If we get a response, return it, otherwise we iterate onto the next peer
+        // We do not consider it a success if we have an empty buffer
+        if (response && response.length > 0) {
+          return response;
+        }
       }
+      return undefined;
+    };
+
+    try {
+      return await executeTimeoutWithCustomError<Buffer | undefined>(
+        requestFunction,
+        this.overallRequestTimeoutMs,
+        () => new CollectiveReqRespTimeoutError(),
+      );
+    } catch (e: any) {
+      this.logger.error(`${e.message} | subProtocol: ${subProtocol}`);
+      return undefined;
     }
-    return undefined;
   }
 
   /**
@@ -94,15 +122,37 @@ export class ReqResp {
     subProtocol: ReqRespSubProtocol,
     payload: Buffer,
   ): Promise<Buffer | undefined> {
+    let stream: Stream | undefined;
     try {
-      const stream = await this.libp2p.dialProtocol(peerId, subProtocol);
+      stream = await this.libp2p.dialProtocol(peerId, subProtocol);
+
+      this.logger.debug(`Stream opened with ${peerId.toString()} for ${subProtocol}`);
+
+      const result = await executeTimeoutWithCustomError<Buffer>(
+        (): Promise<Buffer> => pipe([payload], stream!, this.readMessage),
+        this.individualRequestTimeoutMs,
+        () => new IndiviualReqRespTimeoutError(),
+      );
+
+      await stream.close();
+      this.logger.debug(`Stream closed with ${peerId.toString()} for ${subProtocol}`);
 
-      const result = await pipe([payload], stream, this.readMessage);
       return result;
-    } catch (e) {
-      this.logger.warn(`Failed to send request to peer ${peerId.publicKey}`);
-      return undefined;
+    } catch (e: any) {
+      this.logger.error(`${e.message} | peerId: ${peerId.toString()} | subProtocol: ${subProtocol}`);
+    } finally {
+      if (stream) {
+        try {
+          await stream.close();
+          this.logger.debug(`Stream closed with ${peerId.toString()} for ${subProtocol}`);
+        } catch (closeError) {
+          this.logger.error(
+            `Error closing stream: ${closeError instanceof Error ? closeError.message : 'Unknown error'}`,
+          );
+        }
+      }
     }
+    return undefined;
   }
 
   /**
@@ -123,8 +173,16 @@ export class ReqResp {
    *
    * @param param0 - The incoming stream data
    */
-  private async streamHandler(protocol: ReqRespSubProtocol, { stream }: IncomingStreamData) {
+  private async streamHandler(protocol: ReqRespSubProtocol, { stream, connection }: IncomingStreamData) {
     // Store a reference to from this for the async generator
+    if (!this.rateLimiter.allow(protocol, connection.remotePeer)) {
+      this.logger.warn(`Rate limit exceeded for ${protocol} from ${connection.remotePeer}`);
+
+      // TODO(#8483): handle changing peer scoring for failed rate limit, maybe differentiate between global and peer limits here when punishing
+      await stream.close();
+      return;
+    }
+
     const handler = this.subProtocolHandlers[protocol];
 
     try {

package/src/service/service.ts

@@ -46,7 +46,7 @@ export interface P2PService {
   ): Promise<InstanceType<SubProtocolMap[Protocol]['response']> | undefined>;
 
   // Leaky abstraction: fix https://github.com/AztecProtocol/aztec-packages/issues/7963
-  registerBlockReceivedCallback(callback: (block: BlockProposal) => Promise<BlockAttestation>): void;
+  registerBlockReceivedCallback(callback: (block: BlockProposal) => Promise<BlockAttestation | undefined>): void;
 
   getEnr(): ENR | undefined;
 }