@aztec/p2p 3.0.0-canary.a9708bd → 3.0.0-devnet.2-patch.1

package/src/mem_pools/tx_pool/memory_tx_pool.ts

@@ -1,3 +1,4 @@
+import { BlockNumber } from '@aztec/foundation/branded-types';
 import { createLogger } from '@aztec/foundation/log';
 import type { TypedEventEmitter } from '@aztec/foundation/types';
 import type { TxAddedToPoolStats } from '@aztec/stdlib/stats';
@@ -18,8 +19,11 @@ export class InMemoryTxPool extends (EventEmitter as new () => TypedEventEmitter
    * Our tx pool, stored as a Map in-memory, with K: tx hash and V: the transaction.
    */
   private txs: Map<bigint, Tx>;
-  private minedTxs: Map<bigint, number>;
+  private minedTxs: Map<bigint, BlockNumber>;
   private pendingTxs: Set<bigint>;
+  private deletedMinedTxHashes: Map<bigint, BlockNumber>;
+  // eslint-disable-next-line aztec-custom/no-non-primitive-in-collections
+  private blockToDeletedMinedTxHash: Map<BlockNumber, Set<bigint>>;
 
   private metrics: PoolInstrumentation<Tx>;
 
@@ -35,6 +39,8 @@ export class InMemoryTxPool extends (EventEmitter as new () => TypedEventEmitter
     this.txs = new Map<bigint, Tx>();
     this.minedTxs = new Map();
     this.pendingTxs = new Set();
+    this.deletedMinedTxHashes = new Map();
+    this.blockToDeletedMinedTxHash = new Map();
     this.metrics = new PoolInstrumentation(telemetry, PoolName.TX_POOL, this.countTx);
   }
 
@@ -54,6 +60,19 @@ export class InMemoryTxPool extends (EventEmitter as new () => TypedEventEmitter
   public markAsMined(txHashes: TxHash[], blockHeader: BlockHeader): Promise<void> {
     const keys = txHashes.map(x => x.toBigInt());
     for (const key of keys) {
+      // If this tx was previously soft-deleted, remove it from the deleted sets
+      if (this.deletedMinedTxHashes.has(key)) {
+        const originalBlock = this.deletedMinedTxHashes.get(key)!;
+        this.deletedMinedTxHashes.delete(key);
+        // Remove from block-to-hash mapping
+        const txHashesForBlock = this.blockToDeletedMinedTxHash.get(originalBlock);
+        if (txHashesForBlock) {
+          txHashesForBlock.delete(key);
+          if (txHashesForBlock.size === 0) {
+            this.blockToDeletedMinedTxHash.delete(originalBlock);
+          }
+        }
+      }
       this.minedTxs.set(key, blockHeader.globalVariables.blockNumber);
       this.pendingTxs.delete(key);
     }
@@ -83,27 +102,37 @@ export class InMemoryTxPool extends (EventEmitter as new () => TypedEventEmitter
       (tx1, tx2) => -getPendingTxPriority(tx1).localeCompare(getPendingTxPriority(tx2)),
     );
     const txHashes = await Promise.all(txs.map(tx => tx.getTxHash()));
-    return txHashes.filter(txHash => this.pendingTxs.has(txHash.toBigInt()));
+
+    // No need to check deleted since pending txs are never soft-deleted
+    return txHashes.filter(txHash => {
+      const key = txHash.toBigInt();
+      return this.pendingTxs.has(key);
+    });
   }
 
-  public getMinedTxHashes(): Promise<[TxHash, number][]> {
+  public getMinedTxHashes(): Promise<[TxHash, BlockNumber][]> {
     return Promise.resolve(
       Array.from(this.minedTxs.entries()).map(([txHash, blockNumber]) => [TxHash.fromBigInt(txHash), blockNumber]),
     );
   }
 
   public getPendingTxCount(): Promise<number> {
+    // Soft-deleted transactions are always mined, never pending
     return Promise.resolve(this.pendingTxs.size);
   }
 
-  public getTxStatus(txHash: TxHash): Promise<'pending' | 'mined' | undefined> {
+  public getTxStatus(txHash: TxHash): Promise<'pending' | 'mined' | 'deleted' | undefined> {
     const key = txHash.toBigInt();
-    if (this.pendingTxs.has(key)) {
-      return Promise.resolve('pending');
+
+    if (this.deletedMinedTxHashes.has(key)) {
+      return Promise.resolve('deleted');
     }
     if (this.minedTxs.has(key)) {
       return Promise.resolve('mined');
     }
+    if (this.pendingTxs.has(key)) {
+      return Promise.resolve('pending');
+    }
     return Promise.resolve(undefined);
   }
 
@@ -124,6 +153,11 @@ export class InMemoryTxPool extends (EventEmitter as new () => TypedEventEmitter
     return Promise.resolve(txHashes.map(txHash => this.txs.has(txHash.toBigInt())));
   }
 
+  async hasTx(txHash: TxHash): Promise<boolean> {
+    const result = await this.hasTxs([txHash]);
+    return result[0];
+  }
+
   public getArchivedTxByHash(): Promise<Tx | undefined> {
     return Promise.resolve(undefined);
   }
@@ -161,15 +195,34 @@ export class InMemoryTxPool extends (EventEmitter as new () => TypedEventEmitter
 
   /**
    * Deletes transactions from the pool. Tx hashes that are not present are ignored.
-   * @param txHashes - An array of tx hashes to be removed from the tx pool.
-   * @returns The number of transactions that was deleted from the pool.
+   * Mined transactions are soft-deleted with a timestamp, pending transactions are permanently deleted.
+   * @param txHashes - An array of tx hashes to be deleted from the tx pool.
+   * @returns Empty promise.
    */
-  public deleteTxs(txHashes: TxHash[]): Promise<void> {
+  public deleteTxs(txHashes: TxHash[], opts?: { permanently?: boolean }): Promise<void> {
     for (const txHash of txHashes) {
       const key = txHash.toBigInt();
-      this.txs.delete(key);
-      this.pendingTxs.delete(key);
-      this.minedTxs.delete(key);
+      if (this.txs.has(key)) {
+        if (this.minedTxs.has(key)) {
+          const blockNumber = this.minedTxs.get(key)!;
+          this.minedTxs.delete(key);
+          // Soft-delete mined transactions: remove from mined set but keep in storage
+          if (opts?.permanently) {
+            // Permanently delete mined transactions if specified
+            this.txs.delete(key);
+          } else {
+            this.deletedMinedTxHashes.set(key, blockNumber);
+            if (!this.blockToDeletedMinedTxHash.has(blockNumber)) {
+              this.blockToDeletedMinedTxHash.set(blockNumber, new Set());
+            }
+            this.blockToDeletedMinedTxHash.get(blockNumber)!.add(key);
+          }
+        } else {
+          // Permanently delete pending transactions
+          this.txs.delete(key);
+          this.pendingTxs.delete(key);
+        }
+      }
     }
 
     return Promise.resolve();
@@ -196,4 +249,37 @@ export class InMemoryTxPool extends (EventEmitter as new () => TypedEventEmitter
   markTxsAsNonEvictable(_: TxHash[]): Promise<void> {
     return Promise.resolve();
   }
+
+  /**
+   * Permanently deletes deleted mined transactions from blocks up to and including the specified block number.
+   * @param blockNumber - Block number threshold. Deleted mined txs from this block or earlier will be permanently deleted.
+   * @returns The number of transactions permanently deleted.
+   */
+  public cleanupDeletedMinedTxs(blockNumber: BlockNumber): Promise<number> {
+    let deletedCount = 0;
+    const blocksToDelete: BlockNumber[] = [];
+
+    // Find all blocks up to the specified block number
+    for (const [block, txHashes] of this.blockToDeletedMinedTxHash.entries()) {
+      if (block <= blockNumber) {
+        // Permanently delete all transactions from this block
+        for (const txHash of txHashes) {
+          this.txs.delete(txHash);
+          this.deletedMinedTxHashes.delete(txHash);
+          deletedCount++;
+        }
+        blocksToDelete.push(block);
+      }
+    }
+
+    // Clean up block-to-hash mapping
+    for (const block of blocksToDelete) {
+      this.blockToDeletedMinedTxHash.delete(block);
+    }
+
+    if (deletedCount > 0) {
+      this.log.debug(`Permanently deleted ${deletedCount} deleted mined txs from blocks up to ${blockNumber}`);
+    }
+    return Promise.resolve(deletedCount);
+  }
 }

package/src/mem_pools/tx_pool/tx_pool.ts

@@ -1,3 +1,4 @@
+import type { BlockNumber } from '@aztec/foundation/branded-types';
 import type { TypedEventEmitter } from '@aztec/foundation/types';
 import type { BlockHeader, Tx, TxHash } from '@aztec/stdlib/tx';
 
@@ -43,6 +44,13 @@ export interface TxPool extends TypedEventEmitter<TxPoolEvents> {
    */
   hasTxs(txHashes: TxHash[]): Promise<boolean[]>;
 
+  /**
+   * Checks if a transaction exists in the pool
+   * @param txHash - The hash of the transaction to check for
+   * @returns True if the transaction exists, false otherwise
+   */
+  hasTx(txHash: TxHash): Promise<boolean>;
+
   /**
    * Checks if an archived transaction exists in the pool and returns it.
    * @param txHash - The hash of the transaction, used as an ID.
@@ -68,7 +76,7 @@ export interface TxPool extends TypedEventEmitter<TxPoolEvents> {
    * Deletes transactions from the pool. Tx hashes that are not present are ignored.
    * @param txHashes - An array of tx hashes to be removed from the tx pool.
    */
-  deleteTxs(txHashes: TxHash[]): Promise<void>;
+  deleteTxs(txHashes: TxHash[], opts?: { permanently?: boolean }): Promise<void>;
 
   /**
    * Gets all transactions currently in the tx pool.
@@ -95,14 +103,14 @@ export interface TxPool extends TypedEventEmitter<TxPoolEvents> {
    * Gets the hashes of mined transactions currently in the tx pool.
    * @returns An array of mined transaction hashes found in the tx pool.
    */
-  getMinedTxHashes(): Promise<[tx: TxHash, blockNumber: number][]>;
+  getMinedTxHashes(): Promise<[tx: TxHash, blockNumber: BlockNumber][]>;
 
   /**
-   * Returns whether the given tx hash is flagged as pending or mined.
+   * Returns whether the given tx hash is flagged as pending, mined, or deleted.
    * @param txHash - Hash of the tx to query.
-   * @returns Pending or mined depending on its status, or undefined if not found.
+   * @returns Pending, mined, or deleted depending on its status, or undefined if not found.
    */
-  getTxStatus(txHash: TxHash): Promise<'pending' | 'mined' | undefined>;
+  getTxStatus(txHash: TxHash): Promise<'pending' | 'mined' | 'deleted' | undefined>;
 
   /**
    * Configure the maximum size of the tx pool
@@ -118,4 +126,11 @@ export interface TxPool extends TypedEventEmitter<TxPoolEvents> {
    * @param txHashes - Hashes of the transactions to mark as non-evictible.
    */
   markTxsAsNonEvictable(txHashes: TxHash[]): Promise<void>;
+
+  /**
+   * Permanently deletes deleted mined transactions from blocks up to and including the specified block number.
+   * @param blockNumber - Block number threshold. Deleted mined txs from this block or earlier will be permanently deleted.
+   * @returns The number of transactions permanently deleted.
+   */
+  cleanupDeletedMinedTxs(blockNumber: BlockNumber): Promise<number>;
 }

package/src/mem_pools/tx_pool/tx_pool_test_suite.ts

@@ -1,3 +1,4 @@
+import { BlockNumber } from '@aztec/foundation/branded-types';
 import { unfreeze } from '@aztec/foundation/types';
 import { GasFees } from '@aztec/stdlib/gas';
 import { mockTx } from '@aztec/stdlib/testing';
@@ -13,7 +14,7 @@ export function describeTxPool(getTxPool: () => TxPool) {
   let pool: TxPool;
 
   const minedBlockHeader = BlockHeader.empty({
-    globalVariables: GlobalVariables.empty({ blockNumber: 1, timestamp: 0n }),
+    globalVariables: GlobalVariables.empty({ blockNumber: BlockNumber(1), timestamp: 0n }),
   });
 
   beforeEach(() => {
@@ -54,14 +55,24 @@ export function describeTxPool(getTxPool: () => TxPool) {
     expect(txsFromEvent).toEqual(expect.arrayContaining([tx2, tx3]));
   });
 
-  it('removes txs from the pool', async () => {
-    const tx1 = await mockTx();
+  it('permanently deletes pending txs and soft-deletes mined txs', async () => {
+    const pendingTx = await mockTx(1);
+    const minedTx = await mockTx(2);
 
-    await pool.addTxs([tx1]);
-    await pool.deleteTxs([tx1.getTxHash()]);
+    await pool.addTxs([pendingTx, minedTx]);
+    await pool.markAsMined([minedTx.getTxHash()], minedBlockHeader);
+
+    // Delete a pending tx - should be permanently deleted
+    await pool.deleteTxs([pendingTx.getTxHash()]);
+    await expect(pool.getTxByHash(pendingTx.getTxHash())).resolves.toBeUndefined();
+    await expect(pool.getTxStatus(pendingTx.getTxHash())).resolves.toBeUndefined();
+
+    // Delete a mined tx - should be soft-deleted (still in storage)
+    await pool.deleteTxs([minedTx.getTxHash()]);
+    await expect(pool.getTxByHash(minedTx.getTxHash())).resolves.toBeDefined();
+    await expect(pool.getTxStatus(minedTx.getTxHash())).resolves.toEqual('deleted');
+    await expect(pool.getMinedTxHashes()).resolves.toEqual([]);
 
-    await expect(pool.getTxByHash(tx1.getTxHash())).resolves.toBeFalsy();
-    await expect(pool.getTxStatus(tx1.getTxHash())).resolves.toBeUndefined();
     await expect(pool.getPendingTxCount()).resolves.toEqual(0);
   });
 
@@ -203,4 +214,101 @@ export function describeTxPool(getTxPool: () => TxPool) {
     expect(poolTxHashes).toHaveLength(4);
     expect(poolTxHashes).toEqual([tx4, tx1, tx3, tx2].map(tx => tx.getTxHash()));
   });
+
+  describe('soft-delete', () => {
+    it('soft-deletes mined txs and keeps them in storage', async () => {
+      const txs = await Promise.all([mockTx(1), mockTx(2), mockTx(3)]);
+      await pool.addTxs(txs);
+
+      // Mark first tx as mined
+      await pool.markAsMined([txs[0].getTxHash()], minedBlockHeader);
+
+      // Verify initial state
+      await expect(pool.getPendingTxCount()).resolves.toBe(2);
+      await expect(pool.getTxByHash(txs[0].getTxHash())).resolves.toBeDefined();
+      await expect(pool.getTxByHash(txs[1].getTxHash())).resolves.toBeDefined();
+
+      // Delete mined tx - should be soft-deleted
+      await pool.deleteTxs([txs[0].getTxHash()]);
+
+      // Delete pending tx - should be permanently deleted
+      await pool.deleteTxs([txs[1].getTxHash()]);
+
+      // Verify mined tx still exists in storage but has 'deleted' status
+      await expect(pool.getTxByHash(txs[0].getTxHash())).resolves.toBeDefined();
+      await expect(pool.getTxStatus(txs[0].getTxHash())).resolves.toEqual('deleted');
+
+      // Verify pending tx is permanently deleted
+      await expect(pool.getTxByHash(txs[1].getTxHash())).resolves.toBeUndefined();
+      await expect(pool.getTxStatus(txs[1].getTxHash())).resolves.toBeUndefined();
+
+      // Verify remaining pending count
+      await expect(pool.getPendingTxCount()).resolves.toBe(1);
+
+      // Verify pending hashes don't include deleted txs
+      const pendingHashes = await pool.getPendingTxHashes();
+      expect(pendingHashes).toHaveLength(1);
+      expect(pendingHashes.map(h => h.toString())).toContain(txs[2].getTxHash().toString());
+    });
+
+    it('cleans up old deleted mined transactions', async () => {
+      const txs = await Promise.all([mockTx(1), mockTx(2), mockTx(3)]);
+      await pool.addTxs(txs);
+
+      // Mark first two as mined in block 1
+      await pool.markAsMined([txs[0].getTxHash(), txs[1].getTxHash()], minedBlockHeader);
+
+      // Soft-delete mined transactions
+      await pool.deleteTxs([txs[0].getTxHash(), txs[1].getTxHash()]);
+
+      // Clean up deleted mined txs from block 1 and earlier
+      const deletedCount = await pool.cleanupDeletedMinedTxs(BlockNumber(1));
+
+      // Verify old transactions are permanently deleted
+      expect(deletedCount).toBe(2);
+      await expect(pool.getTxByHash(txs[0].getTxHash())).resolves.toBeUndefined();
+      await expect(pool.getTxByHash(txs[1].getTxHash())).resolves.toBeUndefined();
+      await expect(pool.getTxByHash(txs[2].getTxHash())).resolves.toBeDefined();
+    });
+
+    it('does not clean up recent deleted mined transactions', async () => {
+      const txs = await Promise.all([mockTx(1), mockTx(2)]);
+      await pool.addTxs(txs);
+
+      // Mark as mined in block 2
+      const laterBlockHeader = BlockHeader.empty({
+        globalVariables: GlobalVariables.empty({ blockNumber: BlockNumber(2), timestamp: 0n }),
+      });
+      await pool.markAsMined([txs[0].getTxHash()], laterBlockHeader);
+
+      // Soft-delete a mined transaction
+      await pool.deleteTxs([txs[0].getTxHash()]);
+
+      // Try to clean up with block 1 (before the mined block)
+      const deletedCount = await pool.cleanupDeletedMinedTxs(BlockNumber(1));
+
+      // Verify no transactions were cleaned up
+      expect(deletedCount).toBe(0);
+      await expect(pool.getTxByHash(txs[0].getTxHash())).resolves.toBeDefined();
+    });
+
+    it('restores deleted mined tx when it is mined again', async () => {
+      const tx = await mockTx(1);
+      await pool.addTxs([tx]);
+
+      // Mark as mined
+      await pool.markAsMined([tx.getTxHash()], minedBlockHeader);
+
+      // Soft-delete it
+      await pool.deleteTxs([tx.getTxHash()]);
+      await expect(pool.getTxStatus(tx.getTxHash())).resolves.toEqual('deleted');
+
+      // Mark as mined again (e.g., after a reorg)
+      await pool.markAsMined([tx.getTxHash()], minedBlockHeader);
+
+      // Should be back to mined status
+      await expect(pool.getTxStatus(tx.getTxHash())).resolves.toEqual('mined');
+      await expect(pool.getTxByHash(tx.getTxHash())).resolves.toBeDefined();
+    });
+  });
 }

package/src/msg_validators/attestation_validator/attestation_validator.ts

@@ -1,31 +1,66 @@
 import type { EpochCacheInterface } from '@aztec/epoch-cache';
-import { NoCommitteeError } from '@aztec/ethereum';
+import { NoCommitteeError } from '@aztec/ethereum/contracts';
+import { type Logger, createLogger } from '@aztec/foundation/log';
 import { type BlockAttestation, type P2PValidator, PeerErrorSeverity } from '@aztec/stdlib/p2p';
 
 export class AttestationValidator implements P2PValidator<BlockAttestation> {
-  private epochCache: EpochCacheInterface;
+  protected epochCache: EpochCacheInterface;
+  protected logger: Logger;
 
   constructor(epochCache: EpochCacheInterface) {
     this.epochCache = epochCache;
+    this.logger = createLogger('p2p:attestation-validator');
   }
 
   async validate(message: BlockAttestation): Promise<PeerErrorSeverity | undefined> {
+    const slotNumber = message.payload.header.slotNumber;
+
     try {
-      const { currentSlot, nextSlot } = await this.epochCache.getProposerAttesterAddressInCurrentOrNextSlot();
+      const { currentProposer, nextProposer, currentSlot, nextSlot } =
+        await this.epochCache.getProposerAttesterAddressInCurrentOrNextSlot();
 
-      const slotNumberBigInt = message.payload.header.slotNumber.toBigInt();
-      if (slotNumberBigInt !== currentSlot && slotNumberBigInt !== nextSlot) {
+      if (slotNumber !== currentSlot && slotNumber !== nextSlot) {
+        this.logger.warn(`Attestation slot ${slotNumber} is not current (${currentSlot}) or next (${nextSlot}) slot`);
         return PeerErrorSeverity.HighToleranceError;
       }
 
+      // Verify the signature is valid
       const attester = message.getSender();
-      if (!(await this.epochCache.isInCommittee(slotNumberBigInt, attester))) {
+      if (attester === undefined) {
+        this.logger.warn(`Invalid signature in attestation for slot ${slotNumber}`);
+        return PeerErrorSeverity.LowToleranceError;
+      }
+
+      // Verify the attester is in the committee for this slot
+      if (!(await this.epochCache.isInCommittee(slotNumber, attester))) {
+        this.logger.warn(`Attester ${attester.toString()} is not in committee for slot ${slotNumber}`);
+        return PeerErrorSeverity.HighToleranceError;
+      }
+
+      // Verify the proposer signature matches the expected proposer for this slot
+      const proposer = message.getProposer();
+      const expectedProposer = slotNumber === currentSlot ? currentProposer : nextProposer;
+      if (!expectedProposer) {
+        this.logger.warn(`No proposer defined for slot ${slotNumber}`);
+        return PeerErrorSeverity.HighToleranceError;
+      }
+      if (!proposer) {
+        this.logger.warn(`Invalid proposer signature in attestation for slot ${slotNumber}`);
+        return PeerErrorSeverity.LowToleranceError;
+      }
+      if (!proposer.equals(expectedProposer)) {
+        this.logger.warn(
+          `Proposer signature mismatch in attestation. ` +
+            `Expected ${expectedProposer?.toString() ?? 'none'} but got ${proposer.toString()} for slot ${slotNumber}`,
+        );
         return PeerErrorSeverity.HighToleranceError;
       }
+
       return undefined;
     } catch (e) {
       // People shouldn't be sending us attestations if the committee doesn't exist
       if (e instanceof NoCommitteeError) {
+        this.logger.warn(`No committee exists for attestation for slot ${slotNumber}`);
         return PeerErrorSeverity.LowToleranceError;
       }
       throw e;

package/src/msg_validators/attestation_validator/fisherman_attestation_validator.ts

@@ -0,0 +1,91 @@
+import type { EpochCacheInterface } from '@aztec/epoch-cache';
+import { type BlockAttestation, PeerErrorSeverity } from '@aztec/stdlib/p2p';
+import { Attributes, Metrics, type TelemetryClient, ValueType } from '@aztec/telemetry-client';
+
+import type { AttestationPool } from '../../mem_pools/attestation_pool/attestation_pool.js';
+import { AttestationValidator } from './attestation_validator.js';
+
+/**
+ * FishermanAttestationValidator extends the base AttestationValidator to add
+ * additional validation for fisherman nodes: verifying that attestations sign
+ * the same payload as the original proposal.
+ * Invalid attestations are rejected (not propagated), but peer penalization is
+ * handled by LibP2PService based on the fishermanMode config to ensure a better
+ * view of the network.
+ */
+export class FishermanAttestationValidator extends AttestationValidator {
+  private invalidAttestationCounter;
+
+  constructor(
+    epochCache: EpochCacheInterface,
+    private attestationPool: AttestationPool,
+    telemetryClient: TelemetryClient,
+  ) {
+    super(epochCache);
+    this.logger = this.logger.createChild('[FISHERMAN]');
+
+    const meter = telemetryClient.getMeter('FishermanAttestationValidator');
+    this.invalidAttestationCounter = meter.createUpDownCounter(Metrics.VALIDATOR_INVALID_ATTESTATION_RECEIVED_COUNT, {
+      description: 'The number of invalid attestations received',
+      valueType: ValueType.INT,
+    });
+  }
+
+  override async validate(message: BlockAttestation): Promise<PeerErrorSeverity | undefined> {
+    // First run the standard validation
+    const baseValidationResult = await super.validate(message);
+    if (baseValidationResult !== undefined) {
+      // Track base validation failures (invalid signature, wrong committee, etc.)
+      this.invalidAttestationCounter.add(1, {
+        [Attributes.ERROR_TYPE]: 'base_validation_failed',
+      });
+      return baseValidationResult;
+    }
+
+    // fisherman validation: verify attestation payload matches proposal payload
+    const slotNumberBigInt = message.payload.header.slotNumber;
+    const attester = message.getSender();
+    const proposer = message.getProposer();
+
+    if (!attester || !proposer) {
+      return undefined;
+    }
+
+    const proposalId = message.archive.toString();
+    const proposal = await this.attestationPool.getBlockProposal(proposalId);
+
+    if (proposal) {
+      // Compare the attestation payload with the proposal payload
+      if (!message.payload.equals(proposal.payload)) {
+        this.logger.error(
+          `Attestation payload mismatch for slot ${slotNumberBigInt}! ` +
+            `Attester ${attester.toString()} signed different data than the proposal.`,
+          {
+            slot: slotNumberBigInt.toString(),
+            attester: attester.toString(),
+            proposer: proposer.toString(),
+            proposalArchive: proposal.archive.toString(),
+            attestationArchive: message.archive.toString(),
+            proposalHeader: proposal.payload.header.hash().toString(),
+            attestationHeader: message.payload.header.hash().toString(),
+          },
+        );
+
+        // Track invalid attestation metric
+        this.invalidAttestationCounter.add(1, {
+          [Attributes.ERROR_TYPE]: 'payload_mismatch',
+        });
+
+        // Return error to reject the message, but LibP2PService won't penalize in fisherman mode
+        return PeerErrorSeverity.LowToleranceError;
+      }
+    } else {
+      // We might receive attestations before proposals in some cases
+      this.logger.debug(
+        `Received attestation for slot ${slotNumberBigInt} but proposal not found yet. ` + `Proposal ID: ${proposalId}`,
+      );
+    }
+
+    return undefined;
+  }
+}

package/src/msg_validators/attestation_validator/index.ts

@@ -1 +1,2 @@
 export * from './attestation_validator.js';
+export * from './fisherman_attestation_validator.js';

package/src/msg_validators/block_proposal_validator/block_proposal_validator.ts

@@ -1,43 +1,88 @@
 import type { EpochCacheInterface } from '@aztec/epoch-cache';
-import { NoCommitteeError } from '@aztec/ethereum';
+import { NoCommitteeError } from '@aztec/ethereum/contracts';
 import { type Logger, createLogger } from '@aztec/foundation/log';
 import { type BlockProposal, type P2PValidator, PeerErrorSeverity } from '@aztec/stdlib/p2p';
 
 export class BlockProposalValidator implements P2PValidator<BlockProposal> {
   private epochCache: EpochCacheInterface;
   private logger: Logger;
+  private txsPermitted: boolean;
 
-  constructor(epochCache: EpochCacheInterface) {
+  constructor(epochCache: EpochCacheInterface, opts: { txsPermitted: boolean }) {
     this.epochCache = epochCache;
+    this.txsPermitted = opts.txsPermitted;
     this.logger = createLogger('p2p:block_proposal_validator');
   }
 
   async validate(block: BlockProposal): Promise<PeerErrorSeverity | undefined> {
     try {
+      // Check signature validity first - invalid signatures are a high-severity issue
+      const proposer = block.getSender();
+      if (!proposer) {
+        this.logger.debug(`Penalizing peer for block proposal with invalid signature`);
+        return PeerErrorSeverity.MidToleranceError;
+      }
+
+      // Check if transactions are permitted when the proposal contains transaction hashes
+      const embeddedTxCount = block.txs?.length ?? 0;
+      if (!this.txsPermitted && (block.txHashes.length > 0 || embeddedTxCount > 0)) {
+        this.logger.debug(
+          `Penalizing peer for block proposal with ${block.txHashes.length} transaction(s) when transactions are not permitted`,
+        );
+        return PeerErrorSeverity.MidToleranceError;
+      }
+
+      // If there are embedded txs, they must be listed in txHashes; if there are no txHashes, there must be no txs
+      const hashSet = new Set(block.txHashes.map(h => h.toString()));
+      const missingTxHashes =
+        embeddedTxCount > 0
+          ? block.txs!.filter(tx => !hashSet.has(tx.getTxHash().toString())).map(tx => tx.getTxHash().toString())
+          : [];
+      if (embeddedTxCount > 0 && missingTxHashes.length > 0) {
+        this.logger.warn('Penalizing peer for embedded transaction(s) not included in txHashes', {
+          embeddedTxCount,
+          txHashesLength: block.txHashes.length,
+          missingTxHashes,
+        });
+        return PeerErrorSeverity.MidToleranceError;
+      }
+
       const { currentProposer, nextProposer, currentSlot, nextSlot } =
         await this.epochCache.getProposerAttesterAddressInCurrentOrNextSlot();
 
       // Check that the attestation is for the current or next slot
-      const slotNumberBigInt = block.payload.header.slotNumber.toBigInt();
-      if (slotNumberBigInt !== currentSlot && slotNumberBigInt !== nextSlot) {
-        this.logger.debug(
-          `Penalizing peer for invalid slot number ${slotNumberBigInt}, current slot: ${currentSlot}, next slot: ${nextSlot}`,
-        );
+      const slotNumber = block.payload.header.slotNumber;
+      if (slotNumber !== currentSlot && slotNumber !== nextSlot) {
+        this.logger.debug(`Penalizing peer for invalid slot number ${slotNumber}`, { currentSlot, nextSlot });
         return PeerErrorSeverity.HighToleranceError;
       }
 
       // Check that the block proposal is from the current or next proposer
-      const proposer = block.getSender();
-      if (
-        currentProposer !== undefined &&
-        !proposer.equals(currentProposer) &&
-        nextProposer !== undefined &&
-        !proposer.equals(nextProposer)
-      ) {
-        this.logger.debug(
-          `Penalizing peer for invalid proposer ${proposer.toString()}, current proposer: ${currentProposer.toString()}, next proposer: ${nextProposer.toString()}`,
-        );
-        return PeerErrorSeverity.HighToleranceError;
+      if (slotNumber === currentSlot && currentProposer !== undefined && !proposer.equals(currentProposer)) {
+        this.logger.debug(`Penalizing peer for invalid proposer for current slot ${slotNumber}`, {
+          currentProposer,
+          nextProposer,
+          proposer: proposer.toString(),
+        });
+        return PeerErrorSeverity.MidToleranceError;
+      }
+
+      if (slotNumber === nextSlot && nextProposer !== undefined && !proposer.equals(nextProposer)) {
+        this.logger.debug(`Penalizing peer for invalid proposer for next slot ${slotNumber}`, {
+          currentProposer,
+          nextProposer,
+          proposer: proposer.toString(),
+        });
+        return PeerErrorSeverity.MidToleranceError;
+      }
+
+      // Validate tx hashes for all txs embedded in the proposal
+      if (!(await Promise.all(block.txs?.map(tx => tx.validateTxHash()) ?? [])).every(v => v)) {
+        this.logger.warn(`Penalizing peer for invalid tx hashes in block proposal`, {
+          proposer,
+          slotNumber,
+        });
+        return PeerErrorSeverity.LowToleranceError;
       }
 
       return undefined;

package/src/msg_validators/tx_validator/archive_cache.ts

@@ -1,4 +1,4 @@
-import type { Fr } from '@aztec/foundation/fields';
+import type { Fr } from '@aztec/foundation/curves/bn254';
 import type { ArchiveSource } from '@aztec/p2p';
 import type { MerkleTreeReadOperations } from '@aztec/stdlib/interfaces/server';
 import { MerkleTreeId } from '@aztec/stdlib/trees';