eth: implement EIP-7975 (eth/70 - partial block receipt lists)

[healthykim]

This is a draft PR to add support for EIP-7975.
Overall changes

• Each response is buffered in the peer’s receipt buffer when the lastBlockIncomplete field is true.
• Continued request uses the same request id of its original request(RequestPartialReceipts).
• Partial responses are verified in validateLastBlockReceipt.
• Even if all receipts for partial blocks of the request are collected, those partial results are not sinked to the downloader, to avoid complexity. This assumes that partial response and buffering occur only in exceptional cases. (The complexity added to the queue can be checked in 1f32d8959)

[fjl]

The peer should not be able to create buffered items for unrequested blocks. So we need to create request ID entries explicitly when the request is made, instead of just making a buffer on demand here.

[healthykim]

I added the request tracking here and the validation here.

The buffer is cleared when the request is canceled or completed.

It is also cleared when an empty response is received.

[fjl]

I think we could do this with just one map. Maybe keep an entry in p.receiptBuffer for all requests, even non-partial ones? It seems simpler this way

[healthykim]

Yes I changed this, now receiptBuffer stores requested hashes and buffered receipts

[fjl]

I think we could do this with just one map. Maybe keep an entry in p.receiptBuffer for all requests, even non-partial ones? It seems simpler this way

[fjl]

This check is weird. We only added MaxTxGas in the next fork, which has not even activated on mainnet yet, and I'm not sure this limit is always defined in other chains. The check against header gaslimit should be enough.

[healthykim]

I am confused here, the check against the header’s gasLimit will always pass if the third condition passes. Or should we remove the second condition?

[fjl]

We agreed to remove condition 2.

[rjl493456442]

Downloading block receipts across multiple messages creates new attack surface. Partial receipt lists cannot be verified against the block header, so in responses with lastBlockIncomplete = 1, the last receipts list must be validated in a different way:

It's technically verifiable. The receipts can be proved with a range proof (although I agree there is some complexity around the 0th element whose index is 0x80), any particular reason to not attaching the proof for the paginated receipts?

[fjl]

Comment could be improved

[healthykim]

I updated the comment to // Previously requested receipts to buffer partial receipts

[rjl493456442]

nitpick, usually we limit the length of comment to 80 chars for better readability.

[healthykim]

I updated this. Thank you!

[rjl493456442]

this lookup restriction is unnecessary? (similar in eth68, eth69)

the number of requested receipts is already limited by len(receipts) >= maxReceiptsServe?

[rjl493456442]

It's not used

[healthykim]

I removed this. Thank you!

[rjl493456442]

I think the hacky thing in the implementation is we try to reuse the same request ID for the subsequent requests.

How about this: if we detect that the response is incomplete and subsequent requests are required, we internally maintain the mapping between the original request ID and the following IDs, so that the following responses can be correctly detect and be assembled properly?

[rjl493456442]

I think it's a bit weird to always allocate an item in the receiptBuffer even the first response is complete.

The incomplete response for mega-receipt is not common. I think we should only maintain the additional records for this special case.

[healthykim]

I found that the same data (requested hashes) is already stored in dispatcher.go (pending). Can we utilize that?

[rjl493456442]

Downloading block receipts across multiple messages creates new attack surface. Partial receipt lists cannot be verified against the block header, so in responses with lastBlockIncomplete = 1, the last receipts list must be validated in a different way:

It's technically verifiable. The receipts can be proved with a range proof (although I agree there is some complexity around the 0th element whose index is 0x80), any particular reason to not attaching the proof for the paginated receipts?