Node provider txpool_content access for shared nodes

Incident Report for Base

Resolved

We received reports that some node providers with shared node offerings were allowing requests to the txpool_content endpoint, which enabled viewing transactions in that provider's shared mempool prior to them being forwarded to the private Base sequencer transaction pool. This could enable MEV or frontrunning for transactions that are being processed through that provider.

We've coordinated with node providers to restrict this access for shared node offerings. This does not impact the Base sequencer mempool, which is and remains private.
Posted Aug 19, 2023 - 19:56 UTC