@aztec/cli 0.0.1-commit.b655e406 → 0.0.1-commit.d3ec352c

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/cli",
-  "version": "0.0.1-commit.b655e406",
+  "version": "0.0.1-commit.d3ec352c",
   "type": "module",
   "exports": {
     "./contracts": "./dest/cmds/contracts/index.js",
@@ -24,8 +24,8 @@
     "tsconfig": "./tsconfig.json"
   },
   "scripts": {
-    "build": "yarn clean && tsc -b",
-    "build:dev": "tsc -b --watch",
+    "build": "yarn clean && ../scripts/tsc.sh",
+    "build:dev": "../scripts/tsc.sh --watch",
     "clean": "rm -rf ./dest .tsbuildinfo",
     "test": "NODE_NO_WARNINGS=1 node --experimental-vm-modules ../node_modules/.bin/jest --passWithNoTests --maxWorkers=${JEST_MAX_WORKERS:-8}"
   },
@@ -71,21 +71,21 @@
     ]
   },
   "dependencies": {
-    "@aztec/accounts": "0.0.1-commit.b655e406",
-    "@aztec/archiver": "0.0.1-commit.b655e406",
-    "@aztec/aztec.js": "0.0.1-commit.b655e406",
-    "@aztec/constants": "0.0.1-commit.b655e406",
-    "@aztec/entrypoints": "0.0.1-commit.b655e406",
-    "@aztec/ethereum": "0.0.1-commit.b655e406",
-    "@aztec/foundation": "0.0.1-commit.b655e406",
-    "@aztec/l1-artifacts": "0.0.1-commit.b655e406",
-    "@aztec/node-keystore": "0.0.1-commit.b655e406",
-    "@aztec/node-lib": "0.0.1-commit.b655e406",
-    "@aztec/p2p": "0.0.1-commit.b655e406",
-    "@aztec/protocol-contracts": "0.0.1-commit.b655e406",
-    "@aztec/stdlib": "0.0.1-commit.b655e406",
-    "@aztec/test-wallet": "0.0.1-commit.b655e406",
-    "@aztec/world-state": "0.0.1-commit.b655e406",
+    "@aztec/accounts": "0.0.1-commit.d3ec352c",
+    "@aztec/archiver": "0.0.1-commit.d3ec352c",
+    "@aztec/aztec.js": "0.0.1-commit.d3ec352c",
+    "@aztec/constants": "0.0.1-commit.d3ec352c",
+    "@aztec/entrypoints": "0.0.1-commit.d3ec352c",
+    "@aztec/ethereum": "0.0.1-commit.d3ec352c",
+    "@aztec/foundation": "0.0.1-commit.d3ec352c",
+    "@aztec/l1-artifacts": "0.0.1-commit.d3ec352c",
+    "@aztec/node-keystore": "0.0.1-commit.d3ec352c",
+    "@aztec/node-lib": "0.0.1-commit.d3ec352c",
+    "@aztec/p2p": "0.0.1-commit.d3ec352c",
+    "@aztec/protocol-contracts": "0.0.1-commit.d3ec352c",
+    "@aztec/stdlib": "0.0.1-commit.d3ec352c",
+    "@aztec/test-wallet": "0.0.1-commit.d3ec352c",
+    "@aztec/world-state": "0.0.1-commit.d3ec352c",
     "@ethersproject/wallet": "^5.8.0",
     "@iarna/toml": "^2.2.5",
     "@libp2p/peer-id-factory": "^3.0.4",
@@ -96,9 +96,12 @@
     "semver": "^7.5.4",
     "source-map-support": "^0.5.21",
     "tslib": "^2.4.0",
-    "viem": "npm:@spalladino/viem@2.38.2-eip7594.0"
+    "viem": "npm:@aztec/viem@2.38.2"
   },
   "devDependencies": {
+    "@aztec/aztec-node": "0.0.1-commit.d3ec352c",
+    "@aztec/kv-store": "0.0.1-commit.d3ec352c",
+    "@aztec/telemetry-client": "0.0.1-commit.d3ec352c",
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",
     "@types/lodash.chunk": "^4.2.9",
@@ -107,6 +110,7 @@
     "@types/node": "^22.15.17",
     "@types/semver": "^7.5.2",
     "@types/source-map-support": "^0.5.10",
+    "@typescript/native-preview": "7.0.0-dev.20251126.1",
     "jest": "^30.0.0",
     "jest-mock-extended": "^4.0.0",
     "ts-jest": "^29.4.0",
@@ -114,20 +118,21 @@
     "typescript": "^5.3.3"
   },
   "peerDependencies": {
-    "@aztec/accounts": "0.0.1-commit.b655e406",
-    "@aztec/bb-prover": "0.0.1-commit.b655e406",
-    "@aztec/ethereum": "0.0.1-commit.b655e406",
-    "@aztec/l1-artifacts": "0.0.1-commit.b655e406",
-    "@aztec/noir-contracts.js": "0.0.1-commit.b655e406",
-    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.b655e406",
-    "@aztec/noir-test-contracts.js": "0.0.1-commit.b655e406",
-    "@aztec/protocol-contracts": "0.0.1-commit.b655e406",
-    "@aztec/stdlib": "0.0.1-commit.b655e406"
+    "@aztec/accounts": "0.0.1-commit.d3ec352c",
+    "@aztec/bb-prover": "0.0.1-commit.d3ec352c",
+    "@aztec/ethereum": "0.0.1-commit.d3ec352c",
+    "@aztec/l1-artifacts": "0.0.1-commit.d3ec352c",
+    "@aztec/noir-contracts.js": "0.0.1-commit.d3ec352c",
+    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.d3ec352c",
+    "@aztec/noir-test-contracts.js": "0.0.1-commit.d3ec352c",
+    "@aztec/protocol-contracts": "0.0.1-commit.d3ec352c",
+    "@aztec/stdlib": "0.0.1-commit.d3ec352c"
   },
   "files": [
     "dest",
     "src",
-    "!*.test.*"
+    "!*.test.*",
+    "public_include_metric_prefixes.json"
   ],
   "types": "./dest/index.d.ts",
   "engines": {

package/public_include_metric_prefixes.json

@@ -0,0 +1 @@
+["aztec.validator", "aztec.tx_collector", "aztec.mempool", "aztec.p2p.gossip.agg_", "aztec.ivc_verifier.agg_"]

package/src/cmds/aztec_node/get_block.ts

@@ -1,10 +1,11 @@
 import { createAztecNodeClient } from '@aztec/aztec.js/node';
+import { BlockNumber } from '@aztec/foundation/branded-types';
 import type { LogFn } from '@aztec/foundation/log';
 
 import { inspectBlock } from '../../utils/inspect.js';
 
 export async function getBlock(nodeUrl: string, maybeBlockNumber: number | undefined, log: LogFn) {
   const aztecNode = createAztecNodeClient(nodeUrl);
-  const blockNumber = maybeBlockNumber ?? (await aztecNode.getBlockNumber());
+  const blockNumber: BlockNumber = maybeBlockNumber ? BlockNumber(maybeBlockNumber) : await aztecNode.getBlockNumber();
   await inspectBlock(aztecNode, blockNumber, log, { showTxs: true });
 }

package/src/cmds/aztec_node/get_logs.ts

@@ -2,13 +2,14 @@ import type { AztecAddress } from '@aztec/aztec.js/addresses';
 import type { LogFilter, LogId } from '@aztec/aztec.js/log';
 import { createAztecNodeClient } from '@aztec/aztec.js/node';
 import type { TxHash } from '@aztec/aztec.js/tx';
+import { BlockNumber } from '@aztec/foundation/branded-types';
 import type { LogFn } from '@aztec/foundation/log';
 import { sleep } from '@aztec/foundation/sleep';
 
 export async function getLogs(
   txHash: TxHash,
-  fromBlock: number,
-  toBlock: number,
+  fromBlock: BlockNumber,
+  toBlock: BlockNumber,
   afterLog: LogId,
   contractAddress: AztecAddress,
   nodeUrl: string,

package/src/cmds/contracts/inspect_contract.ts

@@ -29,16 +29,9 @@ export async function inspectContract(contractArtifactFile: string, debugLogger:
   log(`\tpublic bytecode commitment: ${contractClass.publicBytecodeCommitment.toString()}`);
   log(`\tpublic bytecode length: ${contractClass.packedBytecode.length} bytes (${bytecodeLengthInFields} fields)`);
 
-  const externalFunctions = contractFns.filter(f => !f.isInternal);
-  if (externalFunctions.length > 0) {
-    log(`\nExternal functions:`);
-    await Promise.all(externalFunctions.map(f => logFunction(f, log)));
-  }
-
-  const internalFunctions = contractFns.filter(f => f.isInternal);
-  if (internalFunctions.length > 0) {
-    log(`\nInternal functions:`);
-    await Promise.all(internalFunctions.map(f => logFunction(f, log)));
+  if (contractFns.length > 0) {
+    log(`\nExternal contract functions:`);
+    await Promise.all(contractFns.map(f => logFunction(f, log)));
   }
 }
 

package/src/cmds/infrastructure/index.ts

@@ -44,7 +44,6 @@ export function injectCommands(program: Command, log: LogFn) {
         nodeUrl: options.nodeUrl,
         l1RpcUrls: options.l1RpcUrls,
         chainId: options.l1ChainId,
-        blockNumber: options.blockNumber,
         log,
       });
     });

package/src/cmds/infrastructure/sequencers.ts

@@ -15,7 +15,6 @@ export async function sequencers(opts: {
   nodeUrl: string;
   l1RpcUrls: string[];
   chainId: number;
-  blockNumber?: number;
   log: LogFn;
 }) {
   const { command, who: maybeWho, mnemonic, bn254SecretKey, nodeUrl, l1RpcUrls, chainId, log } = opts;

package/src/cmds/l1/assume_proven_through.ts

@@ -1,5 +1,6 @@
 import { createAztecNodeClient } from '@aztec/aztec.js/node';
 import { RollupCheatCodes } from '@aztec/ethereum/test';
+import { BlockNumber } from '@aztec/foundation/branded-types';
 import type { LogFn } from '@aztec/foundation/log';
 import { DateProvider } from '@aztec/foundation/timer';
 
@@ -11,7 +12,9 @@ export async function assumeProvenThrough(
 ) {
   const aztecNode = createAztecNodeClient(nodeUrl);
   const rollupAddress = await aztecNode.getNodeInfo().then(i => i.l1ContractAddresses.rollupAddress);
-  const blockNumber = blockNumberOrLatest ?? (await aztecNode.getBlockNumber());
+  const blockNumber: BlockNumber = blockNumberOrLatest
+    ? BlockNumber(blockNumberOrLatest)
+    : await aztecNode.getBlockNumber();
 
   const rollupCheatCodes = RollupCheatCodes.create(l1RpcUrls, { rollupAddress }, new DateProvider());
 

package/src/cmds/l1/prover_stats.ts

@@ -55,33 +55,40 @@ export async function proverStats(opts: {
 
   // If we only care for raw logs, output them
   if (rawLogs && !provingTimeout) {
-    log(`l1_block_number, l2_block_number, prover_id, tx_hash`);
+    log(`l1_block_number, checkpoint_number, prover_id, tx_hash`);
     for (const event of events) {
-      const { l1BlockNumber, l2BlockNumber, proverId, txHash } = event;
-      log(`${l1BlockNumber}, ${l2BlockNumber}, ${proverId}, ${txHash}`);
+      const { l1BlockNumber, checkpointNumber, proverId, txHash } = event;
+      log(`${l1BlockNumber}, ${checkpointNumber}, ${proverId}, ${txHash}`);
     }
     return;
   }
 
-  // If we don't have a proving timeout, we can just count the number of unique blocks per prover
+  // If we don't have a proving timeout, we can just count the number of unique checkpoints per prover
   if (!provingTimeout) {
     const stats = groupBy(events, 'proverId');
-    log(`prover_id, total_blocks_proven`);
+    log(`prover_id, total_checkpoints_proven`);
     for (const proverId in stats) {
-      const uniqueBlocks = new Set(stats[proverId].map(e => e.l2BlockNumber));
-      log(`${proverId}, ${uniqueBlocks.size}`);
+      const uniqueCheckpoints = new Set(stats[proverId].map(e => e.checkpointNumber));
+      log(`${proverId}, ${uniqueCheckpoints.size}`);
     }
     return;
   }
 
-  // But if we do, fetch the events for each block submitted, so we can look up their timestamp
-  const blockEvents = await getL2BlockEvents(startBlock, lastBlockNum, batchSize, debugLog, publicClient, rollup);
+  // But if we do, fetch the events for each checkpoint submitted, so we can look up their timestamp
+  const checkpointEvents = await getCheckpointProposedEvents(
+    startBlock,
+    lastBlockNum,
+    batchSize,
+    debugLog,
+    publicClient,
+    rollup,
+  );
   debugLog.verbose(
-    `First L2 block within range is ${blockEvents[0]?.args.blockNumber} at L1 block ${blockEvents[0]?.blockNumber}`,
+    `First checkpoint within range is ${checkpointEvents[0]?.args.checkpointNumber} at L1 block ${checkpointEvents[0]?.blockNumber}`,
   );
 
   // Get the timestamps for every block on every log, both for proof and block submissions
-  const l1BlockNumbers = unique([...events.map(e => e.l1BlockNumber), ...blockEvents.map(e => e.blockNumber)]);
+  const l1BlockNumbers = unique([...events.map(e => e.l1BlockNumber), ...checkpointEvents.map(e => e.blockNumber)]);
   const l1BlockTimestamps: Record<string, bigint> = {};
   for (const l1Batch of chunk(l1BlockNumbers, Number(batchSize))) {
     const blocks = await Promise.all(
@@ -93,44 +100,44 @@ export async function proverStats(opts: {
     }
   }
 
-  // Map from l2 block number to the l1 block in which it was submitted
-  const l2BlockSubmissions: Record<string, bigint> = {};
-  for (const blockEvent of blockEvents) {
-    l2BlockSubmissions[blockEvent.args.blockNumber!.toString()] = blockEvent.blockNumber;
+  // Map from checkpoint number to the l1 block in which it was submitted
+  const checkpointSubmissions: Record<string, bigint> = {};
+  for (const checkpointEvent of checkpointEvents) {
+    checkpointSubmissions[checkpointEvent.args.checkpointNumber!.toString()] = checkpointEvent.blockNumber;
   }
 
   // If we want raw logs, output them
   if (rawLogs) {
-    log(`l1_block_number, l2_block_number, l2_block_submission_timestamp, proof_timestamp, prover_id, tx_hash`);
+    log(`l1_block_number, checkpoint_number, checkpoint_submission_timestamp, proof_timestamp, prover_id, tx_hash`);
     for (const event of events) {
-      const { l1BlockNumber, l2BlockNumber, proverId, txHash } = event;
-      const uploadedBlockNumber = l2BlockSubmissions[l2BlockNumber.toString()];
+      const { l1BlockNumber, checkpointNumber, proverId, txHash } = event;
+      const uploadedBlockNumber = checkpointSubmissions[checkpointNumber.toString()];
       if (!uploadedBlockNumber) {
         continue;
       }
       const uploadedTimestamp = l1BlockTimestamps[uploadedBlockNumber.toString()];
       const provenTimestamp = l1BlockTimestamps[l1BlockNumber.toString()];
-      log(`${l1BlockNumber}, ${l2BlockNumber}, ${uploadedTimestamp}, ${provenTimestamp}, ${proverId}, ${txHash}`);
+      log(`${l1BlockNumber}, ${checkpointNumber}, ${uploadedTimestamp}, ${provenTimestamp}, ${proverId}, ${txHash}`);
     }
     return;
   }
 
   // Or calculate stats per prover
-  const stats = mapValues(groupBy(events, 'proverId'), (blocks, proverId) =>
+  const stats = mapValues(groupBy(events, 'proverId'), (checkpoints, proverId) =>
     compactArray(
-      blocks.map(e => {
+      checkpoints.map(e => {
         const provenTimestamp = l1BlockTimestamps[e.l1BlockNumber.toString()];
-        const uploadedBlockNumber = l2BlockSubmissions[e.l2BlockNumber.toString()];
+        const uploadedBlockNumber = checkpointSubmissions[e.checkpointNumber.toString()];
         if (!uploadedBlockNumber) {
           debugLog.verbose(
-            `Skipping ${proverId}'s proof for L2 block ${e.l2BlockNumber} as it was before the start block`,
+            `Skipping ${proverId}'s proof for checkpoint ${e.checkpointNumber} as it was before the start block`,
           );
           return undefined;
         }
         const uploadedTimestamp = l1BlockTimestamps[uploadedBlockNumber.toString()];
         const provingTime = provenTimestamp - uploadedTimestamp;
         debugLog.debug(
-          `prover=${e.proverId} blockNumber=${e.l2BlockNumber} uploaded=${uploadedTimestamp} proven=${provenTimestamp} time=${provingTime}`,
+          `prover=${e.proverId} checkpointNumber=${e.checkpointNumber} uploaded=${uploadedTimestamp} proven=${provenTimestamp} time=${provingTime}`,
         );
         return { provenTimestamp, uploadedTimestamp, provingTime, ...e };
       }),
@@ -141,8 +148,8 @@ export async function proverStats(opts: {
   for (const proverId in stats) {
     const blocks = stats[proverId];
     const withinTimeout = blocks.filter(b => b.provingTime <= provingTimeout);
-    const uniqueBlocksWithinTimeout = new Set(withinTimeout.map(e => e.l2BlockNumber));
-    const uniqueBlocks = new Set(blocks.map(e => e.l2BlockNumber));
+    const uniqueBlocksWithinTimeout = new Set(withinTimeout.map(e => e.checkpointNumber));
+    const uniqueBlocks = new Set(blocks.map(e => e.checkpointNumber));
     const avgProvingTime =
       blocks.length === 0 ? 0 : Math.ceil(Number(blocks.reduce((acc, b) => acc + b.provingTime, 0n)) / blocks.length);
 
@@ -171,7 +178,7 @@ async function getL2ProofVerifiedEvents(
   return events;
 }
 
-async function getL2BlockEvents(
+async function getCheckpointProposedEvents(
   startBlock: bigint,
   lastBlockNum: bigint,
   batchSize: bigint,
@@ -188,14 +195,14 @@ async function getL2BlockEvents(
       address: getAddress(rollup.toString()),
       event: getAbiItem({
         abi: RollupAbi,
-        name: 'L2BlockProposed',
+        name: 'CheckpointProposed',
       }),
       fromBlock: blockNum,
       toBlock: end,
     });
 
     events.push(...newEvents);
-    debugLog.verbose(`Got ${newEvents.length} events querying l2 block submitted from block ${blockNum} to ${end}`);
+    debugLog.verbose(`Got ${newEvents.length} events querying checkpoints submitted from block ${blockNum} to ${end}`);
     blockNum += batchSize;
   }
   return events;

package/src/cmds/l1/update_l1_validators.ts

@@ -299,9 +299,9 @@ export async function debugRollup({ rpcUrls, chainId, rollupAddress, log }: Roll
   const publicClient = getPublicClient({ l1RpcUrls: rpcUrls, l1ChainId: chainId });
   const rollup = new RollupContract(publicClient, rollupAddress);
 
-  const pendingNum = await rollup.getBlockNumber();
+  const pendingNum = await rollup.getCheckpointNumber();
   log(`Pending block num: ${pendingNum}`);
-  const provenNum = await rollup.getProvenBlockNumber();
+  const provenNum = await rollup.getProvenCheckpointNumber();
   log(`Proven block num: ${provenNum}`);
   const validators = await rollup.getAttesters();
   log(`Validators: ${validators.map(v => v.toString()).join(', ')}`);

package/src/cmds/misc/update/npm.ts

@@ -9,7 +9,7 @@ import { type SemVer, parse } from 'semver';
 import type { DependencyChanges } from './common.js';
 import { atomicUpdateFile } from './utils.js';
 
-const deprecatedNpmPackages = new Set<string>(['@aztec/cli', '@aztec/aztec-sandbox']);
+const deprecatedNpmPackages = new Set<string>(['@aztec/cli', '@aztec/aztec-local-network']);
 const npmDeprecationMessage = `
 The following packages have been deprecated and will no longer be updated on the npm registry:
 ${Array.from(deprecatedNpmPackages)

package/src/cmds/validator_keys/add.ts

@@ -16,28 +16,35 @@ import {
   writeEthJsonV3ToFile,
   writeKeystoreFile,
 } from './shared.js';
+import { validateBlsPathOptions, validatePublisherOptions, validateRemoteSignerOptions } from './utils.js';
 
 export type AddValidatorKeysOptions = NewValidatorKeystoreOptions;
 
 export async function addValidatorKeys(existing: string, options: AddValidatorKeysOptions, log: LogFn) {
+  // validate bls-path inputs before proceeding with key generation
+  validateBlsPathOptions(options);
+  // validate publisher options
+  validatePublisherOptions(options);
+  // validate remote signer options
+  validateRemoteSignerOptions(options);
+
   const {
     dataDir,
     file,
     count,
     publisherCount = 0,
+    publishers,
     mnemonic,
     accountIndex = 0,
     addressIndex,
     ikm,
     blsPath,
-    blsOnly,
     json,
     feeRecipient: feeRecipientOpt,
     coinbase: coinbaseOpt,
-    fundingAccount: fundingAccountOpt,
     remoteSigner: remoteSignerOpt,
     password,
-    outDir,
+    encryptedKeystoreDir,
   } = options;
 
   const validatorCount = typeof count === 'number' && Number.isFinite(count) && count > 0 ? Math.floor(count) : 1;
@@ -55,8 +62,6 @@ export async function addValidatorKeys(existing: string, options: AddValidatorKe
     throw new Error('feeRecipient is required (either present in existing file or via --fee-recipient)');
   }
   const coinbase = (coinbaseOpt as EthAddress | undefined) ?? (first.coinbase as EthAddress | undefined);
-  const fundingAccount =
-    (fundingAccountOpt as EthAddress | undefined) ?? (first.fundingAccount as EthAddress | undefined);
   const derivedRemoteSigner = (first.attester as any)?.remoteSignerUrl || (first.attester as any)?.eth?.remoteSignerUrl;
   const remoteSigner = remoteSignerOpt ?? derivedRemoteSigner;
 
@@ -70,26 +75,31 @@ export async function addValidatorKeys(existing: string, options: AddValidatorKe
   const { validators, summaries } = await buildValidatorEntries({
     validatorCount,
     publisherCount,
+    publishers,
     accountIndex,
     baseAddressIndex: effectiveBaseAddressIndex,
     mnemonic: mnemonicToUse,
     ikm,
     blsPath,
-    blsOnly,
     feeRecipient,
     coinbase,
     remoteSigner,
-    fundingAccount,
   });
 
   keystore.validators.push(...validators);
 
   // If password provided, write ETH JSON V3 and BLS BN254 keystores and replace plaintext
   if (password !== undefined) {
-    const targetDir =
-      outDir && outDir.length > 0 ? outDir : dataDir && dataDir.length > 0 ? dataDir : dirname(existing);
+    let targetDir: string;
+    if (encryptedKeystoreDir && encryptedKeystoreDir.length > 0) {
+      targetDir = encryptedKeystoreDir;
+    } else if (dataDir && dataDir.length > 0) {
+      targetDir = dataDir;
+    } else {
+      targetDir = dirname(existing);
+    }
     await writeEthJsonV3ToFile(keystore.validators, { outDir: targetDir, password });
-    await writeBlsBn254ToFile(keystore.validators, { outDir: targetDir, password });
+    await writeBlsBn254ToFile(keystore.validators, { outDir: targetDir, password, blsPath });
   }
 
   let outputPath = existing;

package/src/cmds/validator_keys/generate_bls_keypair.ts

@@ -4,6 +4,7 @@ import type { LogFn } from '@aztec/foundation/log';
 import { writeFile } from 'fs/promises';
 
 import { computeBlsPublicKeyCompressed, withValidatorIndex } from './shared.js';
+import { defaultBlsPath } from './utils.js';
 
 export type GenerateBlsKeypairOptions = {
   mnemonic?: string;
@@ -17,7 +18,7 @@ export type GenerateBlsKeypairOptions = {
 
 export async function generateBlsKeypair(options: GenerateBlsKeypairOptions, log: LogFn) {
   const { mnemonic, ikm, blsPath, compressed = true, json, out } = options;
-  const path = withValidatorIndex(blsPath ?? 'm/12381/3600/0/0/0', 0);
+  const path = withValidatorIndex(blsPath ?? defaultBlsPath, 0);
   const priv = deriveBlsPrivateKey(mnemonic, ikm, path);
   const pub = await computeBlsPublicKeyCompressed(priv);
   const result = { path, privateKey: priv, publicKey: pub, format: compressed ? 'compressed' : 'uncompressed' };

package/src/cmds/validator_keys/index.ts

@@ -3,11 +3,12 @@ import type { LogFn } from '@aztec/foundation/log';
 import { Command } from 'commander';
 
 import { parseAztecAddress, parseEthereumAddress, parseHex, parseOptionalInteger } from '../../utils/commands.js';
+import { defaultBlsPath } from './utils.js';
 
 export function injectCommands(program: Command, log: LogFn) {
   const group = program
     .command('validator-keys')
-    .aliases(['valKeys'])
+    .aliases(['valKeys', 'valkeys'])
     .description('Manage validator keystores for node operators');
 
   group
@@ -17,28 +18,47 @@ export function injectCommands(program: Command, log: LogFn) {
     .option('--data-dir <path>', 'Directory to store keystore(s). Defaults to ~/.aztec/keystore')
     .option('--file <name>', 'Keystore file name. Defaults to key1.json (or keyN.json if key1.json exists)')
     .option('--count <N>', 'Number of validators to generate', parseOptionalInteger)
-    .option('--publisher-count <N>', 'Number of publisher accounts per validator (default 1)', value =>
+    .option('--publisher-count <N>', 'Number of publisher accounts per validator (default 0)', value =>
       parseOptionalInteger(value, 0),
     )
+    .option('--publishers <privateKeys>', 'Comma-separated list of publisher private keys for all validators.', value =>
+      value.split(',').map((key: string) => key.trim()),
+    )
     .option('--mnemonic <mnemonic>', 'Mnemonic for ETH/BLS derivation')
     .option('--passphrase <str>', 'Optional passphrase for mnemonic')
-    .option('--account-index <N>', 'Base account index for ETH derivation', parseOptionalInteger)
-    .option('--address-index <N>', 'Base address index for ETH derivation', parseOptionalInteger)
-    .option('--coinbase <address>', 'Coinbase ETH address to use when proposing', parseEthereumAddress)
-    .option('--funding-account <address>', 'ETH account to fund publishers', parseEthereumAddress)
+    .option('--account-index <N>', 'Base account index for ETH/BLS derivation', parseOptionalInteger)
+    .option('--address-index <N>', 'Base address index for ETH/BLS derivation', parseOptionalInteger)
+    .option(
+      '--coinbase <address>',
+      'Coinbase ETH address to use when proposing. Defaults to attester address.',
+      parseEthereumAddress,
+    )
+    // TODO: add funding account back in when implemented
+    // .option('--funding-account <privateKey|address>', 'ETH private key (or address for remote signer setup) to fund publishers')
     .option('--remote-signer <url>', 'Default remote signer URL for accounts in this file')
     .option('--ikm <hex>', 'Initial keying material for BLS (alternative to mnemonic)', value => parseHex(value, 32))
-    .option('--bls-path <path>', 'EIP-2334 path (default m/12381/3600/0/0/0)')
-    .option('--bls-only', 'Generate only BLS keys')
+    .option('--bls-path <path>', `EIP-2334 path (default ${defaultBlsPath})`)
     .option(
       '--password <str>',
       'Password for writing keystore files (ETH JSON V3 and BLS EIP-2335). Empty string allowed',
     )
-    .option('--out-dir <dir>', 'Output directory for generated keystore file(s)')
+    .option('--encrypted-keystore-dir <dir>', 'Output directory for encrypted keystore file(s)')
     .option('--json', 'Echo resulting JSON to stdout')
+    .option('--staker-output', 'Generate a single staker output JSON file with an array of validator entries')
+    .option('--gse-address <address>', 'GSE contract address (required with --staker-output)', parseEthereumAddress)
+    .option('--l1-rpc-urls <urls>', 'L1 RPC URLs (comma-separated, required with --staker-output)', value =>
+      value.split(','),
+    )
+    .option(
+      '-c, --l1-chain-id <number>',
+      'L1 chain ID (required with --staker-output)',
+      value => parseInt(value),
+      31337,
+    )
     .requiredOption('--fee-recipient <address>', 'Aztec address that will receive fees', parseAztecAddress)
     .action(async options => {
       const { newValidatorKeystore } = await import('./new.js');
+
       await newValidatorKeystore(options, log);
     });
 
@@ -47,28 +67,35 @@ export function injectCommands(program: Command, log: LogFn) {
     .summary('Augment an existing validator keystore JSON')
     .description('Adds attester/publisher/BLS entries to an existing keystore using the same flags as new')
     .argument('<existing>', 'Path to existing keystore JSON')
-    .option('--data-dir <path>', 'Directory where keystore(s) live')
-    .option('--file <name>', 'Override output file name')
-    .option('--count <N>', 'Number of validators to add', parseOptionalInteger)
-    .option('--publisher-count <N>', 'Number of publisher accounts per validator (default 1)', value =>
+    .option('--data-dir <path>', 'Directory where keystore(s) live. (default: ~/.aztec/keystore)')
+    .option('--file <name>', 'Override output file name. (default: key<N>.json)')
+    .option('--count <N>', 'Number of validators to add. (default: 1)', parseOptionalInteger)
+    .option('--publisher-count <N>', 'Number of publisher accounts per validator (default 0)', value =>
       parseOptionalInteger(value, 0),
     )
+    .option('--publishers <privateKeys>', 'Comma-separated list of publisher private keys for all validators.', value =>
+      value.split(',').map((key: string) => key.trim()),
+    )
     .option('--mnemonic <mnemonic>', 'Mnemonic for ETH/BLS derivation')
     .option('--passphrase <str>', 'Optional passphrase for mnemonic')
-    .option('--account-index <N>', 'Base account index for ETH derivation', parseOptionalInteger)
-    .option('--address-index <N>', 'Base address index for ETH derivation', parseOptionalInteger)
-    .option('--coinbase <address>', 'Coinbase ETH address to use when proposing', parseEthereumAddress)
-    .option('--funding-account <address>', 'ETH account to fund publishers', parseEthereumAddress)
+    .option('--account-index <N>', 'Base account index for ETH/BLS derivation', parseOptionalInteger)
+    .option('--address-index <N>', 'Base address index for ETH/BLS derivation', parseOptionalInteger)
+    .option(
+      '--coinbase <address>',
+      'Coinbase ETH address to use when proposing. Defaults to attester address.',
+      parseEthereumAddress,
+    )
+    // TODO: add funding account back in when implemented
+    // .option('--funding-account <privateKey|address>', 'ETH private key (or address for remote signer setup) to fund publishers')
     .option('--remote-signer <url>', 'Default remote signer URL for accounts in this file')
     .option('--ikm <hex>', 'Initial keying material for BLS (alternative to mnemonic)', value => parseHex(value, 32))
-    .option('--bls-path <path>', 'EIP-2334 path (default m/12381/3600/0/0/0)')
-    .option('--bls-only', 'Generate only BLS keys')
+    .option('--bls-path <path>', `EIP-2334 path (default ${defaultBlsPath})`)
     .option('--empty', 'Generate an empty skeleton without keys')
     .option(
       '--password <str>',
       'Password for writing keystore files (ETH JSON V3 and BLS EIP-2335). Empty string allowed',
     )
-    .option('--out-dir <dir>', 'Output directory for generated keystore file(s)')
+    .option('--encrypted-keystore-dir <dir>', 'Output directory for encrypted keystore file(s)')
     .option('--json', 'Echo resulting JSON to stdout')
     .requiredOption('--fee-recipient <address>', 'Aztec address that will receive fees', parseAztecAddress)
     .action(async (existing: string, options) => {
@@ -76,13 +103,32 @@ export function injectCommands(program: Command, log: LogFn) {
       await addValidatorKeys(existing, options, log);
     });
 
+  group
+    .command('staker')
+    .summary('Generate staking JSON from keystore')
+    .description(
+      'Reads a validator keystore and outputs staking data with BLS public keys for each attester (skips mnemonics)',
+    )
+    .requiredOption('--from <keystore>', 'Path to keystore JSON file')
+    .option('--password <password>', 'Password for decrypting encrypted keystores (if not specified in keystore file)')
+    .requiredOption('--gse-address <address>', 'GSE contract address', parseEthereumAddress)
+    .option('--l1-rpc-urls <urls>', 'L1 RPC URLs (comma-separated)', value => value.split(','), [
+      'http://localhost:8545',
+    ])
+    .option('-c, --l1-chain-id <number>', 'L1 chain ID', value => parseInt(value), 31337)
+    .option('--output <file>', 'Output file path (if not specified, JSON is written to stdout)')
+    .action(async options => {
+      const { generateStakerJson } = await import('./staker.js');
+      await generateStakerJson(options, log);
+    });
+
   // top-level convenience: aztec generate-bls-keypair
   program
     .command('generate-bls-keypair')
     .description('Generate a BLS keypair with convenience flags')
     .option('--mnemonic <mnemonic>', 'Mnemonic for BLS derivation')
     .option('--ikm <hex>', 'Initial keying material for BLS (alternative to mnemonic)', value => parseHex(value, 32))
-    .option('--bls-path <path>', 'EIP-2334 path (default m/12381/3600/0/0/0)')
+    .option('--bls-path <path>', `EIP-2334 path (default ${defaultBlsPath})`)
     .option('--g2', 'Derive on G2 subgroup')
     .option('--compressed', 'Output compressed public key')
     .option('--json', 'Print JSON output to stdout')