Research · Tag · Rpc

Posts tagged rpc.

5 entries · sorted: recency← All research
RESEARCH
2026-07-13

How unauthenticated simulateTransaction requests saturate an Agave RPC node's executor pool

Agave runs the simulateTransaction handler synchronously on its shared Tokio executor threads, so unauthenticated, gas-free simulate requests pin those workers and add queue latency across the validator's entire JSON-RPC tier — not just the simulate path.

Simon Morley
Read →7 min read
RESEARCH
2026-07-13

How an unauthenticated TLS half-open flood pins rippled's memory and crashes it under low file-descriptor limits

rippled's inbound TLS listeners on the peer port (51235) and the RPC-HTTPS port (5006) accept a partial TLS handshake with no deadline and no per-IP half-open cap, so a single source IP can pin server memory indefinitely and, at a default file-descriptor limit, crash the process.

Simon Morley
Read →8 min read
VALIDATOR-SECURITY
2026-05-21

Expensive work before authentication: the RPC pattern we keep finding

The DoS class that scales against validators isn't volumetric. It's small requests that cost the node real work before it authenticates the caller. The pattern we keep finding across clients, and the fix.

Simon Morley
Read →2 min read
VALIDATOR-SECURITY
2026-05-15

We're securing validators at the wrong layer

Blockchain security money goes to smart-contract audits. The validators those contracts run on are defended for volume and almost nothing else. The attacks that actually scale live at the transport and RPC layer, and they're a class, not a list.

Simon Morley
Read →3 min read
RESEARCH
2026-05-12

NR-2026-001 - Three Agave RPC architectural findings

Three architectural findings in the Agave JSON-RPC layer at v3.1.9: response amplification on getMultipleAccounts, Tokio executor saturation via simulateTransaction, and spawn_blocking pool saturation via getProgramAccounts. Architectural patterns, not rate-limit DoS - operator rate limits don't close them.

Simon
Read →12 min read