@aztec/p2p 2.1.0-rc.9 → 3.0.0-devnet.2

package/src/msg_validators/tx_validator/factory.ts

@@ -20,6 +20,7 @@ import { DoubleSpendTxValidator } from './double_spend_validator.js';
 import { GasTxValidator } from './gas_validator.js';
 import { MetadataTxValidator } from './metadata_validator.js';
 import { PhasesTxValidator } from './phases_validator.js';
+import { TimestampTxValidator } from './timestamp_validator.js';
 import { TxPermittedValidator } from './tx_permitted_validator.js';
 import { TxProofValidator } from './tx_proof_validator.js';
 
@@ -37,7 +38,7 @@ export function createTxMessageValidators(
   gasFees: GasFees,
   l1ChainId: number,
   rollupVersion: number,
-  protocolContractTreeRoot: Fr,
+  protocolContractsHash: Fr,
   contractDataSource: ContractDataSource,
   proofVerifier: ClientProtocolCircuitVerifier,
   txsPermitted: boolean,
@@ -59,13 +60,18 @@ export function createTxMessageValidators(
         validator: new MetadataTxValidator({
           l1ChainId: new Fr(l1ChainId),
           rollupVersion: new Fr(rollupVersion),
-          timestamp,
-          blockNumber,
-          protocolContractTreeRoot,
+          protocolContractsHash,
           vkTreeRoot: getVKTreeRoot(),
         }),
         severity: PeerErrorSeverity.HighToleranceError,
       },
+      timestampValidator: {
+        validator: new TimestampTxValidator<Tx>({
+          timestamp,
+          blockNumber,
+        }),
+        severity: PeerErrorSeverity.MidToleranceError,
+      },
       doubleSpendValidator: {
         validator: new DoubleSpendTxValidator({
           nullifiersExist: async (nullifiers: Buffer[]) => {

package/src/msg_validators/tx_validator/index.ts

@@ -10,3 +10,4 @@ export * from './test_utils.js';
 export * from './allowed_public_setup.js';
 export * from './archive_cache.js';
 export * from './tx_permitted_validator.js';
+export * from './timestamp_validator.js';

package/src/msg_validators/tx_validator/metadata_validator.ts

@@ -3,15 +3,12 @@ import { createLogger } from '@aztec/foundation/log';
 import {
   type AnyTx,
   TX_ERROR_INCORRECT_L1_CHAIN_ID,
-  TX_ERROR_INCORRECT_PROTOCOL_CONTRACT_TREE_ROOT,
+  TX_ERROR_INCORRECT_PROTOCOL_CONTRACTS_HASH,
   TX_ERROR_INCORRECT_ROLLUP_VERSION,
   TX_ERROR_INCORRECT_VK_TREE_ROOT,
-  TX_ERROR_INVALID_INCLUDE_BY_TIMESTAMP,
   type TxValidationResult,
   type TxValidator,
-  getTxHash,
 } from '@aztec/stdlib/tx';
-import type { UInt64 } from '@aztec/stdlib/types';
 
 export class MetadataTxValidator<T extends AnyTx> implements TxValidator<T> {
   #log = createLogger('p2p:tx_validator:tx_metadata');
@@ -20,13 +17,8 @@ export class MetadataTxValidator<T extends AnyTx> implements TxValidator<T> {
     private values: {
       l1ChainId: Fr;
       rollupVersion: Fr;
-      // Timestamp at which we will validate that the tx is not expired. This is typically the timestamp of the block
-      // being built.
-      timestamp: UInt64;
-      // Block number in which the tx is considered to be included.
-      blockNumber: number;
       vkTreeRoot: Fr;
-      protocolContractTreeRoot: Fr;
+      protocolContractsHash: Fr;
     },
   ) {}
 
@@ -38,14 +30,11 @@ export class MetadataTxValidator<T extends AnyTx> implements TxValidator<T> {
     if (!this.#hasCorrectRollupVersion(tx)) {
       errors.push(TX_ERROR_INCORRECT_ROLLUP_VERSION);
     }
-    if (!this.#isValidForTimestamp(tx)) {
-      errors.push(TX_ERROR_INVALID_INCLUDE_BY_TIMESTAMP);
-    }
     if (!this.#hasCorrectVkTreeRoot(tx)) {
       errors.push(TX_ERROR_INCORRECT_VK_TREE_ROOT);
     }
-    if (!this.#hasCorrectProtocolContractTreeRoot(tx)) {
-      errors.push(TX_ERROR_INCORRECT_PROTOCOL_CONTRACT_TREE_ROOT);
+    if (!this.#hasCorrectprotocolContractsHash(tx)) {
+      errors.push(TX_ERROR_INCORRECT_PROTOCOL_CONTRACTS_HASH);
     }
     return Promise.resolve(errors.length > 0 ? { result: 'invalid', reason: errors } : { result: 'valid' });
   }
@@ -62,10 +51,10 @@ export class MetadataTxValidator<T extends AnyTx> implements TxValidator<T> {
     }
   }
 
-  #hasCorrectProtocolContractTreeRoot(tx: T): boolean {
-    if (!tx.data.constants.protocolContractTreeRoot.equals(this.values.protocolContractTreeRoot)) {
+  #hasCorrectprotocolContractsHash(tx: T): boolean {
+    if (!tx.data.constants.protocolContractsHash.equals(this.values.protocolContractsHash)) {
       this.#log.verbose(
-        `Rejecting tx ${'txHash' in tx ? tx.txHash : tx.hash} because of incorrect protocol contract tree root ${tx.data.constants.protocolContractTreeRoot.toString()} != ${this.values.protocolContractTreeRoot.toString()}`,
+        `Rejecting tx ${'txHash' in tx ? tx.txHash : tx.hash} because of incorrect protocol contracts hash ${tx.data.constants.protocolContractsHash.toString()} != ${this.values.protocolContractsHash.toString()}`,
       );
       return false;
     }
@@ -83,29 +72,6 @@ export class MetadataTxValidator<T extends AnyTx> implements TxValidator<T> {
     }
   }
 
-  #isValidForTimestamp(tx: T): boolean {
-    const includeByTimestamp = tx.data.includeByTimestamp;
-    // If building block 1, we skip the expiration check. For details on why see the `validate_include_by_timestamp`
-    // function in `noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/components/validation_requests.nr`.
-    const buildingBlock1 = this.values.blockNumber === 1;
-
-    if (!buildingBlock1 && includeByTimestamp < this.values.timestamp) {
-      if (tx.data.constants.historicalHeader.globalVariables.blockNumber === 0) {
-        this.#log.warn(
-          `A tx built against a genesis block failed to be included in block 1 which is the only block in which txs built against a genesis block are allowed to be included.`,
-        );
-      }
-      this.#log.verbose(
-        `Rejecting tx ${getTxHash(tx)} for low expiration timestamp. Tx expiration timestamp: ${includeByTimestamp}, timestamp: ${
-          this.values.timestamp
-        }.`,
-      );
-      return false;
-    } else {
-      return true;
-    }
-  }
-
   #hasCorrectRollupVersion(tx: T): boolean {
     if (!tx.data.constants.txContext.version.equals(this.values.rollupVersion)) {
       this.#log.verbose(

package/src/msg_validators/tx_validator/timestamp_validator.ts

@@ -0,0 +1,46 @@
+import { createLogger } from '@aztec/foundation/log';
+import {
+  type AnyTx,
+  TX_ERROR_INVALID_INCLUDE_BY_TIMESTAMP,
+  type TxValidationResult,
+  type TxValidator,
+  getTxHash,
+} from '@aztec/stdlib/tx';
+import type { UInt64 } from '@aztec/stdlib/types';
+
+export class TimestampTxValidator<T extends AnyTx> implements TxValidator<T> {
+  #log = createLogger('p2p:tx_validator:timestamp');
+
+  constructor(
+    private values: {
+      // Timestamp at which we will validate that the tx is not expired. This is typically the timestamp of the block
+      // being built.
+      timestamp: UInt64;
+      // Block number in which the tx is considered to be included.
+      blockNumber: number;
+    },
+  ) {}
+
+  validateTx(tx: T): Promise<TxValidationResult> {
+    const includeByTimestamp = tx.data.includeByTimestamp;
+    // If building block 1, we skip the expiration check. For details on why see the `validate_include_by_timestamp`
+    // function in `noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/components/validation_requests.nr`.
+    const buildingBlock1 = this.values.blockNumber === 1;
+
+    if (!buildingBlock1 && includeByTimestamp < this.values.timestamp) {
+      if (tx.data.constants.anchorBlockHeader.globalVariables.blockNumber === 0) {
+        this.#log.warn(
+          `A tx built against a genesis block failed to be included in block 1 which is the only block in which txs built against a genesis block are allowed to be included.`,
+        );
+      }
+      this.#log.verbose(
+        `Rejecting tx ${getTxHash(tx)} for low expiration timestamp. Tx expiration timestamp: ${includeByTimestamp}, timestamp: ${
+          this.values.timestamp
+        }.`,
+      );
+      return Promise.resolve({ result: 'invalid', reason: [TX_ERROR_INVALID_INCLUDE_BY_TIMESTAMP] });
+    } else {
+      return Promise.resolve({ result: 'valid' });
+    }
+  }
+}

package/src/services/discv5/discV5_service.ts

@@ -3,10 +3,10 @@ import { sleep } from '@aztec/foundation/sleep';
 import { type ComponentsVersions, checkCompressedComponentVersion } from '@aztec/stdlib/versioning';
 import { OtelMetricsAdapter, type TelemetryClient, getTelemetryClient } from '@aztec/telemetry-client';
 
-import { Discv5, type Discv5EventEmitter, type IDiscv5CreateOptions } from '@chainsafe/discv5';
-import { ENR, SignableENR } from '@chainsafe/enr';
 import type { PeerId } from '@libp2p/interface';
 import { type Multiaddr, multiaddr } from '@multiformats/multiaddr';
+import { Discv5, type Discv5EventEmitter, type IDiscv5CreateOptions } from '@nethermindeth/discv5';
+import { ENR, SignableENR } from '@nethermindeth/enr';
 import EventEmitter from 'events';
 
 import type { P2PConfig } from '../../config.js';

package/src/services/dummy_service.ts

@@ -3,8 +3,8 @@ import type { PeerInfo } from '@aztec/stdlib/interfaces/server';
 import type { Gossipable, PeerErrorSeverity } from '@aztec/stdlib/p2p';
 import { Tx, TxHash } from '@aztec/stdlib/tx';
 
-import type { ENR } from '@chainsafe/enr';
 import type { PeerId } from '@libp2p/interface';
+import type { ENR } from '@nethermindeth/enr';
 import EventEmitter from 'events';
 
 import type { PeerManagerInterface } from './peer-manager/interface.js';

package/src/services/libp2p/libp2p_service.ts

@@ -1,11 +1,13 @@
 import type { EpochCacheInterface } from '@aztec/epoch-cache';
 import { randomInt } from '@aztec/foundation/crypto';
+import { Fr } from '@aztec/foundation/fields';
 import { type Logger, createLibp2pComponentLogger, createLogger } from '@aztec/foundation/log';
 import { SerialQueue } from '@aztec/foundation/queue';
 import { RunningPromise } from '@aztec/foundation/running-promise';
 import { Timer } from '@aztec/foundation/timer';
 import type { AztecAsyncKVStore } from '@aztec/kv-store';
-import { protocolContractTreeRoot } from '@aztec/protocol-contracts';
+import { getVKTreeRoot } from '@aztec/noir-protocol-circuits-types/vk-tree';
+import { protocolContractsHash } from '@aztec/protocol-contracts';
 import type { EthAddress, L2BlockSource } from '@aztec/stdlib/block';
 import type { ContractDataSource } from '@aztec/stdlib/contract';
 import { GasFees } from '@aztec/stdlib/gas';
@@ -23,12 +25,11 @@ import {
   metricsTopicStrToLabels,
 } from '@aztec/stdlib/p2p';
 import { MerkleTreeId } from '@aztec/stdlib/trees';
-import { Tx, type TxHash, type TxValidationResult } from '@aztec/stdlib/tx';
+import { Tx, type TxHash, type TxValidationResult, type TxValidator } from '@aztec/stdlib/tx';
 import type { UInt64 } from '@aztec/stdlib/types';
 import { compressComponentVersions } from '@aztec/stdlib/versioning';
 import { Attributes, OtelMetricsAdapter, type TelemetryClient, WithTracer, trackSpan } from '@aztec/telemetry-client';
 
-import { ENR } from '@chainsafe/enr';
 import {
   type GossipSub,
   type GossipSubComponents,
@@ -45,6 +46,7 @@ import { type Message, type MultiaddrConnection, type PeerId, TopicValidatorResu
 import type { ConnectionManager } from '@libp2p/interface-internal';
 import { mplex } from '@libp2p/mplex';
 import { tcp } from '@libp2p/tcp';
+import { ENR } from '@nethermindeth/enr';
 import { createLibp2p } from 'libp2p';
 
 import type { P2PConfig } from '../../config.js';
@@ -53,7 +55,13 @@ import { AttestationValidator, BlockProposalValidator } from '../../msg_validato
 import { MessageSeenValidator } from '../../msg_validators/msg_seen_validator/msg_seen_validator.js';
 import { getDefaultAllowedSetupFunctions } from '../../msg_validators/tx_validator/allowed_public_setup.js';
 import { type MessageValidator, createTxMessageValidators } from '../../msg_validators/tx_validator/factory.js';
-import { DoubleSpendTxValidator, TxProofValidator } from '../../msg_validators/tx_validator/index.js';
+import {
+  AggregateTxValidator,
+  DataTxValidator,
+  DoubleSpendTxValidator,
+  MetadataTxValidator,
+  TxProofValidator,
+} from '../../msg_validators/tx_validator/index.js';
 import { GossipSubEvent } from '../../types/index.js';
 import { type PubSubLibp2p, convertToMultiaddr } from '../../util.js';
 import { getVersions } from '../../versioning.js';
@@ -79,6 +87,8 @@ import { reqRespBlockTxsHandler } from '../reqresp/protocols/block_txs/block_txs
 import { reqGoodbyeHandler } from '../reqresp/protocols/goodbye.js';
 import {
   AuthRequest,
+  BlockTxsRequest,
+  BlockTxsResponse,
   StatusMessage,
   pingHandler,
   reqRespBlockHandler,
@@ -160,7 +170,7 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
     );
 
     this.attestationValidator = new AttestationValidator(epochCache);
-    this.blockProposalValidator = new BlockProposalValidator(epochCache);
+    this.blockProposalValidator = new BlockProposalValidator(epochCache, { txsPermitted: !config.disableTransactions });
 
     this.gossipSubEventHandler = this.handleGossipSubEvent.bind(this);
 
@@ -487,7 +497,8 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
     const reqrespSubProtocolValidators = {
       ...DEFAULT_SUB_PROTOCOL_VALIDATORS,
       // TODO(#11336): A request validator for blocks
-      [ReqRespSubProtocol.TX]: this.validateRequestedTx.bind(this),
+      [ReqRespSubProtocol.TX]: this.validateRequestedTxs.bind(this),
+      [ReqRespSubProtocol.BLOCK_TXS]: this.validateRequestedBlockTxs.bind(this),
     };
     await this.reqresp.start(requestResponseHandlers, reqrespSubProtocolValidators);
     this.logger.info(`Started P2P service`, {
@@ -745,12 +756,11 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
       return;
     }
     this.logger.debug(
-      `Received attestation for block ${attestation.blockNumber} slot ${attestation.slotNumber.toNumber()} from external peer ${source.toString()}`,
+      `Received attestation for slot ${attestation.slotNumber.toNumber()} from external peer ${source.toString()}`,
       {
         p2pMessageIdentifier: await attestation.p2pMessageIdentifier(),
         slot: attestation.slotNumber.toNumber(),
         archive: attestation.archive.toString(),
-        block: attestation.blockNumber,
         source: source.toString(),
       },
     );
@@ -783,7 +793,6 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
 
   // REVIEW: callback pattern https://github.com/AztecProtocol/aztec-packages/issues/7963
   @trackSpan('Libp2pService.processValidBlockProposal', async block => ({
-    [Attributes.BLOCK_NUMBER]: block.blockNumber,
     [Attributes.SLOT_NUMBER]: block.slotNumber.toNumber(),
     [Attributes.BLOCK_ARCHIVE]: block.archive.toString(),
     [Attributes.P2P_ID]: await block.p2pMessageIdentifier().then(i => i.toString()),
@@ -791,16 +800,12 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
   private async processValidBlockProposal(block: BlockProposal, sender: PeerId) {
     const slot = block.slotNumber.toBigInt();
     const previousSlot = slot - 1n;
-    this.logger.verbose(
-      `Received block ${block.blockNumber} for slot ${slot} from external peer ${sender.toString()}.`,
-      {
-        p2pMessageIdentifier: await block.p2pMessageIdentifier(),
-        slot: block.slotNumber.toNumber(),
-        archive: block.archive.toString(),
-        block: block.blockNumber,
-        source: sender.toString(),
-      },
-    );
+    this.logger.verbose(`Received block proposal for slot ${slot} from external peer ${sender.toString()}.`, {
+      p2pMessageIdentifier: await block.p2pMessageIdentifier(),
+      slot: block.slotNumber.toNumber(),
+      archive: block.archive.toString(),
+      source: sender.toString(),
+    });
     const attestationsForPreviousSlot = await this.mempools.attestationPool?.getAttestationsForSlot(previousSlot);
     if (attestationsForPreviousSlot !== undefined) {
       this.logger.verbose(`Received ${attestationsForPreviousSlot.length} attestations for slot ${previousSlot}`);
@@ -815,15 +820,11 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
     // The attestation can be undefined if no handler is registered / the validator deems the block invalid
     if (attestations?.length) {
       for (const attestation of attestations) {
-        this.logger.verbose(
-          `Broadcasting attestation for block ${attestation.blockNumber} slot ${attestation.slotNumber.toNumber()}`,
-          {
-            p2pMessageIdentifier: await attestation.p2pMessageIdentifier(),
-            slot: attestation.slotNumber.toNumber(),
-            archive: attestation.archive.toString(),
-            block: attestation.blockNumber,
-          },
-        );
+        this.logger.verbose(`Broadcasting attestation for slot ${attestation.slotNumber.toNumber()}`, {
+          p2pMessageIdentifier: await attestation.p2pMessageIdentifier(),
+          slot: attestation.slotNumber.toNumber(),
+          archive: attestation.archive.toString(),
+        });
         await this.broadcastAttestation(attestation);
       }
     }
@@ -834,7 +835,6 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
    * @param attestation - The attestation to broadcast.
    */
   @trackSpan('Libp2pService.broadcastAttestation', async attestation => ({
-    [Attributes.BLOCK_NUMBER]: attestation.blockNumber,
     [Attributes.SLOT_NUMBER]: attestation.payload.header.slotNumber.toNumber(),
     [Attributes.BLOCK_ARCHIVE]: attestation.archive.toString(),
     [Attributes.P2P_ID]: await attestation.p2pMessageIdentifier().then(i => i.toString()),
@@ -859,6 +859,38 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
       });
   }
 
+  /**
+   * Validate the requested block transactions.
+   * @param request - The block transactions request.
+   * @param response - The block transactions response.
+   * @param peerId - The ID of the peer that made the request.
+   * @returns True if the requested block transactions are valid, false otherwise.
+   */
+  @trackSpan('Libp2pService.validateRequestedBlockTxs', request => ({
+    [Attributes.BLOCK_HASH]: request.blockHash.toString(),
+  }))
+  private async validateRequestedBlockTxs(
+    _request: BlockTxsRequest,
+    response: BlockTxsResponse,
+    peerId: PeerId,
+  ): Promise<boolean> {
+    const requestedTxValidator = this.createRequestedTxValidator();
+
+    try {
+      // TODO(palla/txs): Validate that this tx belongs to the block hash being requested
+      await Promise.all(response.txs.map(tx => this.validateRequestedTx(tx, peerId, requestedTxValidator)));
+      return true;
+    } catch (e: any) {
+      if (e instanceof ValidationError) {
+        this.logger.warn(`Failed validation for requested block txs from peer ${peerId.toString()}`);
+      } else {
+        this.logger.error(`Error during validation of requested block txs`, e);
+      }
+
+      return false;
+    }
+  }
+
   /**
    * Validate a collection of txs that has been requested from a peer.
    *
@@ -873,43 +905,60 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
    * @param peerId - The peer ID of the peer that sent the tx.
    * @returns True if the whole collection of txs is valid, false otherwise.
    */
-  //TODO: (mralj) - this is somewhat naive implementation, if single tx is invlid we consider the whole response invalid.
-  // I think we should still extract the valid txs and return them, so that we can still use the response.
   @trackSpan('Libp2pService.validateRequestedTx', (requestedTxHash, _responseTx) => ({
     [Attributes.TX_HASH]: requestedTxHash.toString(),
   }))
-  private async validateRequestedTx(requestedTxHash: TxHash[], responseTx: Tx[], peerId: PeerId): Promise<boolean> {
+  private async validateRequestedTxs(requestedTxHash: TxHash[], responseTx: Tx[], peerId: PeerId): Promise<boolean> {
     const requested = new Set(requestedTxHash.map(h => h.toString()));
+    const requestedTxValidator = this.createRequestedTxValidator();
 
-    const proofValidator = new TxProofValidator(this.proofVerifier);
-
+    //TODO: (mralj) - this is somewhat naive implementation, if single tx is invlid we consider the whole response invalid.
+    // I think we should still extract the valid txs and return them, so that we can still use the response.
     try {
-      await Promise.all(
-        responseTx.map(async tx => {
-          if (!requested.has(tx.getTxHash().toString())) {
-            this.peerManager.penalizePeer(peerId, PeerErrorSeverity.MidToleranceError);
-            throw new ValidationError(`Received tx with hash ${tx.getTxHash().toString()} that was not requested.`);
-          }
-
-          const { result } = await proofValidator.validateTx(tx);
-          if (result === 'invalid') {
-            this.peerManager.penalizePeer(peerId, PeerErrorSeverity.LowToleranceError);
-            throw new ValidationError(`Received tx with hash ${tx.getTxHash().toString()} that is invalid.`);
-          }
-        }),
-      );
+      await Promise.all(responseTx.map(tx => this.validateRequestedTx(tx, peerId, requestedTxValidator, requested)));
       return true;
     } catch (e: any) {
       if (e instanceof ValidationError) {
-        this.logger.debug(`Failed to validate requested txs from peer ${peerId.toString()}, reason ${e.message}`);
+        this.logger.warn(`Failed to validate requested txs from peer ${peerId.toString()}, reason ${e.message}`);
       } else {
-        this.logger.warn(`Error during validation of requested txs`, e);
+        this.logger.error(`Error during validation of requested txs`, e);
       }
 
       return false;
     }
   }
 
+  private createRequestedTxValidator(): TxValidator {
+    return new AggregateTxValidator(
+      new DataTxValidator(),
+      new MetadataTxValidator({
+        l1ChainId: new Fr(this.config.l1ChainId),
+        rollupVersion: new Fr(this.config.rollupVersion),
+        protocolContractsHash,
+        vkTreeRoot: getVKTreeRoot(),
+      }),
+      new TxProofValidator(this.proofVerifier),
+    );
+  }
+
+  private async validateRequestedTx(tx: Tx, peerId: PeerId, txValidator: TxValidator, requested?: Set<`0x${string}`>) {
+    if (!(await tx.validateTxHash())) {
+      this.peerManager.penalizePeer(peerId, PeerErrorSeverity.MidToleranceError);
+      throw new ValidationError(`Received tx with invalid hash ${tx.getTxHash().toString()}.`);
+    }
+
+    if (requested && !requested.has(tx.getTxHash().toString())) {
+      this.peerManager.penalizePeer(peerId, PeerErrorSeverity.MidToleranceError);
+      throw new ValidationError(`Received tx with hash ${tx.getTxHash().toString()} that was not requested.`);
+    }
+
+    const { result } = await txValidator.validateTx(tx);
+    if (result === 'invalid') {
+      this.peerManager.penalizePeer(peerId, PeerErrorSeverity.LowToleranceError);
+      throw new ValidationError(`Received tx with hash ${tx.getTxHash().toString()} that is invalid.`);
+    }
+  }
+
   @trackSpan('Libp2pService.validatePropagatedTx', tx => ({
     [Attributes.TX_HASH]: tx.getTxHash().toString(),
   }))
@@ -997,7 +1046,7 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
       gasFees,
       this.config.l1ChainId,
       this.config.rollupVersion,
-      protocolContractTreeRoot,
+      protocolContractsHash,
       this.archiver,
       this.proofVerifier,
       !this.config.disableTransactions,
@@ -1080,7 +1129,6 @@ export class LibP2PService<T extends P2PClientType = P2PClientType.Full> extends
    * @returns True if the attestation is valid, false otherwise.
    */
   @trackSpan('Libp2pService.validateAttestation', async (_, attestation) => ({
-    [Attributes.BLOCK_NUMBER]: attestation.blockNumber,
     [Attributes.SLOT_NUMBER]: attestation.payload.header.slotNumber.toNumber(),
     [Attributes.BLOCK_ARCHIVE]: attestation.archive.toString(),
     [Attributes.P2P_ID]: await attestation.p2pMessageIdentifier().then(i => i.toString()),

package/src/services/peer-manager/peer_manager.ts

@@ -1,5 +1,5 @@
 import type { EpochCacheInterface } from '@aztec/epoch-cache';
-import { makeEthSignDigest, recoverAddress } from '@aztec/foundation/crypto';
+import { makeEthSignDigest, tryRecoverAddress } from '@aztec/foundation/crypto';
 import type { EthAddress } from '@aztec/foundation/eth-address';
 import { Fr } from '@aztec/foundation/fields';
 import { createLogger } from '@aztec/foundation/log';
@@ -9,10 +9,10 @@ import type { PeerInfo, WorldStateSynchronizer } from '@aztec/stdlib/interfaces/
 import type { PeerErrorSeverity } from '@aztec/stdlib/p2p';
 import { type TelemetryClient, trackSpan } from '@aztec/telemetry-client';
 
-import { ENR } from '@chainsafe/enr';
 import type { Connection, PeerId } from '@libp2p/interface';
 import { peerIdFromString } from '@libp2p/peer-id';
 import type { Multiaddr } from '@multiformats/multiaddr';
+import { ENR } from '@nethermindeth/enr';
 import { inspect } from 'util';
 
 import type { P2PConfig } from '../../config.js';
@@ -907,7 +907,14 @@ export class PeerManager implements PeerManagerInterface {
 
       const hashToRecover = authRequest.getPayloadToSign();
       const ethSignedHash = makeEthSignDigest(hashToRecover);
-      const sender = recoverAddress(ethSignedHash, peerAuthResponse.signature);
+      const sender = tryRecoverAddress(ethSignedHash, peerAuthResponse.signature);
+      if (!sender) {
+        this.logger.verbose(`Disconnecting peer ${peerId} due to failed auth handshake, invalid signature.`, logData);
+        this.markAuthHandshakeFailed(peerId);
+        this.markPeerForDisconnect(peerId);
+        return;
+      }
+
       const registeredValidators = await this.epochCache.getRegisteredValidators();
       const found = registeredValidators.find(v => v.toString() === sender.toString()) !== undefined;
       if (!found) {

package/src/services/service.ts

@@ -3,8 +3,8 @@ import type { PeerInfo } from '@aztec/stdlib/interfaces/server';
 import type { BlockAttestation, BlockProposal, Gossipable } from '@aztec/stdlib/p2p';
 import type { Tx } from '@aztec/stdlib/tx';
 
-import type { ENR } from '@chainsafe/enr';
 import type { PeerId } from '@libp2p/interface';
+import type { ENR } from '@nethermindeth/enr';
 import type EventEmitter from 'events';
 
 import type { P2PReqRespConfig } from './reqresp/config.js';

package/src/services/tx_collection/fast_tx_collection.ts

@@ -55,7 +55,9 @@ export class FastTxCollection {
     }
 
     const blockInfo: L2BlockInfo =
-      input.type === 'proposal' ? input.blockProposal.toBlockInfo() : input.block.toBlockInfo();
+      input.type === 'proposal'
+        ? { ...input.blockProposal.toBlockInfo(), blockNumber: input.blockNumber }
+        : { ...input.block.toBlockInfo() };
 
     // This promise is used to await for the collection to finish during the main collectFast method.
     // It gets resolved in `foundTxs` when all txs have been collected, or rejected if the request is aborted or hits the deadline.

package/src/services/tx_collection/tx_collection.ts

@@ -25,7 +25,7 @@ export type MissingTxInfo = { blockNumber: number; deadline: Date; readyForReqRe
 
 export type FastCollectionRequestInput =
   | { type: 'block'; block: L2Block }
-  | { type: 'proposal'; blockProposal: BlockProposal };
+  | { type: 'proposal'; blockProposal: BlockProposal; blockNumber: number };
 
 export type FastCollectionRequest = FastCollectionRequestInput & {
   missingTxHashes: Set<string>;
@@ -152,10 +152,11 @@ export class TxCollection {
   /** Collects the set of txs for the given block proposal as fast as possible */
   public collectFastForProposal(
     blockProposal: BlockProposal,
+    blockNumber: number,
     txHashes: TxHash[] | string[],
     opts: { deadline: Date; pinnedPeer?: PeerId },
   ) {
-    return this.collectFastFor({ type: 'proposal', blockProposal }, txHashes, opts);
+    return this.collectFastFor({ type: 'proposal', blockProposal, blockNumber }, txHashes, opts);
   }
 
   /** Collects the set of txs for the given mined block as fast as possible */

package/src/services/tx_collection/tx_collection_sink.ts

@@ -58,17 +58,48 @@ export class TxCollectionSink extends (EventEmitter as new () => TypedEventEmitt
       return { txs, requested, duration };
     }
 
+    // Validate tx hashes for all collected txs from external sources
+    const validTxs: Tx[] = [];
+    const invalidTxHashes: string[] = [];
+    await Promise.all(
+      txs.map(async tx => {
+        const isValid = await tx.validateTxHash();
+        if (isValid) {
+          validTxs.push(tx);
+        } else {
+          invalidTxHashes.push(tx.getTxHash().toString());
+        }
+      }),
+    );
+
+    if (invalidTxHashes.length > 0) {
+      this.log.warn(`Rejecting ${invalidTxHashes.length} txs with invalid hashes from ${info.description}`, {
+        ...info,
+        invalidTxHashes,
+      });
+    }
+
+    if (validTxs.length === 0) {
+      this.log.trace(`No valid txs found via ${info.description} after validation`, {
+        ...info,
+        requestedTxs: requested.map(t => t.toString()),
+        invalidTxHashes,
+      });
+      return { txs: [], requested, duration };
+    }
+
     this.log.verbose(
-      `Collected ${txs.length} txs out of ${requested.length} requested via ${info.description} in ${duration}ms`,
+      `Collected ${validTxs.length} txs out of ${requested.length} requested via ${info.description} in ${duration}ms`,
       {
         ...info,
         duration,
-        txs: txs.map(t => t.getTxHash().toString()),
+        txs: validTxs.map(t => t.getTxHash().toString()),
         requestedTxs: requested.map(t => t.toString()),
+        rejectedCount: invalidTxHashes.length,
       },
     );
 
-    return await this.foundTxs(txs, { ...info, duration });
+    return await this.foundTxs(validTxs, { ...info, duration });
   }
 
   private async foundTxs(

package/src/services/tx_collection/tx_source.ts

@@ -1,5 +1,5 @@
 import { getVKTreeRoot } from '@aztec/noir-protocol-circuits-types/vk-tree';
-import { protocolContractTreeRoot } from '@aztec/protocol-contracts';
+import { protocolContractsHash } from '@aztec/protocol-contracts';
 import type { ChainConfig } from '@aztec/stdlib/config';
 import { type AztecNode, createAztecNodeClient } from '@aztec/stdlib/interfaces/client';
 import type { Tx, TxHash } from '@aztec/stdlib/tx';
@@ -32,6 +32,6 @@ export class NodeRpcTxSource implements TxSource {
 }
 
 export function createNodeRpcTxSources(urls: string[], chainConfig: ChainConfig) {
-  const versions = getComponentsVersionsFromConfig(chainConfig, protocolContractTreeRoot, getVKTreeRoot());
+  const versions = getComponentsVersionsFromConfig(chainConfig, protocolContractsHash, getVKTreeRoot());
   return urls.map(url => NodeRpcTxSource.fromUrl(url, versions));
 }

package/src/services/tx_provider.ts

@@ -55,11 +55,12 @@ export class TxProvider implements ITxProvider {
   /** Gathers txs from the tx pool, proposal body, remote rpc nodes, and reqresp. */
   public getTxsForBlockProposal(
     blockProposal: BlockProposal,
+    blockNumber: number,
     opts: { pinnedPeer: PeerId | undefined; deadline: Date },
   ): Promise<{ txs: Tx[]; missingTxs: TxHash[] }> {
     return this.getOrderedTxsFromAllSources(
-      { type: 'proposal', blockProposal },
-      blockProposal.toBlockInfo(),
+      { type: 'proposal', blockProposal, blockNumber },
+      { ...blockProposal.toBlockInfo(), blockNumber },
       blockProposal.txHashes,
       { ...opts, pinnedPeer: opts.pinnedPeer },
     );