@aztec/p2p 0.0.1-commit.7035c9bd6 → 0.0.1-commit.71324e566

package/src/config.ts

@@ -39,7 +39,14 @@ export interface P2PConfig
     ChainConfig,
     TxCollectionConfig,
     TxFileStoreConfig,
-    Pick<SequencerConfig, 'blockDurationMs' | 'expectedBlockProposalsPerSlot' | 'maxTxsPerBlock'> {
+    Pick<
+      SequencerConfig,
+      | 'blockDurationMs'
+      | 'expectedBlockProposalsPerSlot'
+      | 'l1PublishingTime'
+      | 'maxTxsPerBlock'
+      | 'attestationPropagationTime'
+    > {
   /** Maximum transactions per block for validation. Overrides maxTxsPerBlock for gossip validation when set. */
   validateMaxTxsPerBlock?: number;
 
@@ -218,23 +225,23 @@ export const p2pConfigMappings: ConfigMappingsType<P2PConfig> = {
     env: 'VALIDATOR_MAX_TX_PER_BLOCK',
     description:
       'Maximum transactions per block for validation. Overrides maxTxsPerBlock for gossip validation when set.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    parseEnv: (val: string) => parseInt(val, 10),
   },
   validateMaxTxsPerCheckpoint: {
     env: 'VALIDATOR_MAX_TX_PER_CHECKPOINT',
     description:
       'Maximum transactions per checkpoint for validation. Used as fallback for maxTxsPerBlock when that is not set.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    parseEnv: (val: string) => parseInt(val, 10),
   },
   validateMaxL2BlockGas: {
     env: 'VALIDATOR_MAX_L2_BLOCK_GAS',
     description: 'Maximum L2 gas per block for validation. When set, txs exceeding this limit are rejected.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    parseEnv: (val: string) => parseInt(val, 10),
   },
   validateMaxDABlockGas: {
     env: 'VALIDATOR_MAX_DA_BLOCK_GAS',
     description: 'Maximum DA gas per block for validation. When set, txs exceeding this limit are rejected.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    parseEnv: (val: string) => parseInt(val, 10),
   },
   p2pEnabled: {
     env: 'P2P_ENABLED',
@@ -436,7 +443,7 @@ export const p2pConfigMappings: ConfigMappingsType<P2PConfig> = {
   },
   p2pStoreMapSizeKb: {
     env: 'P2P_STORE_MAP_SIZE_KB',
-    parseEnv: (val: string | undefined) => (val ? +val : undefined),
+    parseEnv: (val: string) => +val,
     description: 'The maximum possible size of the P2P DB in KB. Overwrites the general dataStoreMapSizeKb.',
   },
   txPublicSetupAllowListExtend: {
@@ -495,6 +502,11 @@ export const p2pConfigMappings: ConfigMappingsType<P2PConfig> = {
     description: 'Alters the format of p2p messages to include things like broadcast timestamp FOR TESTING ONLY',
     ...booleanConfigHelper(false),
   },
+  l1PublishingTime: {
+    env: 'SEQ_L1_PUBLISHING_TIME_ALLOWANCE_IN_SLOT',
+    description: 'How much time (in seconds) we allow in the slot for publishing the L1 tx (defaults to 1 L1 slot).',
+    parseEnv: (val: string) => parseInt(val, 10),
+  },
   fishermanMode: {
     env: 'FISHERMAN_MODE',
     description:

package/src/errors/p2p-service.error.ts

@@ -0,0 +1,11 @@
+/** Checkpoint Proposal Received Callback Not Registered Error
+ *
+ * Error triggered if the allNodesCheckpointReceivedCallback is not registered
+ * @category Errors
+ */
+export class CheckpointProposalReceivedCallbackNotRegisteredError extends Error {
+  constructor() {
+    super('FATAL (allNodesCheckpointReceivedCallback): All nodes should register a checkpoint proposal handler');
+    this.name = 'CheckpointProposalReceivedCallbackNotRegisteredError';
+  }
+}

package/src/index.ts

@@ -6,7 +6,6 @@ export * from './client/index.js';
 export * from './enr/index.js';
 export * from './config.js';
 export * from './mem_pools/attestation_pool/index.js';
-export * from './mem_pools/tx_pool/index.js';
 export * from './mem_pools/tx_pool_v2/index.js';
 export * from './msg_validators/index.js';
 export * from './services/index.js';

package/src/mem_pools/attestation_pool/attestation_pool.ts

@@ -154,14 +154,16 @@ export class AttestationPool {
   /** Maximum indexWithinCheckpoint value (2^10 - 1 = 1023). */
   private static readonly MAX_INDEX = (1 << AttestationPool.INDEX_BITS) - 1;
 
-  /** Creates a position key for block proposals: (slot << 10) | indexWithinCheckpoint. */
+  /** Creates a position key for block proposals: slot * 1024 + indexWithinCheckpoint.
+   * Uses multiplication instead of bit-shift to avoid 32-bit signed integer overflow
+   * (bit-shift overflows after slot ~2^21, roughly 278 days of uptime). */
   private getBlockPositionKey(slot: number, indexWithinCheckpoint: number): number {
     if (indexWithinCheckpoint > AttestationPool.MAX_INDEX) {
       throw new Error(
         `Value for indexWithinCheckpoint ${indexWithinCheckpoint} exceeds maximum ${AttestationPool.MAX_INDEX}`,
       );
     }
-    return (slot << AttestationPool.INDEX_BITS) | indexWithinCheckpoint;
+    return slot * (1 << AttestationPool.INDEX_BITS) + indexWithinCheckpoint;
   }
 
   /**
@@ -278,7 +280,7 @@ export class AttestationPool {
    * @returns Result indicating whether the proposal was added and duplicate detection info
    */
   public async tryAddCheckpointProposal(proposal: CheckpointProposalCore): Promise<TryAddResult> {
-    return await this.store.transactionAsync(async () => {
+    const result = await this.store.transactionAsync(async () => {
       const proposalId = proposal.archive.toString();
 
       // Check if already exists
@@ -304,6 +306,8 @@ export class AttestationPool {
 
       return { added: true, alreadyExists: false, count: count + 1 };
     });
+
+    return result;
   }
 
   /** Internal method - must be called within a transaction. */
@@ -345,7 +349,7 @@ export class AttestationPool {
     await this.store.transactionAsync(async () => {
       for (const attestation of attestations) {
         const slotNumber = attestation.payload.header.slotNumber;
-        const proposalId = attestation.archive;
+        const proposalId = attestation.archive.toString();
         const sender = attestation.getSender();
 
         // Skip attestations with invalid signatures
@@ -452,7 +456,7 @@ export class AttestationPool {
 
       // Delete block proposals for slots < oldestSlot, using blockProposalsForSlotAndIndex as index
       // Key format: (slot << INDEX_BITS) | indexWithinCheckpoint
-      const blockPositionEndKey = oldestSlot << AttestationPool.INDEX_BITS;
+      const blockPositionEndKey = oldestSlot * (1 << AttestationPool.INDEX_BITS);
       for await (const positionKey of this.blockProposalsForSlotAndIndex.keysAsync({ end: blockPositionEndKey })) {
         const proposalIds = await toArray(this.blockProposalsForSlotAndIndex.getValuesAsync(positionKey));
         for (const proposalId of proposalIds) {

package/src/mem_pools/index.ts

@@ -1,6 +1,3 @@
 export { AttestationPool, type AttestationPoolApi } from './attestation_pool/attestation_pool.js';
 export { type MemPools } from './interface.js';
-// Old TxPool exports - kept temporarily for external consumers
-export { type TxPool } from './tx_pool/tx_pool.js';
-// New TxPoolV2 exports
 export { type TxPoolV2, type TxPoolV2Config, type TxPoolV2Events, type AddTxsResult } from './tx_pool_v2/index.js';

package/src/mem_pools/tx_pool_v2/eviction/invalid_txs_after_reorg_rule.ts

@@ -1,5 +1,5 @@
-import { Fr } from '@aztec/foundation/curves/bn254';
 import { createLogger } from '@aztec/foundation/log';
+import { BlockHash } from '@aztec/stdlib/block';
 import type { WorldStateSynchronizer } from '@aztec/stdlib/interfaces/server';
 import { MerkleTreeId } from '@aztec/stdlib/trees';
 
@@ -33,14 +33,14 @@ export class InvalidTxsAfterReorgRule implements EvictionRule {
       const pendingTxs = pool.getPendingTxs();
 
       // Deduplicate block hashes to reduce redundant DB lookups
-      const uniqueBlockHashes = new Map<string, Fr>();
+      const uniqueBlockHashes = new Map<string, BlockHash>();
       const txsByBlockHash = new Map<string, string[]>();
 
       for (const meta of pendingTxs) {
         const blockHashStr = meta.anchorBlockHeaderHash;
         if (!txsByBlockHash.has(blockHashStr)) {
           txsByBlockHash.set(blockHashStr, []);
-          uniqueBlockHashes.set(blockHashStr, Fr.fromHexString(blockHashStr));
+          uniqueBlockHashes.set(blockHashStr, BlockHash.fromString(blockHashStr));
         }
         txsByBlockHash.get(blockHashStr)!.push(meta.txHash);
       }

package/src/mem_pools/tx_pool_v2/tx_metadata.ts

@@ -1,3 +1,4 @@
+import { minBigint } from '@aztec/foundation/bigint';
 import { BlockNumber } from '@aztec/foundation/branded-types';
 import { Fr } from '@aztec/foundation/curves/bn254';
 import { ProtocolContractAddress } from '@aztec/protocol-contracts';
@@ -6,7 +7,6 @@ import { Gas } from '@aztec/stdlib/gas';
 import { type Tx, TxHash } from '@aztec/stdlib/tx';
 
 import { getFeePayerBalanceDelta } from '../../msg_validators/tx_validator/fee_payer_balance.js';
-import { getTxPriorityFee } from '../tx_pool/priority.js';
 import { type PreAddResult, TxPoolRejectionCode } from './eviction/interfaces.js';
 
 /** Validator-compatible data interface, mirroring the subset of PrivateKernelTailCircuitPublicInputs used by validators. */
@@ -291,7 +291,7 @@ export function stubTxMetaValidationData(overrides: { expirationTimestamp?: bigi
     expirationTimestamp: overrides.expirationTimestamp ?? 0n,
     constants: {
       anchorBlockHeader: {
-        hash: () => Promise.resolve(new BlockHash(Fr.ZERO)),
+        hash: () => Promise.resolve(BlockHash.ZERO),
         globalVariables: { blockNumber: BlockNumber(0) },
       },
       txContext: {
@@ -335,3 +335,9 @@ export function stubTxMetaData(
     data: stubTxMetaValidationData({ expirationTimestamp }),
   };
 }
+
+/** Returns the priority fee for a tx, based on the L2 priority fee capped by the max fee per gas. */
+function getTxPriorityFee(tx: Tx): bigint {
+  const { maxPriorityFeesPerGas: priorityFees, maxFeesPerGas } = tx.getGasSettings();
+  return minBigint(maxFeesPerGas.feePerL2Gas, priorityFees.feePerL2Gas);
+}

package/src/msg_validators/attestation_validator/attestation_validator.ts

@@ -8,14 +8,21 @@ import {
   type ValidationResult,
 } from '@aztec/stdlib/p2p';
 
-import { isWithinClockTolerance } from '../clock_tolerance.js';
+import { PipeliningWindow, isWithinClockTolerance } from '../clock_tolerance.js';
 
 export class CheckpointAttestationValidator implements P2PValidator<CheckpointAttestation> {
   protected epochCache: EpochCacheInterface;
   protected logger: Logger;
+  private readonly pipeliningWindow: PipeliningWindow;
 
-  constructor(epochCache: EpochCacheInterface) {
+  constructor(
+    epochCache: EpochCacheInterface,
+    opts: {
+      l1PublishingTime?: number;
+    },
+  ) {
     this.epochCache = epochCache;
+    this.pipeliningWindow = new PipeliningWindow(epochCache, { l1PublishingTime: opts.l1PublishingTime });
     this.logger = createLogger('p2p:checkpoint-attestation-validator');
   }
 
@@ -23,19 +30,23 @@ export class CheckpointAttestationValidator implements P2PValidator<CheckpointAt
     const slotNumber = message.payload.header.slotNumber;
 
     try {
-      // Use target slots since proposals target pipeline slots (slot + 1 when pipelining)
+      // Use target slots since proposals target pipeline slots (slot + 1 when pipelining).
       const { targetSlot, nextSlot } = this.epochCache.getTargetAndNextSlot();
 
       if (slotNumber !== targetSlot && slotNumber !== nextSlot) {
-        // Check if message is for previous slot and within clock tolerance
-        if (!isWithinClockTolerance(slotNumber, targetSlot, this.epochCache)) {
+        // When pipelining, accept attestations for the current slot (built in the previous slot)
+        // until the target slot reaches its L1 publish cutoff.
+        if (this.pipeliningWindow.acceptsAttestation(slotNumber)) {
+          // Fall through to remaining validation (signature, committee, etc.)
+        } else if (!isWithinClockTolerance(slotNumber, targetSlot, this.epochCache)) {
           this.logger.warn(
             `Checkpoint attestation slot ${slotNumber} is not current (${targetSlot}) or next (${nextSlot}) slot`,
           );
           return { result: 'reject', severity: PeerErrorSeverity.HighToleranceError };
+        } else {
+          this.logger.debug(`Ignoring checkpoint attestation for previous slot ${slotNumber} within clock tolerance`);
+          return { result: 'ignore' };
         }
-        this.logger.debug(`Ignoring checkpoint attestation for previous slot ${slotNumber} within clock tolerance`);
-        return { result: 'ignore' };
       }
 
       // Verify the signature is valid

package/src/msg_validators/attestation_validator/fisherman_attestation_validator.ts

@@ -20,8 +20,11 @@ export class FishermanAttestationValidator extends CheckpointAttestationValidato
     epochCache: EpochCacheInterface,
     private attestationPool: AttestationPoolApi,
     telemetryClient: TelemetryClient,
+    opts: {
+      l1PublishingTime?: number;
+    } = {},
   ) {
-    super(epochCache);
+    super(epochCache, opts);
     this.logger = this.logger.createChild('[FISHERMAN]');
 
     const meter = telemetryClient.getMeter('FishermanAttestationValidator');

package/src/msg_validators/clock_tolerance.ts

@@ -1,5 +1,6 @@
 import type { EpochCacheInterface } from '@aztec/epoch-cache';
 import { SlotNumber } from '@aztec/foundation/branded-types';
+import { DEFAULT_P2P_PROPAGATION_TIME, createPipelinedCheckpointTimingModel } from '@aztec/stdlib/timetable';
 
 /**
  * Maximum clock disparity tolerance for P2P message validation (in milliseconds).
@@ -50,3 +51,70 @@ export function isWithinClockTolerance(
 
   return elapsedMs < MAXIMUM_GOSSIP_CLOCK_DISPARITY_MS;
 }
+
+/**
+ * Checks if a message should be accepted under the pipelining grace period.
+ *
+ * When pipelining is enabled, `targetSlot = slotNow + 1`. A proposal built in slot N-1
+ * for slot N arrives when validators are in slot N, so their `targetSlot = N+1`.
+ * This function accepts proposals for the current wallclock slot if we're within the
+ * first `windowSeconds` seconds of the slot (the pipelining grace period). - see stdlib/timetable/index.ts
+ *
+ * @param messageSlot - The slot number from the received message
+ * @param epochCache - EpochCache to get timing and pipelining state
+ * @param windowSeconds - The window grace period allowed for attestations into the next slot
+ * @returns true if pipelining is enabled, the message is for the current slot, and we're within the grace period
+ */
+function isWithinPipeliningWindow(
+  messageSlot: SlotNumber,
+  epochCache: EpochCacheInterface,
+  windowSeconds: number,
+): boolean {
+  if (!epochCache.isProposerPipeliningEnabled()) {
+    return false;
+  }
+
+  const currentSlot = epochCache.getSlotNow();
+  if (messageSlot !== currentSlot) {
+    return false;
+  }
+
+  const { ts: slotStartTs, nowMs } = epochCache.getEpochAndSlotNow();
+  const slotStartMs = slotStartTs * 1000n;
+  const elapsedMs = Number(nowMs - slotStartMs);
+  const windowMs = windowSeconds * 1000 + MAXIMUM_GOSSIP_CLOCK_DISPARITY_MS;
+
+  return elapsedMs < windowMs;
+}
+
+export class PipeliningWindow {
+  private readonly proposalWindowIntoTargetSlot: number;
+  private readonly attestationWindowIntoTargetSlot: number;
+
+  constructor(
+    private readonly epochCache: EpochCacheInterface,
+    opts: {
+      p2pPropagationTime?: number;
+      l1PublishingTime?: number;
+    } = {},
+  ) {
+    const l1Constants = epochCache.getL1Constants();
+    const checkpointTiming = createPipelinedCheckpointTimingModel({
+      aztecSlotDuration: l1Constants.slotDuration,
+      ethereumSlotDuration: l1Constants.ethereumSlotDuration,
+      l1PublishingTime: opts.l1PublishingTime ?? l1Constants.ethereumSlotDuration,
+      p2pPropagationTime: opts.p2pPropagationTime ?? DEFAULT_P2P_PROPAGATION_TIME,
+    });
+
+    this.proposalWindowIntoTargetSlot = checkpointTiming.proposalWindowIntoTargetSlot;
+    this.attestationWindowIntoTargetSlot = checkpointTiming.attestationWindowIntoTargetSlot;
+  }
+
+  public acceptsProposal(messageSlot: SlotNumber): boolean {
+    return isWithinPipeliningWindow(messageSlot, this.epochCache, this.proposalWindowIntoTargetSlot);
+  }
+
+  public acceptsAttestation(messageSlot: SlotNumber): boolean {
+    return isWithinPipeliningWindow(messageSlot, this.epochCache, this.attestationWindowIntoTargetSlot);
+  }
+}

package/src/msg_validators/proposal_validator/README.md

@@ -53,7 +53,7 @@ Only runs on validator nodes. Non-validator nodes use a default handler that tri
 
 **Escape hatch**: during escape hatch periods (`isEscapeHatchOpenAtSlot`), re-execution and slashing are both disabled, and the proposal is rejected locally.
 
-**Conditional re-execution**: rules 22-24 only run when at least one condition is true: `fishermanMode` enabled, `slashBroadcastedInvalidBlockPenalty > 0` with `validatorReexecute`, committee membership with `validatorReexecute`, `alwaysReexecuteBlockProposals`, or `blobClient.canUpload()`.
+**Conditional re-execution**: rules 22-24 only run when at least one condition is true: `fishermanMode` enabled, `slashBroadcastedInvalidBlockPenalty > 0`, committee membership, `alwaysReexecuteBlockProposals`, or `blobClient.canUpload()`.
 
 **Slashing**: only `state_mismatch` and `failed_txs` trigger on-chain slashing (`OffenseType.BROADCASTED_INVALID_BLOCK_PROPOSAL`, gated by `slashBroadcastedInvalidBlockPenalty > 0`). Unknown errors during re-execution do NOT slash.
 

package/src/msg_validators/proposal_validator/block_proposal_validator.ts

@@ -6,7 +6,10 @@ import { ProposalValidator } from '../proposal_validator/proposal_validator.js';
 export class BlockProposalValidator implements P2PValidator<BlockProposal> {
   private proposalValidator: ProposalValidator;
 
-  constructor(epochCache: EpochCacheInterface, opts: { txsPermitted: boolean; maxTxsPerBlock?: number }) {
+  constructor(
+    epochCache: EpochCacheInterface,
+    opts: { txsPermitted: boolean; maxTxsPerBlock?: number; p2pPropagationTime?: number },
+  ) {
     this.proposalValidator = new ProposalValidator(epochCache, opts, 'p2p:block_proposal_validator');
   }
 

package/src/msg_validators/proposal_validator/checkpoint_proposal_validator.ts

@@ -6,7 +6,10 @@ import { ProposalValidator } from '../proposal_validator/proposal_validator.js';
 export class CheckpointProposalValidator implements P2PValidator<CheckpointProposal> {
   private proposalValidator: ProposalValidator;
 
-  constructor(epochCache: EpochCacheInterface, opts: { txsPermitted: boolean; maxTxsPerBlock?: number }) {
+  constructor(
+    epochCache: EpochCacheInterface,
+    opts: { txsPermitted: boolean; maxTxsPerBlock?: number; p2pPropagationTime?: number },
+  ) {
     this.proposalValidator = new ProposalValidator(epochCache, opts, 'p2p:checkpoint_proposal_validator');
   }
 

package/src/msg_validators/proposal_validator/proposal_validator.ts

@@ -8,7 +8,7 @@ import {
   type ValidationResult,
 } from '@aztec/stdlib/p2p';
 
-import { isWithinClockTolerance } from '../clock_tolerance.js';
+import { PipeliningWindow, isWithinClockTolerance } from '../clock_tolerance.js';
 
 /** Validates header-level and tx-level fields of block and checkpoint proposals. */
 export class ProposalValidator {
@@ -16,33 +16,39 @@ export class ProposalValidator {
   private logger: Logger;
   private txsPermitted: boolean;
   private maxTxsPerBlock?: number;
+  private pipeliningWindow: PipeliningWindow;
 
   constructor(
     epochCache: EpochCacheInterface,
-    opts: { txsPermitted: boolean; maxTxsPerBlock?: number },
+    opts: { txsPermitted: boolean; maxTxsPerBlock?: number; p2pPropagationTime?: number },
     loggerName: string,
   ) {
     this.epochCache = epochCache;
     this.txsPermitted = opts.txsPermitted;
     this.maxTxsPerBlock = opts.maxTxsPerBlock;
+    this.pipeliningWindow = new PipeliningWindow(epochCache, { p2pPropagationTime: opts.p2pPropagationTime });
     this.logger = createLogger(loggerName);
   }
 
   /** Validates header-level fields: slot, signature, and proposer. */
   public async validate(proposal: BlockProposal | CheckpointProposalCore): Promise<ValidationResult> {
     try {
-      // Slot check: use target slots since proposals target pipeline slots (slot + 1 when pipelining)
+      // Slot check: use target slots since proposals target pipeline slots (slot + 1 when pipelining).
       const { targetSlot, nextSlot } = this.epochCache.getTargetAndNextSlot();
 
       const slotNumber = proposal.slotNumber;
       if (slotNumber !== targetSlot && slotNumber !== nextSlot) {
-        // Check if message is for previous slot and within clock tolerance
-        if (!isWithinClockTolerance(slotNumber, targetSlot, this.epochCache)) {
+        // When pipelining, accept proposals for the current slot (built in the previous slot)
+        // if they're still within the shared proposal acceptance window.
+        if (this.pipeliningWindow.acceptsProposal(slotNumber)) {
+          // Fall through to remaining validation (signature, proposer, etc.)
+        } else if (!isWithinClockTolerance(slotNumber, targetSlot, this.epochCache)) {
           this.logger.warn(`Penalizing peer for invalid slot number ${slotNumber}`, { targetSlot, nextSlot });
           return { result: 'reject', severity: PeerErrorSeverity.HighToleranceError };
+        } else {
+          this.logger.verbose(`Ignoring proposal for previous slot ${slotNumber} within clock tolerance`);
+          return { result: 'ignore' };
         }
-        this.logger.verbose(`Ignoring proposal for previous slot ${slotNumber} within clock tolerance`);
-        return { result: 'ignore' };
       }
 
       // Signature validity

package/src/msg_validators/tx_validator/archive_cache.ts

@@ -15,7 +15,7 @@ export class ArchiveCache implements ArchiveSource {
   }
 
   public async getArchiveIndices(archives: BlockHash[]): Promise<(bigint | undefined)[]> {
-    const toCheckDb = archives.filter(n => !this.archives.has(n.toString())).map(n => n.toFr());
+    const toCheckDb = archives.filter(n => !this.archives.has(n.toString()));
     const dbHits = await this.db.findLeafIndices(MerkleTreeId.ARCHIVE, toCheckDb);
     dbHits.forEach((x, index) => {
       if (x !== undefined) {

package/src/msg_validators/tx_validator/contract_instance_validator.ts

@@ -0,0 +1,56 @@
+import { type Logger, type LoggerBindings, createLogger } from '@aztec/foundation/log';
+import { ContractInstancePublishedEvent } from '@aztec/protocol-contracts/instance-registry';
+import { computeContractAddressFromInstance } from '@aztec/stdlib/contract';
+import {
+  TX_ERROR_INCORRECT_CONTRACT_ADDRESS,
+  TX_ERROR_MALFORMED_CONTRACT_INSTANCE_LOG,
+  type Tx,
+  type TxValidationResult,
+  type TxValidator,
+} from '@aztec/stdlib/tx';
+
+/** Validates that contract instance deployment logs contain correct addresses. */
+export class ContractInstanceTxValidator implements TxValidator<Tx> {
+  #log: Logger;
+
+  constructor(bindings?: LoggerBindings) {
+    this.#log = createLogger('p2p:tx_validator:contract_instance', bindings);
+  }
+
+  async validateTx(tx: Tx): Promise<TxValidationResult> {
+    const reason = await this.#hasCorrectContractInstanceAddresses(tx);
+    return reason ? { result: 'invalid', reason: [reason] } : { result: 'valid' };
+  }
+
+  async #hasCorrectContractInstanceAddresses(tx: Tx): Promise<string | undefined> {
+    const privateLogs = tx.data.getNonEmptyPrivateLogs();
+    for (const log of privateLogs) {
+      if (!ContractInstancePublishedEvent.isContractInstancePublishedEvent(log)) {
+        continue;
+      }
+
+      let event;
+      try {
+        event = ContractInstancePublishedEvent.fromLog(log);
+      } catch (e) {
+        this.#log.warn(`Rejecting tx ${tx.getTxHash()}: failed to parse contract instance event: ${e}`);
+        return TX_ERROR_MALFORMED_CONTRACT_INSTANCE_LOG;
+      }
+
+      try {
+        const instance = event.toContractInstance();
+        const computedAddress = await computeContractAddressFromInstance(instance);
+        if (!computedAddress.equals(instance.address)) {
+          this.#log.warn(
+            `Rejecting tx ${tx.getTxHash()}: contract instance address mismatch. Claimed ${instance.address}, computed ${computedAddress}`,
+          );
+          return TX_ERROR_INCORRECT_CONTRACT_ADDRESS;
+        }
+      } catch (e) {
+        this.#log.warn(`Rejecting tx ${tx.getTxHash()}: failed to compute contract instance address: ${e}`);
+        return TX_ERROR_MALFORMED_CONTRACT_INSTANCE_LOG;
+      }
+    }
+    return undefined;
+  }
+}

package/src/msg_validators/tx_validator/data_validator.ts

@@ -1,5 +1,7 @@
 import { MAX_FR_CALLDATA_TO_ALL_ENQUEUED_CALLS } from '@aztec/constants';
 import { type Logger, type LoggerBindings, createLogger } from '@aztec/foundation/log';
+import { ContractClassPublishedEvent } from '@aztec/protocol-contracts/class-registry';
+import { computeContractClassId } from '@aztec/stdlib/contract';
 import { computeCalldataHash } from '@aztec/stdlib/hash';
 import {
   TX_ERROR_CALLDATA_COUNT_MISMATCH,
@@ -9,7 +11,9 @@ import {
   TX_ERROR_CONTRACT_CLASS_LOG_LENGTH,
   TX_ERROR_CONTRACT_CLASS_LOG_SORTING,
   TX_ERROR_INCORRECT_CALLDATA,
+  TX_ERROR_INCORRECT_CONTRACT_CLASS_ID,
   TX_ERROR_INCORRECT_HASH,
+  TX_ERROR_MALFORMED_CONTRACT_CLASS_LOG,
   Tx,
   type TxValidationResult,
   type TxValidator,
@@ -26,7 +30,8 @@ export class DataTxValidator implements TxValidator<Tx> {
     const reason =
       (await this.#hasCorrectHash(tx)) ??
       (await this.#hasCorrectCalldata(tx)) ??
-      (await this.#hasCorrectContractClassLogs(tx));
+      (await this.#hasCorrectContractClassLogs(tx)) ??
+      (await this.#hasCorrectContractClassIds(tx));
     return reason ? { result: 'invalid', reason: [reason] } : { result: 'valid' };
   }
 
@@ -127,4 +132,40 @@ export class DataTxValidator implements TxValidator<Tx> {
 
     return undefined;
   }
+
+  async #hasCorrectContractClassIds(tx: Tx): Promise<string | undefined> {
+    const contractClassLogs = tx.getContractClassLogs();
+    for (const log of contractClassLogs) {
+      if (!ContractClassPublishedEvent.isContractClassPublishedEvent(log)) {
+        continue;
+      }
+
+      let event;
+      try {
+        event = ContractClassPublishedEvent.fromLog(log);
+      } catch (e) {
+        this.#log.warn(`Rejecting tx ${tx.getTxHash()}: failed to parse contract class event: ${e}`);
+        return TX_ERROR_MALFORMED_CONTRACT_CLASS_LOG;
+      }
+
+      try {
+        const { publicBytecodeCommitment } = await event.toContractClassPublicWithBytecodeCommitment();
+        const computedClassId = await computeContractClassId({
+          artifactHash: event.artifactHash,
+          privateFunctionsRoot: event.privateFunctionsRoot,
+          publicBytecodeCommitment,
+        });
+        if (!computedClassId.equals(event.contractClassId)) {
+          this.#log.warn(
+            `Rejecting tx ${tx.getTxHash()}: contract class id mismatch. Claimed ${event.contractClassId}, computed ${computedClassId}`,
+          );
+          return TX_ERROR_INCORRECT_CONTRACT_CLASS_ID;
+        }
+      } catch (e) {
+        this.#log.warn(`Rejecting tx ${tx.getTxHash()}: failed to compute contract class id: ${e}`);
+        return TX_ERROR_MALFORMED_CONTRACT_CLASS_LOG;
+      }
+    }
+    return undefined;
+  }
 }

package/src/msg_validators/tx_validator/factory.ts

@@ -53,6 +53,7 @@ import type { TxMetaData } from '../../mem_pools/tx_pool_v2/tx_metadata.js';
 import { AggregateTxValidator } from './aggregate_tx_validator.js';
 import { ArchiveCache } from './archive_cache.js';
 import { type ArchiveSource, BlockHeaderTxValidator } from './block_header_validator.js';
+import { ContractInstanceTxValidator } from './contract_instance_validator.js';
 import { DataTxValidator } from './data_validator.js';
 import { DoubleSpendTxValidator, type NullifierSource } from './double_spend_validator.js';
 import { GasLimitsValidator, GasTxValidator } from './gas_validator.js';
@@ -167,6 +168,10 @@ export function createFirstStageTxValidationsForGossipedTransactions(
       validator: new DataTxValidator(bindings),
       severity: PeerErrorSeverity.MidToleranceError,
     },
+    contractInstanceValidator: {
+      validator: new ContractInstanceTxValidator(bindings),
+      severity: PeerErrorSeverity.MidToleranceError,
+    },
   };
 }
 
@@ -218,6 +223,7 @@ function createTxValidatorForMinimumTxIntegrityChecks(
     ),
     new SizeTxValidator(bindings),
     new DataTxValidator(bindings),
+    new ContractInstanceTxValidator(bindings),
     new TxProofValidator(verifier, bindings),
   );
 }
@@ -321,6 +327,7 @@ export function createTxValidatorForAcceptingTxsOverRPC(
     new BlockHeaderTxValidator(new ArchiveCache(db), bindings),
     new DoubleSpendTxValidator(new NullifierCache(db), bindings),
     new DataTxValidator(bindings),
+    new ContractInstanceTxValidator(bindings),
   ];
 
   if (!skipFeeEnforcement) {