@aztec/slasher 0.0.1-commit.24de95ac

package/dest/empire_slasher_client.js

@@ -0,0 +1,572 @@
+import { sumBigint } from '@aztec/foundation/bigint';
+import { compactArray, filterAsync, maxBy, pick } from '@aztec/foundation/collection';
+import { EthAddress } from '@aztec/foundation/eth-address';
+import { createLogger } from '@aztec/foundation/log';
+import { sleep } from '@aztec/foundation/sleep';
+import { getFirstEligibleRoundForOffense, getOffenseIdentifiersFromPayload, getPenaltyForOffense, isOffenseUncontroversial, offenseDataComparator, offensesToValidatorSlash } from '@aztec/stdlib/slashing';
+import { SlashOffensesCollector } from './slash_offenses_collector.js';
+import { SlashRoundMonitor } from './slash_round_monitor.js';
+/**
+ * The Empire Slasher client is responsible for managing slashable offenses and slash payloads
+ * using the Empire slashing model where fixed payloads are created and voted on.
+ *
+ * The client subscribes to several slash watchers that emit offenses and tracks them. When the slasher is the
+ * proposer, it aggregates pending offenses from previous rounds and creates slash payloads, or votes for previous
+ * slash payloads.
+ * Voting is handled by the sequencer publisher, the slasher client does not interact with L1 directly.
+ * The client also monitors slash payloads created by other nodes, and executes them when they become submittable.
+ *
+ * Payload creation and selection
+ * - At each L2 slot in a slashing round, the proposer for that L2 slot may vote for an existing slashing payload or
+ * create one of their own. Note that anyone can create a slash payload on L1, but nodes will only follow payloads
+ * from proposers; we could enforce this on L1, but we do not want to make any changes there if we can avoid it.
+ * - If it is the first L2 slot in the slashing round, there is nothing to vote for, so the proposer creates a slash
+ * payload and votes for it.
+ * - On their turn, each proposer computes a score for each payload in the round. This score is a function of the
+ * total offences slashed, how many votes it has received so far, and how far into the round we are. The score for a
+ * payload is zero if the proposer disagrees with it (see "agreement" below).
+ * - The proposer also computes the score for the payload they would create. If the resulting score is higher than
+ * any existing payload, it creates the payload. Otherwise, it votes for the one with the highest score.
+ *
+ * Collecting offences
+ * - Whenever a node spots a slashable offence, they store it and add it to a local collection of "pending
+ * offences". When a proposer needs to create a slash payload, they include all pending offences from previous
+ * rounds. This means an offence is **only slashable in the next round it happened** (or a future one).
+ * - Each offence also carries an epoch or block identifier, so we can differentiate two offences of the same kind by
+ * the same validator.
+ * - When a slash payload is flagged as executable (as in it got enough votes to be executed), nodes remove all
+ * slashed offences in the payload from their collection of pending offences.
+ * - Pending offences expire after a configurable time. This is to minimize divergences. For instance, a validator
+ * that has to be slashed due to inactivity 50 epochs ago will only be considered for slashing by nodes that were
+ * online 50 epochs ago. We propose using the validator exit window as expiration time, any value higher means that
+ * we may try slashing validators that have exited the set already.
+ *
+ * Agreement and scoring
+ * - A proposer will *agree* with a slash payload if it *agrees* with every offence in the payload, all
+ * *uncontroversial* offences from the past round are included, and it is below a configurable maximum size.
+ * - An *uncontroversial* offence is one where every node agrees that a slash is in order, regardless of any p2p
+ * network partitions. The only uncontroversial offence we have now is "proposing a block on L1 with invalid
+ * attestations".
+ * - A proposer will *agree* with a given offence if it is present in its list of "pending offences", and the
+ * slashing amount is within a configurable min-max range.
+ * - Slash payloads need a maximum size to ensure they can don't exceed the maximum L1 gas per tx when executed.
+ * This is configurable but depends on the L1 contracts implementation. When creating a payload, if there are too
+ * many pending offences to fit, proposers favor the offences with the highest slashing amount first, tie-breaking by
+ * choosing the most recent ones.
+ * - The scoring function will boost proposals with more agreed slashes, as well as proposals with more votes, and
+ * will disincentivize the creation of new proposals as the end of the round nears. This function will NOT be
+ * enforced on L1.
+ *
+ * Execution
+ * - Once a slash payload becomes executable, the next proposer is expected to execute it. If they don't, the
+ * following does, and so on. No gas rebate is given.
+ */ export class EmpireSlasherClient {
+    config;
+    settings;
+    slashFactoryContract;
+    slashingProposer;
+    slasher;
+    rollup;
+    dateProvider;
+    offensesStore;
+    payloadsStore;
+    log;
+    executablePayloads;
+    unwatchCallbacks;
+    overridePayloadActive;
+    offensesCollector;
+    roundMonitor;
+    constructor(config, settings, slashFactoryContract, slashingProposer, slasher, rollup, watchers, dateProvider, offensesStore, payloadsStore, log = createLogger('slasher:empire')){
+        this.config = config;
+        this.settings = settings;
+        this.slashFactoryContract = slashFactoryContract;
+        this.slashingProposer = slashingProposer;
+        this.slasher = slasher;
+        this.rollup = rollup;
+        this.dateProvider = dateProvider;
+        this.offensesStore = offensesStore;
+        this.payloadsStore = payloadsStore;
+        this.log = log;
+        this.executablePayloads = [];
+        this.unwatchCallbacks = [];
+        this.overridePayloadActive = false;
+        this.overridePayloadActive = config.slashOverridePayload !== undefined && !config.slashOverridePayload.isZero();
+        this.roundMonitor = new SlashRoundMonitor(this.settings, this.dateProvider);
+        this.offensesCollector = new SlashOffensesCollector(config, this.settings, watchers, offensesStore);
+    }
+    async start() {
+        this.log.debug('Starting Empire Slasher client...');
+        // Start the offenses collector
+        await this.offensesCollector.start();
+        // TODO(palla/slash): Sync any events since the last time we were offline, or since the current round started.
+        // Detect when a payload wins voting via PayloadSubmittable event
+        this.unwatchCallbacks.push(this.slashingProposer.listenToSubmittablePayloads(({ payload, round })=>void this.handleProposalExecutable(EthAddress.fromString(payload), round).catch((err)=>this.log.error('Error handling proposalExecutable', err, {
+                    payload,
+                    round
+                }))));
+        // Detect when a payload is submitted via PayloadSubmitted event
+        this.unwatchCallbacks.push(this.slashingProposer.listenToPayloadSubmitted(({ payload, round })=>void this.handleProposalExecuted(EthAddress.fromString(payload), round).catch((err)=>this.log.error('Error handling payloadSubmitted', err, {
+                    payload,
+                    round
+                }))));
+        // Detect when a payload is signalled via SignalCast event
+        this.unwatchCallbacks.push(this.slashingProposer.listenToSignalCasted(({ payload, round, signaler })=>void this.handleProposalSignalled(EthAddress.fromString(payload), round, EthAddress.fromString(signaler)).catch((err)=>this.log.error('Error handling proposalSignalled', err, {
+                    payload,
+                    round,
+                    signaler
+                }))));
+        // Check for round changes
+        this.unwatchCallbacks.push(this.roundMonitor.listenToNewRound((round)=>this.handleNewRound(round)));
+        this.log.info(`Started empire slasher client`);
+        return Promise.resolve();
+    }
+    /**
+   * Allows consumers to stop the instance of the slasher client.
+   * 'ready' will now return 'false' and the running promise that keeps the client synced is interrupted.
+   */ async stop() {
+        this.log.debug('Stopping Empire Slasher client...');
+        for (const unwatchCallback of this.unwatchCallbacks){
+            unwatchCallback();
+        }
+        this.roundMonitor.stop();
+        await this.offensesCollector.stop();
+        // Viem calls eth_uninstallFilter under the hood when uninstalling event watchers, but these calls are not awaited,
+        // meaning that any error that happens during the uninstallation will not be caught. This causes errors during jest teardowns,
+        // where we stop anvil after all other processes are stopped, so sometimes the eth_uninstallFilter call fails because anvil
+        // is already stopped. We add a sleep here to give the uninstallation some time to complete, but the proper fix is for
+        // viem to await the eth_uninstallFilter calls, or to catch any errors that happen during the uninstallation.
+        // See https://github.com/wevm/viem/issues/3714.
+        await sleep(2000);
+        this.log.info('Empire Slasher client stopped');
+    }
+    /** Returns the current config */ getConfig() {
+        return this.config;
+    }
+    /**
+   * Update the config of the slasher client
+   * @param config - The new config
+   */ updateConfig(config) {
+        const newConfig = {
+            ...this.config,
+            ...config
+        };
+        // We keep this separate flag to tell us if we should be signal for the override payload: after the override payload is executed,
+        // the slasher goes back to using the monitored payloads to inform the sequencer publisher what payload to signal for.
+        // So we only want to flip back "on" the voting for override payload if config we just passed in re-set the override payload.
+        this.overridePayloadActive = config.slashOverridePayload !== undefined && !config.slashOverridePayload.isZero();
+        this.config = newConfig;
+    }
+    getSlashPayloads() {
+        return this.payloadsStore.getPayloadsForRound(this.roundMonitor.getCurrentRound().round);
+    }
+    /**
+   * Triggered on a time basis when we enter a new slashing round.
+   * Clears expired payloads and offenses from stores.
+   */ async handleNewRound(round) {
+        this.log.info(`Starting new slashing round ${round}`);
+        await this.payloadsStore.clearExpiredPayloads(round);
+        await this.offensesCollector.handleNewRound(round);
+    }
+    /**
+   * Called when we see a PayloadSubmittable event on the SlashProposer.
+   * Adds the proposal to the list of executable ones.
+   */ async handleProposalExecutable(payloadAddress, round) {
+        // Track this payload for execution later
+        this.executablePayloads.push({
+            payload: payloadAddress,
+            round
+        });
+        this.log.verbose(`Proposal ${payloadAddress.toString()} is executable for round ${round}`, {
+            payloadAddress,
+            round
+        });
+        // Stop signaling for the override payload if it was elected
+        if (this.overridePayloadActive && this.config.slashOverridePayload && this.config.slashOverridePayload.equals(payloadAddress)) {
+            this.overridePayloadActive = false;
+        }
+        // Load the payload to unflag all offenses to be slashed as pending
+        const payload = await this.payloadsStore.getPayload(payloadAddress) ?? await this.slashFactoryContract.getSlashPayloadFromEvents(payloadAddress, this.settings);
+        if (!payload) {
+            this.log.warn(`No payload found for ${payloadAddress.toString()} in round ${round}`);
+            return;
+        }
+        const offenses = getOffenseIdentifiersFromPayload(payload);
+        await this.offensesCollector.markAsSlashed(offenses);
+    }
+    /**
+   * Called when we see a PayloadSubmitted event on the SlashProposer.
+   * Removes the proposal from the list of executable ones.
+   */ handleProposalExecuted(payload, round) {
+        this.log.verbose(`Proposal ${payload.toString()} on round ${round} has been executed`);
+        const index = this.executablePayloads.findIndex((p)=>p.payload.equals(payload));
+        if (index !== -1) {
+            this.executablePayloads.splice(index, 1);
+        }
+        return Promise.resolve();
+    }
+    /**
+   * Called when we see a SignalCast event on the SlashProposer.
+   * Adds a vote for the given payload in the round.
+   * Retrieves the proposal if we have not seen it before.
+   */ async handleProposalSignalled(payloadAddress, round, signaller) {
+        const payload = await this.payloadsStore.getPayload(payloadAddress);
+        if (!payload) {
+            this.log.debug(`Fetching payload for signal at ${payloadAddress.toString()}`);
+            const payload = await this.slashFactoryContract.getSlashPayloadFromEvents(payloadAddress, this.settings);
+            if (!payload) {
+                this.log.warn(`No payload found for signal at ${payloadAddress.toString()}`);
+                return;
+            }
+            const votes = await this.slashingProposer.getPayloadSignals(this.rollup.address, round, payloadAddress.toString());
+            await this.payloadsStore.addPayload({
+                ...payload,
+                votes,
+                round
+            });
+            this.log.verbose(`Added payload at ${payloadAddress}`, {
+                ...payload,
+                votes,
+                round,
+                signaller
+            });
+        } else {
+            const votes = await this.payloadsStore.incrementPayloadVotes(payloadAddress, round);
+            this.log.verbose(`Added vote for payload at ${payloadAddress}`, {
+                votes,
+                signaller,
+                round
+            });
+        }
+    }
+    /**
+   * Create a slash payload for the given round from pending offenses
+   * @param round - The round to create the payload for, defaults to the current round
+   * @returns The payload data or undefined if no offenses to slash
+   */ async gatherOffensesForRound(round) {
+        round ??= this.roundMonitor.getCurrentRound().round;
+        // Filter pending offenses to those that can be included in this round
+        const pendingOffenses = await this.offensesStore.getPendingOffenses();
+        const eligibleOffenses = pendingOffenses.filter((offense)=>this.isOffenseForRound(offense, round));
+        // Sort by uncontroversial first, then slash amount (descending), then detection time (ascending)
+        const sortedOffenses = [
+            ...eligibleOffenses
+        ].sort(offenseDataComparator);
+        // Take up to maxPayloadSize offenses
+        const { slashMaxPayloadSize } = this.config;
+        const selectedOffenses = sortedOffenses.slice(0, slashMaxPayloadSize);
+        if (selectedOffenses.length !== sortedOffenses.length) {
+            this.log.warn(`Offense list of ${sortedOffenses.length} truncated to max size of ${slashMaxPayloadSize}`);
+        }
+        return selectedOffenses;
+    }
+    /** Returns all pending offenses stored */ getPendingOffenses() {
+        return this.offensesStore.getPendingOffenses();
+    }
+    /** Get uncontroversial offenses that are expected to be present on the given round. */ async getPendingUncontroversialOffensesForRound(round) {
+        const pendingOffenses = await this.offensesStore.getPendingOffenses();
+        const filteredOffenses = pendingOffenses.filter((offense)=>isOffenseUncontroversial(offense.offenseType) && this.isOffenseForRound(offense, round)).sort(offenseDataComparator);
+        return filteredOffenses.slice(0, this.config.slashMaxPayloadSize);
+    }
+    /**
+   * Calculate score for a slash payload, bumping the votes by one, so we get the score as if we voted for it.
+   * @param payload - The payload to score
+   * @param votes - Number of votes the payload has received
+   * @returns The score for the payload
+   */ calculatePayloadScore(payload) {
+        // TODO: Update this function to something smarter
+        return (payload.votes + 1n) * sumBigint(payload.slashes.map((o)=>o.amount));
+    }
+    /**
+   * Get the actions the proposer should take for slashing
+   * @param slotNumber - The current slot number
+   * @returns The actions to take
+   */ async getProposerActions(slotNumber) {
+        const [executeAction, proposePayloadActions] = await Promise.all([
+            this.getExecutePayloadAction(slotNumber),
+            this.getProposePayloadActions(slotNumber)
+        ]);
+        return compactArray([
+            executeAction,
+            ...proposePayloadActions
+        ]);
+    }
+    /** Returns an execute payload action if there are any payloads ready to be executed */ async getExecutePayloadAction(slotNumber) {
+        const { round } = this.roundMonitor.getRoundForSlot(slotNumber);
+        const toRemove = [];
+        let toExecute;
+        for (const payload of this.executablePayloads){
+            const executableRound = payload.round + BigInt(this.settings.slashingExecutionDelayInRounds) + 1n;
+            if (round < executableRound) {
+                this.log.debug(`Payload ${payload.payload} for round ${payload.round} is not executable yet`);
+                continue;
+            }
+            if (payload.round + BigInt(this.settings.slashingPayloadLifetimeInRounds) < round) {
+                this.log.verbose(`Payload ${payload.payload} for round ${payload.round} has expired`);
+                toRemove.push(payload);
+                continue;
+            }
+            const roundInfo = await this.slashingProposer.getRoundInfo(this.rollup.address, payload.round);
+            if (roundInfo.executed) {
+                this.log.verbose(`Payload ${payload.payload} for round ${payload.round} has already been executed`);
+                toRemove.push(payload);
+                continue;
+            }
+            // Check if slashing is enabled at all
+            if (!await this.slasher.isSlashingEnabled()) {
+                this.log.warn(`Slashing is disabled in the Slasher contract (skipping execution)`);
+                return undefined;
+            }
+            // Check if the slash payload is vetoed
+            const isVetoed = await this.slasher.isPayloadVetoed(payload.payload);
+            if (isVetoed) {
+                this.log.info(`Payload ${payload.payload} from round ${payload.round} is vetoed (skipping execution)`);
+                toRemove.push(payload);
+                continue;
+            }
+            this.log.info(`Executing payload ${payload.payload} from round ${payload.round}`);
+            toExecute = payload;
+            break;
+        }
+        // Clean up expired or executed payloads
+        this.executablePayloads = this.executablePayloads.filter((p)=>!toRemove.includes(p));
+        return toExecute ? {
+            type: 'execute-empire-payload',
+            round: toExecute.round
+        } : undefined;
+    }
+    /** Returns a vote or create payload action based on payload scoring */ async getProposePayloadActions(slotNumber) {
+        // Compute what round we are in based on the slot number
+        const { round, votingSlot } = this.roundMonitor.getRoundForSlot(slotNumber);
+        const { slashingRoundSize: roundSize, slashingQuorumSize: quorumSize } = this.settings;
+        const logData = {
+            round,
+            votingSlot,
+            slotNumber
+        };
+        // If override payload is active, vote for it
+        if (this.overridePayloadActive && this.config.slashOverridePayload && !this.config.slashOverridePayload.isZero()) {
+            this.log.info(`Overriding slash payload to ${this.config.slashOverridePayload.toString()}`, logData);
+            return [
+                {
+                    type: 'vote-empire-payload',
+                    payload: this.config.slashOverridePayload
+                }
+            ];
+        }
+        // Check if there is a payload that has already won, if so, no need to do anything
+        const existingPayloads = await this.payloadsStore.getPayloadsForRound(round);
+        const winningPayload = existingPayloads.find((p)=>p.votes >= quorumSize);
+        if (winningPayload) {
+            this.log.verbose(`No need to vote as payload ${winningPayload.address} has already won`, logData);
+            return [];
+        }
+        // Check if we should create a new payload at this stage
+        // We define an initial "nomination phase" at the beginning, which depends on the number of votes needed,
+        // and only allow for new proposals to be created then. This ensures that no payloads are created that will
+        // not be able to pass. The invariant here is that a payload can be created only if there are enough slots
+        // left such that if half of the remaining votes are cast for it, then it will be able to pass.
+        const nominationPhaseDurationInSlots = BigInt(Math.floor((roundSize - quorumSize) / 2));
+        // Create our ideal payload from the pending offenses we have in store
+        let idealPayload = undefined;
+        if (votingSlot <= nominationPhaseDurationInSlots) {
+            const idealOffenses = await this.gatherOffensesForRound(round);
+            idealPayload = idealOffenses.length === 0 ? undefined : {
+                slashes: offensesToValidatorSlash(idealOffenses),
+                votes: 0n,
+                address: EthAddress.ZERO
+            };
+            this.log.debug(`Collected offenses for ideal payload for round ${round}`, {
+                ...logData,
+                idealOffenses
+            });
+        } else {
+            this.log.debug(`Past nomination phase, will not create new payloads for round ${round}`, logData);
+        }
+        // Find the best existing payload. We filter out those that have no chance of winning given how many voting
+        // slots are left in the round, and then filter by those we agree with.
+        const feasiblePayloads = existingPayloads.filter((p)=>BigInt(quorumSize) - p.votes <= BigInt(roundSize) - votingSlot);
+        const requiredOffenses = await this.getPendingUncontroversialOffensesForRound(round);
+        const agreedPayloads = await filterAsync(feasiblePayloads, (p)=>this.agreeWithPayload(p, round, requiredOffenses));
+        const bestPayload = maxBy([
+            ...agreedPayloads,
+            idealPayload
+        ], (p)=>p ? this.calculatePayloadScore(p) : 0);
+        // Debug all payloads info
+        if (this.log.isLevelEnabled('debug')) {
+            this.log.debug(`Scored payloads for round ${round}`, {
+                ...logData,
+                idealPayload,
+                existingPayloads: existingPayloads.map((p)=>({
+                        ...pick(p, 'address', 'votes', 'round', 'timestamp'),
+                        score: this.calculatePayloadScore(p)
+                    })),
+                feasiblePayloads: feasiblePayloads.map((p)=>({
+                        ...pick(p, 'address', 'votes', 'round', 'timestamp'),
+                        score: this.calculatePayloadScore(p)
+                    })),
+                agreedPayloads: agreedPayloads.map((p)=>({
+                        ...pick(p, 'address', 'votes', 'round', 'timestamp'),
+                        score: this.calculatePayloadScore(p)
+                    }))
+            });
+        }
+        if (bestPayload === undefined || this.calculatePayloadScore(bestPayload) === 0n) {
+            // No payloads to vote for, do nothing
+            this.log.verbose(`No suitable slash payloads to vote for in round ${round}`, {
+                ...logData,
+                existingPayloadsCount: existingPayloads.length,
+                feasiblePayloadsCount: feasiblePayloads.length,
+                agreedPayloadsCount: agreedPayloads.length,
+                idealPayloadSlashesCount: idealPayload?.slashes.length
+            });
+            return [];
+        } else if (bestPayload === idealPayload) {
+            // If our ideal payload is the best, we create it (if not deployed yet) and vote for it
+            const { address, isDeployed } = await this.slashFactoryContract.getAddressAndIsDeployed(idealPayload.slashes);
+            this.log.info(`Proposing and voting for payload ${address.toString()} in round ${round}`, {
+                ...logData,
+                payload: bestPayload
+            });
+            const createAction = isDeployed ? undefined : {
+                type: 'create-empire-payload',
+                data: idealPayload.slashes
+            };
+            const voteAction = {
+                type: 'vote-empire-payload',
+                payload: address
+            };
+            return compactArray([
+                createAction,
+                voteAction
+            ]);
+        } else {
+            // Otherwise, vote for our favorite payload
+            this.log.info(`Voting for existing payload ${bestPayload.address.toString()} in round ${round}`, {
+                ...logData,
+                payload: bestPayload
+            });
+            return [
+                {
+                    type: 'vote-empire-payload',
+                    payload: bestPayload.address
+                }
+            ];
+        }
+    }
+    /**
+   * Check if we agree with a payload:
+   * - We must agree with every offense in the payload
+   * - All uncontroversial offenses from past rounds must be included
+   * - Payload must be below maximum size
+   * - Slash amounts must be within acceptable ranges
+   */ async agreeWithPayload(payload, round, cachedUncontroversialOffenses) {
+        // Check size limit
+        const maxPayloadSize = this.config.slashMaxPayloadSize;
+        if (payload.slashes.length > maxPayloadSize) {
+            this.log.verbose(`Rejecting payload ${payload.address} since size ${payload.slashes.length} exceeds maximum ${maxPayloadSize}`, {
+                payload,
+                maxPayloadSize
+            });
+            return false;
+        }
+        // Check we agree with all offenses and proposed slash amounts, and all offenses are from past rounds
+        for (const slash of payload.slashes){
+            for (const { offenseType, epochOrSlot } of slash.offenses){
+                const offense = {
+                    validator: slash.validator,
+                    offenseType,
+                    epochOrSlot
+                };
+                if (!await this.offensesStore.hasPendingOffense(offense)) {
+                    this.log.debug(`Rejecting payload ${payload.address} due to offense not found`, {
+                        offense,
+                        payload
+                    });
+                    return false;
+                }
+                const [minRound, maxRound] = this.getRoundRangeForOffense(offense);
+                if (round < minRound || round > maxRound) {
+                    this.log.debug(`Rejecting payload ${payload.address} due to offense not from valid round`, {
+                        offense,
+                        payload,
+                        round,
+                        minRound,
+                        maxRound
+                    });
+                    return false;
+                }
+            }
+            const [minSlashAmount, maxSlashAmount] = this.getSlashAmountValidRange(slash.offenses);
+            if (slash.amount < minSlashAmount || slash.amount > maxSlashAmount) {
+                this.log.debug(`Rejecting payload ${payload.address} due to slash amount out of range`, {
+                    amount: slash.amount,
+                    minSlashAmount,
+                    maxSlashAmount,
+                    payload
+                });
+                return false;
+            }
+        }
+        // Check that all uncontroversial offenses from past rounds are included
+        const uncontroversialOffenses = cachedUncontroversialOffenses ?? await this.getPendingUncontroversialOffensesForRound(round);
+        for (const requiredOffense of uncontroversialOffenses){
+            const validatorOffenses = payload.slashes.filter((slash)=>slash.validator.equals(requiredOffense.validator)).flatMap((slash)=>slash.offenses);
+            if (!validatorOffenses.some((o)=>o.offenseType === requiredOffense.offenseType && o.epochOrSlot === requiredOffense.epochOrSlot)) {
+                this.log.debug(`Rejecting payload due to missing uncontroversial offense for validator ${requiredOffense.validator}`, {
+                    requiredOffense,
+                    validatorOffenses,
+                    payload
+                });
+                return false;
+            }
+        }
+        return true;
+    }
+    /**
+   * Returns whether the given offense can be included in the given round.
+   * Depends on the offense round range and whether we include offenses from past rounds.
+   */ isOffenseForRound(offense, round) {
+        const [minRound, maxRound] = this.getRoundRangeForOffense(offense);
+        const match = round >= minRound && round <= maxRound;
+        this.log.trace(`Offense ${offense.offenseType} for ${offense.validator} ${match ? 'is' : 'is not'} for round ${round}`, {
+            minRound,
+            maxRound,
+            round,
+            offense
+        });
+        return match;
+    }
+    /**
+   * Returns the range (inclusive) of rounds in which we could expect an offense to be found.
+   * Lower bound is determined by all offenses that should have been captured before the start of a round,
+   * which depends on the offense type (eg INACTIVITY is captured once an epoch ends, DATA_WITHHOLDING is
+   * captured after the epoch proof submission window for the epoch for which the data was withheld).
+   * Upper bound is determined by the expiration rounds for an offense, which is a config setting.
+   */ getRoundRangeForOffense(offense) {
+        const minRound = getFirstEligibleRoundForOffense(offense, this.settings);
+        return [
+            minRound,
+            minRound + BigInt(this.config.slashOffenseExpirationRounds)
+        ];
+    }
+    /** Returns the acceptable range for slash amount given a set of offenses. */ getSlashAmountValidRange(offenses) {
+        if (offenses.length === 0) {
+            return [
+                0n,
+                0n
+            ];
+        }
+        const minAmount = sumBigint(offenses.map((o)=>this.getMinAmountForOffense(o.offenseType)));
+        const maxAmount = sumBigint(offenses.map((o)=>this.getMaxAmountForOffense(o.offenseType)));
+        return [
+            minAmount,
+            maxAmount
+        ];
+    }
+    /** Get minimum acceptable amount for an offense type */ getMinAmountForOffense(offense) {
+        return getPenaltyForOffense(offense, this.config) * BigInt(this.config.slashMinPenaltyPercentage * 1000) / 1000n;
+    }
+    /** Get maximum acceptable amount for an offense type */ getMaxAmountForOffense(offense) {
+        return getPenaltyForOffense(offense, this.config) * BigInt(this.config.slashMaxPenaltyPercentage * 1000) / 1000n;
+    }
+}

package/dest/factory/create_facade.d.ts

@@ -0,0 +1,15 @@
+import { EpochCache } from '@aztec/epoch-cache';
+import type { L1ReaderConfig, ViemClient } from '@aztec/ethereum';
+import { EthAddress } from '@aztec/foundation/eth-address';
+import { DateProvider } from '@aztec/foundation/timer';
+import type { DataStoreConfig } from '@aztec/kv-store/config';
+import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import type { SlasherClientInterface } from '../slasher_client_interface.js';
+import type { Watcher } from '../watcher.js';
+/** Creates a slasher client facade that updates itself whenever the rollup slasher changes */
+export declare function createSlasherFacade(config: SlasherConfig & DataStoreConfig & {
+    ethereumSlotDuration: number;
+}, l1Contracts: Pick<L1ReaderConfig['l1Contracts'], 'rollupAddress' | 'slashFactoryAddress'>, l1Client: ViemClient, watchers: Watcher[], dateProvider: DateProvider, epochCache: EpochCache, 
+/** List of own validator addresses to add to the slashValidatorNever list unless slashSelfAllowed is true */
+validatorAddresses?: EthAddress[], logger?: import("@aztec/foundation/log").Logger): Promise<SlasherClientInterface>;
+//# sourceMappingURL=create_facade.d.ts.map

package/dest/factory/create_facade.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"create_facade.d.ts","sourceRoot":"","sources":["../../src/factory/create_facade.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAGlE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAE9D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AAE7E,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAE7C,8FAA8F;AAC9F,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,aAAa,GAAG,eAAe,GAAG;IAAE,oBAAoB,EAAE,MAAM,CAAA;CAAE,EAC1E,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,eAAe,GAAG,qBAAqB,CAAC,EACzF,QAAQ,EAAE,UAAU,EACpB,QAAQ,EAAE,OAAO,EAAE,EACnB,YAAY,EAAE,YAAY,EAC1B,UAAU,EAAE,UAAU;AACtB,6GAA6G;AAC7G,kBAAkB,GAAE,UAAU,EAAO,EACrC,MAAM,yCAA0B,GAC/B,OAAO,CAAC,sBAAsB,CAAC,CAwBjC"}

package/dest/factory/create_facade.js

@@ -0,0 +1,23 @@
+import { RollupContract } from '@aztec/ethereum/contracts';
+import { unique } from '@aztec/foundation/collection';
+import { EthAddress } from '@aztec/foundation/eth-address';
+import { createLogger } from '@aztec/foundation/log';
+import { createStore } from '@aztec/kv-store/lmdb-v2';
+import { SlasherClientFacade } from '../slasher_client_facade.js';
+import { SCHEMA_VERSION } from '../stores/schema_version.js';
+/** Creates a slasher client facade that updates itself whenever the rollup slasher changes */ export async function createSlasherFacade(config, l1Contracts, l1Client, watchers, dateProvider, epochCache, /** List of own validator addresses to add to the slashValidatorNever list unless slashSelfAllowed is true */ validatorAddresses = [], logger = createLogger('slasher')) {
+    if (!l1Contracts.rollupAddress || l1Contracts.rollupAddress.equals(EthAddress.ZERO)) {
+        throw new Error('Cannot initialize SlasherClient without a Rollup address');
+    }
+    const kvStore = await createStore('slasher', SCHEMA_VERSION, config, createLogger('slasher:lmdb'));
+    const rollup = new RollupContract(l1Client, l1Contracts.rollupAddress);
+    const slashValidatorsNever = config.slashSelfAllowed ? config.slashValidatorsNever : unique([
+        ...config.slashValidatorsNever,
+        ...validatorAddresses
+    ].map((a)=>a.toString())).map(EthAddress.fromString);
+    const updatedConfig = {
+        ...config,
+        slashValidatorsNever
+    };
+    return new SlasherClientFacade(updatedConfig, rollup, l1Client, l1Contracts.slashFactoryAddress, watchers, epochCache, dateProvider, kvStore, logger);
+}

package/dest/factory/create_implementation.d.ts

@@ -0,0 +1,17 @@
+import { EpochCache } from '@aztec/epoch-cache';
+import type { ViemClient } from '@aztec/ethereum';
+import { RollupContract } from '@aztec/ethereum/contracts';
+import { EthAddress } from '@aztec/foundation/eth-address';
+import { DateProvider } from '@aztec/foundation/timer';
+import type { DataStoreConfig } from '@aztec/kv-store/config';
+import { AztecLMDBStoreV2 } from '@aztec/kv-store/lmdb-v2';
+import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import { EmpireSlasherClient } from '../empire_slasher_client.js';
+import { NullSlasherClient } from '../null_slasher_client.js';
+import { TallySlasherClient } from '../tally_slasher_client.js';
+import type { Watcher } from '../watcher.js';
+/** Creates a slasher client implementation (either tally or empire) based on the slasher proposer type in the rollup */
+export declare function createSlasherImplementation(config: SlasherConfig & DataStoreConfig & {
+    ethereumSlotDuration: number;
+}, rollup: RollupContract, l1Client: ViemClient, slashFactoryAddress: EthAddress | undefined, watchers: Watcher[], epochCache: EpochCache, dateProvider: DateProvider, kvStore: AztecLMDBStoreV2, logger?: import("@aztec/foundation/log").Logger): Promise<EmpireSlasherClient | TallySlasherClient | NullSlasherClient>;
+//# sourceMappingURL=create_implementation.d.ts.map

package/dest/factory/create_implementation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"create_implementation.d.ts","sourceRoot":"","sources":["../../src/factory/create_implementation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAEL,cAAc,EAEf,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,EAAE,mBAAmB,EAA8B,MAAM,6BAA6B,CAAC;AAC9F,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAG9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAG7C,wHAAwH;AACxH,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,aAAa,GAAG,eAAe,GAAG;IAAE,oBAAoB,EAAE,MAAM,CAAA;CAAE,EAC1E,MAAM,EAAE,cAAc,EACtB,QAAQ,EAAE,UAAU,EACpB,mBAAmB,EAAE,UAAU,GAAG,SAAS,EAC3C,QAAQ,EAAE,OAAO,EAAE,EACnB,UAAU,EAAE,UAAU,EACtB,YAAY,EAAE,YAAY,EAC1B,OAAO,EAAE,gBAAgB,EACzB,MAAM,yCAA0B,yEAcjC"}