GAS price for CreateMultisigAccount is too cheap: 14 mins with 20GAS

[dusmart]

The syscall System.Contract.CreateMultisigAccount is based on Sha256 while its price is lower than CryptoLib.Sha256's (1<<10 < 1<<15).

Therefore, a minor DOS can be composed using CreateMultisigAccount syscall.

curl http://seed1t5.neo.org:20332 -d '{ "jsonrpc": "2.0", "id": 1, "method": "invokescript", "params": ["VwIANSUAAAB3AAKIcSMAdwFvABFBajPpCUlvAZ13AW8BJfD///9JQFcCAAwhAswQ0OkpynUs/TQIvt2gZGPi2T/UNeTCuGqJWzeS3uTIAf8DdwFvASMNAAAASm8BnXcBbwEl+P///0PAdwBvAEA="] }'| json_pp

source code: https://github.com/lazynode/Tanya/pull/26/files

I propose that charge CreateMultisigAccount as Neo.Crypto.CheckMultisig does which is dynamic and depends on accnout number.

[dusmart]

@roman-khimov Do you know what is the DOS threshold for NEO?

[dusmart]

Actually, If some developer don't care about whether the output's type is Hash256 or Hash160, he could convert the data he wants to hash to CreateMultisigAccount's input format. By this means, he could pay less GAS and enjoy a similar effect.

[roman-khimov]

@roman-khimov Do you know what is the DOS threshold for NEO?

I've usually measured it wrt transfer transaction price/quantity, C# node can process 8K of NEO transfers per second, each one costs ~0.01 GAS in system fee. This can then be translated into some USD costs, quoting oracle stress-test document:

As a target we'd suggest that 100$ worth of GAS shouldn't lead to any kind of visible degradation at all, while the system should be able to process requests worth 10,000$ in a reasonable (like half an hour) amount of time.

But as you've noticed not all GAS spends are equal in terms of CPU time. In this case we have 100$ worth of GAS creating some effects.

Maybe if we're to express the target in GAS that'd be at least MaxBlockSystemFee amount of GAS per MillisecondsPerBlock for a sustainable operation.