@aztec/end-to-end 0.0.0-test.0 → 0.0.1-commit.0208eb9

package/src/fixtures/e2e_prover_test.ts

@@ -0,0 +1,336 @@
+import type { InitialAccountData } from '@aztec/accounts/testing';
+import { type Archiver, createArchiver } from '@aztec/archiver';
+import { AztecAddress, EthAddress } from '@aztec/aztec.js/addresses';
+import { type Logger, createLogger } from '@aztec/aztec.js/log';
+import type { AztecNode } from '@aztec/aztec.js/node';
+import { CheatCodes } from '@aztec/aztec/testing';
+import {
+  BBCircuitVerifier,
+  type ClientProtocolCircuitVerifier,
+  QueuedIVCVerifier,
+  TestCircuitVerifier,
+} from '@aztec/bb-prover';
+import { BackendType, Barretenberg } from '@aztec/bb.js';
+import { createBlobClientWithFileStores } from '@aztec/blob-client/client';
+import type { DeployAztecL1ContractsReturnType } from '@aztec/ethereum/deploy-aztec-l1-contracts';
+import { Buffer32 } from '@aztec/foundation/buffer';
+import { SecretValue } from '@aztec/foundation/config';
+import { FeeAssetHandlerAbi } from '@aztec/l1-artifacts';
+import { TokenContract } from '@aztec/noir-contracts.js/Token';
+import { type ProverNode, type ProverNodeConfig, createProverNode } from '@aztec/prover-node';
+import type { ContractInstanceWithAddress } from '@aztec/stdlib/contract';
+import type { AztecNodeAdmin } from '@aztec/stdlib/interfaces/client';
+import { TestWallet } from '@aztec/test-wallet/server';
+import { getGenesisValues } from '@aztec/world-state/testing';
+
+import { type Hex, getContract } from 'viem';
+import { privateKeyToAddress } from 'viem/accounts';
+
+import { TokenSimulator } from '../simulators/token_simulator.js';
+import { getACVMConfig } from './get_acvm_config.js';
+import { getBBConfig } from './get_bb_config.js';
+import {
+  type EndToEndContext,
+  deployAccounts,
+  getPrivateKeyFromIndex,
+  getSponsoredFPCAddress,
+  publicDeployAccounts,
+  setup,
+  setupPXEAndGetWallet,
+  teardown,
+} from './setup.js';
+
+type ProvenSetup = {
+  wallet: TestWallet;
+  teardown: () => Promise<void>;
+};
+
+/**
+ * Largely taken from the e2e_token_contract test file. We deploy 2 accounts and a token contract.
+ * However, we then setup a second PXE with a full prover instance.
+ * We configure this instance with all of the accounts and contracts.
+ * We then prove and verify transactions created via this full prover PXE.
+ */
+
+export class FullProverTest {
+  static TOKEN_NAME = 'USDC';
+  static TOKEN_SYMBOL = 'USD';
+  static TOKEN_DECIMALS = 18n;
+  logger: Logger;
+  wallet!: TestWallet;
+  provenWallet!: TestWallet;
+  accounts: AztecAddress[] = [];
+  deployedAccounts!: InitialAccountData[];
+  fakeProofsAsset!: TokenContract;
+  fakeProofsAssetInstance!: ContractInstanceWithAddress;
+  tokenSim!: TokenSimulator;
+  aztecNode!: AztecNode;
+  aztecNodeAdmin!: AztecNodeAdmin;
+  cheatCodes!: CheatCodes;
+  private provenComponents: ProvenSetup[] = [];
+  private bbConfigCleanup?: () => Promise<void>;
+  private acvmConfigCleanup?: () => Promise<void>;
+  circuitProofVerifier?: ClientProtocolCircuitVerifier;
+  provenAsset!: TokenContract;
+  context!: EndToEndContext;
+  private proverNode!: ProverNode;
+  private simulatedProverNode!: ProverNode;
+  public l1Contracts!: DeployAztecL1ContractsReturnType;
+  public proverAddress!: EthAddress;
+  private minNumberOfTxsPerBlock: number;
+  private coinbase: EthAddress;
+  private realProofs: boolean;
+
+  constructor(testName: string, minNumberOfTxsPerBlock: number, coinbase: EthAddress, realProofs = true) {
+    this.logger = createLogger(`e2e:full_prover_test:${testName}`);
+    this.minNumberOfTxsPerBlock = minNumberOfTxsPerBlock;
+    this.coinbase = coinbase;
+    this.realProofs = realProofs;
+  }
+
+  /**
+   * Applies base setup: deploys 2 accounts and token contract.
+   */
+  private async applyBaseSetup() {
+    this.logger.info('Applying base setup: deploying accounts');
+    const { deployedAccounts } = await deployAccounts(
+      2,
+      this.logger,
+    )({
+      wallet: this.context.wallet,
+      initialFundedAccounts: this.context.initialFundedAccounts,
+    });
+    this.deployedAccounts = deployedAccounts;
+    this.accounts = deployedAccounts.map(a => a.address);
+    this.wallet = this.context.wallet;
+
+    this.logger.info('Applying base setup: publicly deploying accounts');
+    await publicDeployAccounts(this.wallet, this.accounts.slice(0, 2));
+
+    this.logger.info('Applying base setup: deploying token contract');
+    const { contract: asset, instance } = await TokenContract.deploy(
+      this.wallet,
+      this.accounts[0],
+      FullProverTest.TOKEN_NAME,
+      FullProverTest.TOKEN_SYMBOL,
+      FullProverTest.TOKEN_DECIMALS,
+    ).send({ from: this.accounts[0], wait: { returnReceipt: true } });
+    this.logger.verbose(`Token deployed to ${asset.address}`);
+
+    this.fakeProofsAsset = asset;
+    this.fakeProofsAssetInstance = instance;
+    this.logger.verbose(`Token contract address: ${this.fakeProofsAsset.address}`);
+
+    this.tokenSim = new TokenSimulator(this.fakeProofsAsset, this.wallet, this.accounts[0], this.logger, this.accounts);
+
+    expect(await this.fakeProofsAsset.methods.get_admin().simulate({ from: this.accounts[0] })).toBe(
+      this.accounts[0].toBigInt(),
+    );
+  }
+
+  async setup() {
+    this.logger.info('Setting up subsystems from fresh');
+    this.context = await setup(0, {
+      startProverNode: true,
+      coinbase: this.coinbase,
+      fundSponsoredFPC: true,
+      skipAccountDeployment: true,
+      l1ContractsArgs: { realVerifier: this.realProofs },
+    });
+
+    await this.applyBaseSetup();
+    await this.applyMint();
+
+    this.logger.info(`Enabling proving`, { realProofs: this.realProofs });
+
+    // We don't wish to mark as proven automatically, so we set the flag to false
+    this.context.watcher!.setIsMarkingAsProven(false);
+
+    this.simulatedProverNode = this.context.proverNode!;
+    ({
+      aztecNode: this.aztecNode,
+      deployL1ContractsValues: this.l1Contracts,
+      cheatCodes: this.cheatCodes,
+    } = this.context);
+    this.aztecNodeAdmin = this.context.aztecNodeService!;
+
+    const config = this.context.aztecNodeConfig;
+    const blobClient = await createBlobClientWithFileStores(config, this.logger);
+
+    // Configure a full prover PXE
+    let acvmConfig: Awaited<ReturnType<typeof getACVMConfig>> | undefined;
+    let bbConfig: Awaited<ReturnType<typeof getBBConfig>> | undefined;
+    if (this.realProofs) {
+      [acvmConfig, bbConfig] = await Promise.all([getACVMConfig(this.logger), getBBConfig(this.logger)]);
+      if (!acvmConfig || !bbConfig) {
+        throw new Error('Missing ACVM or BB config');
+      }
+
+      this.acvmConfigCleanup = acvmConfig.cleanup;
+      this.bbConfigCleanup = bbConfig.cleanup;
+
+      await Barretenberg.initSingleton({ backend: BackendType.NativeUnixSocket });
+
+      const verifier = await BBCircuitVerifier.new(bbConfig);
+      this.circuitProofVerifier = new QueuedIVCVerifier(bbConfig, verifier);
+
+      this.logger.debug(`Configuring the node for real proofs...`);
+      await this.aztecNodeAdmin.setConfig({
+        realProofs: true,
+        minTxsPerBlock: this.minNumberOfTxsPerBlock,
+      });
+    } else {
+      this.logger.debug(`Configuring the node min txs per block ${this.minNumberOfTxsPerBlock}...`);
+      this.circuitProofVerifier = new TestCircuitVerifier();
+      await this.aztecNodeAdmin.setConfig({
+        minTxsPerBlock: this.minNumberOfTxsPerBlock,
+      });
+    }
+
+    this.logger.verbose(`Move to a clean epoch`);
+    await this.context.cheatCodes.rollup.advanceToNextEpoch();
+
+    this.logger.verbose(`Marking current block as proven`);
+    await this.context.cheatCodes.rollup.markAsProven();
+
+    this.logger.verbose(`Main setup completed, initializing full prover PXE, Node, and Prover Node`);
+    const { wallet: provenWallet, teardown: provenTeardown } = await setupPXEAndGetWallet(
+      this.aztecNode,
+      { proverEnabled: this.realProofs },
+      undefined,
+      'pxe-proven',
+    );
+    this.logger.debug(`Contract address ${this.fakeProofsAsset.address}`);
+    await provenWallet.registerContract(this.fakeProofsAssetInstance, TokenContract.artifact);
+
+    for (let i = 0; i < 2; i++) {
+      await provenWallet.createSchnorrAccount(this.deployedAccounts[i].secret, this.deployedAccounts[i].salt);
+      await this.wallet.createSchnorrAccount(this.deployedAccounts[i].secret, this.deployedAccounts[i].salt);
+    }
+
+    const asset = TokenContract.at(this.fakeProofsAsset.address, provenWallet);
+    this.provenComponents.push({
+      wallet: provenWallet,
+      teardown: provenTeardown,
+    });
+    this.provenAsset = asset;
+    this.provenWallet = provenWallet;
+    this.logger.info(`Full prover PXE started`);
+
+    // Shutdown the current, simulated prover node
+    this.logger.verbose('Shutting down simulated prover node');
+    await this.simulatedProverNode.stop();
+
+    // Creating temp store and archiver for fully proven prover node
+    this.logger.verbose('Starting archiver for new prover node');
+    const archiver = await createArchiver(
+      { ...this.context.aztecNodeConfig, dataDirectory: undefined },
+      { blobClient, dateProvider: this.context.dateProvider! },
+      { blockUntilSync: true },
+    );
+
+    // The simulated prover node (now shutdown) used private key index 2
+    const proverNodePrivateKey = getPrivateKeyFromIndex(2);
+    const proverNodeSenderAddress = privateKeyToAddress(new Buffer32(proverNodePrivateKey!).toString());
+    this.proverAddress = EthAddress.fromString(proverNodeSenderAddress);
+
+    this.logger.verbose(`Funding prover node at ${proverNodeSenderAddress}`);
+    await this.mintFeeJuice(proverNodeSenderAddress);
+
+    this.logger.verbose('Starting prover node');
+    const proverConfig: ProverNodeConfig = {
+      ...this.context.aztecNodeConfig,
+      txCollectionNodeRpcUrls: [],
+      dataDirectory: undefined,
+      proverId: this.proverAddress,
+      realProofs: this.realProofs,
+      proverAgentCount: 2,
+      publisherPrivateKeys: [new SecretValue(`0x${proverNodePrivateKey!.toString('hex')}` as const)],
+      proverNodeMaxPendingJobs: 100,
+      proverNodeMaxParallelBlocksPerEpoch: 32,
+      proverNodePollingIntervalMs: 100,
+      txGatheringIntervalMs: 1000,
+      txGatheringBatchSize: 10,
+      txGatheringMaxParallelRequestsPerNode: 100,
+      txGatheringTimeoutMs: 24_000,
+      proverNodeFailedEpochStore: undefined,
+      proverNodeEpochProvingDelayMs: undefined,
+    };
+    const sponsoredFPCAddress = await getSponsoredFPCAddress();
+    const { prefilledPublicData } = await getGenesisValues(
+      this.context.initialFundedAccounts.map(a => a.address).concat(sponsoredFPCAddress),
+    );
+    this.proverNode = await createProverNode(
+      proverConfig,
+      {
+        aztecNodeTxProvider: this.aztecNode,
+        archiver: archiver as Archiver,
+      },
+      { prefilledPublicData },
+    );
+    await this.proverNode.start();
+
+    this.logger.warn(`Proofs are now enabled`, { realProofs: this.realProofs });
+    return this;
+  }
+
+  private async mintFeeJuice(recipient: Hex) {
+    const handlerAddress = this.context.deployL1ContractsValues.l1ContractAddresses.feeAssetHandlerAddress!;
+    this.logger.verbose(`Minting fee juice to ${recipient} using handler at ${handlerAddress}`);
+    const client = this.context.deployL1ContractsValues.l1Client;
+    const handler = getContract({ abi: FeeAssetHandlerAbi, address: handlerAddress.toString(), client });
+    const hash = await handler.write.mint([recipient]);
+    await this.context.deployL1ContractsValues.l1Client.waitForTransactionReceipt({ hash });
+  }
+
+  async teardown() {
+    // Cleanup related to the full prover PXEs
+    for (let i = 0; i < this.provenComponents.length; i++) {
+      await this.provenComponents[i].teardown();
+    }
+
+    // clean up the full prover node
+    await this.proverNode.stop();
+
+    await Barretenberg.destroySingleton();
+    await this.bbConfigCleanup?.();
+    await this.acvmConfigCleanup?.();
+
+    await teardown(this.context);
+  }
+
+  private async applyMint() {
+    this.logger.info('Applying mint setup');
+    const { fakeProofsAsset: asset, accounts } = this;
+    const privateAmount = 10000n;
+    const publicAmount = 10000n;
+
+    this.logger.verbose(`Minting ${privateAmount + publicAmount} publicly...`);
+    await asset.methods.mint_to_public(accounts[0], privateAmount + publicAmount).send({ from: accounts[0] });
+
+    this.logger.verbose(`Transferring ${privateAmount} to private...`);
+    await asset.methods.transfer_to_private(accounts[0], privateAmount).send({ from: accounts[0] });
+
+    this.logger.info(`Minting complete`);
+
+    const {
+      fakeProofsAsset,
+      accounts: [address],
+      tokenSim,
+    } = this;
+    tokenSim.mintPublic(address, publicAmount);
+
+    const publicBalance = await fakeProofsAsset.methods.balance_of_public(address).simulate({ from: address });
+    this.logger.verbose(`Public balance of wallet 0: ${publicBalance}`);
+    expect(publicBalance).toEqual(this.tokenSim.balanceOfPublic(address));
+
+    tokenSim.mintPrivate(address, publicAmount);
+    const privateBalance = await fakeProofsAsset.methods.balance_of_private(address).simulate({ from: address });
+    this.logger.verbose(`Private balance of wallet 0: ${privateBalance}`);
+    expect(privateBalance).toEqual(tokenSim.balanceOfPrivate(address));
+
+    const totalSupply = await fakeProofsAsset.methods.total_supply().simulate({ from: address });
+    this.logger.verbose(`Total supply: ${totalSupply}`);
+    expect(totalSupply).toEqual(tokenSim.totalSupply);
+  }
+}

package/src/fixtures/fixtures.ts

@@ -8,21 +8,19 @@ export const shouldCollectMetrics = () => {
 };
 
 export const TEST_PEER_CHECK_INTERVAL_MS = 1000;
+export const TEST_MAX_PENDING_TX_POOL_COUNT = 10_000; // Number of max pending TXs ~ 1.56GB
 
 export const MNEMONIC = 'test test test test test test test test test test test junk';
 export const privateKey = Buffer.from('ac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80', 'hex');
 export const privateKey2 = Buffer.from('59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d', 'hex');
 
 /// Common errors
-export const U128_UNDERFLOW_ERROR = "Assertion failed: attempt to subtract with overflow 'self - other'";
-export const U128_OVERFLOW_ERROR = "Assertion failed: attempt to add with overflow 'self + other'";
+export const U128_UNDERFLOW_ERROR = 'Assertion failed: attempt to subtract with overflow';
+export const U128_OVERFLOW_ERROR = 'Assertion failed: attempt to add with overflow';
 export const BITSIZE_TOO_BIG_ERROR = "Assertion failed: call to assert_max_bit_size 'self.__assert_max_bit_size'";
 // TODO(https://github.com/AztecProtocol/aztec-packages/issues/5818): Make these a fixed error after transition.
-export const DUPLICATE_NULLIFIER_ERROR = /dropped|duplicate nullifier|reverted|Nullifier collision/;
+export const DUPLICATE_NULLIFIER_ERROR = /dropped|nullifier|reverted/i;
 export const NO_L1_TO_L2_MSG_ERROR =
   /No non-nullified L1 to L2 message found for message hash|Tried to consume nonexistent L1-to-L2 message/;
-export const STATIC_CALL_STATE_MODIFICATION_ERROR =
-  /Static call cannot update the state, emit L2->L1 messages or generate logs.*/;
+export const STATIC_CALL_STATE_MODIFICATION_ERROR = /Static call cannot update the state.*/;
 export const STATIC_CONTEXT_ASSERTION_ERROR = /Assertion failed: Function .* can only be called statically.*/;
-
-export const DEFAULT_BLOB_SINK_PORT = '5052';

package/src/fixtures/get_acvm_config.ts

@@ -1,6 +1,7 @@
-import type { Logger } from '@aztec/aztec.js';
+import type { Logger } from '@aztec/aztec.js/log';
 import { parseBooleanEnv } from '@aztec/foundation/config';
-import { randomBytes } from '@aztec/foundation/crypto';
+import { randomBytes } from '@aztec/foundation/crypto/random';
+import { tryRmDir } from '@aztec/foundation/fs';
 
 import { promises as fs } from 'fs';
 
@@ -36,16 +37,7 @@ export async function getACVMConfig(logger: Logger): Promise<
 
     const directoryToCleanup = ACVM_WORKING_DIRECTORY ? undefined : tempWorkingDirectory;
 
-    const cleanup = async () => {
-      if (directoryToCleanup) {
-        try {
-          logger.info(`Cleaning up ACVM temp directory ${directoryToCleanup}`);
-          await fs.rm(directoryToCleanup, { recursive: true, force: true, maxRetries: 3 });
-        } catch (err) {
-          logger.warn(`Failed to delete ACVM temp directory at ${directoryToCleanup}: ${err}`);
-        }
-      }
-    };
+    const cleanup = () => tryRmDir(directoryToCleanup, logger);
 
     return {
       acvmWorkingDirectory,

package/src/fixtures/get_bb_config.ts

@@ -1,9 +1,11 @@
-import { type Logger, fileURLToPath } from '@aztec/aztec.js';
+import type { Logger } from '@aztec/aztec.js/log';
 import type { BBConfig } from '@aztec/bb-prover';
+import { tryRmDir } from '@aztec/foundation/fs';
 
 import fs from 'node:fs/promises';
 import { tmpdir } from 'node:os';
 import path from 'path';
+import { fileURLToPath } from 'url';
 
 const {
   BB_RELEASE_DIR = 'barretenberg/cpp/build/bin',
@@ -11,6 +13,8 @@ const {
   BB_SKIP_CLEANUP = '',
   TEMP_DIR = tmpdir(),
   BB_WORKING_DIRECTORY = '',
+  BB_NUM_IVC_VERIFIERS = '1',
+  BB_IVC_CONCURRENCY = '1',
 } = process.env;
 
 export const getBBConfig = async (
@@ -19,7 +23,7 @@ export const getBBConfig = async (
   try {
     const bbBinaryPath =
       BB_BINARY_PATH ??
-      path.resolve(path.dirname(fileURLToPath(import.meta.url)), '../../../../', BB_RELEASE_DIR, 'bb');
+      path.resolve(path.dirname(fileURLToPath(import.meta.url)), '../../../../', BB_RELEASE_DIR, 'bb-avm');
     await fs.access(bbBinaryPath, fs.constants.R_OK);
 
     let bbWorkingDirectory: string;
@@ -35,18 +39,19 @@ export const getBBConfig = async (
     await fs.mkdir(bbWorkingDirectory, { recursive: true });
 
     const bbSkipCleanup = ['1', 'true'].includes(BB_SKIP_CLEANUP);
-
-    const cleanup = async () => {
-      if (directoryToCleanup && !bbSkipCleanup) {
-        try {
-          await fs.rm(directoryToCleanup, { recursive: true, force: true, maxRetries: 3 });
-        } catch (err) {
-          logger.warn(`Failed to delete bb working directory at ${directoryToCleanup}: ${err}`);
-        }
-      }
+    const cleanup = bbSkipCleanup ? () => Promise.resolve() : () => tryRmDir(directoryToCleanup);
+
+    const numIvcVerifiers = Number(BB_NUM_IVC_VERIFIERS);
+    const ivcConcurrency = Number(BB_IVC_CONCURRENCY);
+
+    return {
+      bbSkipCleanup,
+      bbBinaryPath,
+      bbWorkingDirectory,
+      cleanup,
+      numConcurrentIVCVerifiers: numIvcVerifiers,
+      bbIVCConcurrency: ivcConcurrency,
     };
-
-    return { bbSkipCleanup, bbBinaryPath, bbWorkingDirectory, cleanup };
   } catch (err) {
     logger.error(`Native BB not available, error: ${err}`);
     return undefined;

package/src/fixtures/ha_setup.ts

@@ -0,0 +1,184 @@
+import { EthAddress } from '@aztec/aztec.js/addresses';
+import { Fr } from '@aztec/aztec.js/fields';
+import type { Logger } from '@aztec/aztec.js/log';
+import { SecretValue } from '@aztec/foundation/config';
+
+import { Pool } from 'pg';
+import { privateKeyToAccount } from 'viem/accounts';
+
+/**
+ * Configuration for HA database connection
+ */
+export interface HADatabaseConfig {
+  /** PostgreSQL connection URL */
+  databaseUrl: string;
+  /** Node ID for HA coordination */
+  nodeId: string;
+  /** Enable HA signing */
+  haSigningEnabled: boolean;
+  /** Polling interval in ms */
+  pollingIntervalMs: number;
+  /** Signing timeout in ms */
+  signingTimeoutMs: number;
+  /** Max stuck duties age in ms */
+  maxStuckDutiesAgeMs: number;
+}
+
+/**
+ * Get database configuration from environment variables
+ */
+export function createHADatabaseConfig(nodeId: string): HADatabaseConfig {
+  const databaseUrl = process.env.DATABASE_URL || 'postgresql://aztec:aztec@localhost:5432/aztec_ha_test';
+
+  return {
+    databaseUrl,
+    nodeId,
+    haSigningEnabled: true,
+    pollingIntervalMs: 100,
+    signingTimeoutMs: 3000,
+    maxStuckDutiesAgeMs: 72000,
+  };
+}
+
+/**
+ * Setup PostgreSQL database connection pool for HA tests
+ *
+ * Note: Database migrations should be run separately before starting tests,
+ * either via docker-compose entrypoint or manually with: aztec migrate-ha-db up
+ */
+export function setupHADatabase(databaseUrl: string, logger?: Logger): Pool {
+  try {
+    // Create connection pool for test usage
+    // Migrations are already run by docker-compose entrypoint before tests start
+    const pool = new Pool({ connectionString: databaseUrl });
+
+    logger?.info('Connected to HA database (migrations should already be applied)');
+
+    return pool;
+  } catch (error) {
+    logger?.error(`Failed to connect to HA database: ${error}`);
+    throw error;
+  }
+}
+
+/**
+ * Clean up HA database - drop all tables
+ * Use this between tests to ensure clean state
+ */
+export async function cleanupHADatabase(pool: Pool, logger?: Logger): Promise<void> {
+  try {
+    // Drop all HA tables
+    await pool.query('DROP TABLE IF EXISTS validator_duties CASCADE');
+    await pool.query('DROP TABLE IF EXISTS slashing_protection CASCADE');
+    await pool.query('DROP TABLE IF EXISTS schema_version CASCADE');
+
+    logger?.info('HA database cleaned up successfully');
+  } catch (error) {
+    logger?.error(`Failed to cleanup HA database: ${error}`);
+    throw error;
+  }
+}
+
+/**
+ * Query validator duties from the database
+ */
+export async function getValidatorDuties(
+  pool: Pool,
+  slot: bigint,
+  dutyType?: 'ATTESTATION' | 'BLOCK_PROPOSAL' | 'GOVERNANCE_VOTE' | 'SLASHING_VOTE',
+): Promise<
+  Array<{
+    slot: string;
+    dutyType: string;
+    validatorAddress: string;
+    nodeId: string;
+    startedAt: Date;
+    completedAt: Date | undefined;
+  }>
+> {
+  const query = dutyType
+    ? 'SELECT slot, duty_type, validator_address, node_id, started_at, completed_at FROM validator_duties WHERE slot = $1 AND duty_type = $2 ORDER BY started_at'
+    : 'SELECT slot, duty_type, validator_address, node_id, started_at, completed_at FROM validator_duties WHERE slot = $1 ORDER BY started_at';
+
+  const params = dutyType ? [slot.toString(), dutyType] : [slot.toString()];
+
+  const result = await pool.query<{
+    slot: string;
+    duty_type: string;
+    validator_address: string;
+    node_id: string;
+    started_at: Date;
+    completed_at: Date | undefined;
+  }>(query, params);
+
+  return result.rows.map(row => ({
+    slot: row.slot,
+    dutyType: row.duty_type,
+    validatorAddress: row.validator_address,
+    nodeId: row.node_id,
+    startedAt: row.started_at,
+    completedAt: row.completed_at,
+  }));
+}
+
+/**
+ * Convert private keys to Ethereum addresses
+ */
+export function getAddressesFromPrivateKeys(privateKeys: `0x${string}`[]): string[] {
+  return privateKeys.map(pk => {
+    const account = privateKeyToAccount(pk);
+    return account.address;
+  });
+}
+
+/**
+ * Create initial validators from private keys for L1 contract deployment
+ */
+export function createInitialValidatorsFromPrivateKeys(attesterPrivateKeys: `0x${string}`[]): Array<{
+  attester: EthAddress;
+  withdrawer: EthAddress;
+  privateKey: `0x${string}`;
+  bn254SecretKey: SecretValue<bigint>;
+}> {
+  return attesterPrivateKeys.map(pk => {
+    const account = privateKeyToAccount(pk);
+    return {
+      attester: EthAddress.fromString(account.address),
+      withdrawer: EthAddress.fromString(account.address),
+      privateKey: pk,
+      bn254SecretKey: new SecretValue(Fr.random().toBigInt()),
+    };
+  });
+}
+
+/**
+ * Verify no duplicate attestations per validator (HA coordination check)
+ * Groups duties by validator address and verifies each validator attested exactly once
+ */
+export function verifyNoDuplicateAttestations(
+  attestationDuties: Array<{
+    validatorAddress: string;
+    nodeId: string;
+    completedAt: Date | undefined;
+  }>,
+  logger?: Logger,
+): Map<string, typeof attestationDuties> {
+  const dutiesByValidator = new Map<string, typeof attestationDuties>();
+  for (const duty of attestationDuties) {
+    const existing = dutiesByValidator.get(duty.validatorAddress) || [];
+    existing.push(duty);
+    dutiesByValidator.set(duty.validatorAddress, existing);
+  }
+
+  for (const [validatorAddress, validatorDuties] of dutiesByValidator.entries()) {
+    if (validatorDuties.length !== 1) {
+      throw new Error(`Validator ${validatorAddress} attested ${validatorDuties.length} times (expected exactly once)`);
+    }
+    if (!validatorDuties[0].completedAt) {
+      throw new Error(`Validator ${validatorAddress} attestation duty not completed`);
+    }
+    logger?.info(`Validator ${validatorAddress} attested once via node ${validatorDuties[0].nodeId}`);
+  }
+
+  return dutiesByValidator;
+}

package/src/fixtures/index.ts

@@ -1,4 +1,5 @@
 export * from './fixtures.js';
+export * from './ha_setup.js';
 export * from './logging.js';
 export * from './utils.js';
 export * from './token_utils.js';