iota_types/gas_model/gas_v1.rs
1// Copyright (c) 2021, Facebook, Inc. and its affiliates
2// Copyright (c) Mysten Labs, Inc.
3// Modifications Copyright (c) 2024 IOTA Stiftung
4// SPDX-License-Identifier: Apache-2.0
5
6pub use checked::*;
7
8#[iota_macros::with_checked_arithmetic]
9mod checked {
10 use iota_protocol_config::*;
11 use move_core_types::vm_status::StatusCode;
12
13 use crate::{
14 ObjectID,
15 error::{ExecutionError, ExecutionErrorKind, UserInputError, UserInputResult},
16 gas::{self, GasCostSummary, IotaGasStatusAPI},
17 gas_model::{
18 gas_predicates::cost_table_for_version,
19 tables::{GasStatus, ZERO_COST_SCHEDULE},
20 units_types::CostTable,
21 },
22 transaction::ObjectReadResult,
23 };
24
25 /// A bucket defines a range of units that will be priced the same.
26 /// After execution a call to `GasStatus::bucketize` will round the
27 /// computation cost to `cost` for the bucket ([`min`, `max`]) the gas
28 /// used falls into.
29 #[expect(dead_code)]
30 pub(crate) struct ComputationBucket {
31 min: u64,
32 max: u64,
33 cost: u64,
34 }
35
36 impl ComputationBucket {
37 fn new(min: u64, max: u64, cost: u64) -> Self {
38 ComputationBucket { min, max, cost }
39 }
40
41 fn simple(min: u64, max: u64) -> Self {
42 Self::new(min, max, max)
43 }
44 }
45
46 fn get_bucket_cost(table: &[ComputationBucket], computation_cost: u64) -> u64 {
47 for bucket in table {
48 if bucket.max >= computation_cost {
49 return bucket.cost;
50 }
51 }
52 match table.last() {
53 // maybe not a literal here could be better?
54 None => 5_000_000,
55 Some(bucket) => bucket.cost,
56 }
57 }
58
59 // define the bucket table for computation charging
60 // If versioning defines multiple functions and
61 fn computation_bucket(max_bucket_cost: u64) -> Vec<ComputationBucket> {
62 assert!(max_bucket_cost >= 5_000_000);
63 vec![
64 ComputationBucket::simple(0, 1_000),
65 ComputationBucket::simple(1_000, 5_000),
66 ComputationBucket::simple(5_000, 10_000),
67 ComputationBucket::simple(10_000, 20_000),
68 ComputationBucket::simple(20_000, 50_000),
69 ComputationBucket::simple(50_000, 200_000),
70 ComputationBucket::simple(200_000, 1_000_000),
71 ComputationBucket::simple(1_000_000, max_bucket_cost),
72 ]
73 }
74
75 /// Portion of the storage rebate that gets passed on to the transaction
76 /// sender. The remainder will be burned, then re-minted + added to the
77 /// storage fund at the next epoch change
78 fn sender_rebate(storage_rebate: u64, storage_rebate_rate: u64) -> u64 {
79 // we round storage rebate such that `>= x.5` goes to x+1 (rounds up) and
80 // `< x.5` goes to x (truncates). We replicate `f32/64::round()`
81 const BASIS_POINTS: u128 = 10000;
82 (((storage_rebate as u128 * storage_rebate_rate as u128)
83 + (BASIS_POINTS / 2)) // integer rounding adds half of the BASIS_POINTS (denominator)
84 / BASIS_POINTS) as u64
85 }
86
87 /// A list of constant costs of various operations in IOTA.
88 pub struct IotaCostTable {
89 /// A flat fee charged for every transaction. This is also the minimum
90 /// amount of gas charged for a transaction.
91 pub(crate) min_transaction_cost: u64,
92 /// Maximum allowable budget for a transaction.
93 pub(crate) max_gas_budget: u64,
94 /// Computation cost per byte charged for package publish. This cost is
95 /// primarily determined by the cost to verify and link a
96 /// package. Note that this does not include the cost of writing
97 /// the package to the store.
98 package_publish_per_byte_cost: u64,
99 /// Per byte cost to read objects from the store. This is computation
100 /// cost instead of storage cost because it does not change the
101 /// amount of data stored on the db.
102 object_read_per_byte_cost: u64,
103 /// Unit cost of a byte in the storage. This will be used both for
104 /// charging for new storage as well as rebating for deleting
105 /// storage. That is, we expect users to get full refund on the
106 /// object storage when it's deleted.
107 storage_per_byte_cost: u64,
108 /// Execution cost table to be used.
109 pub execution_cost_table: CostTable,
110 /// Computation buckets to cost transaction in price groups
111 computation_bucket: Vec<ComputationBucket>,
112 }
113
114 impl std::fmt::Debug for IotaCostTable {
115 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
116 // TODO: dump the fields.
117 write!(f, "IotaCostTable(...)")
118 }
119 }
120
121 impl IotaCostTable {
122 pub(crate) fn new(c: &ProtocolConfig, gas_price: u64) -> Self {
123 // gas_price here is the Reference Gas Price, however we may decide
124 // to change it to be the price passed in the transaction
125 let min_transaction_cost = c.base_tx_cost_fixed() * gas_price;
126 Self {
127 min_transaction_cost,
128 max_gas_budget: c.max_tx_gas(),
129 package_publish_per_byte_cost: c.package_publish_cost_per_byte(),
130 object_read_per_byte_cost: c.obj_access_cost_read_per_byte(),
131 storage_per_byte_cost: c.obj_data_cost_refundable(),
132 execution_cost_table: cost_table_for_version(c.gas_model_version()),
133 computation_bucket: computation_bucket(c.max_gas_computation_bucket()),
134 }
135 }
136
137 pub(crate) fn unmetered() -> Self {
138 Self {
139 min_transaction_cost: 0,
140 max_gas_budget: u64::MAX,
141 package_publish_per_byte_cost: 0,
142 object_read_per_byte_cost: 0,
143 storage_per_byte_cost: 0,
144 execution_cost_table: ZERO_COST_SCHEDULE.clone(),
145 // should not matter
146 computation_bucket: computation_bucket(5_000_000),
147 }
148 }
149 }
150
151 #[derive(Debug)]
152 pub struct PerObjectStorage {
153 /// storage_cost is the total storage gas to charge. This is computed
154 /// at the end of execution while determining storage charges.
155 /// It tracks `storage_bytes * obj_data_cost_refundable` as
156 /// described in `storage_gas_price`
157 /// It has been multiplied by the storage gas price. This is the new
158 /// storage rebate.
159 pub storage_cost: u64,
160 /// storage_rebate is the storage rebate (in IOTA) for in this object.
161 /// This is computed at the end of execution while determining storage
162 /// charges. The value is in IOTA.
163 pub storage_rebate: u64,
164 /// The object size post-transaction in bytes
165 pub new_size: u64,
166 }
167
168 #[derive(Debug)]
169 pub struct IotaGasStatus {
170 /// GasStatus as used by the VM, that is all the VM sees
171 pub gas_status: GasStatus,
172 /// Cost table contains a set of constant/config for the gas
173 /// model/charging
174 cost_table: IotaCostTable,
175 /// Gas budget for this gas status instance.
176 /// Typically the gas budget as defined in the
177 /// `TransactionData::GasData`
178 gas_budget: u64,
179 /// Computation cost after execution. This is the result of the gas used
180 /// by the `GasStatus` properly bucketized.
181 /// Starts at 0 and it is assigned in `bucketize_computation`.
182 computation_cost: u64,
183 /// Whether to charge or go unmetered
184 charge: bool,
185 /// Gas price for computation.
186 /// This is a multiplier on the final charge as related to the RGP
187 /// (reference gas price). Checked at signing: `gas_price >=
188 /// reference_gas_price` and then conceptually
189 /// `final_computation_cost = total_computation_cost * gas_price /
190 /// reference_gas_price`
191 gas_price: u64,
192 // Reference gas price as defined in protocol config.
193 // If `protocol_defined_base_fee' is enabled, this is a mandatory base fee paid to the
194 // protocol.
195 reference_gas_price: u64,
196 /// Gas price for storage. This is a multiplier on the final charge
197 /// as related to the storage gas price defined in the system
198 /// (`ProtocolConfig::storage_gas_price`).
199 /// Conceptually, given a constant `obj_data_cost_refundable`
200 /// (defined in `ProtocolConfig::obj_data_cost_refundable`)
201 /// `total_storage_cost = storage_bytes * obj_data_cost_refundable`
202 /// `final_storage_cost = total_storage_cost * storage_gas_price`
203 storage_gas_price: u64,
204 /// Per Object Storage Cost and Storage Rebate, used to get accumulated
205 /// values at the end of execution to determine storage charges
206 /// and rebates.
207 per_object_storage: Vec<(ObjectID, PerObjectStorage)>,
208 // storage rebate rate as defined in the ProtocolConfig
209 rebate_rate: u64,
210 /// Amount of storage rebate accumulated when we are running in
211 /// unmetered mode (i.e. system transaction). This allows us to
212 /// track how much storage rebate we need to retain in system
213 /// transactions.
214 unmetered_storage_rebate: u64,
215 /// Rounding value to round up gas charges.
216 gas_rounding_step: Option<u64>,
217 /// Flag to indicate whether the protocol-defined base fee is enabled,
218 /// in which case the reference gas price is burned.
219 protocol_defined_base_fee: bool,
220 }
221
222 impl IotaGasStatus {
223 fn new(
224 move_gas_status: GasStatus,
225 gas_budget: u64,
226 charge: bool,
227 gas_price: u64,
228 reference_gas_price: u64,
229 storage_gas_price: u64,
230 rebate_rate: u64,
231 gas_rounding_step: Option<u64>,
232 cost_table: IotaCostTable,
233 protocol_defined_base_fee: bool,
234 ) -> IotaGasStatus {
235 let gas_rounding_step = gas_rounding_step.map(|val| val.max(1));
236 IotaGasStatus {
237 gas_status: move_gas_status,
238 gas_budget,
239 charge,
240 computation_cost: 0,
241 gas_price,
242 reference_gas_price,
243 storage_gas_price,
244 per_object_storage: Vec::new(),
245 rebate_rate,
246 unmetered_storage_rebate: 0,
247 gas_rounding_step,
248 cost_table,
249 protocol_defined_base_fee,
250 }
251 }
252
253 pub(crate) fn new_with_budget(
254 gas_budget: u64,
255 gas_price: u64,
256 reference_gas_price: u64,
257 config: &ProtocolConfig,
258 ) -> IotaGasStatus {
259 let storage_gas_price = config.storage_gas_price();
260 let max_computation_budget = config.max_gas_computation_bucket() * gas_price;
261 let computation_budget = if gas_budget > max_computation_budget {
262 max_computation_budget
263 } else {
264 gas_budget
265 };
266 let iota_cost_table = IotaCostTable::new(config, gas_price);
267 let gas_rounding_step = config.gas_rounding_step_as_option();
268 Self::new(
269 GasStatus::new(
270 iota_cost_table.execution_cost_table.clone(),
271 computation_budget,
272 gas_price,
273 config.gas_model_version(),
274 ),
275 gas_budget,
276 true,
277 gas_price,
278 reference_gas_price,
279 storage_gas_price,
280 config.storage_rebate_rate(),
281 gas_rounding_step,
282 iota_cost_table,
283 config.protocol_defined_base_fee(),
284 )
285 }
286
287 pub fn new_unmetered() -> IotaGasStatus {
288 Self::new(
289 GasStatus::new_unmetered(),
290 0,
291 false,
292 0,
293 0,
294 0,
295 0,
296 None,
297 IotaCostTable::unmetered(),
298 false,
299 )
300 }
301
302 pub fn reference_gas_price(&self) -> u64 {
303 self.reference_gas_price
304 }
305
306 // Check whether gas arguments are legit:
307 // 1. Gas object has an address owner.
308 // 2. Gas budget is between min and max budget allowed
309 // 3. Gas balance (all gas coins together) is bigger or equal to budget
310 pub(crate) fn check_gas_balance(
311 &self,
312 gas_objs: &[&ObjectReadResult],
313 gas_budget: u64,
314 ) -> UserInputResult {
315 // 1. All gas objects have an address owner
316 for gas_object in gas_objs {
317 // if as_object() returns None, it means the object has been deleted (and
318 // therefore must be a shared object).
319 if let Some(obj) = gas_object.as_object() {
320 if !obj.is_address_owned() {
321 return Err(UserInputError::GasObjectNotOwnedObject { owner: obj.owner });
322 }
323 } else {
324 // This case should never happen (because gas can't be a shared object), but we
325 // handle this case for future-proofing
326 return Err(UserInputError::MissingGasPayment);
327 }
328 }
329
330 // 2. Gas budget is between min and max budget allowed
331 if gas_budget > self.cost_table.max_gas_budget {
332 return Err(UserInputError::GasBudgetTooHigh {
333 gas_budget,
334 max_budget: self.cost_table.max_gas_budget,
335 });
336 }
337 if gas_budget < self.cost_table.min_transaction_cost {
338 return Err(UserInputError::GasBudgetTooLow {
339 gas_budget,
340 min_budget: self.cost_table.min_transaction_cost,
341 });
342 }
343
344 // 3. Gas balance (all gas coins together) is bigger or equal to budget
345 let mut gas_balance = 0u128;
346 for gas_obj in gas_objs {
347 // expect is safe because we already checked that all gas objects have an
348 // address owner
349 gas_balance +=
350 gas::get_gas_balance(gas_obj.as_object().expect("object must be owned"))?
351 as u128;
352 }
353 if gas_balance < gas_budget as u128 {
354 Err(UserInputError::GasBalanceTooLow {
355 gas_balance,
356 needed_gas_amount: gas_budget as u128,
357 })
358 } else {
359 Ok(())
360 }
361 }
362
363 fn storage_cost(&self) -> u64 {
364 self.storage_gas_units()
365 }
366
367 pub fn per_object_storage(&self) -> &Vec<(ObjectID, PerObjectStorage)> {
368 &self.per_object_storage
369 }
370 }
371
372 impl IotaGasStatusAPI for IotaGasStatus {
373 fn is_unmetered(&self) -> bool {
374 !self.charge
375 }
376
377 fn move_gas_status(&self) -> &GasStatus {
378 &self.gas_status
379 }
380
381 fn move_gas_status_mut(&mut self) -> &mut GasStatus {
382 &mut self.gas_status
383 }
384
385 fn bucketize_computation(&mut self) -> Result<(), ExecutionError> {
386 let mut computation_units = self.gas_status.gas_used_pre_gas_price();
387 if let Some(gas_rounding) = self.gas_rounding_step {
388 if gas_rounding > 0
389 && (computation_units == 0 || computation_units % gas_rounding > 0)
390 {
391 computation_units = ((computation_units / gas_rounding) + 1) * gas_rounding;
392 }
393 } else {
394 // use the max value of the bucket that the computation_units falls into.
395 computation_units =
396 get_bucket_cost(&self.cost_table.computation_bucket, computation_units);
397 };
398 let computation_cost = computation_units * self.gas_price;
399 if self.gas_budget <= computation_cost {
400 self.computation_cost = self.gas_budget;
401 Err(ExecutionErrorKind::InsufficientGas.into())
402 } else {
403 self.computation_cost = computation_cost;
404 Ok(())
405 }
406 }
407
408 /// Returns the final (computation cost, storage cost, storage rebate)
409 /// of the gas meter. We use initial budget, combined with
410 /// remaining gas and storage cost to derive computation cost.
411 fn summary(&self) -> GasCostSummary {
412 // compute computation cost burned and storage rebate, both rebate and non
413 // refundable fee
414 let computation_cost_burned = if self.protocol_defined_base_fee {
415 // when protocol_defined_base_fee is enabled, the computation cost burned is
416 // computed as follows:
417 // computation_cost_burned = computation_units * reference_gas_price.
418 // = (computation_cost / gas_price) * reference_gas_price
419 self.computation_cost * self.reference_gas_price / self.gas_price
420 } else {
421 // when protocol_defined_base_fee is disabled, the entire computation cost is
422 // burned.
423 self.computation_cost
424 };
425 let storage_rebate = self.storage_rebate();
426 let sender_rebate = sender_rebate(storage_rebate, self.rebate_rate);
427 assert!(sender_rebate <= storage_rebate);
428 let non_refundable_storage_fee = storage_rebate - sender_rebate;
429 GasCostSummary {
430 computation_cost: self.computation_cost,
431 computation_cost_burned,
432 storage_cost: self.storage_cost(),
433 storage_rebate: sender_rebate,
434 non_refundable_storage_fee,
435 }
436 }
437
438 fn gas_budget(&self) -> u64 {
439 self.gas_budget
440 }
441
442 fn storage_gas_units(&self) -> u64 {
443 self.per_object_storage
444 .iter()
445 .map(|(_, per_object)| per_object.storage_cost)
446 .sum()
447 }
448
449 fn storage_rebate(&self) -> u64 {
450 self.per_object_storage
451 .iter()
452 .map(|(_, per_object)| per_object.storage_rebate)
453 .sum()
454 }
455
456 fn unmetered_storage_rebate(&self) -> u64 {
457 self.unmetered_storage_rebate
458 }
459
460 fn gas_used(&self) -> u64 {
461 self.gas_status.gas_used_pre_gas_price()
462 }
463
464 fn reset_storage_cost_and_rebate(&mut self) {
465 self.per_object_storage = Vec::new();
466 self.unmetered_storage_rebate = 0;
467 }
468
469 fn charge_storage_read(&mut self, size: usize) -> Result<(), ExecutionError> {
470 self.gas_status
471 .charge_bytes(size, self.cost_table.object_read_per_byte_cost)
472 .map_err(|e| {
473 debug_assert_eq!(e.major_status(), StatusCode::OUT_OF_GAS);
474 ExecutionErrorKind::InsufficientGas.into()
475 })
476 }
477
478 fn charge_publish_package(&mut self, size: usize) -> Result<(), ExecutionError> {
479 self.gas_status
480 .charge_bytes(size, self.cost_table.package_publish_per_byte_cost)
481 .map_err(|e| {
482 debug_assert_eq!(e.major_status(), StatusCode::OUT_OF_GAS);
483 ExecutionErrorKind::InsufficientGas.into()
484 })
485 }
486
487 /// Update `storage_rebate` and `storage_gas_units` for each object in
488 /// the transaction. There is no charge in this function.
489 /// Charges will all be applied together at the end
490 /// (`track_storage_mutation`).
491 /// Return the new storage rebate (cost of object storage) according to
492 /// `new_size`.
493 fn track_storage_mutation(
494 &mut self,
495 object_id: ObjectID,
496 new_size: usize,
497 storage_rebate: u64,
498 ) -> u64 {
499 if self.is_unmetered() {
500 self.unmetered_storage_rebate += storage_rebate;
501 return 0;
502 }
503
504 // compute and track cost (based on size)
505 let new_size = new_size as u64;
506 let storage_cost =
507 new_size * self.cost_table.storage_per_byte_cost * self.storage_gas_price;
508 // track rebate
509
510 self.per_object_storage.push((
511 object_id,
512 PerObjectStorage {
513 storage_cost,
514 storage_rebate,
515 new_size,
516 },
517 ));
518 // return the new object rebate (object storage cost)
519 storage_cost
520 }
521
522 fn charge_storage_and_rebate(&mut self) -> Result<(), ExecutionError> {
523 let storage_rebate = self.storage_rebate();
524 let storage_cost = self.storage_cost();
525 let sender_rebate = sender_rebate(storage_rebate, self.rebate_rate);
526 assert!(sender_rebate <= storage_rebate);
527 if sender_rebate >= storage_cost {
528 // there is more rebate than cost, when deducting gas we are adding
529 // to whatever is the current amount charged so we are `Ok`
530 Ok(())
531 } else {
532 let gas_left = self.gas_budget - self.computation_cost;
533 // we have to charge for storage and may go out of gas, check
534 if gas_left < storage_cost - sender_rebate {
535 // Running out of gas would cause the temporary store to reset
536 // and zero storage and rebate.
537 // The remaining_gas will be 0 and we will charge all in computation
538 Err(ExecutionErrorKind::InsufficientGas.into())
539 } else {
540 Ok(())
541 }
542 }
543 }
544
545 fn adjust_computation_on_out_of_gas(&mut self) {
546 self.per_object_storage = Vec::new();
547 self.computation_cost = self.gas_budget;
548 }
549 }
550}