Inspect_message for Motoko

Is the inspect_message function planned for Motoko in the near future?

Also, will inspecting and discarding an ingress message with a large payload prevent the canister from being charged cycles, other than the cost of cycles for the inspect_message function itself?

Lastly, even if Motoko gets inspect_message, how can a canister defend against a hacker deploying another canister and sending large inter-canister payloads to a function in a constant loop? I imagine the function logic could throttle or block repeated requests from the same principal (saving storage), but afaik, the cycles will still get drained.

Thanks.

7 Likes

Bump. What is the status of inspect_message for motoko?

3 Likes

Stalled in bikeshedding Feature: support system method `inspect-message` · Issue #2528 · dfinity/motoko · GitHub

4 Likes

Will this be taken up again soon? I think inspect_message can be really valuable to use for early authentication in order to prevent cycle drainage attacks.

2 Likes

I may have a go at this this week.

If you have an strong opinion about the proposals in (Feature: support system method `inspect-message` · Issue #2528 · dfinity/motoko · GitHub)

do chime in.

4 Likes

I have a strong opinion that it’s needed. Without the ability to intercept messages, any canister written with Motoko is vulnerable to a cycle drain attack.

5 Likes