Describe the feature
Add metrics to the builder module to track performance of bundle submission in real time.

Describe the feature
Don't use eth_estimateGas for gas limits. We should sum up the verification/call limits of each UO in the bundle, add some overhead multiplier, and use eth_call to do the final check for reverts.

We need to ensure that the total amount of gas doesn't go over a max value.

Describe the feature
We currently have a hodgepodge approach to metrics with a bunch of hardcoded strings everywhere. We should clean this up and build an extendable system for metrics.

Describe the bug
The pool event mange stops receiving blocks and stays in that state until reset after a disconnection.

To reproduce
This happens pretty consistently as long as you leave the pool running long enough. It is always triggered by some sort of disconnection in the WS connection.

Expected behavior
The pool should automatically reconnect.

Logs
Trigger:

{
    "timestamp": "2023-04-06T18:30:58.999003Z",
    "level": "ERROR",
    "fields": {
        "message": "Close frame: CloudFlare WebSocket proxy restarting (1001)"
    },
    "target": "ethers_providers::rpc::transports::ws::backend"
}

"Sucessfull" reconnection:

{
    "timestamp": "2023-04-06T18:30:59.113123Z",
    "level": "INFO",
    "fields": {
        "message": "Re-connection complete",
        "subs": 1,
        "reqs": 0
    },
    "target": "ethers_providers::rpc::transports::ws::manager"
}

Additional context

for context: #71 (comment)

Describe the feature
The bundle builder needs access to a EOA signing key to send bundle transactions. When the Rundler is running in AWS we can use KMS to keep these keys secret and sign without the Rundler container seeing the private key. To ensure that no other bundler process is accessing the same key (during upgrades likely) we should implement a simple key leasing strategy based on distributed locks.

Ethers signer: https://github.com/gakonst/ethers-rs/blob/master/ethers-signers/src/aws/mod.rs
Rustoto KMS: https://docs.rs/rusoto_kms/latest/rusoto_kms/
Redis distributed locking: https://redis.io/docs/manual/patterns/distributed-locks/, https://redis.com/glossary/redlock/
Redlock in rust: https://github.com/hexcowboy/rslock

Describe the feature
The bundler currently loses money because it doesn't inspect the priority fee field of user ops, and eventually sends a transaction with a priority fee higher than many of the ops it bundles. The builder should ensure that it doesn't lose money on a transaction by ensuring that each op is at least breakeven in terms of fees.

Describe the feature
The builder currently re-computes an aggregated signature if any of the ops that contributed to that aggregated signature are removed from the bundle. For BLS signatures, it is unlikely that this re-computation is required as the aggregated signature is still valid for each of the other parts. However, its unclear if this is an invariant for all signature aggregation scheme. We should get clarity from the EIP authors and potentially add language to the EIP if this is in fact an invariant that should hold for all aggregators. If not, keep the code as it is.

Describe the feature
Add a simple metric to track the number of ops in the mempool.

Describe the feature
Add the ability to pass in a list of addresses to blacklist in the pool. The pool will not validate or store UOs that refer to these entities.

See: https://github.com/OMGWINNING/alchemy-bundler/pull/91/files#r1153136591

Describe the feature
While building a bundle, we should track paymaster balances to ensure that a paymaster does not run out of funds in the middle of a bundle.

Add configuration to export the traces to an OpenTelemetry collector.

Describe the feature
To trigger a new bundle build, the builder should listen to the mempool for new blocks. This ensures that when the builder asks the pool for the next batch of transactions its had the chance to remove mined UOs from the pool

Describe the feature
Add support for entry point 0.6.0.

We can fully remove support for 0.5.0

Describe the bug
When retrieving a UO that had a revert, the RPC module crashes.

To reproduce
Call eth_getUserOperationReceipt on a UO hash that had a revert.

Expected behavior
It shouldn't crash, and should get the revert reason

Logs

thread 'tokio-runtime-worker' panicked at 'index out of bounds: the len is 1 but the index is 1', /Users/dcoombs/alchemy/rundler/src/rpc/eth/mod.rs:245:25
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
  2023-04-19T00:48:48.488222Z  INFO rundler::op_pool::mempool::uo_pool: New block: 3317009 with 4 entrypoint events
    at src/op_pool/mempool/uo_pool.rs:92

  2023-04-19T00:48:48.492134Z ERROR rundler::rpc::run: Server stopped unexpectedly
    at src/rpc/run.rs:142

  2023-04-19T00:48:48.500961Z ERROR rundler::cli::node: RPC server exited unexpectedly: Ok(Err(RPC server stopped unexpectedly))
    at src/cli/node.rs:73

Describe the feature
For persistent mempools (DB/Redis backed) the node will need to backfill from the event listener to remove any UOs from the persistent pool that have already been mined. This should be a simple extension to the event listener to provide a pull method from a range of blocks and return an aggregated set of block events (with UO events).

Additional context
This doesn't apply to ephemeral mempools, like the P2P mempool or the closed-beta mempool.

Describe the feature
We need a persistent mempool to handle bundler crashes and upgrades. This can be done in 2 ways:

1. Local-file DB backed mempool. This will allow restarts, but requires attached storage to be managed. Attached storage isn't great for our cloud infrastructure. This may be a useful modality for if/when we integrate Rundler with block builders.
2. Redis backed mempool. Allows multiple clients to have a similar view over the mempool and allows us to manage the mempool without needing attached storage. Needs simple coordination between clients.

We've decided to build a Redis-backed mempool to support the private mempool use case.

Describe the bug
Missing ENTRY_POINTS CLI arg leads to a misleading error message.

To reproduce
Start the Rundler without ENTRY_POINTS CLI arg.

Expected behavior
Rundler should emit a better error message indicating the missing CLI arg, instead of the current error message.

Logs

rundler-launcher-rundler-1  | 2023-04-01T18:21:04.205756Z ERROR rundler::cli::node: RPC server exited unexpectedly: Ok(Err(Only one entry point is supported at the moment))

Describe the feature
Our gas estimation currently requires a 25% overhead multiplier to handle the 1/64th rule. This is due to our tracer taking the raw gas used value after the call is complete, not taking into account gas that needs to be set aside. Node clients handle this with a binary search that can estimate the gas limit within some amount of gas. We can do the same to calculate accurate limits for both validation/call gas limits without using a hardcoded overhead multiplier.

Describe the feature
We currently a few hard coded constants in order for gas estimation to provide results that are usable (by overestimating, or capping gas limits too low). We should figure out an approach that accurately estimates gas generically, without the use of arbitrary constants, and does so relatively performantly.

Describe the feature
When transacting with real value, we need to use private transaction RPCs on Ethereum/Polygon mainnet.

On eth:
https://docs.flashbots.net/flashbots-protect/rpc/quick-start

On polygon:
https://docs.bloxroute.com/introduction/protect-rpcs/polygon-protect-rpc

Polygon's isn't exact, but its the best we have at the moment "Front-running prevention does not guarantee your transactions will not be attacked - your transaction info will eventually become public info."

Describe the bug
The pool doesn't shutdown correctly when the event listener has DNS issues. It hangs and thus doesn't release resources.

To reproduce
Start up the Rundler pointing to an RPC endpoint that it cannot resolve. Then try to shut it down.

Expected behavior
Rundler should shut down cleanly.

Logs
This also happened:

thread 'tokio-runtime-worker' panicked at 'attempt to subtract with overflow', /Users/dcoombs/.cargo/registry/src/github.com-1ecc6299db9ec823/rslock-0.1.0/src/lock.rs:205:33

Describe the feature
Every eth_call (and others like it) to a node should include a gas cap reasonable for that call (either during validation or execution) to protect long running calls from blocking the bundler and impacting nodes.

Describe the feature
Arbitrum now supports eth_sendRawTransactionConditional on Arbitrum Goerli. We should use that in the builder.

https://github.com/OffchainLabs/nitro/releases/tag/v2.0.14-alpha.2

Describe the bug
Polygon Bor nodes use an old version of javascript, we need to compile our tracer into that version to run traces on Polygon.

To reproduce
Send any user op on polygon.

Expected behavior
It shouldn't fail.

We need to add robustness to our RPC calls to nodes. We can use the ethers-rs retry provider to do this: https://github.com/gakonst/ethers-rs/blob/master/ethers-providers/src/rpc/transports/retry.rs

Describe the bug
When using the eth_estimateUserOperationGas RPC endpoint, the verificationGasLimit field is optional, but if it is not set the call will fail with AA23 reverted (or OOG). This field should be filled in by the Rundler if unset to a value that allows estimation to occur.

To reproduce

1. Construct a UO without verificationGasLimit.
2. Call eth_estimateUserOperationGas

Expected behavior
Estimation should succeed.

Describe the feature
The spec states:

Remove the failed op that caused the revert from the batch and drop from the mempool. If the error is caused by a factory (error code is “AA1.“) or paymaster (error code is “AA3.“), then also drop from mempool all other UserOps of this entity. Repeat until eth_estimateGas succeeds.

To support this, the pool should have an endpoint that takes an entity address, and removes all operations associated with that entity.

Besides in scripts that need to deploy concrete entry point contracts.

Describe the bug
When using eth_estimateUserOperationGas to set the gas limits on a user operation, the resulting UO will revert with out of gas in each of the 3 fields: preVerificationGas, verificationGasLimit, and callGasLimit. The estimate should be accurate enough for the user to set these fields directly in their UO and not run out of gas.

To reproduce

1. Create a UO
2. Call eth_estimateUserOperationGas on that UO
3. Use the result to set the gas fields in the UO
4. Send that UO to a bundler

Expected behavior
The estimated gas limits should be high enough such that the UO doesn't run out of gas during verification.

Describe the bug
During estimation:

• If the call reverts with OOG and the account isn't yet deployed, we just return "Invalid data"
• If the call returns a revert reason we should prefix the reason

To reproduce

1. Estimate a UO that deploys an account, and set the gas limits too low. It will return with "Invalid data"
2. Estimate a UO that calls a method that doesn't exist on the target contract.

Expected behavior
Error messages should make it clear to the user how they need to modify their calls to succeed.

Describe the feature
Run the bundler-spec-tests in CI and fail PRs if we have regressions.