@aztec/slasher 0.0.1-commit.96dac018d → 0.0.1-commit.993d240

package/README.md

@@ -16,15 +16,9 @@ No manual intervention is required for normal operation. The slasher client hand
 - Generating appropriate slash actions
 - Coordinating with the SequencerPublisher for L1 execution
 
-## Slashing Models
+## Slashing Model
 
-The system supports two slashing models:
-
-### Tally Model
-
-_This is the model currently in use._
-
-The tally model uses consensus-based voting where proposers vote on individual validator offenses. Time is divided into rounds, and during each round, proposers submit votes indicating which validators from a given past round should be slashed (eg round N votes to slash the validators from round N-2). Votes are encoded as bytes where each validator's vote is represented by 2 bits indicating the slash amount (0-3 slash units) for each validator. The L1 contract tallies votes and slashes validators that reach quorum.
+The slashing model uses consensus-based voting where proposers vote on individual validator offenses. Time is divided into rounds, and during each round, proposers submit votes indicating which validators from a given past round should be slashed (eg round N votes to slash the validators from round N-2). Votes are encoded as bytes where each validator's vote is represented by 2 bits indicating the slash amount (0-3 slash units) for each validator. The L1 contract tallies votes and slashes validators that reach quorum.
 
 Key characteristics:
 - Proposers vote directly on validator offenses
@@ -34,23 +28,12 @@ Key characteristics:
 - Execution happens after a delay period for review
 - Slash payloads can be vetoed during the execution delay period
 
-### Empire Model
-
-_This model was developed during an earlier iteration and later modified, but never tested in a real network. It remains in the code in case we decide to switch from the tally model in the future._
-
-The empire model piggybacks on the empire governance system and uses fixed slash payloads that are created and voted on. Proposers aggregate pending offenses and create payloads containing multiple offenses, or vote for existing payloads. The payload with the highest score (based on total offenses, votes received, and round progress) gets executed.
-
-Key characteristics:
-- Fixed payloads containing multiple offenses
-- Payload scoring system for selection
-- Requires agreement on payload contents (main reason why it was dropped in favor of the Tally model)
-
 ## Architecture
 
 ### Core Components
 
 #### SlasherClientInterface
-Common interface implemented by both tally and empire clients. Provides methods for:
+Interface implemented by the slasher client. Provides methods for:
 - `getProposerActions()`: Returns actions for the current proposer
 - `gatherOffensesForRound()`: Collects offenses for a specific round
 
@@ -73,11 +56,8 @@ Monitors slashing rounds and triggers actions on round transitions:
 
 #### ProposerSlashAction
 Actions returned by the slasher client to the SequencerPublisher:
-- `vote-offenses`: Vote on validator offenses (tally model)
-- `execute-slash`: Execute slashing for a round that reached quorum (tally model)
-- `create-empire-payload`: Create a new slash payload (empire model)
-- `vote-empire-payload`: Vote for an existing payload (empire model)
-- `execute-empire-payload`: Execute a payload with sufficient votes (empire model)
+- `vote-offenses`: Vote on validator offenses
+- `execute-slash`: Execute slashing for a round that reached quorum
 
 ### Integration Flow
 
@@ -101,53 +81,59 @@ Key features:
 List of all slashable offenses in the system:
 
 ### DATA_WITHHOLDING
-**Description**: The data required for proving an epoch was not made publicly available.  
-**Detection**: EpochPruneWatcher detects when an epoch cannot be proven due to missing data.  
-**Target**: Committee members of the affected epoch.  
-**Time Unit**: Epoch-based offense.
-
-### VALID_EPOCH_PRUNED
-**Description**: An epoch was not successfully proven within the proof submission window.  
-**Detection**: EpochPruneWatcher monitors epochs that expire without valid proofs.  
-**Target**: Committee members of the unpruned epoch.  
-**Time Unit**: Epoch-based offense.
+**Description**: The transaction data for a published checkpoint was not made available within the tolerance window.
+**Detection**: DataWithholdingWatcher checks each published checkpoint's txs against the local mempool once `slashDataWithholdingToleranceSlots` full slots have elapsed past the checkpoint's slot (i.e. at `slotStart(checkpoint.slot + slashDataWithholdingToleranceSlots + 1)`).
+**Target**: Validators who attested to the checkpoint.
+**Time Unit**: Slot-based offense (the checkpoint's slot).
 
 ### INACTIVITY
-**Description**: A proposer failed to attest or propose blocks during their assigned slots.  
-**Detection**: Sentinel tracks validator performance and identifies validators who miss attestations beyond threshold.  
-**Target**: Individual inactive validator.  
+**Description**: A proposer failed to attest or propose blocks during their assigned slots.
+**Detection**: Sentinel tracks validator performance and identifies validators who miss attestations beyond threshold.
+**Target**: Individual inactive validator.
 **Time Unit**: Epoch-based offense.
 
 ### BROADCASTED_INVALID_BLOCK_PROPOSAL
-**Description**: A proposer broadcast an invalid block proposal over the p2p network.  
-**Detection**: Validators detect invalid proposals during attestation validation.  
-**Target**: Proposer who broadcast the invalid block.  
-**Time Unit**: Slot-based offense.  
+**Description**: A proposer broadcast an invalid block proposal over the p2p network.
+**Detection**: Validators detect invalid proposals during attestation validation.
+**Target**: Proposer who broadcast the invalid block.
+**Time Unit**: Slot-based offense.
 
 ### PROPOSED_INSUFFICIENT_ATTESTATIONS
-**Description**: A proposer submitted a block to L1 without sufficient committee attestations.  
-**Detection**: AttestationsBlockWatcher checks L1 blocks for attestation count.  
-**Target**: Block proposer.  
+**Description**: A proposer submitted a block to L1 without sufficient committee attestations.
+**Detection**: AttestationsBlockWatcher checks L1 blocks for attestation count.
+**Target**: Block proposer.
 **Time Unit**: Slot-based offense.
 
 ### PROPOSED_INCORRECT_ATTESTATIONS
-**Description**: A proposer submitted a block to L1 with signatures from non-committee members.  
-**Detection**: AttestationsBlockWatcher validates attestation signatures against committee membership.  
-**Target**: Block proposer.  
+**Description**: A proposer submitted a block to L1 with signatures from non-committee members.
+**Detection**: AttestationsBlockWatcher validates attestation signatures against committee membership.
+**Target**: Block proposer.
 **Time Unit**: Slot-based offense.
 
-### ATTESTED_DESCENDANT_OF_INVALID
-**Description**: A committee member attested to a block built on top of an invalid ancestor.
-**Detection**: AttestationsBlockWatcher tracks invalid blocks and their descendants.
-**Target**: Committee members who attested to the descendant block.
+### PROPOSED_DESCENDANT_OF_CHECKPOINT_WITH_INVALID_ATTESTATIONS
+**Description**: A proposer published a checkpoint to L1 that builds on an invalid checkpoint (one with invalid or insufficient attestations).
+**Detection**: AttestationsBlockWatcher tracks invalid checkpoints and their descendants.
+**Target**: Proposer of the descendant checkpoint.
 **Time Unit**: Slot-based offense.
 
 ### DUPLICATE_PROPOSAL
-**Description**: A proposer sent multiple block or checkpoint proposals for the same position (slot and indexWithinCheckpoint for blocks, or slot for checkpoints) with different content. Since each slot has exactly one designated proposer, sending conflicting proposals is equivocation.
-**Detection**: Detected in the P2P layer when proposals are received. The AttestationPool tracks proposals by position; when a second proposal arrives for the same position with a different archive, it flags the duplicate. The first duplicate is propagated (Accept) so other validators can witness the offense.
+**Description**: A proposer sent multiple block or checkpoint proposals for the same position (slot and indexWithinCheckpoint for blocks, or slot for checkpoints) with different content. Since each slot has exactly one designated proposer, sending conflicting proposals is equivocation. This also covers the case where a proposer broadcasts one checkpoint proposal via P2P but submits a different checkpoint to L1 for the same slot.
+**Detection**: Detected in two places. (1) The P2P layer flags duplicates when a second proposal arrives for the same position with a different archive; the AttestationPool tracks proposals by position and the first duplicate is propagated (Accept) so other validators can witness the offense. (2) CheckpointEquivocationWatcher compares the archive root of each L1-confirmed checkpoint against retained signed P2P checkpoint proposals from the same slot's proposer and flags any mismatch.
 **Target**: Proposer who broadcast the duplicate proposal.
 **Time Unit**: Slot-based offense.
 
+### ATTESTED_TO_INVALID_CHECKPOINT_PROPOSAL
+**Description**: A committee member attested to a checkpoint proposal in a slot where this node detected a slashable invalid block proposal.
+**Detection**: ValidatorClient marks slots with invalid block proposals detected via reexecution and slashes checkpoint attesters seen for that slot. If proposal equivocation is later detected for the slot, pending bad-attestation offenses are cleared.
+**Target**: Committee members who attested in the invalid proposal slot.
+**Time Unit**: Slot-based offense.
+
+### BROADCASTED_INVALID_CHECKPOINT_PROPOSAL
+**Description**: A proposer broadcast an invalid checkpoint proposal, either one that terminates before a higher-index block proposal signed by the same proposer in the same slot, one whose signed header does not match deterministic validator recomputation, or one with a malformed fee asset price modifier. The first case also covers AZIP-7's _Submitting Block Proposal After Checkpoint_: a later block signed by the same proposer in the same slot makes the prior checkpoint retroactively invalid.
+**Detection**: BroadcastedInvalidCheckpointProposalWatcher scans retained P2P proposal evidence and compares checkpoint archive roots to signed block proposals from the same slot and signer. ValidatorClient also validates checkpoint proposals during the all-nodes callback and emits this offense when checkpoint header recomputation fails or the signed fee asset price modifier is malformed.
+**Target**: Proposer who broadcast the invalid checkpoint proposal.
+**Time Unit**: Slot-based offense.
+
 ## Configuration
 
 ### L1 System Settings (L1ContractsConfig)
@@ -155,39 +141,43 @@ These settings are deployed with the L1 contracts and apply system-wide to the p
 
 - `slashingQuorumSize`: Votes required to slash (defaults to half the validators in a round, plus one)
 - `slashingRoundSizeInEpochs`: Number of epochs per slashing round
-- `slashingOffsetInRounds`: How many rounds to look back for offenses (tally model)
+- `slashingOffsetInRounds`: How many rounds to look back for offenses
 - `slashingExecutionDelayInRounds`: Rounds to wait before execution
 - `slashingLifetimeInRounds`: Maximum age of executable rounds
-- `slashingAmounts`: Valid values for each individual slash (tally model)
+- `slashingAmounts`: Valid values for each individual slash
 
 Considerations:
 
 - The `slashingQuorumSize` should be more than half and less than the total number of validators in a round, so that we require a majority to slash. The number of validators in a round is the committee size times the number of epochs in a round.
-- The bigger a `slashingRoundSizeInEpochs`, the bigger the upper bound on the quorum size. This increases security, as we need more validators to agree before slashing. However, it also makes slashing slower, and more expensive to execute in terms of gas in the tally model.
-- The `slashingOffsetInRounds` is required because the validators in a given slashing round must vote for _past_ offenses. Otherwise, if someone commits an offense near the end of a round, they can get away with their offense without the validators being able to collect enough votes to slash them. The offset needs to be big enough so that all offenses are discoverable, so this value should be strictly greater than the proof submission window in order to be able to slash for epoch prunes or data withholding.
+- The bigger a `slashingRoundSizeInEpochs`, the bigger the upper bound on the quorum size. This increases security, as we need more validators to agree before slashing. However, it also makes slashing slower, and more expensive to execute in terms of gas.
+- The `slashingOffsetInRounds` is required because the validators in a given slashing round must vote for _past_ offenses. Otherwise, if someone commits an offense near the end of a round, they can get away with their offense without the validators being able to collect enough votes to slash them. The offset needs to be big enough so that all offenses are discoverable, so this value should be strictly greater than the data-withholding tolerance window so that there is time to detect missing data and vote.
 - The `slashingExecutionDelayInRounds` allows vetoers to stop an invalid slash. This should be large enough to give vetoers time to act, but strictly smaller than the validator exit window, so an offender cannot escape before they are slashed. It should also be small enough so that an offender that would be kicked out does not get picked up to be a committee member again before their slash is executed. In other words, if a validator commits a serious enough offense that we want them out of the validator set as soon as possible, the execution delay should not allow them to be chosen to participate in another committee.
 
 ### Local Node Configuration (SlasherConfig)
 
 These settings are configured locally on each validator node:
 
+Block and checkpoint validation settings are expected to be the same across all validators. Slashing relies on
+validators making the same deterministic validity decisions for block and checkpoint proposals; operators should not run
+with divergent validation limits.
+
 - `slashGracePeriodL2Slots`: Number of initial L2 slots where slashing is disabled
 - `slashOffenseExpirationRounds`: Number of rounds after which pending offenses expire
 - `slashValidatorsAlways`: Array of validator addresses that should always be slashed
 - `slashValidatorsNever`: Array of validator addresses that should never be slashed (own validator addresses are automatically added to this list)
 - `slashInactivityTargetPercentage`: Percentage of misses during an epoch to be slashed for INACTIVITY
 - `slashInactivityConsecutiveEpochThreshold`: How many consecutive inactive epochs are needed to trigger an INACTIVITY slash on a validator
-- `slashPrunePenalty`: Penalty for VALID_EPOCH_PRUNED
 - `slashDataWithholdingPenalty`: Penalty for DATA_WITHHOLDING
+- `slashDataWithholdingToleranceSlots`: Number of full L2 slots to wait after a checkpoint's slot before declaring its txs missing
 - `slashInactivityPenalty`: Penalty for INACTIVITY
 - `slashBroadcastedInvalidBlockPenalty`: Penalty for BROADCASTED_INVALID_BLOCK_PROPOSAL
+- `slashBroadcastedInvalidCheckpointProposalPenalty`: Penalty for BROADCASTED_INVALID_CHECKPOINT_PROPOSAL
 - `slashDuplicateProposalPenalty`: Penalty for DUPLICATE_PROPOSAL
 - `slashProposeInvalidAttestationsPenalty`: Penalty for PROPOSED_INSUFFICIENT_ATTESTATIONS and PROPOSED_INCORRECT_ATTESTATIONS
-- `slashAttestDescendantOfInvalidPenalty`: Penalty for ATTESTED_DESCENDANT_OF_INVALID
+- `slashProposeDescendantOfCheckpointWithInvalidAttestationsPenalty`: Penalty for PROPOSED_DESCENDANT_OF_CHECKPOINT_WITH_INVALID_ATTESTATIONS
+- `slashAttestInvalidCheckpointProposalPenalty`: Penalty for ATTESTED_TO_INVALID_CHECKPOINT_PROPOSAL
 - `slashUnknownPenalty`: Default penalty for unknown offense types
-- `slashMaxPayloadSize`: Maximum size of slash payloads (empire model)
-- `slashMinPenaltyPercentage`: Agree to slashes if they are at least this percentage of the configured penalty (empire model)
-- `slashMaxPenaltyPercentage`: Agree to slashes if they are at most this percentage of the configured penalty (empire model)
+- `slashMaxPayloadSize`: Limits the number of **unique validators** (across all committees and epochs in a round) that receive non-zero votes. When this cap is hit, the lowest-severity validator-epoch pairs are zeroed out first, so the most severe slashes are always preserved. Note that multiple offenses for the same validator in the same epoch are summed and counted as a single validator entry against this limit.
 
 Considerations:
 
@@ -202,27 +192,34 @@ Details about specific offenses in the system:
 
 Inactivity slashing is one of the most critical, since it allows purging validators that are not fulfilling their duties, which could potentially bring the chain to a halt. This slashing must be aggressive enough to balance out the rate of the entry queue, in case the queue is filled with inactive validators. Furthermore, if enough inactive validators join the system, it may become impossible to gather enough quorum to pass any governance proposal.
 
-Inactivity slashing is handled by the `Sentinel` which monitors performance of all validators slot-by-slot. With the multiple-blocks-per-slot model, block proposals and checkpoints are distinct concepts: proposers build multiple blocks per slot, but attestations are only for checkpoints. After each slot, the sentinel assigns one of the following to the proposer for the slot:
-- `checkpoint-mined` if the checkpoint was added to L1
-- `checkpoint-proposed` if the checkpoint received at least one attestation, but didn't make it to L1
-- `checkpoint-missed` if blocks were proposed but the checkpoint received no attestations
-- `blocks-missed` if no block proposals were sent for this slot at all
+Inactivity slashing is handled by the `Sentinel` (in `aztec-node/src/sentinel/`), which monitors performance of all validators slot-by-slot. With the multiple-blocks-per-slot model, block proposals and checkpoints are distinct concepts: proposers build multiple blocks per slot, but attestations are only for checkpoints. After each slot, the sentinel assigns one of the following to the proposer for the slot, in highest-confidence order:
 
-And assigns one of the following to each validator (these refer to checkpoint attestations):
-- `attestation-sent` if there was a `checkpoint-proposed` or `checkpoint-mined` and a checkpoint attestation from this validator was seen on either on L1 or on the P2P network
-- `attestation-missed` if there was a `checkpoint-proposed` or `checkpoint-mined` but no checkpoint attestation was seen
-- none if the slot was a `blocks-missed`
+- `checkpoint-mined` — a checkpoint covering this slot has landed on L1
+- `checkpoint-valid` — the local node re-executed a checkpoint proposal for this slot successfully
+- `checkpoint-invalid` — the local node re-executed a checkpoint proposal for this slot and rejected it (header / archive / out-hash mismatch, limit breach, etc.). Proposer-fault
+- `checkpoint-unvalidated` — a checkpoint proposal arrived but the local node could not validate it (missing blocks/txs, timeout). Treated as proposer-fault
+- `checkpoint-missed` — block proposals seen on P2P but no checkpoint proposal at all
+- `blocks-missed` — no block proposals seen for this slot at all
 
-Both `blocks-missed` and `checkpoint-missed` count as proposer inactivity.
+Re-execution outcomes are read from the `CheckpointReexecutionTracker`, which the validator client populates at every early-return in `validateCheckpointProposal`. The same tracker is consumed by the data-withholding watcher via `hasReexecuted(checkpointNumber, archiveRoot)`.
 
-Once an epoch is proven, the sentinel computes the _proven performance_ for the epoch for each validator. Note that we wait until the epoch is proven so we know that the data for all blocks in the epoch was available, and validators who did not attest were effectively inactive. Then, for each validator such that:
+Each non-proposer committee member is assigned one of:
+- `attestation-sent` if their checkpoint attestation was seen on L1 or on the P2P network
+- `attestation-missed` if the proposer status was `checkpoint-mined` or `checkpoint-valid` but no checkpoint attestation was seen
+- none in any other case
+
+`blocks-missed`, `checkpoint-missed`, `checkpoint-invalid`, and `checkpoint-unvalidated` all count as proposer inactivity for the slot.
+
+The sentinel evaluates an epoch once `sentinelEpochEndBufferSlots` (default 2) L2 slots have elapsed past the epoch's last slot AND the per-slot recorder has covered that last slot. Epoch evaluation does not wait for an L1 proof — it relies on local-state evidence (the re-execution tracker plus L1 checkpoint landings) — so inactive validators are slashed promptly regardless of prover availability.
+
+At end-of-epoch evaluation, for each validator such that:
 
 ```
-total_failures = count(blocks-missed) + count(checkpoint-missed) + count(attestation-missed)
+total_failures = count(blocks-missed) + count(checkpoint-missed)
+               + count(checkpoint-invalid) + count(checkpoint-unvalidated)
+               + count(attestation-missed)
 total = count(checkpoint-*) + count(blocks-*) + count(attestation-*)
-total_failures / total >= slash_inactivity_target_percentage
+total_failures / total >= slashInactivityTargetPercentage
 ```
 
-They are voted to be slashed for inactivity. Note that, if `slashInactivityConsecutiveEpochThreshold` is greater than one, we first check if the above is true for the last `threshold` times the given validator was part of a committee, and only then trigger the offense.
-
-
+they are voted to be slashed for inactivity. If `slashInactivityConsecutiveEpochThreshold` is greater than one, the above must also hold for the last `threshold` times the validator was part of a committee.

package/dest/config.d.ts

@@ -3,4 +3,4 @@ import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
 export type { SlasherConfig };
 export declare const DefaultSlasherConfig: SlasherConfig;
 export declare const slasherConfigMappings: ConfigMappingsType<SlasherConfig>;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvY29uZmlnLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxFQUFFLGtCQUFrQixFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFRbkUsT0FBTyxLQUFLLEVBQUUsYUFBYSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFJckUsWUFBWSxFQUFFLGFBQWEsRUFBRSxDQUFDO0FBRTlCLGVBQU8sTUFBTSxvQkFBb0IsRUFBRSxhQXNCbEMsQ0FBQztBQUVGLGVBQU8sTUFBTSxxQkFBcUIsRUFBRSxrQkFBa0IsQ0FBQyxhQUFhLENBb0luRSxDQUFDIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvY29uZmlnLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxFQUFFLGtCQUFrQixFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFRbkUsT0FBTyxLQUFLLEVBQUUsYUFBYSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFJckUsWUFBWSxFQUFFLGFBQWEsRUFBRSxDQUFDO0FBRTlCLGVBQU8sTUFBTSxvQkFBb0IsRUFBRSxhQTBCbEMsQ0FBQztBQUVGLGVBQU8sTUFBTSxxQkFBcUIsRUFBRSxrQkFBa0IsQ0FBQyxhQUFhLENBc0luRSxDQUFDIn0=

package/dest/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAQnE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAIrE,YAAY,EAAE,aAAa,EAAE,CAAC;AAE9B,eAAO,MAAM,oBAAoB,EAAE,aAsBlC,CAAC;AAEF,eAAO,MAAM,qBAAqB,EAAE,kBAAkB,CAAC,aAAa,CAoInE,CAAC"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAQnE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAIrE,YAAY,EAAE,aAAa,EAAE,CAAC;AAE9B,eAAO,MAAM,oBAAoB,EAAE,aA0BlC,CAAC;AAEF,eAAO,MAAM,qBAAqB,EAAE,kBAAkB,CAAC,aAAa,CAsInE,CAAC"}

package/dest/config.js

@@ -3,20 +3,20 @@ import { EthAddress } from '@aztec/foundation/eth-address';
 import { slasherDefaultEnv } from './generated/slasher-defaults.js';
 export const DefaultSlasherConfig = {
     slashOverridePayload: undefined,
-    slashMinPenaltyPercentage: slasherDefaultEnv.SLASH_MIN_PENALTY_PERCENTAGE,
-    slashMaxPenaltyPercentage: slasherDefaultEnv.SLASH_MAX_PENALTY_PERCENTAGE,
     slashValidatorsAlways: [],
     slashValidatorsNever: [],
-    slashPrunePenalty: BigInt(slasherDefaultEnv.SLASH_PRUNE_PENALTY),
     slashDataWithholdingPenalty: BigInt(slasherDefaultEnv.SLASH_DATA_WITHHOLDING_PENALTY),
+    slashDataWithholdingToleranceSlots: slasherDefaultEnv.SLASH_DATA_WITHHOLDING_TOLERANCE_SLOTS,
     slashInactivityTargetPercentage: slasherDefaultEnv.SLASH_INACTIVITY_TARGET_PERCENTAGE,
     slashInactivityConsecutiveEpochThreshold: slasherDefaultEnv.SLASH_INACTIVITY_CONSECUTIVE_EPOCH_THRESHOLD,
     slashBroadcastedInvalidBlockPenalty: BigInt(slasherDefaultEnv.SLASH_INVALID_BLOCK_PENALTY),
+    slashBroadcastedInvalidCheckpointProposalPenalty: BigInt(slasherDefaultEnv.SLASH_INVALID_CHECKPOINT_PROPOSAL_PENALTY),
     slashDuplicateProposalPenalty: BigInt(slasherDefaultEnv.SLASH_DUPLICATE_PROPOSAL_PENALTY),
     slashDuplicateAttestationPenalty: BigInt(slasherDefaultEnv.SLASH_DUPLICATE_ATTESTATION_PENALTY),
     slashInactivityPenalty: BigInt(slasherDefaultEnv.SLASH_INACTIVITY_PENALTY),
     slashProposeInvalidAttestationsPenalty: BigInt(slasherDefaultEnv.SLASH_PROPOSE_INVALID_ATTESTATIONS_PENALTY),
-    slashAttestDescendantOfInvalidPenalty: BigInt(slasherDefaultEnv.SLASH_ATTEST_DESCENDANT_OF_INVALID_PENALTY),
+    slashProposeDescendantOfCheckpointWithInvalidAttestationsPenalty: BigInt(slasherDefaultEnv.SLASH_PROPOSE_DESCENDANT_OF_CHECKPOINT_WITH_INVALID_ATTESTATIONS_PENALTY),
+    slashAttestInvalidCheckpointProposalPenalty: BigInt(slasherDefaultEnv.SLASH_ATTEST_INVALID_CHECKPOINT_PROPOSAL_PENALTY),
     slashUnknownPenalty: BigInt(slasherDefaultEnv.SLASH_UNKNOWN_PENALTY),
     slashOffenseExpirationRounds: slasherDefaultEnv.SLASH_OFFENSE_EXPIRATION_ROUNDS,
     slashMaxPayloadSize: slasherDefaultEnv.SLASH_MAX_PAYLOAD_SIZE,
@@ -28,19 +28,9 @@ export const slasherConfigMappings = {
     slashOverridePayload: {
         env: 'SLASH_OVERRIDE_PAYLOAD',
         description: 'An Ethereum address for a slash payload to vote for unconditionally.',
-        parseEnv: (val)=>val ? EthAddress.fromString(val) : undefined,
+        parseEnv: (val)=>EthAddress.fromString(val),
         defaultValue: DefaultSlasherConfig.slashOverridePayload
     },
-    slashMinPenaltyPercentage: {
-        env: 'SLASH_MIN_PENALTY_PERCENTAGE',
-        description: 'Minimum penalty percentage for slashing offenses (0.1 is 10%).',
-        ...floatConfigHelper(DefaultSlasherConfig.slashMinPenaltyPercentage)
-    },
-    slashMaxPenaltyPercentage: {
-        env: 'SLASH_MAX_PENALTY_PERCENTAGE',
-        description: 'Maximum penalty percentage for slashing offenses (2.0 is 200%).',
-        ...floatConfigHelper(DefaultSlasherConfig.slashMaxPenaltyPercentage)
-    },
     slashValidatorsAlways: {
         env: 'SLASH_VALIDATORS_ALWAYS',
         description: 'Comma-separated list of validator addresses that should always be slashed.',
@@ -53,21 +43,26 @@ export const slasherConfigMappings = {
         parseEnv: (val)=>val.split(',').map((addr)=>addr.trim()).filter((addr)=>addr.length > 0).map((addr)=>EthAddress.fromString(addr)),
         defaultValue: DefaultSlasherConfig.slashValidatorsNever
     },
-    slashPrunePenalty: {
-        env: 'SLASH_PRUNE_PENALTY',
-        description: 'Penalty amount for slashing validators of a valid pruned epoch (set to 0 to disable).',
-        ...bigintConfigHelper(DefaultSlasherConfig.slashPrunePenalty)
-    },
     slashDataWithholdingPenalty: {
         env: 'SLASH_DATA_WITHHOLDING_PENALTY',
-        description: 'Penalty amount for slashing validators for data withholding (set to 0 to disable).',
+        description: 'Penalty for data withholding (0 records offenses without slash votes).',
         ...bigintConfigHelper(DefaultSlasherConfig.slashDataWithholdingPenalty)
     },
+    slashDataWithholdingToleranceSlots: {
+        env: 'SLASH_DATA_WITHHOLDING_TOLERANCE_SLOTS',
+        description: 'Number of full L2 slots that must elapse after a checkpoint slot before declaring its txs missing and slashing its attesters for data withholding.',
+        ...numberConfigHelper(DefaultSlasherConfig.slashDataWithholdingToleranceSlots)
+    },
     slashBroadcastedInvalidBlockPenalty: {
         env: 'SLASH_INVALID_BLOCK_PENALTY',
         description: 'Penalty amount for slashing a validator for an invalid block proposed via p2p.',
         ...bigintConfigHelper(DefaultSlasherConfig.slashBroadcastedInvalidBlockPenalty)
     },
+    slashBroadcastedInvalidCheckpointProposalPenalty: {
+        env: 'SLASH_INVALID_CHECKPOINT_PROPOSAL_PENALTY',
+        description: 'Penalty amount for slashing a validator for an invalid checkpoint proposal proposed via p2p.',
+        ...bigintConfigHelper(DefaultSlasherConfig.slashBroadcastedInvalidCheckpointProposalPenalty)
+    },
     slashDuplicateProposalPenalty: {
         env: 'SLASH_DUPLICATE_PROPOSAL_PENALTY',
         description: 'Penalty amount for slashing a validator for sending duplicate proposals.',
@@ -101,22 +96,27 @@ export const slasherConfigMappings = {
     },
     slashInactivityPenalty: {
         env: 'SLASH_INACTIVITY_PENALTY',
-        description: 'Penalty amount for slashing an inactive validator (set to 0 to disable).',
+        description: 'Penalty for an inactive validator (0 records offenses without slash votes).',
         ...bigintConfigHelper(DefaultSlasherConfig.slashInactivityPenalty)
     },
     slashProposeInvalidAttestationsPenalty: {
         env: 'SLASH_PROPOSE_INVALID_ATTESTATIONS_PENALTY',
-        description: 'Penalty amount for slashing a proposer that proposed invalid attestations (set to 0 to disable).',
+        description: 'Penalty for proposing invalid attestations (0 records offenses without slash votes).',
         ...bigintConfigHelper(DefaultSlasherConfig.slashProposeInvalidAttestationsPenalty)
     },
-    slashAttestDescendantOfInvalidPenalty: {
-        env: 'SLASH_ATTEST_DESCENDANT_OF_INVALID_PENALTY',
-        description: 'Penalty amount for slashing a validator that attested to a descendant of an invalid block (set to 0 to disable).',
-        ...bigintConfigHelper(DefaultSlasherConfig.slashAttestDescendantOfInvalidPenalty)
+    slashProposeDescendantOfCheckpointWithInvalidAttestationsPenalty: {
+        env: 'SLASH_PROPOSE_DESCENDANT_OF_CHECKPOINT_WITH_INVALID_ATTESTATIONS_PENALTY',
+        description: 'Penalty for publishing a checkpoint building on an invalid checkpoint (0 records offenses without slash votes).',
+        ...bigintConfigHelper(DefaultSlasherConfig.slashProposeDescendantOfCheckpointWithInvalidAttestationsPenalty)
+    },
+    slashAttestInvalidCheckpointProposalPenalty: {
+        env: 'SLASH_ATTEST_INVALID_CHECKPOINT_PROPOSAL_PENALTY',
+        description: 'Penalty for attesting to an invalid checkpoint proposal (0 records offenses without slash votes).',
+        ...bigintConfigHelper(DefaultSlasherConfig.slashAttestInvalidCheckpointProposalPenalty)
     },
     slashUnknownPenalty: {
         env: 'SLASH_UNKNOWN_PENALTY',
-        description: 'Penalty amount for slashing a validator for an unknown offense (set to 0 to disable).',
+        description: 'Penalty for an unknown offense (0 records offenses without slash votes).',
         ...bigintConfigHelper(DefaultSlasherConfig.slashUnknownPenalty)
     },
     slashOffenseExpirationRounds: {
@@ -130,7 +130,7 @@ export const slasherConfigMappings = {
         ...numberConfigHelper(DefaultSlasherConfig.slashMaxPayloadSize)
     },
     slashGracePeriodL2Slots: {
-        description: 'Number of L2 slots to wait before considering a slashing offense expired.',
+        description: 'Number of L2 slots after the network upgrade during which slashing offenses are ignored. The upgrade time is determined from the CanonicalRollupUpdated event.',
         env: 'SLASH_GRACE_PERIOD_L2_SLOTS',
         ...numberConfigHelper(DefaultSlasherConfig.slashGracePeriodL2Slots)
     },

package/dest/factory/create_facade.d.ts

@@ -3,14 +3,14 @@ import type { L1ReaderConfig } from '@aztec/ethereum/l1-reader';
 import type { ViemClient } from '@aztec/ethereum/types';
 import { EthAddress } from '@aztec/foundation/eth-address';
 import { DateProvider } from '@aztec/foundation/timer';
-import type { DataStoreConfig } from '@aztec/kv-store/config';
 import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import type { DataStoreConfig } from '@aztec/stdlib/kv-store';
 import type { SlasherClientInterface } from '../slasher_client_interface.js';
 import type { Watcher } from '../watcher.js';
 /** Creates a slasher client facade that updates itself whenever the rollup slasher changes */
 export declare function createSlasherFacade(config: SlasherConfig & DataStoreConfig & {
     ethereumSlotDuration: number;
-}, l1Contracts: Pick<L1ReaderConfig['l1Contracts'], 'rollupAddress' | 'slashFactoryAddress'>, l1Client: ViemClient, watchers: Watcher[], dateProvider: DateProvider, epochCache: EpochCache, 
+}, l1Contracts: Pick<L1ReaderConfig, 'rollupAddress' | 'registryAddress'>, l1Client: ViemClient, watchers: Watcher[], dateProvider: DateProvider, epochCache: EpochCache, 
 /** List of own validator addresses to add to the slashValidatorNever list unless slashSelfAllowed is true */
 validatorAddresses?: EthAddress[], logger?: import("@aztec/foundation/log").Logger): Promise<SlasherClientInterface>;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JlYXRlX2ZhY2FkZS5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2ZhY3RvcnkvY3JlYXRlX2ZhY2FkZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFFaEQsT0FBTyxLQUFLLEVBQUUsY0FBYyxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDaEUsT0FBTyxLQUFLLEVBQUUsVUFBVSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFFeEQsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBRTNELE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUN2RCxPQUFPLEtBQUssRUFBRSxlQUFlLEVBQUUsTUFBTSx3QkFBd0IsQ0FBQztBQUU5RCxPQUFPLEtBQUssRUFBRSxhQUFhLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUdyRSxPQUFPLEtBQUssRUFBRSxzQkFBc0IsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBRTdFLE9BQU8sS0FBSyxFQUFFLE9BQU8sRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUU3Qyw4RkFBOEY7QUFDOUYsd0JBQXNCLG1CQUFtQixDQUN2QyxNQUFNLEVBQUUsYUFBYSxHQUFHLGVBQWUsR0FBRztJQUFFLG9CQUFvQixFQUFFLE1BQU0sQ0FBQTtDQUFFLEVBQzFFLFdBQVcsRUFBRSxJQUFJLENBQUMsY0FBYyxDQUFDLGFBQWEsQ0FBQyxFQUFFLGVBQWUsR0FBRyxxQkFBcUIsQ0FBQyxFQUN6RixRQUFRLEVBQUUsVUFBVSxFQUNwQixRQUFRLEVBQUUsT0FBTyxFQUFFLEVBQ25CLFlBQVksRUFBRSxZQUFZLEVBQzFCLFVBQVUsRUFBRSxVQUFVO0FBQ3RCLDZHQUE2RztBQUM3RyxrQkFBa0IsR0FBRSxVQUFVLEVBQU8sRUFDckMsTUFBTSx5Q0FBMEIsR0FDL0IsT0FBTyxDQUFDLHNCQUFzQixDQUFDLENBd0JqQyJ9
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JlYXRlX2ZhY2FkZS5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2ZhY3RvcnkvY3JlYXRlX2ZhY2FkZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFFaEQsT0FBTyxLQUFLLEVBQUUsY0FBYyxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDaEUsT0FBTyxLQUFLLEVBQUUsVUFBVSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFHeEQsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBRTNELE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUd2RCxPQUFPLEtBQUssRUFBRSxhQUFhLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUNyRSxPQUFPLEtBQUssRUFBRSxlQUFlLEVBQUUsTUFBTSx3QkFBd0IsQ0FBQztBQUc5RCxPQUFPLEtBQUssRUFBRSxzQkFBc0IsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBRTdFLE9BQU8sS0FBSyxFQUFFLE9BQU8sRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUU3Qyw4RkFBOEY7QUFDOUYsd0JBQXNCLG1CQUFtQixDQUN2QyxNQUFNLEVBQUUsYUFBYSxHQUFHLGVBQWUsR0FBRztJQUFFLG9CQUFvQixFQUFFLE1BQU0sQ0FBQTtDQUFFLEVBQzFFLFdBQVcsRUFBRSxJQUFJLENBQUMsY0FBYyxFQUFFLGVBQWUsR0FBRyxpQkFBaUIsQ0FBQyxFQUN0RSxRQUFRLEVBQUUsVUFBVSxFQUNwQixRQUFRLEVBQUUsT0FBTyxFQUFFLEVBQ25CLFlBQVksRUFBRSxZQUFZLEVBQzFCLFVBQVUsRUFBRSxVQUFVO0FBQ3RCLDZHQUE2RztBQUM3RyxrQkFBa0IsR0FBRSxVQUFVLEVBQU8sRUFDckMsTUFBTSx5Q0FBMEIsR0FDL0IsT0FBTyxDQUFDLHNCQUFzQixDQUFDLENBa0RqQyJ9

package/dest/factory/create_facade.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create_facade.d.ts","sourceRoot":"","sources":["../../src/factory/create_facade.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEhD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAExD,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAE9D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AAE7E,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAE7C,8FAA8F;AAC9F,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,aAAa,GAAG,eAAe,GAAG;IAAE,oBAAoB,EAAE,MAAM,CAAA;CAAE,EAC1E,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,eAAe,GAAG,qBAAqB,CAAC,EACzF,QAAQ,EAAE,UAAU,EACpB,QAAQ,EAAE,OAAO,EAAE,EACnB,YAAY,EAAE,YAAY,EAC1B,UAAU,EAAE,UAAU;AACtB,6GAA6G;AAC7G,kBAAkB,GAAE,UAAU,EAAO,EACrC,MAAM,yCAA0B,GAC/B,OAAO,CAAC,sBAAsB,CAAC,CAwBjC"}
+{"version":3,"file":"create_facade.d.ts","sourceRoot":"","sources":["../../src/factory/create_facade.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEhD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGxD,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAGvD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAG9D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AAE7E,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAE7C,8FAA8F;AAC9F,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,aAAa,GAAG,eAAe,GAAG;IAAE,oBAAoB,EAAE,MAAM,CAAA;CAAE,EAC1E,WAAW,EAAE,IAAI,CAAC,cAAc,EAAE,eAAe,GAAG,iBAAiB,CAAC,EACtE,QAAQ,EAAE,UAAU,EACpB,QAAQ,EAAE,OAAO,EAAE,EACnB,YAAY,EAAE,YAAY,EAC1B,UAAU,EAAE,UAAU;AACtB,6GAA6G;AAC7G,kBAAkB,GAAE,UAAU,EAAO,EACrC,MAAM,yCAA0B,GAC/B,OAAO,CAAC,sBAAsB,CAAC,CAkDjC"}

package/dest/factory/create_facade.js

@@ -1,8 +1,10 @@
-import { RollupContract } from '@aztec/ethereum/contracts';
+import { RegistryContract, RollupContract } from '@aztec/ethereum/contracts';
+import { SlotNumber } from '@aztec/foundation/branded-types';
 import { unique } from '@aztec/foundation/collection';
 import { EthAddress } from '@aztec/foundation/eth-address';
 import { createLogger } from '@aztec/foundation/log';
 import { createStore } from '@aztec/kv-store/lmdb-v2';
+import { getSlotAtTimestamp } from '@aztec/stdlib/epoch-helpers';
 import { SlasherClientFacade } from '../slasher_client_facade.js';
 import { SCHEMA_VERSION } from '../stores/schema_version.js';
 /** Creates a slasher client facade that updates itself whenever the rollup slasher changes */ export async function createSlasherFacade(config, l1Contracts, l1Client, watchers, dateProvider, epochCache, /** List of own validator addresses to add to the slashValidatorNever list unless slashSelfAllowed is true */ validatorAddresses = [], logger = createLogger('slasher')) {
@@ -11,6 +13,27 @@ import { SCHEMA_VERSION } from '../stores/schema_version.js';
     }
     const kvStore = await createStore('slasher', SCHEMA_VERSION, config, logger.getBindings());
     const rollup = new RollupContract(l1Client, l1Contracts.rollupAddress);
+    // Compute and cache the L2 slot at which the rollup was registered as canonical
+    const settingsMap = kvStore.openMap('slasher-settings');
+    const cacheKey = `registeredSlot:${l1Contracts.rollupAddress}`;
+    let rollupRegisteredAtL2Slot = await settingsMap.getAsync(cacheKey);
+    if (rollupRegisteredAtL2Slot === undefined) {
+        const registry = new RegistryContract(l1Client, l1Contracts.registryAddress);
+        const l1StartBlock = await rollup.getL1StartBlock();
+        const registrationTimestamp = await registry.getCanonicalRollupRegistrationTimestamp(l1Contracts.rollupAddress, l1StartBlock);
+        if (registrationTimestamp !== undefined) {
+            const l1GenesisTime = await rollup.getL1GenesisTime();
+            const slotDuration = await rollup.getSlotDuration();
+            rollupRegisteredAtL2Slot = getSlotAtTimestamp(registrationTimestamp, {
+                l1GenesisTime,
+                slotDuration: Number(slotDuration)
+            });
+        } else {
+            rollupRegisteredAtL2Slot = SlotNumber(0);
+        }
+        await settingsMap.set(cacheKey, rollupRegisteredAtL2Slot);
+        logger.info(`Canonical rollup registered at L2 slot ${rollupRegisteredAtL2Slot}`);
+    }
     const slashValidatorsNever = config.slashSelfAllowed ? config.slashValidatorsNever : unique([
         ...config.slashValidatorsNever,
         ...validatorAddresses
@@ -19,5 +42,5 @@ import { SCHEMA_VERSION } from '../stores/schema_version.js';
         ...config,
         slashValidatorsNever
     };
-    return new SlasherClientFacade(updatedConfig, rollup, l1Client, l1Contracts.slashFactoryAddress, watchers, epochCache, dateProvider, kvStore, logger);
+    return new SlasherClientFacade(updatedConfig, rollup, l1Client, watchers, epochCache, dateProvider, kvStore, rollupRegisteredAtL2Slot, logger);
 }

package/dest/factory/create_implementation.d.ts

@@ -1,17 +1,16 @@
 import { EpochCache } from '@aztec/epoch-cache';
 import { RollupContract } from '@aztec/ethereum/contracts';
 import type { ViemClient } from '@aztec/ethereum/types';
-import { EthAddress } from '@aztec/foundation/eth-address';
+import type { SlotNumber } from '@aztec/foundation/branded-types';
 import { DateProvider } from '@aztec/foundation/timer';
-import type { DataStoreConfig } from '@aztec/kv-store/config';
 import { AztecLMDBStoreV2 } from '@aztec/kv-store/lmdb-v2';
 import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
-import { EmpireSlasherClient } from '../empire_slasher_client.js';
+import type { DataStoreConfig } from '@aztec/stdlib/kv-store';
 import { NullSlasherClient } from '../null_slasher_client.js';
-import { TallySlasherClient } from '../tally_slasher_client.js';
+import { SlasherClient } from '../slasher_client.js';
 import type { Watcher } from '../watcher.js';
-/** Creates a slasher client implementation (either tally or empire) based on the slasher proposer type in the rollup */
+/** Creates a slasher client implementation based on the slasher proposer type in the rollup */
 export declare function createSlasherImplementation(config: SlasherConfig & DataStoreConfig & {
     ethereumSlotDuration: number;
-}, rollup: RollupContract, l1Client: ViemClient, slashFactoryAddress: EthAddress | undefined, watchers: Watcher[], epochCache: EpochCache, dateProvider: DateProvider, kvStore: AztecLMDBStoreV2, logger?: import("@aztec/foundation/log").Logger): Promise<EmpireSlasherClient | NullSlasherClient | TallySlasherClient>;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JlYXRlX2ltcGxlbWVudGF0aW9uLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZmFjdG9yeS9jcmVhdGVfaW1wbGVtZW50YXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBQ2hELE9BQU8sRUFFTCxjQUFjLEVBRWYsTUFBTSwyQkFBMkIsQ0FBQztBQUNuQyxPQUFPLEtBQUssRUFBRSxVQUFVLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUN4RCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFFM0QsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQ3ZELE9BQU8sS0FBSyxFQUFFLGVBQWUsRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBQzlELE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELE9BQU8sS0FBSyxFQUFFLGFBQWEsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBR3JFLE9BQU8sRUFBRSxtQkFBbUIsRUFBOEIsTUFBTSw2QkFBNkIsQ0FBQztBQUM5RixPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSwyQkFBMkIsQ0FBQztBQUc5RCxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSw0QkFBNEIsQ0FBQztBQUNoRSxPQUFPLEtBQUssRUFBRSxPQUFPLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFHN0Msd0hBQXdIO0FBQ3hILHdCQUFzQiwyQkFBMkIsQ0FDL0MsTUFBTSxFQUFFLGFBQWEsR0FBRyxlQUFlLEdBQUc7SUFBRSxvQkFBb0IsRUFBRSxNQUFNLENBQUE7Q0FBRSxFQUMxRSxNQUFNLEVBQUUsY0FBYyxFQUN0QixRQUFRLEVBQUUsVUFBVSxFQUNwQixtQkFBbUIsRUFBRSxVQUFVLEdBQUcsU0FBUyxFQUMzQyxRQUFRLEVBQUUsT0FBTyxFQUFFLEVBQ25CLFVBQVUsRUFBRSxVQUFVLEVBQ3RCLFlBQVksRUFBRSxZQUFZLEVBQzFCLE9BQU8sRUFBRSxnQkFBZ0IsRUFDekIsTUFBTSx5Q0FBMEIseUVBY2pDIn0=
+}, rollup: RollupContract, l1Client: ViemClient, watchers: Watcher[], epochCache: EpochCache, dateProvider: DateProvider, kvStore: AztecLMDBStoreV2, rollupRegisteredAtL2Slot: SlotNumber, logger?: import("@aztec/foundation/log").Logger): Promise<NullSlasherClient | SlasherClient>;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JlYXRlX2ltcGxlbWVudGF0aW9uLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZmFjdG9yeS9jcmVhdGVfaW1wbGVtZW50YXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBQ2hELE9BQU8sRUFBRSxjQUFjLEVBQTRCLE1BQU0sMkJBQTJCLENBQUM7QUFDckYsT0FBTyxLQUFLLEVBQUUsVUFBVSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDeEQsT0FBTyxLQUFLLEVBQUUsVUFBVSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFFbEUsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQ3ZELE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELE9BQU8sS0FBSyxFQUFFLGFBQWEsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBQ3JFLE9BQU8sS0FBSyxFQUFFLGVBQWUsRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBRTlELE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQzlELE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUVyRCxPQUFPLEtBQUssRUFBRSxPQUFPLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFHN0MsK0ZBQStGO0FBQy9GLHdCQUFzQiwyQkFBMkIsQ0FDL0MsTUFBTSxFQUFFLGFBQWEsR0FBRyxlQUFlLEdBQUc7SUFBRSxvQkFBb0IsRUFBRSxNQUFNLENBQUE7Q0FBRSxFQUMxRSxNQUFNLEVBQUUsY0FBYyxFQUN0QixRQUFRLEVBQUUsVUFBVSxFQUNwQixRQUFRLEVBQUUsT0FBTyxFQUFFLEVBQ25CLFVBQVUsRUFBRSxVQUFVLEVBQ3RCLFlBQVksRUFBRSxZQUFZLEVBQzFCLE9BQU8sRUFBRSxnQkFBZ0IsRUFDekIsd0JBQXdCLEVBQUUsVUFBVSxFQUNwQyxNQUFNLHlDQUEwQiw4Q0FrQmpDIn0=

package/dest/factory/create_implementation.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create_implementation.d.ts","sourceRoot":"","sources":["../../src/factory/create_implementation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAEL,cAAc,EAEf,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAGrE,OAAO,EAAE,mBAAmB,EAA8B,MAAM,6BAA6B,CAAC;AAC9F,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAG9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAG7C,wHAAwH;AACxH,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,aAAa,GAAG,eAAe,GAAG;IAAE,oBAAoB,EAAE,MAAM,CAAA;CAAE,EAC1E,MAAM,EAAE,cAAc,EACtB,QAAQ,EAAE,UAAU,EACpB,mBAAmB,EAAE,UAAU,GAAG,SAAS,EAC3C,QAAQ,EAAE,OAAO,EAAE,EACnB,UAAU,EAAE,UAAU,EACtB,YAAY,EAAE,YAAY,EAC1B,OAAO,EAAE,gBAAgB,EACzB,MAAM,yCAA0B,yEAcjC"}
+{"version":3,"file":"create_implementation.d.ts","sourceRoot":"","sources":["../../src/factory/create_implementation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,cAAc,EAA4B,MAAM,2BAA2B,CAAC;AACrF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAElE,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAE9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAG7C,+FAA+F;AAC/F,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,aAAa,GAAG,eAAe,GAAG;IAAE,oBAAoB,EAAE,MAAM,CAAA;CAAE,EAC1E,MAAM,EAAE,cAAc,EACtB,QAAQ,EAAE,UAAU,EACpB,QAAQ,EAAE,OAAO,EAAE,EACnB,UAAU,EAAE,UAAU,EACtB,YAAY,EAAE,YAAY,EAC1B,OAAO,EAAE,gBAAgB,EACzB,wBAAwB,EAAE,UAAU,EACpC,MAAM,yCAA0B,8CAkBjC"}

package/dest/factory/create_implementation.js

@@ -1,73 +1,25 @@
-import { EthAddress } from '@aztec/foundation/eth-address';
 import { createLogger } from '@aztec/foundation/log';
-import { SlashFactoryContract } from '@aztec/stdlib/l1-contracts';
-import { EmpireSlasherClient } from '../empire_slasher_client.js';
 import { NullSlasherClient } from '../null_slasher_client.js';
+import { SlasherClient } from '../slasher_client.js';
 import { SlasherOffensesStore } from '../stores/offenses_store.js';
-import { SlasherPayloadsStore } from '../stores/payloads_store.js';
-import { TallySlasherClient } from '../tally_slasher_client.js';
-import { getTallySlasherSettings } from './get_settings.js';
-/** Creates a slasher client implementation (either tally or empire) based on the slasher proposer type in the rollup */ export async function createSlasherImplementation(config, rollup, l1Client, slashFactoryAddress, watchers, epochCache, dateProvider, kvStore, logger = createLogger('slasher')) {
+import { getSlasherSettings } from './get_settings.js';
+/** Creates a slasher client implementation based on the slasher proposer type in the rollup */ export async function createSlasherImplementation(config, rollup, l1Client, watchers, epochCache, dateProvider, kvStore, rollupRegisteredAtL2Slot, logger = createLogger('slasher')) {
     const proposer = await rollup.getSlashingProposer();
     if (!proposer) {
         return new NullSlasherClient(config);
-    } else if (proposer.type === 'tally') {
-        return createTallySlasher(config, rollup, proposer, watchers, dateProvider, epochCache, kvStore, logger);
     } else {
-        if (!slashFactoryAddress || slashFactoryAddress.equals(EthAddress.ZERO)) {
-            throw new Error('Cannot initialize an empire-based SlasherClient without a SlashFactory address');
-        }
-        const slashFactory = new SlashFactoryContract(l1Client, slashFactoryAddress.toString());
-        return createEmpireSlasher(config, rollup, proposer, slashFactory, watchers, dateProvider, kvStore, logger);
+        return createSlasher(config, rollup, proposer, watchers, dateProvider, epochCache, kvStore, rollupRegisteredAtL2Slot, logger);
     }
 }
-async function createEmpireSlasher(config, rollup, slashingProposer, slashFactoryContract, watchers, dateProvider, kvStore, logger = createLogger('slasher')) {
-    if (slashingProposer.type !== 'empire') {
-        throw new Error('Slashing proposer contract is not of type Empire');
-    }
-    const [slashingExecutionDelayInRounds, slashingPayloadLifetimeInRounds, slashingRoundSize, slashingQuorumSize, epochDuration, proofSubmissionEpochs, l1GenesisTime, slotDuration, l1StartBlock, slasher] = await Promise.all([
-        slashingProposer.getExecutionDelayInRounds(),
-        slashingProposer.getLifetimeInRounds(),
-        slashingProposer.getRoundSize(),
-        slashingProposer.getQuorumSize(),
-        rollup.getEpochDuration(),
-        rollup.getProofSubmissionEpochs(),
-        rollup.getL1GenesisTime(),
-        rollup.getSlotDuration(),
-        rollup.getL1StartBlock(),
-        rollup.getSlasherContract()
-    ]);
+async function createSlasher(config, rollup, slashingProposer, watchers, dateProvider, epochCache, kvStore, rollupRegisteredAtL2Slot, logger = createLogger('slasher')) {
     const settings = {
-        slashingExecutionDelayInRounds: Number(slashingExecutionDelayInRounds),
-        slashingPayloadLifetimeInRounds: Number(slashingPayloadLifetimeInRounds),
-        slashingRoundSize: Number(slashingRoundSize),
-        slashingQuorumSize: Number(slashingQuorumSize),
-        epochDuration: Number(epochDuration),
-        proofSubmissionEpochs: Number(proofSubmissionEpochs),
-        l1GenesisTime: l1GenesisTime,
-        slotDuration: Number(slotDuration),
-        l1StartBlock,
-        ethereumSlotDuration: config.ethereumSlotDuration,
-        slashingAmounts: undefined
+        ...await getSlasherSettings(rollup, slashingProposer),
+        rollupRegisteredAtL2Slot
     };
-    const payloadsStore = new SlasherPayloadsStore(kvStore, {
-        slashingPayloadLifetimeInRounds: settings.slashingPayloadLifetimeInRounds
-    });
-    const offensesStore = new SlasherOffensesStore(kvStore, {
-        ...settings,
-        slashOffenseExpirationRounds: config.slashOffenseExpirationRounds
-    });
-    return new EmpireSlasherClient(config, settings, slashFactoryContract, slashingProposer, slasher, rollup, watchers, dateProvider, offensesStore, payloadsStore, logger);
-}
-async function createTallySlasher(config, rollup, slashingProposer, watchers, dateProvider, epochCache, kvStore, logger = createLogger('slasher')) {
-    if (slashingProposer.type !== 'tally') {
-        throw new Error('Slashing proposer contract is not of type tally');
-    }
-    const settings = await getTallySlasherSettings(rollup, slashingProposer);
     const slasher = await rollup.getSlasherContract();
     const offensesStore = new SlasherOffensesStore(kvStore, {
         ...settings,
         slashOffenseExpirationRounds: config.slashOffenseExpirationRounds
     });
-    return new TallySlasherClient(config, settings, slashingProposer, slasher, rollup, watchers, epochCache, dateProvider, offensesStore, logger);
+    return new SlasherClient(config, settings, slashingProposer, slasher, rollup, watchers, epochCache, dateProvider, offensesStore, logger);
 }

package/dest/factory/get_settings.d.ts

@@ -1,4 +1,4 @@
-import type { RollupContract, TallySlashingProposerContract } from '@aztec/ethereum/contracts';
-import type { TallySlasherSettings } from '../tally_slasher_client.js';
-export declare function getTallySlasherSettings(rollup: RollupContract, slashingProposer?: TallySlashingProposerContract): Promise<TallySlasherSettings>;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ2V0X3NldHRpbmdzLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZmFjdG9yeS9nZXRfc2V0dGluZ3MudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsY0FBYyxFQUFFLDZCQUE2QixFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFFL0YsT0FBTyxLQUFLLEVBQUUsb0JBQW9CLEVBQUUsTUFBTSw0QkFBNEIsQ0FBQztBQUV2RSx3QkFBc0IsdUJBQXVCLENBQzNDLE1BQU0sRUFBRSxjQUFjLEVBQ3RCLGdCQUFnQixDQUFDLEVBQUUsNkJBQTZCLEdBQy9DLE9BQU8sQ0FBQyxvQkFBb0IsQ0FBQyxDQWtEL0IifQ==
+import type { RollupContract, SlashingProposerContract } from '@aztec/ethereum/contracts';
+import type { SlasherSettings } from '../slasher_client.js';
+export declare function getSlasherSettings(rollup: RollupContract, slashingProposer?: SlashingProposerContract): Promise<Omit<SlasherSettings, 'rollupRegisteredAtL2Slot'>>;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ2V0X3NldHRpbmdzLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZmFjdG9yeS9nZXRfc2V0dGluZ3MudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsY0FBYyxFQUFFLHdCQUF3QixFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFFMUYsT0FBTyxLQUFLLEVBQUUsZUFBZSxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFFNUQsd0JBQXNCLGtCQUFrQixDQUN0QyxNQUFNLEVBQUUsY0FBYyxFQUN0QixnQkFBZ0IsQ0FBQyxFQUFFLHdCQUF3QixHQUMxQyxPQUFPLENBQUMsSUFBSSxDQUFDLGVBQWUsRUFBRSwwQkFBMEIsQ0FBQyxDQUFDLENBa0Q1RCJ9