fix(chainbase): strengthen signature length validation

[Federico2014]

Summary

• Improve signature length validation in transaction and block processing
• Gate the new validation on the TVM Osaka proposal parameter to preserve compatibility with historical data
• Apply consistent checks across all relevant code paths

Changed files

File	Change
`chainbase/.../TransactionCapsule.java`	Add `DynamicPropertiesStore` param to `checkWeight`; strengthen signature length check post-Osaka
`chainbase/.../BlockCapsule.java`	Apply same length check to witness signatures in `validateSignature`
`framework/.../Wallet.java`	Apply consistent check in `getTransactionApprovedList`
`actuator/.../TransactionUtil.java`	Update call site to match new `checkWeight` signature

Test plan

• `TransactionCapsuleTest` — signature length enforcement pre/post-Osaka
• `BlockCapsuleTest` — witness signature length enforcement pre/post-Osaka
• `TransactionExpireTest` — `getTransactionApprovedList` length check pre/post-Osaka

Summary by CodeRabbit

• New Features

  • Added rate limiter API non-blocking mode configuration to allow immediate rejection or waiting for permits.
  • Added minimum event plugin version requirement (3.0.0) enforcement.

• Bug Fixes

  • Fixed potential null pointer exception in relay node detection.

• Configuration Changes

  • Event subscription native queue default changed from enabled to disabled.
  • New rate limiter API non-blocking configuration option available.

• Enhancements

  • Strengthened signature validation with stricter size enforcement for enhanced security.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8a61c3d8-3f64-43f9-b606-bbbd752ef97e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR implements three major feature areas: stricter signature validation with Osaka TVM support, configurable rate limiter blocking modes with per-IP coordination, event configuration initialization reordering, plugin version gating, and defensive null checks. The changes span 42 files across core transaction/block handling, rate limiting, configuration, and test infrastructure.

Changes

Signature Size Validation with Osaka TVM Support

Layer / File(s)	Summary
TransactionCapsule signature validation contract chainbase/src/main/java/org/tron/core/capsule/TransactionCapsule.java	checkWeight(...) signature is updated to accept DynamicPropertiesStore parameter; the method enforces exact 65-byte signatures when getAllowTvmOsaka() == 1 alongside existing minimum-size checks.
BlockCapsule and Wallet validation chainbase/src/main/java/org/tron/core/capsule/BlockCapsule.java, framework/src/main/java/org/tron/core/Wallet.java	Block witness and transaction approved-list signatures are validated with the same Osaka-gated exact-size rule, rejecting undersized or non-compliant signatures before address derivation.
Call site updates and test suite actuator/src/main/java/org/tron/core/utils/TransactionUtil.java, framework/src/test/java/org/tron/core/capsule/TransactionCapsuleTest.java, framework/src/test/java/org/tron/core/capsule/BlockCapsuleTest.java, framework/src/test/java/org/tron/core/db/TransactionExpireTest.java	TransactionUtil passes null for the new parameter; tests verify rejection/acceptance of short, padded, and valid 65-byte signatures across pre/post-Osaka configurations.

Rate Limiter Blocking/Non-Blocking Mode

Layer / File(s)	Summary
Rate limiter interface and strategy contracts framework/src/main/java/org/tron/core/services/ratelimiter/adapter/IRateLimiter.java, framework/src/main/java/org/tron/core/services/ratelimiter/strategy/QpsStrategy.java, framework/src/main/java/org/tron/core/services/ratelimiter/strategy/IPQpsStrategy.java, framework/src/main/java/org/tron/core/services/ratelimiter/strategy/GlobalPreemptibleStrategy.java	IRateLimiter adds acquire() and default acquirePermit() dispatch based on Args.isRateLimiterApiNonBlocking(); strategy classes implement blocking acquisition with timeout handling and per-IP limiter centralization via loadLimiter() helpers.
Rate limiter adapters framework/src/main/java/org/tron/core/services/ratelimiter/adapter/DefaultBaseQqsAdapter.java, framework/src/main/java/org/tron/core/services/ratelimiter/adapter/GlobalPreemptibleAdapter.java, framework/src/main/java/org/tron/core/services/ratelimiter/adapter/IPQPSRateLimiterAdapter.java, framework/src/main/java/org/tron/core/services/ratelimiter/adapter/QpsRateLimiterAdapter.java	All adapters add acquire() method overrides that delegate to their underlying strategies, enabling consistent blocking-mode dispatch across the adapter layer.
GlobalRateLimiter refactoring and HTTP/gRPC interceptors framework/src/main/java/org/tron/core/services/ratelimiter/GlobalRateLimiter.java, framework/src/main/java/org/tron/core/services/http/RateLimiterServlet.java, framework/src/main/java/org/tron/core/services/ratelimiter/RateLimiterInterceptor.java	GlobalRateLimiter.loadIpLimiter() helper centralizes per-IP limiter creation and coordinates IP-before-global acquisition ordering; servlet and interceptor switch from tryAcquire() to acquirePermit() to enable runtime blocking-mode selection.
Rate limiter configuration common/src/main/java/org/tron/core/config/args/RateLimiterConfig.java, common/src/main/java/org/tron/common/parameter/CommonParameter.java, common/src/main/resources/reference.conf, framework/src/main/resources/config.conf	RateLimiterConfig and CommonParameter add apiNonBlocking boolean field; configuration files introduce the flag with documentation describing blocking (legacy) vs non-blocking (immediate rejection) semantics.
Rate limiter test coverage framework/src/test/java/org/tron/core/services/ratelimiter/GlobalRateLimiterTest.java, framework/src/test/java/org/tron/core/services/http/RateLimiterServletTest.java, framework/src/test/java/org/tron/core/services/ratelimiter/RateLimiterInterceptorTest.java, framework/src/test/java/org/tron/core/services/ratelimiter/adaptor/AdaptorTest.java, common/src/test/java/org/tron/core/config/args/RateLimiterConfigTest.java	Tests verify acquirePermit() dispatch logic, per-IP/global limiter interaction and ordering, failure handling when IP limiter cannot be created, blocking vs non-blocking behavior under configuration, and permit release semantics.

Event Configuration Refactoring and Plugin Versioning

Layer / File(s)	Summary
Event configuration application order framework/src/main/java/org/tron/core/config/args/Args.java, common/src/main/java/org/tron/core/config/args/EventConfig.java	Event config application is moved after CLI overrides; event subscription enablement is computed via logical OR to preserve CLI-set values; contract parsing is configured directly in config loading rather than via applyEventConfig().
Plugin version compatibility framework/src/main/java/org/tron/common/logsfilter/EventPluginLoader.java, framework/src/test/java/org/tron/common/logsfilter/EventLoaderTest.java	EventPluginLoader adds MIN_PLUGIN_VERSION constant, VersionManager initialization, and isPluginVersionSupported() gate; plugins below version 3.0.0 are rejected at startup with error logging.
Event and rate limiter configuration tests framework/src/test/java/org/tron/core/config/args/ArgsTest.java, common/src/test/java/org/tron/core/config/args/RateLimiterConfigTest.java	Tests verify event plugin config is built when CLI --es is supplied, event config is applied after CLI overrides, and rate limiter config parses the new apiNonBlocking flag.

Defensive Improvements and Test Infrastructure

Layer / File(s)	Summary
Null safety and test lifecycle framework/src/main/java/org/tron/core/net/peer/PeerConnection.java, framework/src/test/java/org/tron/core/net/messagehandler/ChainInventoryMsgHandlerTest.java	PeerConnection.setChannel() guards relay node detection against null; ChainInventoryMsgHandlerTest adds @BeforeClass/@AfterClass lifecycle for test configuration isolation.

🎯 4 (Complex) | ⏱️ ~75 minutes

A rabbit hops through signature fences,
Rate limits now block or bend to sense,
Events reorder their dance with care,
Plugin versions checked with flair,
Each byte and limiter finds its place! 🐰✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 29.81% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(chainbase): limit oversized signatures' directly summarizes the main change—enforcing signature size validation (specifically limiting signatures to exactly 65 bytes) when TVM Osaka is enabled, which is the core security fix in this PR.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/sig_length_limit

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

1 issue found across 15 files (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="chainbase/src/main/java/org/tron/core/capsule/TransactionCapsule.java">

<violation number="1" location="chainbase/src/main/java/org/tron/core/capsule/TransactionCapsule.java:245">
P1: Do not require signatures to be exactly 65 bytes here; this breaks compatibility for valid signatures that include trailing bytes.

(Based on your team's feedback about preserving transaction signature compatibility by accepting signatures of at least 65 bytes.) [FEEDBACK_USED]</violation>
</file>

_{Tip: Review your code locally with the cubic CLI to iterate faster.}