@aztec/slasher 0.0.1-commit.7d4e6cd → 0.0.1-commit.7ffbba4

package/src/factory/create_facade.ts

@@ -1,14 +1,16 @@
 import { EpochCache } from '@aztec/epoch-cache';
-import { RollupContract } from '@aztec/ethereum/contracts';
+import { RegistryContract, RollupContract } from '@aztec/ethereum/contracts';
 import type { L1ReaderConfig } from '@aztec/ethereum/l1-reader';
 import type { ViemClient } from '@aztec/ethereum/types';
+import { SlotNumber } from '@aztec/foundation/branded-types';
 import { unique } from '@aztec/foundation/collection';
 import { EthAddress } from '@aztec/foundation/eth-address';
 import { createLogger } from '@aztec/foundation/log';
 import { DateProvider } from '@aztec/foundation/timer';
-import type { DataStoreConfig } from '@aztec/kv-store/config';
 import { createStore } from '@aztec/kv-store/lmdb-v2';
+import { getSlotAtTimestamp } from '@aztec/stdlib/epoch-helpers';
 import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import type { DataStoreConfig } from '@aztec/stdlib/kv-store';
 
 import { SlasherClientFacade } from '../slasher_client_facade.js';
 import type { SlasherClientInterface } from '../slasher_client_interface.js';
@@ -18,7 +20,7 @@ import type { Watcher } from '../watcher.js';
 /** Creates a slasher client facade that updates itself whenever the rollup slasher changes */
 export async function createSlasherFacade(
   config: SlasherConfig & DataStoreConfig & { ethereumSlotDuration: number },
-  l1Contracts: Pick<L1ReaderConfig['l1Contracts'], 'rollupAddress' | 'slashFactoryAddress'>,
+  l1Contracts: Pick<L1ReaderConfig['l1Contracts'], 'rollupAddress' | 'slashFactoryAddress' | 'registryAddress'>,
   l1Client: ViemClient,
   watchers: Watcher[],
   dateProvider: DateProvider,
@@ -31,9 +33,35 @@ export async function createSlasherFacade(
     throw new Error('Cannot initialize SlasherClient without a Rollup address');
   }
 
-  const kvStore = await createStore('slasher', SCHEMA_VERSION, config, createLogger('slasher:lmdb'));
+  const kvStore = await createStore('slasher', SCHEMA_VERSION, config, logger.getBindings());
   const rollup = new RollupContract(l1Client, l1Contracts.rollupAddress);
 
+  // Compute and cache the L2 slot at which the rollup was registered as canonical
+  const settingsMap = kvStore.openMap<string, number>('slasher-settings');
+  const cacheKey = `registeredSlot:${l1Contracts.rollupAddress}`;
+  let rollupRegisteredAtL2Slot = (await settingsMap.getAsync(cacheKey)) as SlotNumber | undefined;
+
+  if (rollupRegisteredAtL2Slot === undefined) {
+    const registry = new RegistryContract(l1Client, l1Contracts.registryAddress);
+    const l1StartBlock = await rollup.getL1StartBlock();
+    const registrationTimestamp = await registry.getCanonicalRollupRegistrationTimestamp(
+      l1Contracts.rollupAddress,
+      l1StartBlock,
+    );
+    if (registrationTimestamp !== undefined) {
+      const l1GenesisTime = await rollup.getL1GenesisTime();
+      const slotDuration = await rollup.getSlotDuration();
+      rollupRegisteredAtL2Slot = getSlotAtTimestamp(registrationTimestamp, {
+        l1GenesisTime,
+        slotDuration: Number(slotDuration),
+      });
+    } else {
+      rollupRegisteredAtL2Slot = SlotNumber(0);
+    }
+    await settingsMap.set(cacheKey, rollupRegisteredAtL2Slot);
+    logger.info(`Canonical rollup registered at L2 slot ${rollupRegisteredAtL2Slot}`);
+  }
+
   const slashValidatorsNever = config.slashSelfAllowed
     ? config.slashValidatorsNever
     : unique([...config.slashValidatorsNever, ...validatorAddresses].map(a => a.toString())).map(EthAddress.fromString);
@@ -48,6 +76,7 @@ export async function createSlasherFacade(
     epochCache,
     dateProvider,
     kvStore,
+    rollupRegisteredAtL2Slot,
     logger,
   );
 }

package/src/factory/create_implementation.ts

@@ -5,12 +5,13 @@ import {
   TallySlashingProposerContract,
 } from '@aztec/ethereum/contracts';
 import type { ViemClient } from '@aztec/ethereum/types';
+import type { SlotNumber } from '@aztec/foundation/branded-types';
 import { EthAddress } from '@aztec/foundation/eth-address';
 import { createLogger } from '@aztec/foundation/log';
 import { DateProvider } from '@aztec/foundation/timer';
-import type { DataStoreConfig } from '@aztec/kv-store/config';
 import { AztecLMDBStoreV2 } from '@aztec/kv-store/lmdb-v2';
 import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import type { DataStoreConfig } from '@aztec/stdlib/kv-store';
 import { SlashFactoryContract } from '@aztec/stdlib/l1-contracts';
 
 import { EmpireSlasherClient, type EmpireSlasherSettings } from '../empire_slasher_client.js';
@@ -31,19 +32,40 @@ export async function createSlasherImplementation(
   epochCache: EpochCache,
   dateProvider: DateProvider,
   kvStore: AztecLMDBStoreV2,
+  rollupRegisteredAtL2Slot: SlotNumber,
   logger = createLogger('slasher'),
 ) {
   const proposer = await rollup.getSlashingProposer();
   if (!proposer) {
     return new NullSlasherClient(config);
   } else if (proposer.type === 'tally') {
-    return createTallySlasher(config, rollup, proposer, watchers, dateProvider, epochCache, kvStore, logger);
+    return createTallySlasher(
+      config,
+      rollup,
+      proposer,
+      watchers,
+      dateProvider,
+      epochCache,
+      kvStore,
+      rollupRegisteredAtL2Slot,
+      logger,
+    );
   } else {
     if (!slashFactoryAddress || slashFactoryAddress.equals(EthAddress.ZERO)) {
       throw new Error('Cannot initialize an empire-based SlasherClient without a SlashFactory address');
     }
     const slashFactory = new SlashFactoryContract(l1Client, slashFactoryAddress.toString());
-    return createEmpireSlasher(config, rollup, proposer, slashFactory, watchers, dateProvider, kvStore, logger);
+    return createEmpireSlasher(
+      config,
+      rollup,
+      proposer,
+      slashFactory,
+      watchers,
+      dateProvider,
+      kvStore,
+      rollupRegisteredAtL2Slot,
+      logger,
+    );
   }
 }
 
@@ -55,6 +77,7 @@ async function createEmpireSlasher(
   watchers: Watcher[],
   dateProvider: DateProvider,
   kvStore: AztecLMDBStoreV2,
+  rollupRegisteredAtL2Slot: SlotNumber,
   logger = createLogger('slasher'),
 ): Promise<EmpireSlasherClient> {
   if (slashingProposer.type !== 'empire') {
@@ -97,6 +120,7 @@ async function createEmpireSlasher(
     l1StartBlock,
     ethereumSlotDuration: config.ethereumSlotDuration,
     slashingAmounts: undefined,
+    rollupRegisteredAtL2Slot,
   };
 
   const payloadsStore = new SlasherPayloadsStore(kvStore, {
@@ -130,13 +154,14 @@ async function createTallySlasher(
   dateProvider: DateProvider,
   epochCache: EpochCache,
   kvStore: AztecLMDBStoreV2,
+  rollupRegisteredAtL2Slot: SlotNumber,
   logger = createLogger('slasher'),
 ): Promise<TallySlasherClient> {
   if (slashingProposer.type !== 'tally') {
     throw new Error('Slashing proposer contract is not of type tally');
   }
 
-  const settings = await getTallySlasherSettings(rollup, slashingProposer);
+  const settings = { ...(await getTallySlasherSettings(rollup, slashingProposer)), rollupRegisteredAtL2Slot };
   const slasher = await rollup.getSlasherContract();
 
   const offensesStore = new SlasherOffensesStore(kvStore, {

package/src/factory/get_settings.ts

@@ -5,7 +5,7 @@ import type { TallySlasherSettings } from '../tally_slasher_client.js';
 export async function getTallySlasherSettings(
   rollup: RollupContract,
   slashingProposer?: TallySlashingProposerContract,
-): Promise<TallySlasherSettings> {
+): Promise<Omit<TallySlasherSettings, 'rollupRegisteredAtL2Slot'>> {
   if (!slashingProposer) {
     const rollupSlashingProposer = await rollup.getSlashingProposer();
     if (!rollupSlashingProposer || rollupSlashingProposer.type !== 'tally') {
@@ -40,7 +40,7 @@ export async function getTallySlasherSettings(
     rollup.getTargetCommitteeSize(),
   ]);
 
-  const settings: TallySlasherSettings = {
+  const settings: Omit<TallySlasherSettings, 'rollupRegisteredAtL2Slot'> = {
     slashingExecutionDelayInRounds: Number(slashingExecutionDelayInRounds),
     slashingRoundSize: Number(slashingRoundSize),
     slashingRoundSizeInEpochs: Number(slashingRoundSizeInEpochs),

package/src/generated/slasher-defaults.ts

@@ -0,0 +1,23 @@
+// Auto-generated from spartan/environments/network-defaults.yml
+// Do not edit manually - run yarn generate to regenerate
+
+/** Default slasher configuration values from network-defaults.yml */
+export const slasherDefaultEnv = {
+  SLASH_MIN_PENALTY_PERCENTAGE: 0.5,
+  SLASH_MAX_PENALTY_PERCENTAGE: 2,
+  SLASH_OFFENSE_EXPIRATION_ROUNDS: 4,
+  SLASH_MAX_PAYLOAD_SIZE: 80,
+  SLASH_EXECUTE_ROUNDS_LOOK_BACK: 4,
+  SLASH_PRUNE_PENALTY: 10000000000000000000,
+  SLASH_DATA_WITHHOLDING_PENALTY: 10000000000000000000,
+  SLASH_INACTIVITY_TARGET_PERCENTAGE: 0.9,
+  SLASH_INACTIVITY_CONSECUTIVE_EPOCH_THRESHOLD: 1,
+  SLASH_INACTIVITY_PENALTY: 10000000000000000000,
+  SLASH_PROPOSE_INVALID_ATTESTATIONS_PENALTY: 10000000000000000000,
+  SLASH_ATTEST_DESCENDANT_OF_INVALID_PENALTY: 10000000000000000000,
+  SLASH_DUPLICATE_PROPOSAL_PENALTY: 0,
+  SLASH_DUPLICATE_ATTESTATION_PENALTY: 0,
+  SLASH_UNKNOWN_PENALTY: 10000000000000000000,
+  SLASH_INVALID_BLOCK_PENALTY: 10000000000000000000,
+  SLASH_GRACE_PERIOD_L2_SLOTS: 0,
+} as const;

package/src/slash_offenses_collector.ts

@@ -1,3 +1,4 @@
+import type { SlotNumber } from '@aztec/foundation/branded-types';
 import { createLogger } from '@aztec/foundation/log';
 import type { Prettify } from '@aztec/foundation/types';
 import type { L1RollupConstants } from '@aztec/stdlib/epoch-helpers';
@@ -9,7 +10,11 @@ import { WANT_TO_SLASH_EVENT, type WantToSlashArgs, type Watcher } from './watch
 
 export type SlashOffensesCollectorConfig = Prettify<Pick<SlasherConfig, 'slashGracePeriodL2Slots'>>;
 export type SlashOffensesCollectorSettings = Prettify<
-  Pick<L1RollupConstants, 'epochDuration'> & { slashingAmounts: [bigint, bigint, bigint] | undefined }
+  Pick<L1RollupConstants, 'epochDuration'> & {
+    slashingAmounts: [bigint, bigint, bigint] | undefined;
+    /** L2 slot at which the rollup was registered as canonical in the Registry. Used to anchor the slash grace period. */
+    rollupRegisteredAtL2Slot: SlotNumber;
+  }
 >;
 
 /**
@@ -110,9 +115,9 @@ export class SlashOffensesCollector {
     return this.offensesStore.markAsSlashed(offenses);
   }
 
-  /** Returns whether to skip an offense if it happened during the grace period at the beginning of the chain */
+  /** Returns whether to skip an offense if it happened during the grace period after the network upgrade */
   private shouldSkipOffense(offense: Offense): boolean {
     const offenseSlot = getSlotForOffense(offense, this.settings);
-    return offenseSlot < this.config.slashGracePeriodL2Slots;
+    return offenseSlot < this.settings.rollupRegisteredAtL2Slot + this.config.slashGracePeriodL2Slots;
   }
 }

package/src/slasher_client_facade.ts

@@ -5,9 +5,9 @@ import type { SlotNumber } from '@aztec/foundation/branded-types';
 import { EthAddress } from '@aztec/foundation/eth-address';
 import { createLogger } from '@aztec/foundation/log';
 import { DateProvider } from '@aztec/foundation/timer';
-import type { DataStoreConfig } from '@aztec/kv-store/config';
 import { AztecLMDBStoreV2 } from '@aztec/kv-store/lmdb-v2';
 import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import type { DataStoreConfig } from '@aztec/stdlib/kv-store';
 import type { Offense, ProposerSlashAction, SlashPayloadRound } from '@aztec/stdlib/slashing';
 
 import { createSlasherImplementation } from './factory/create_implementation.js';
@@ -32,6 +32,7 @@ export class SlasherClientFacade implements SlasherClientInterface {
     private epochCache: EpochCache,
     private dateProvider: DateProvider,
     private kvStore: AztecLMDBStoreV2,
+    private rollupRegisteredAtL2Slot: SlotNumber,
     private logger = createLogger('slasher'),
   ) {}
 
@@ -88,6 +89,7 @@ export class SlasherClientFacade implements SlasherClientInterface {
       this.epochCache,
       this.dateProvider,
       this.kvStore,
+      this.rollupRegisteredAtL2Slot,
       this.logger,
     );
   }

package/src/stores/offenses_store.ts

@@ -76,9 +76,11 @@ export class SlasherOffensesStore {
   /** Adds a new offense (defaults to pending, but will be slashed if markAsSlashed had been called for it) */
   public async addPendingOffense(offense: Offense): Promise<void> {
     const key = this.getOffenseKey(offense);
-    await this.offenses.set(key, serializeOffense(offense));
     const round = getRoundForOffense(offense, this.settings);
-    await this.roundsOffenses.set(this.getRoundKey(round), key);
+    await this.kvStore.transactionAsync(async () => {
+      await this.offenses.set(key, serializeOffense(offense));
+      await this.roundsOffenses.set(this.getRoundKey(round), key);
+    });
     this.log.trace(`Adding pending offense ${key} for round ${round}`);
   }
 

package/src/stores/payloads_store.ts

@@ -118,10 +118,13 @@ export class SlasherPayloadsStore {
 
   public async incrementPayloadVotes(payloadAddress: EthAddress, round: bigint): Promise<bigint> {
     const key = this.getPayloadVotesKey(round, payloadAddress);
-    const currentVotes = (await this.roundPayloadVotes.getAsync(key)) || 0n;
-    const newVotes = currentVotes + 1n;
-    await this.roundPayloadVotes.set(key, newVotes);
-    return newVotes;
+    let newVotes: bigint;
+    await this.kvStore.transactionAsync(async () => {
+      const currentVotes = (await this.roundPayloadVotes.getAsync(key)) || 0n;
+      newVotes = currentVotes + 1n;
+      await this.roundPayloadVotes.set(key, newVotes);
+    });
+    return newVotes!;
   }
 
   public async addPayload(payload: SlashPayloadRound): Promise<void> {

package/src/tally_slasher_client.ts

@@ -5,7 +5,6 @@ import { maxBigint } from '@aztec/foundation/bigint';
 import { SlotNumber } from '@aztec/foundation/branded-types';
 import { compactArray, partition, times } from '@aztec/foundation/collection';
 import { createLogger } from '@aztec/foundation/log';
-import { sleep } from '@aztec/foundation/sleep';
 import type { DateProvider } from '@aztec/foundation/timer';
 import type { Prettify } from '@aztec/foundation/types';
 import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
@@ -47,7 +46,10 @@ export type TallySlasherSettings = Prettify<
 >;
 
 export type TallySlasherClientConfig = SlashOffensesCollectorConfig &
-  Pick<SlasherConfig, 'slashValidatorsAlways' | 'slashValidatorsNever' | 'slashExecuteRoundsLookBack'>;
+  Pick<
+    SlasherConfig,
+    'slashValidatorsAlways' | 'slashValidatorsNever' | 'slashExecuteRoundsLookBack' | 'slashMaxPayloadSize'
+  >;
 
 /**
  * The Tally Slasher client is responsible for managing slashable offenses using
@@ -138,8 +140,6 @@ export class TallySlasherClient implements ProposerSlashActionProvider, SlasherC
     this.roundMonitor.stop();
     await this.offensesCollector.stop();
 
-    // Sleeping to sidestep viem issue with unwatching events
-    await sleep(2000);
     this.log.info('Tally Slasher client stopped');
   }
 
@@ -281,8 +281,12 @@ export class TallySlasherClient implements ProposerSlashActionProvider, SlasherC
         return undefined;
       }
 
+      const slashActionsWithAmounts = slashActions.map(action => ({
+        validator: action.validator.toString(),
+        slashAmount: action.slashAmount.toString(),
+      }));
       this.log.info(`Round ${executableRound} is ready to execute with ${slashActions.length} slashes`, {
-        slashActions,
+        slashActions: slashActionsWithAmounts,
         payloadAddress: payload.address.toString(),
         ...logData,
       });
@@ -357,11 +361,13 @@ export class TallySlasherClient implements ProposerSlashActionProvider, SlasherC
 
     const committees = await this.collectCommitteesActiveDuringRound(slashedRound);
     const epochsForCommittees = getEpochsForRound(slashedRound, this.settings);
+    const { slashMaxPayloadSize } = this.config;
     const votes = getSlashConsensusVotesFromOffenses(
       offensesToSlash,
       committees,
       epochsForCommittees.map(e => BigInt(e)),
-      this.settings,
+      { ...this.settings, maxSlashedValidators: slashMaxPayloadSize },
+      this.log,
     );
     if (votes.every(v => v === 0)) {
       this.log.warn(`Computed votes for offenses are all zero. Skipping vote.`, {

package/src/watchers/attestations_block_watcher.ts

@@ -67,19 +67,23 @@ export class AttestationsBlockWatcher extends (EventEmitter as new () => Watcher
   }
 
   public start() {
-    this.l2BlockSource.on(L2BlockSourceEvents.InvalidAttestationsCheckpointDetected, this.boundHandleInvalidCheckpoint);
+    this.l2BlockSource.events.on(
+      L2BlockSourceEvents.InvalidAttestationsCheckpointDetected,
+      this.boundHandleInvalidCheckpoint,
+    );
     return Promise.resolve();
   }
 
   public stop() {
-    this.l2BlockSource.removeListener(
+    this.l2BlockSource.events.removeListener(
       L2BlockSourceEvents.InvalidAttestationsCheckpointDetected,
       this.boundHandleInvalidCheckpoint,
     );
     return Promise.resolve();
   }
 
-  private handleInvalidCheckpoint(event: InvalidCheckpointDetectedEvent): void {
+  /** Event handler for invalid checkpoints as reported by the archiver. Public for testing purposes. */
+  public handleInvalidCheckpoint(event: InvalidCheckpointDetectedEvent): void {
     const { validationResult } = event;
     const checkpoint = validationResult.checkpoint;
 
@@ -139,6 +143,7 @@ export class AttestationsBlockWatcher extends (EventEmitter as new () => Watcher
       committee: validationResult.committee,
       seed: validationResult.seed,
       epoch: validationResult.epoch,
+      isEscapeHatchOpen: false,
     };
     const proposer = this.epochCache.getProposerFromEpochCommittee(epochCommitteeInfo, slot);
 

package/src/watchers/epoch_prune_watcher.ts

@@ -1,23 +1,26 @@
 import { EpochCache } from '@aztec/epoch-cache';
-import { BlockNumber, CheckpointNumber, EpochNumber } from '@aztec/foundation/branded-types';
-import { merge, pick } from '@aztec/foundation/collection';
+import { BlockNumber, EpochNumber } from '@aztec/foundation/branded-types';
+import { chunkBy, merge, pick } from '@aztec/foundation/collection';
+import type { Fr } from '@aztec/foundation/curves/bn254';
 import { type Logger, createLogger } from '@aztec/foundation/log';
 import {
   EthAddress,
-  L2BlockNew,
-  type L2BlockPruneEvent,
+  L2Block,
   type L2BlockSourceEventEmitter,
   L2BlockSourceEvents,
+  type L2PruneUnprovenEvent,
 } from '@aztec/stdlib/block';
 import { getEpochAtSlot } from '@aztec/stdlib/epoch-helpers';
 import type {
-  IFullNodeBlockBuilder,
+  ICheckpointBlockBuilder,
+  ICheckpointsBuilder,
   ITxProvider,
   MerkleTreeWriteOperations,
   SlasherConfig,
 } from '@aztec/stdlib/interfaces/server';
-import type { L1ToL2MessageSource } from '@aztec/stdlib/messaging';
+import { type L1ToL2MessageSource, computeCheckpointOutHash } from '@aztec/stdlib/messaging';
 import { OffenseType, getOffenseTypeName } from '@aztec/stdlib/slashing';
+import type { CheckpointGlobalVariables } from '@aztec/stdlib/tx';
 import {
   ReExFailedTxsError,
   ReExStateMismatchError,
@@ -52,7 +55,7 @@ export class EpochPruneWatcher extends (EventEmitter as new () => WatcherEmitter
     private l1ToL2MessageSource: L1ToL2MessageSource,
     private epochCache: EpochCache,
     private txProvider: Pick<ITxProvider, 'getAvailableTxs'>,
-    private blockBuilder: IFullNodeBlockBuilder,
+    private checkpointsBuilder: ICheckpointsBuilder,
     penalties: EpochPruneWatcherPenalties,
   ) {
     super();
@@ -63,12 +66,12 @@ export class EpochPruneWatcher extends (EventEmitter as new () => WatcherEmitter
   }
 
   public start() {
-    this.l2BlockSource.on(L2BlockSourceEvents.L2PruneDetected, this.boundHandlePruneL2Blocks);
+    this.l2BlockSource.events.on(L2BlockSourceEvents.L2PruneUnproven, this.boundHandlePruneL2Blocks);
     return Promise.resolve();
   }
 
   public stop() {
-    this.l2BlockSource.removeListener(L2BlockSourceEvents.L2PruneDetected, this.boundHandlePruneL2Blocks);
+    this.l2BlockSource.events.removeListener(L2BlockSourceEvents.L2PruneUnproven, this.boundHandlePruneL2Blocks);
     return Promise.resolve();
   }
 
@@ -77,7 +80,7 @@ export class EpochPruneWatcher extends (EventEmitter as new () => WatcherEmitter
     this.log.verbose('EpochPruneWatcher config updated', this.penalties);
   }
 
-  private handlePruneL2Blocks(event: L2BlockPruneEvent): void {
+  private handlePruneL2Blocks(event: L2PruneUnprovenEvent): void {
     const { blocks, epochNumber } = event;
     void this.processPruneL2Blocks(blocks, epochNumber).catch(err =>
       this.log.error('Error processing pruned L2 blocks', err, { epochNumber }),
@@ -95,7 +98,7 @@ export class EpochPruneWatcher extends (EventEmitter as new () => WatcherEmitter
     this.emit(WANT_TO_SLASH_EVENT, args);
   }
 
-  private async processPruneL2Blocks(blocks: L2BlockNew[], epochNumber: EpochNumber): Promise<void> {
+  private async processPruneL2Blocks(blocks: L2Block[], epochNumber: EpochNumber): Promise<void> {
     try {
       const l1Constants = this.epochCache.getL1Constants();
       const epochBlocks = blocks.filter(b => getEpochAtSlot(b.header.getSlot(), l1Constants) === epochNumber);
@@ -104,7 +107,7 @@ export class EpochPruneWatcher extends (EventEmitter as new () => WatcherEmitter
         { blocks: epochBlocks.map(b => b.toBlockInfo()) },
       );
 
-      await this.validateBlocks(epochBlocks);
+      await this.validateBlocks(epochBlocks, epochNumber);
       this.log.info(`Pruned epoch ${epochNumber} was valid. Want to slash committee for not having it proven.`);
       await this.emitSlashForEpoch(OffenseType.VALID_EPOCH_PRUNED, epochNumber);
     } catch (error) {
@@ -119,21 +122,83 @@ export class EpochPruneWatcher extends (EventEmitter as new () => WatcherEmitter
     }
   }
 
-  public async validateBlocks(blocks: L2BlockNew[]): Promise<void> {
+  public async validateBlocks(blocks: L2Block[], epochNumber: EpochNumber): Promise<void> {
     if (blocks.length === 0) {
       return;
     }
-    const fork = await this.blockBuilder.getFork(BlockNumber(blocks[0].header.globalVariables.blockNumber - 1));
+
+    // Sort blocks by block number and group by checkpoint
+    const sortedBlocks = [...blocks].sort((a, b) => a.number - b.number);
+    const blocksByCheckpoint = chunkBy(sortedBlocks, b => b.checkpointNumber);
+
+    // Get prior checkpoints in the epoch (in case this was a partial prune) to extract the out hashes
+    const priorCheckpointOutHashes = (await this.l2BlockSource.getCheckpointsDataForEpoch(epochNumber))
+      .filter(c => c.checkpointNumber < sortedBlocks[0].checkpointNumber)
+      .map(c => c.checkpointOutHash);
+    let previousCheckpointOutHashes: Fr[] = [...priorCheckpointOutHashes];
+
+    const fork = await this.checkpointsBuilder.getFork(
+      BlockNumber(sortedBlocks[0].header.globalVariables.blockNumber - 1),
+    );
     try {
-      for (const block of blocks) {
-        await this.validateBlock(block, fork);
+      for (const checkpointBlocks of blocksByCheckpoint) {
+        await this.validateCheckpoint(checkpointBlocks, previousCheckpointOutHashes, fork);
+
+        // Compute checkpoint out hash from all blocks in this checkpoint
+        const checkpointOutHash = computeCheckpointOutHash(
+          checkpointBlocks.map(b => b.body.txEffects.map(tx => tx.l2ToL1Msgs)),
+        );
+        previousCheckpointOutHashes = [...previousCheckpointOutHashes, checkpointOutHash];
       }
     } finally {
       await fork.close();
     }
   }
 
-  public async validateBlock(blockFromL1: L2BlockNew, fork: MerkleTreeWriteOperations): Promise<void> {
+  private async validateCheckpoint(
+    checkpointBlocks: L2Block[],
+    previousCheckpointOutHashes: Fr[],
+    fork: MerkleTreeWriteOperations,
+  ): Promise<void> {
+    const checkpointNumber = checkpointBlocks[0].checkpointNumber;
+    this.log.debug(`Validating pruned checkpoint ${checkpointNumber} with ${checkpointBlocks.length} blocks`);
+
+    // Get L1ToL2Messages once for the entire checkpoint
+    const l1ToL2Messages = await this.l1ToL2MessageSource.getL1ToL2Messages(checkpointNumber);
+
+    // Build checkpoint constants from first block's global variables
+    const gv = checkpointBlocks[0].header.globalVariables;
+    const constants: CheckpointGlobalVariables = {
+      chainId: gv.chainId,
+      version: gv.version,
+      slotNumber: gv.slotNumber,
+      timestamp: gv.timestamp,
+      coinbase: gv.coinbase,
+      feeRecipient: gv.feeRecipient,
+      gasFees: gv.gasFees,
+    };
+
+    // Start checkpoint builder once for all blocks in this checkpoint
+    const checkpointBuilder = await this.checkpointsBuilder.startCheckpoint(
+      checkpointNumber,
+      constants,
+      0n, // feeAssetPriceModifier is not used for validation of the checkpoint content
+      l1ToL2Messages,
+      previousCheckpointOutHashes,
+      fork,
+      this.log.getBindings(),
+    );
+
+    // Validate all blocks in the checkpoint sequentially
+    for (const block of checkpointBlocks) {
+      await this.validateBlockInCheckpoint(block, checkpointBuilder);
+    }
+  }
+
+  private async validateBlockInCheckpoint(
+    blockFromL1: L2Block,
+    checkpointBuilder: ICheckpointBlockBuilder,
+  ): Promise<void> {
     this.log.debug(`Validating pruned block ${blockFromL1.header.globalVariables.blockNumber}`);
     const txHashes = blockFromL1.body.txEffects.map(txEffect => txEffect.txHash);
     // We load txs from the mempool directly, since the TxCollector running in the background has already been
@@ -145,15 +210,9 @@ export class EpochPruneWatcher extends (EventEmitter as new () => WatcherEmitter
       throw new TransactionsNotAvailableError(missingTxs);
     }
 
-    const checkpointNumber = CheckpointNumber.fromBlockNumber(blockFromL1.number);
-    const l1ToL2Messages = await this.l1ToL2MessageSource.getL1ToL2Messages(checkpointNumber);
-    const { block, failedTxs, numTxs } = await this.blockBuilder.buildBlock(
-      txs,
-      l1ToL2Messages,
-      blockFromL1.header.globalVariables,
-      {},
-      fork,
-    );
+    const gv = blockFromL1.header.globalVariables;
+    const { block, failedTxs, numTxs } = await checkpointBuilder.buildBlock(txs, gv.blockNumber, gv.timestamp, {});
+
     if (numTxs !== txs.length) {
       // This should be detected by state mismatch, but this makes it easier to debug.
       throw new ValidatorError(`Built block with ${numTxs} txs, expected ${txs.length}`);