@aztec/slasher 0.0.1-commit.85d7d01 → 0.0.1-commit.8655d4a

package/src/watchers/attestations_block_watcher.ts

@@ -1,15 +1,16 @@
 import { EpochCache } from '@aztec/epoch-cache';
-import { SlotNumber } from '@aztec/foundation/branded-types';
+import { EpochNumber } from '@aztec/foundation/branded-types';
 import { merge, pick } from '@aztec/foundation/collection';
-import { type Logger, createLogger } from '@aztec/foundation/log';
+import { type Logger, type LoggerBindings, createLogger } from '@aztec/foundation/log';
 import {
+  type DescendentOfInvalidAttestationsCheckpointEvent,
   type InvalidCheckpointDetectedEvent,
   type L2BlockSourceEventEmitter,
   L2BlockSourceEvents,
   type ValidateCheckpointNegativeResult,
 } from '@aztec/stdlib/block';
-import type { CheckpointInfo } from '@aztec/stdlib/checkpoint';
-import { OffenseType } from '@aztec/stdlib/slashing';
+import { getEpochAtSlot } from '@aztec/stdlib/epoch-helpers';
+import { OffenseType, getOffenseTypeName } from '@aztec/stdlib/slashing';
 
 import EventEmitter from 'node:events';
 
@@ -17,27 +18,31 @@ import type { SlasherConfig } from '../config.js';
 import { WANT_TO_SLASH_EVENT, type WantToSlashArgs, type Watcher, type WatcherEmitter } from '../watcher.js';
 
 const AttestationsBlockWatcherConfigKeys = [
-  'slashAttestDescendantOfInvalidPenalty',
+  'slashProposeDescendantOfCheckpointWithInvalidAttestationsPenalty',
   'slashProposeInvalidAttestationsPenalty',
 ] as const;
 
 type AttestationsBlockWatcherConfig = Pick<SlasherConfig, (typeof AttestationsBlockWatcherConfigKeys)[number]>;
 
 /**
- * This watcher is responsible for detecting invalid blocks and creating slashing arguments for offenders.
- * An invalid block is one that doesn't have enough attestations or has incorrect attestations.
- * The proposer of an invalid block should be slashed.
- * If there's another block consecutive to the invalid one, its proposer and attestors should also be slashed.
+ * Watches the archiver for checkpoints whose publication is itself a slashable offense.
+ *
+ * Two cases are handled, both targeting the proposer of the offending checkpoint:
+ *
+ * - Invalid-attestations checkpoint: the proposer published a checkpoint to L1 whose
+ *   attestations are either insufficient (below quorum) or incorrect (signature from a
+ *   non-committee member, malformed signature, etc.). Slashed via
+ *   {@link OffenseType.PROPOSED_INSUFFICIENT_ATTESTATIONS} or
+ *   {@link OffenseType.PROPOSED_INCORRECT_ATTESTATIONS}.
+ *
+ * - Descendant of an invalid checkpoint: the proposer published a checkpoint that extends a
+ *   previously-rejected one. The descendant may itself have valid attestations, but it is still
+ *   unusable. Triggered by the archiver's  `CheckpointBuiltOnInvalidAncestorDetected` event
+ *   when the descendant has valid attestations (skipped before ingestion). Slashes the descendant's
+ *   proposer via {@link OffenseType.PROPOSED_DESCENDANT_OF_CHECKPOINT_WITH_INVALID_ATTESTATIONS}.
  */
 export class AttestationsBlockWatcher extends (EventEmitter as new () => WatcherEmitter) implements Watcher {
-  private log: Logger = createLogger('attestations-block-watcher');
-
-  // Only keep track of the last N invalid checkpoints
-  private maxInvalidCheckpoints = 100;
-
-  // All invalid archive roots seen
-  private invalidArchiveRoots: Set<string> = new Set();
-
+  private log: Logger;
   private config: AttestationsBlockWatcherConfig;
 
   private boundHandleInvalidCheckpoint = (event: InvalidCheckpointDetectedEvent) => {
@@ -51,12 +56,23 @@ export class AttestationsBlockWatcher extends (EventEmitter as new () => Watcher
     }
   };
 
+  private boundHandleDescendantOfInvalid = (event: DescendentOfInvalidAttestationsCheckpointEvent) => {
+    this.handleDescendantOfInvalid(event).catch(err => {
+      this.log.error('Error handling descendant of invalid checkpoint', err, {
+        checkpointNumber: event.checkpoint.checkpointNumber,
+        ancestorCheckpointNumber: event.ancestorCheckpointNumber,
+      });
+    });
+  };
+
   constructor(
     private l2BlockSource: L2BlockSourceEventEmitter,
     private epochCache: EpochCache,
     config: AttestationsBlockWatcherConfig,
+    bindings?: LoggerBindings,
   ) {
     super();
+    this.log = createLogger('slasher:attestations-block-watcher', bindings);
     this.config = pick(config, ...AttestationsBlockWatcherConfigKeys);
     this.log.info('AttestationsBlockWatcher initialized');
   }
@@ -71,6 +87,10 @@ export class AttestationsBlockWatcher extends (EventEmitter as new () => Watcher
       L2BlockSourceEvents.InvalidAttestationsCheckpointDetected,
       this.boundHandleInvalidCheckpoint,
     );
+    this.l2BlockSource.events.on(
+      L2BlockSourceEvents.DescendentOfInvalidAttestationsCheckpointDetected,
+      this.boundHandleDescendantOfInvalid,
+    );
     return Promise.resolve();
   }
 
@@ -79,91 +99,87 @@ export class AttestationsBlockWatcher extends (EventEmitter as new () => Watcher
       L2BlockSourceEvents.InvalidAttestationsCheckpointDetected,
       this.boundHandleInvalidCheckpoint,
     );
+    this.l2BlockSource.events.removeListener(
+      L2BlockSourceEvents.DescendentOfInvalidAttestationsCheckpointDetected,
+      this.boundHandleDescendantOfInvalid,
+    );
     return Promise.resolve();
   }
 
   /** Event handler for invalid checkpoints as reported by the archiver. Public for testing purposes. */
   public handleInvalidCheckpoint(event: InvalidCheckpointDetectedEvent): void {
     const { validationResult } = event;
-    const checkpoint = validationResult.checkpoint;
-
-    // Check if we already have processed this checkpoint, archiver may emit the same event multiple times
-    if (this.invalidArchiveRoots.has(checkpoint.archive.toString())) {
-      this.log.trace(`Already processed invalid checkpoint ${checkpoint.checkpointNumber}`);
-      return;
-    }
+    const { reason, checkpoint } = validationResult;
 
     this.log.verbose(`Detected invalid checkpoint ${checkpoint.checkpointNumber}`, {
       ...checkpoint,
       reason: validationResult.valid === false ? validationResult.reason : 'unknown',
     });
 
-    // Store the invalid checkpoint
-    this.addInvalidCheckpoint(event.validationResult.checkpoint);
+    const { checkpointNumber, slotNumber: slot } = checkpoint;
+    const epochCommitteeInfo = { ...validationResult, isEscapeHatchOpen: false };
+    const proposer = this.epochCache.getProposerFromEpochCommittee(epochCommitteeInfo, slot);
 
-    // Slash the proposer of the invalid checkpoint
-    this.slashProposer(event.validationResult);
+    if (!proposer) {
+      this.log.warn(`No proposer found for checkpoint ${checkpointNumber} at slot ${slot}`);
+      return;
+    }
 
-    // Check if the parent of this checkpoint is invalid as well, if so, we will slash its attestors as well
-    this.slashAttestorsOnAncestorInvalid(event.validationResult);
-  }
+    const offense = this.getOffenseFromInvalidationReason(reason);
+    const amount = this.config.slashProposeInvalidAttestationsPenalty;
+    const args: WantToSlashArgs = {
+      validator: proposer,
+      amount,
+      offenseType: offense,
+      epochOrSlot: BigInt(slot),
+    };
 
-  private slashAttestorsOnAncestorInvalid(validationResult: ValidateCheckpointNegativeResult) {
-    const checkpoint = validationResult.checkpoint;
-
-    const parentArchive = checkpoint.lastArchive.toString();
-    if (this.invalidArchiveRoots.has(parentArchive)) {
-      const attestors = validationResult.attestors;
-      this.log.info(
-        `Want to slash attestors of checkpoint ${checkpoint.checkpointNumber} built on invalid checkpoint`,
-        {
-          ...checkpoint,
-          ...attestors,
-          parentArchive,
-        },
-      );
+    this.log.info(`Detected invalid attestations checkpoint proposer offense`, {
+      ...checkpoint,
+      reason,
+      validator: args.validator.toString(),
+      amount: args.amount,
+      offenseType: getOffenseTypeName(args.offenseType),
+      epochOrSlot: args.epochOrSlot,
+    });
 
-      this.emit(
-        WANT_TO_SLASH_EVENT,
-        attestors.map(attestor => ({
-          validator: attestor,
-          amount: this.config.slashAttestDescendantOfInvalidPenalty,
-          offenseType: OffenseType.ATTESTED_DESCENDANT_OF_INVALID,
-          epochOrSlot: BigInt(SlotNumber(checkpoint.slotNumber)),
-        })),
-      );
-    }
+    this.emit(WANT_TO_SLASH_EVENT, [args]);
   }
 
-  private slashProposer(validationResult: ValidateCheckpointNegativeResult) {
-    const { reason, checkpoint } = validationResult;
-    const checkpointNumber = checkpoint.checkpointNumber;
+  /**
+   * Event handler for valid-attestations checkpoints that build on a previously-rejected ancestor.
+   * The archiver emits this when ingesting the descendant, and we slash its proposer.
+   */
+  public async handleDescendantOfInvalid(event: DescendentOfInvalidAttestationsCheckpointEvent): Promise<void> {
+    const { checkpoint, ancestorCheckpointNumber, ancestorArchiveRoot } = event;
+
     const slot = checkpoint.slotNumber;
-    const epochCommitteeInfo = {
-      committee: validationResult.committee,
-      seed: validationResult.seed,
-      epoch: validationResult.epoch,
-      isEscapeHatchOpen: false,
-    };
-    const proposer = this.epochCache.getProposerFromEpochCommittee(epochCommitteeInfo, slot);
+    const epoch = EpochNumber(getEpochAtSlot(slot, this.epochCache.getL1Constants()));
+    const epochCommitteeInfo = await this.epochCache.getCommitteeForEpoch(epoch);
+    const proposer = this.epochCache.getProposerFromEpochCommittee({ ...epochCommitteeInfo, epoch }, slot);
 
     if (!proposer) {
-      this.log.warn(`No proposer found for checkpoint ${checkpointNumber} at slot ${slot}`);
+      this.log.warn(
+        `No proposer found for invalid descendant checkpoint ${checkpoint.checkpointNumber} at slot ${slot}`,
+      );
       return;
     }
 
-    const offense = this.getOffenseFromInvalidationReason(reason);
-    const amount = this.config.slashProposeInvalidAttestationsPenalty;
     const args: WantToSlashArgs = {
       validator: proposer,
-      amount,
-      offenseType: offense,
+      amount: this.config.slashProposeDescendantOfCheckpointWithInvalidAttestationsPenalty,
+      offenseType: OffenseType.PROPOSED_DESCENDANT_OF_CHECKPOINT_WITH_INVALID_ATTESTATIONS,
       epochOrSlot: BigInt(slot),
     };
 
-    this.log.info(`Want to slash proposer of checkpoint ${checkpointNumber} due to ${reason}`, {
+    this.log.info(`Detected invalid descendant checkpoint proposer offense`, {
       ...checkpoint,
-      ...args,
+      ancestorCheckpointNumber,
+      ancestorArchiveRoot: ancestorArchiveRoot.toString(),
+      validator: args.validator.toString(),
+      amount: args.amount,
+      offenseType: getOffenseTypeName(args.offenseType),
+      epochOrSlot: args.epochOrSlot,
     });
 
     this.emit(WANT_TO_SLASH_EVENT, [args]);
@@ -181,14 +197,4 @@ export class AttestationsBlockWatcher extends (EventEmitter as new () => Watcher
       }
     }
   }
-
-  private addInvalidCheckpoint(checkpoint: CheckpointInfo) {
-    this.invalidArchiveRoots.add(checkpoint.archive.toString());
-
-    // Prune old entries if we exceed the maximum
-    if (this.invalidArchiveRoots.size > this.maxInvalidCheckpoints) {
-      const oldestKey = this.invalidArchiveRoots.keys().next().value!;
-      this.invalidArchiveRoots.delete(oldestKey);
-    }
-  }
 }

package/src/watchers/attested_invalid_proposal_watcher.ts

@@ -0,0 +1,168 @@
+import type { EpochCacheInterface } from '@aztec/epoch-cache';
+import { SlotNumber } from '@aztec/foundation/branded-types';
+import { merge, pick } from '@aztec/foundation/collection';
+import type { EthAddress } from '@aztec/foundation/eth-address';
+import { FifoSet } from '@aztec/foundation/fifo-set';
+import { type Logger, createLogger } from '@aztec/foundation/log';
+import { RunningPromise } from '@aztec/foundation/running-promise';
+import type { L2BlockSource } from '@aztec/stdlib/block';
+import type { P2PClient, SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import type { CheckpointAttestation } from '@aztec/stdlib/p2p';
+import { OffenseType, getOffenseTypeName } from '@aztec/stdlib/slashing';
+
+import EventEmitter from 'node:events';
+
+import { WANT_TO_SLASH_EVENT, type WantToSlashArgs, type Watcher, type WatcherEmitter } from '../watcher.js';
+
+const AttestedInvalidProposalWatcherConfigKeys = ['slashAttestInvalidCheckpointProposalPenalty'] as const;
+
+const SCAN_SLOT_LAG = 1;
+const DEFAULT_SCAN_SLOT_LOOKBACK = 4;
+const MAX_TRACKED_BAD_ATTESTATIONS = 10_000;
+
+type AttestedInvalidProposalWatcherConfig = Pick<
+  SlasherConfig,
+  (typeof AttestedInvalidProposalWatcherConfigKeys)[number]
+>;
+
+type P2PCheckpointAttestationSource = Pick<P2PClient, 'getCheckpointAttestationsForSlot'>;
+
+type AttestedInvalidProposalWatcherOptions = {
+  scanSlotLookback?: number;
+  log?: Logger;
+};
+
+export type InvalidProposalSlotSource = {
+  hasInvalidProposals(slot: SlotNumber): boolean;
+  hasProposalEquivocation(slot: SlotNumber): boolean;
+};
+
+export class AttestedInvalidProposalWatcher extends (EventEmitter as new () => WatcherEmitter) implements Watcher {
+  private readonly log: Logger;
+  private readonly runningPromise: RunningPromise;
+  private readonly emittedOffenses = FifoSet.withLimit<string>(MAX_TRACKED_BAD_ATTESTATIONS);
+  private readonly scanSlotLookback: number;
+  private config: AttestedInvalidProposalWatcherConfig;
+  private lastScannedSlot: SlotNumber | undefined;
+
+  constructor(
+    private readonly p2pClient: P2PCheckpointAttestationSource,
+    private readonly invalidProposalSlotSource: InvalidProposalSlotSource,
+    private readonly l2BlockSource: Pick<L2BlockSource, 'getSyncedL2SlotNumber'>,
+    private readonly epochCache: Pick<EpochCacheInterface, 'getSlotNow' | 'getL1Constants'>,
+    config: AttestedInvalidProposalWatcherConfig,
+    options: AttestedInvalidProposalWatcherOptions = {},
+  ) {
+    super();
+    const constants = epochCache.getL1Constants();
+    this.log = options.log ?? createLogger('attested-invalid-proposal-watcher');
+    this.config = pick(config, ...AttestedInvalidProposalWatcherConfigKeys);
+    this.scanSlotLookback = Math.max(1, options.scanSlotLookback ?? DEFAULT_SCAN_SLOT_LOOKBACK);
+
+    const intervalMs = Math.max(1000, (constants.ethereumSlotDuration * 1000) / 4);
+    this.runningPromise = new RunningPromise(() => this.scan(), this.log, intervalMs);
+    this.log.info('AttestedInvalidProposalWatcher initialized', { scanSlotLookback: this.scanSlotLookback });
+  }
+
+  public updateConfig(config: Partial<SlasherConfig>): void {
+    this.config = merge(this.config, pick(config, ...AttestedInvalidProposalWatcherConfigKeys));
+    this.log.verbose('AttestedInvalidProposalWatcher config updated', this.config);
+  }
+
+  public start(): Promise<void> {
+    this.runningPromise.start();
+    return Promise.resolve();
+  }
+
+  public stop(): Promise<void> {
+    return this.runningPromise.stop();
+  }
+
+  public async scan(): Promise<void> {
+    const currentSlot = (await this.l2BlockSource.getSyncedL2SlotNumber()) ?? this.epochCache.getSlotNow();
+    // genesis
+    if (currentSlot <= SlotNumber(SCAN_SLOT_LAG)) {
+      return;
+    }
+
+    const newestSlotToConsider = SlotNumber(currentSlot - SCAN_SLOT_LAG);
+    const oldestSlot =
+      this.lastScannedSlot === undefined
+        ? SlotNumber(Math.max(0, newestSlotToConsider - this.scanSlotLookback + 1))
+        : SlotNumber(this.lastScannedSlot + 1);
+    if (oldestSlot > newestSlotToConsider) {
+      return;
+    }
+
+    for (let slot = oldestSlot; slot <= newestSlotToConsider; slot++) {
+      await this.scanSlot(slot);
+    }
+
+    this.lastScannedSlot = newestSlotToConsider;
+  }
+
+  /** Scans a single invalid-proposal slot. */
+  public async scanSlot(slot: SlotNumber): Promise<void> {
+    if (
+      this.invalidProposalSlotSource.hasProposalEquivocation(slot) ||
+      !this.invalidProposalSlotSource.hasInvalidProposals(slot)
+    ) {
+      return;
+    }
+
+    let attestations: CheckpointAttestation[];
+    try {
+      attestations = await this.p2pClient.getCheckpointAttestationsForSlot(slot);
+    } catch (err) {
+      this.log.warn('Error getting checkpoint attestations for invalid proposal slot', { err, slot });
+      return;
+    }
+
+    const slashArgs = attestations
+      .map(attestation => this.getSlashArgs(slot, attestation))
+      .filter((args): args is WantToSlashArgs => args !== undefined)
+      .filter(args => this.markAsNewOffense(args));
+
+    if (slashArgs.length === 0) {
+      return;
+    }
+
+    this.log.info('Detected attestations to invalid checkpoint proposal', {
+      slot,
+      offenses: slashArgs.map(args => ({
+        validator: args.validator.toString(),
+        amount: args.amount,
+        offenseType: getOffenseTypeName(args.offenseType),
+        epochOrSlot: args.epochOrSlot,
+      })),
+    });
+    this.emit(WANT_TO_SLASH_EVENT, slashArgs);
+  }
+
+  private getSlashArgs(slot: SlotNumber, attestation: CheckpointAttestation): WantToSlashArgs | undefined {
+    const attester = attestation.getSender();
+    if (!attester) {
+      this.log.warn('Cannot slash checkpoint attestation with invalid signature', {
+        slot,
+        archive: attestation.archive.toString(),
+      });
+      return undefined;
+    }
+
+    return this.getSlashArgsForAttester(slot, attester);
+  }
+
+  private getSlashArgsForAttester(slot: SlotNumber, attester: EthAddress): WantToSlashArgs {
+    return {
+      validator: attester,
+      amount: this.config.slashAttestInvalidCheckpointProposalPenalty,
+      offenseType: OffenseType.ATTESTED_TO_INVALID_CHECKPOINT_PROPOSAL,
+      epochOrSlot: BigInt(slot),
+    };
+  }
+
+  private markAsNewOffense(args: WantToSlashArgs): boolean {
+    const key = `${args.validator.toString()}-${args.offenseType}-${args.epochOrSlot}`;
+    return this.emittedOffenses.addIfAbsent(key);
+  }
+}

package/src/watchers/broadcasted_invalid_checkpoint_proposal_watcher.ts

@@ -0,0 +1,192 @@
+import type { EpochCacheInterface } from '@aztec/epoch-cache';
+import { SlotNumber } from '@aztec/foundation/branded-types';
+import { merge, pick } from '@aztec/foundation/collection';
+import type { EthAddress } from '@aztec/foundation/eth-address';
+import { FifoSet } from '@aztec/foundation/fifo-set';
+import { type Logger, createLogger } from '@aztec/foundation/log';
+import { RunningPromise } from '@aztec/foundation/running-promise';
+import type { L2BlockSource } from '@aztec/stdlib/block';
+import type { P2PClient, SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import type { BlockProposal, CheckpointProposalCore } from '@aztec/stdlib/p2p';
+import { OffenseType, getOffenseTypeName } from '@aztec/stdlib/slashing';
+
+import EventEmitter from 'node:events';
+
+import { WANT_TO_SLASH_EVENT, type WantToSlashArgs, type Watcher, type WatcherEmitter } from '../watcher.js';
+
+const BroadcastedInvalidCheckpointProposalWatcherConfigKeys = [
+  'slashBroadcastedInvalidCheckpointProposalPenalty',
+] as const;
+
+const SCAN_SLOT_LAG = 1;
+const DEFAULT_SCAN_SLOT_LOOKBACK = 4;
+
+type BroadcastedInvalidCheckpointProposalWatcherConfig = Pick<
+  SlasherConfig,
+  (typeof BroadcastedInvalidCheckpointProposalWatcherConfigKeys)[number]
+>;
+
+type ProposalsForSlot = Awaited<ReturnType<P2PClient['getProposalsForSlot']>>;
+type P2PProposalsForSlotSource = Pick<P2PClient, 'getProposalsForSlot'>;
+
+type SignedBlockProposal = {
+  proposal: BlockProposal;
+  signer: EthAddress;
+};
+
+/** Detects truncated-checkpoint proposal offenses from retained signed P2P proposals. */
+export class BroadcastedInvalidCheckpointProposalWatcher
+  extends (EventEmitter as new () => WatcherEmitter)
+  implements Watcher
+{
+  private readonly log: Logger = createLogger('broadcasted-invalid-checkpoint-proposal-watcher');
+  private readonly runningPromise: RunningPromise;
+  private readonly emittedOffenses: FifoSet<string>;
+  private readonly scanSlotLookback: number;
+  private config: BroadcastedInvalidCheckpointProposalWatcherConfig;
+  private lastScannedSlot: SlotNumber | undefined;
+
+  constructor(
+    private readonly p2pClient: P2PProposalsForSlotSource,
+    private readonly l2BlockSource: Pick<L2BlockSource, 'getSyncedL2SlotNumber'>,
+    private readonly epochCache: Pick<EpochCacheInterface, 'getSlotNow' | 'getL1Constants'>,
+    config: BroadcastedInvalidCheckpointProposalWatcherConfig,
+    scanSlotLookback = DEFAULT_SCAN_SLOT_LOOKBACK,
+  ) {
+    super();
+    const constants = epochCache.getL1Constants();
+    this.config = pick(config, ...BroadcastedInvalidCheckpointProposalWatcherConfigKeys);
+    this.scanSlotLookback = Math.max(1, scanSlotLookback);
+
+    // Bound emitted offenses to the number of slots we rescan. This watcher currently tracks one offense type,
+    // and at most one offense of that type can be emitted per slot.
+    const offenseTypes = 1;
+    this.emittedOffenses = FifoSet.withLimit<string>(offenseTypes * this.scanSlotLookback);
+
+    const intervalMs = Math.max(1000, (constants.ethereumSlotDuration * 1000) / 4);
+    this.runningPromise = new RunningPromise(() => this.scan(), this.log, intervalMs);
+    this.log.info('BroadcastedInvalidCheckpointProposalWatcher initialized', {
+      scanSlotLookback: this.scanSlotLookback,
+    });
+  }
+
+  public updateConfig(config: Partial<BroadcastedInvalidCheckpointProposalWatcherConfig>): void {
+    this.config = merge(this.config, pick(config, ...BroadcastedInvalidCheckpointProposalWatcherConfigKeys));
+    this.log.verbose('BroadcastedInvalidCheckpointProposalWatcher config updated', this.config);
+  }
+
+  public start(): Promise<void> {
+    this.runningPromise.start();
+    return Promise.resolve();
+  }
+
+  public stop(): Promise<void> {
+    return this.runningPromise.stop();
+  }
+
+  /**
+   * Scans newly closed slots, plus a small lookback for late-arriving proposals. Anchors
+   * `currentSlot` at the archiver's last synced L2 slot.
+   */
+  public async scan(): Promise<void> {
+    const currentSlot = (await this.l2BlockSource.getSyncedL2SlotNumber()) ?? this.epochCache.getSlotNow();
+    if (currentSlot <= SlotNumber(SCAN_SLOT_LAG)) {
+      return;
+    }
+
+    const newestSlotToConsider = SlotNumber(currentSlot - 1 - SCAN_SLOT_LAG);
+    const oldestLookbackSlot = SlotNumber(Math.max(0, newestSlotToConsider - this.scanSlotLookback + 1));
+    const oldestUnscannedSlot =
+      this.lastScannedSlot === undefined ? oldestLookbackSlot : SlotNumber(this.lastScannedSlot + 1);
+    const oldestSlot = SlotNumber(Math.min(oldestLookbackSlot, oldestUnscannedSlot));
+    for (let slot = oldestSlot; slot <= newestSlotToConsider; slot++) {
+      await this.scanSlot(SlotNumber(slot));
+    }
+    this.lastScannedSlot = newestSlotToConsider;
+  }
+
+  /** Scans a single slot. Public for tests. */
+  public async scanSlot(slot: SlotNumber): Promise<void> {
+    const proposals = await this.p2pClient.getProposalsForSlot(slot);
+    const slashArgs = this.getSlashArgsForProposals(slot, proposals).filter(args => this.markAsNewOffense(args));
+    if (slashArgs.length === 0) {
+      return;
+    }
+
+    this.log.info(`Detected broadcasted invalid checkpoint proposal offense`, {
+      slot,
+      offenses: slashArgs.map(args => ({
+        validator: args.validator.toString(),
+        amount: args.amount,
+        offenseType: getOffenseTypeName(args.offenseType),
+        epochOrSlot: args.epochOrSlot,
+      })),
+    });
+    this.emit(WANT_TO_SLASH_EVENT, slashArgs);
+  }
+
+  private getSlashArgsForProposals(slot: SlotNumber, proposals: ProposalsForSlot): WantToSlashArgs[] {
+    const offenders = this.findOffenders(proposals.blockProposals, proposals.checkpointProposals);
+    // we expect one proposer per slot today.
+    return [...offenders.values()].map(validator => ({
+      validator,
+      amount: this.config.slashBroadcastedInvalidCheckpointProposalPenalty,
+      offenseType: OffenseType.BROADCASTED_INVALID_CHECKPOINT_PROPOSAL,
+      epochOrSlot: BigInt(slot),
+    }));
+  }
+
+  private findOffenders(blockProposals: BlockProposal[], checkpointProposals: CheckpointProposalCore[]) {
+    const blocksBySigner = this.getSignedBlocksBySigner(blockProposals);
+    const offenders = new Map<string, EthAddress>();
+
+    for (const checkpoint of checkpointProposals) {
+      const checkpointSigner = checkpoint.getSender();
+      if (!checkpointSigner) {
+        continue;
+      }
+
+      const signerKey = checkpointSigner.toString();
+      const signerBlocks = blocksBySigner.get(signerKey) ?? [];
+      const terminalBlocks = signerBlocks.filter(
+        ({ proposal }) => proposal.slotNumber === checkpoint.slotNumber && proposal.archive.equals(checkpoint.archive),
+      );
+      if (terminalBlocks.length === 0) {
+        continue;
+      }
+
+      const hasTruncatedHigherBlock = terminalBlocks.some(terminalBlock =>
+        signerBlocks.some(
+          ({ proposal }) =>
+            proposal.slotNumber === checkpoint.slotNumber &&
+            proposal.indexWithinCheckpoint > terminalBlock.proposal.indexWithinCheckpoint,
+        ),
+      );
+      if (hasTruncatedHigherBlock) {
+        offenders.set(signerKey, checkpointSigner);
+      }
+    }
+
+    return offenders;
+  }
+
+  private getSignedBlocksBySigner(blockProposals: BlockProposal[]): Map<string, SignedBlockProposal[]> {
+    const blocksBySigner = new Map<string, SignedBlockProposal[]>();
+    for (const proposal of blockProposals) {
+      const signer = proposal.getSender();
+      if (!signer) {
+        continue;
+      }
+      const signerKey = signer.toString();
+      const signerBlocks = blocksBySigner.get(signerKey) ?? [];
+      signerBlocks.push({ proposal, signer });
+      blocksBySigner.set(signerKey, signerBlocks);
+    }
+    return blocksBySigner;
+  }
+
+  private markAsNewOffense(args: WantToSlashArgs): boolean {
+    const key = `${args.validator.toString()}-${args.offenseType}-${args.epochOrSlot}`;
+    return this.emittedOffenses.addIfAbsent(key);
+  }
+}