@aztec/slasher 0.0.1-commit.e558bd1c → 0.0.1-commit.e57c76e

package/dest/watchers/broadcasted_invalid_checkpoint_proposal_watcher.js

@@ -0,0 +1,138 @@
+import { SlotNumber } from '@aztec/foundation/branded-types';
+import { merge, pick } from '@aztec/foundation/collection';
+import { FifoSet } from '@aztec/foundation/fifo-set';
+import { createLogger } from '@aztec/foundation/log';
+import { RunningPromise } from '@aztec/foundation/running-promise';
+import { OffenseType, getOffenseTypeName } from '@aztec/stdlib/slashing';
+import EventEmitter from 'node:events';
+import { WANT_TO_SLASH_EVENT } from '../watcher.js';
+const BroadcastedInvalidCheckpointProposalWatcherConfigKeys = [
+    'slashBroadcastedInvalidCheckpointProposalPenalty'
+];
+const SCAN_SLOT_LAG = 1;
+const DEFAULT_SCAN_SLOT_LOOKBACK = 4;
+/** Detects truncated-checkpoint proposal offenses from retained signed P2P proposals. */ export class BroadcastedInvalidCheckpointProposalWatcher extends EventEmitter {
+    p2pClient;
+    l2BlockSource;
+    epochCache;
+    log;
+    runningPromise;
+    emittedOffenses;
+    scanSlotLookback;
+    config;
+    lastScannedSlot;
+    constructor(p2pClient, l2BlockSource, epochCache, config, scanSlotLookback = DEFAULT_SCAN_SLOT_LOOKBACK){
+        super(), this.p2pClient = p2pClient, this.l2BlockSource = l2BlockSource, this.epochCache = epochCache, this.log = createLogger('broadcasted-invalid-checkpoint-proposal-watcher');
+        const constants = epochCache.getL1Constants();
+        this.config = pick(config, ...BroadcastedInvalidCheckpointProposalWatcherConfigKeys);
+        this.scanSlotLookback = Math.max(1, scanSlotLookback);
+        // Bound emitted offenses to the number of slots we rescan. This watcher currently tracks one offense type,
+        // and at most one offense of that type can be emitted per slot.
+        const offenseTypes = 1;
+        this.emittedOffenses = FifoSet.withLimit(offenseTypes * this.scanSlotLookback);
+        const intervalMs = Math.max(1000, constants.ethereumSlotDuration * 1000 / 4);
+        this.runningPromise = new RunningPromise(()=>this.scan(), this.log, intervalMs);
+        this.log.info('BroadcastedInvalidCheckpointProposalWatcher initialized', {
+            scanSlotLookback: this.scanSlotLookback
+        });
+    }
+    updateConfig(config) {
+        this.config = merge(this.config, pick(config, ...BroadcastedInvalidCheckpointProposalWatcherConfigKeys));
+        this.log.verbose('BroadcastedInvalidCheckpointProposalWatcher config updated', this.config);
+    }
+    start() {
+        this.runningPromise.start();
+        return Promise.resolve();
+    }
+    stop() {
+        return this.runningPromise.stop();
+    }
+    /**
+   * Scans newly closed slots, plus a small lookback for late-arriving proposals. Anchors
+   * `currentSlot` at the archiver's last synced L2 slot.
+   */ async scan() {
+        const currentSlot = await this.l2BlockSource.getSyncedL2SlotNumber() ?? this.epochCache.getSlotNow();
+        if (currentSlot <= SlotNumber(SCAN_SLOT_LAG)) {
+            return;
+        }
+        const newestSlotToConsider = SlotNumber(currentSlot - 1 - SCAN_SLOT_LAG);
+        const oldestLookbackSlot = SlotNumber(Math.max(0, newestSlotToConsider - this.scanSlotLookback + 1));
+        const oldestUnscannedSlot = this.lastScannedSlot === undefined ? oldestLookbackSlot : SlotNumber(this.lastScannedSlot + 1);
+        const oldestSlot = SlotNumber(Math.min(oldestLookbackSlot, oldestUnscannedSlot));
+        for(let slot = oldestSlot; slot <= newestSlotToConsider; slot++){
+            await this.scanSlot(SlotNumber(slot));
+        }
+        this.lastScannedSlot = newestSlotToConsider;
+    }
+    /** Scans a single slot. Public for tests. */ async scanSlot(slot) {
+        const proposals = await this.p2pClient.getProposalsForSlot(slot);
+        const slashArgs = this.getSlashArgsForProposals(slot, proposals).filter((args)=>this.markAsNewOffense(args));
+        if (slashArgs.length === 0) {
+            return;
+        }
+        this.log.info(`Detected broadcasted invalid checkpoint proposal offense`, {
+            slot,
+            offenses: slashArgs.map((args)=>({
+                    validator: args.validator.toString(),
+                    amount: args.amount,
+                    offenseType: getOffenseTypeName(args.offenseType),
+                    epochOrSlot: args.epochOrSlot
+                }))
+        });
+        this.emit(WANT_TO_SLASH_EVENT, slashArgs);
+    }
+    getSlashArgsForProposals(slot, proposals) {
+        const offenders = this.findOffenders(proposals.blockProposals, proposals.checkpointProposals);
+        // we expect one proposer per slot today.
+        return [
+            ...offenders.values()
+        ].map((validator)=>({
+                validator,
+                amount: this.config.slashBroadcastedInvalidCheckpointProposalPenalty,
+                offenseType: OffenseType.BROADCASTED_INVALID_CHECKPOINT_PROPOSAL,
+                epochOrSlot: BigInt(slot)
+            }));
+    }
+    findOffenders(blockProposals, checkpointProposals) {
+        const blocksBySigner = this.getSignedBlocksBySigner(blockProposals);
+        const offenders = new Map();
+        for (const checkpoint of checkpointProposals){
+            const checkpointSigner = checkpoint.getSender();
+            if (!checkpointSigner) {
+                continue;
+            }
+            const signerKey = checkpointSigner.toString();
+            const signerBlocks = blocksBySigner.get(signerKey) ?? [];
+            const terminalBlocks = signerBlocks.filter(({ proposal })=>proposal.slotNumber === checkpoint.slotNumber && proposal.archive.equals(checkpoint.archive));
+            if (terminalBlocks.length === 0) {
+                continue;
+            }
+            const hasTruncatedHigherBlock = terminalBlocks.some((terminalBlock)=>signerBlocks.some(({ proposal })=>proposal.slotNumber === checkpoint.slotNumber && proposal.indexWithinCheckpoint > terminalBlock.proposal.indexWithinCheckpoint));
+            if (hasTruncatedHigherBlock) {
+                offenders.set(signerKey, checkpointSigner);
+            }
+        }
+        return offenders;
+    }
+    getSignedBlocksBySigner(blockProposals) {
+        const blocksBySigner = new Map();
+        for (const proposal of blockProposals){
+            const signer = proposal.getSender();
+            if (!signer) {
+                continue;
+            }
+            const signerKey = signer.toString();
+            const signerBlocks = blocksBySigner.get(signerKey) ?? [];
+            signerBlocks.push({
+                proposal,
+                signer
+            });
+            blocksBySigner.set(signerKey, signerBlocks);
+        }
+        return blocksBySigner;
+    }
+    markAsNewOffense(args) {
+        const key = `${args.validator.toString()}-${args.offenseType}-${args.epochOrSlot}`;
+        return this.emittedOffenses.addIfAbsent(key);
+    }
+}

package/dest/watchers/checkpoint_equivocation_watcher.d.ts

@@ -0,0 +1,30 @@
+import type { EpochCacheInterface } from '@aztec/epoch-cache';
+import { type CheckpointEquivocationDetectedEvent, type L2BlockSourceEventEmitter } from '@aztec/stdlib/block';
+import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import { type Watcher, type WatcherEmitter } from '../watcher.js';
+declare const CheckpointEquivocationWatcherConfigKeys: readonly ["slashDuplicateProposalPenalty"];
+type CheckpointEquivocationWatcherConfig = Pick<SlasherConfig, (typeof CheckpointEquivocationWatcherConfigKeys)[number]>;
+type EquivocationEventSource = Pick<L2BlockSourceEventEmitter, 'events'>;
+type ProposerLookup = Pick<EpochCacheInterface, 'getProposerAttesterAddressInSlot'>;
+declare const CheckpointEquivocationWatcher_base: new () => WatcherEmitter;
+/**
+ * Slashes the slot proposer for DUPLICATE_PROPOSAL when the archiver detects that a
+ * locally-stored proposed checkpoint disagrees with the L1-confirmed checkpoint at the
+ * same slot. Both are signed by the slot proposer (the proposed one by accepting it via
+ * P2P or building it locally; the L1 one by submission), so the proposer equivocated.
+ */
+export declare class CheckpointEquivocationWatcher extends CheckpointEquivocationWatcher_base implements Watcher {
+    private readonly l2BlockSource;
+    private readonly epochCache;
+    private readonly log;
+    private readonly handler;
+    private config;
+    constructor(l2BlockSource: EquivocationEventSource, epochCache: ProposerLookup, config: CheckpointEquivocationWatcherConfig);
+    updateConfig(config: Partial<CheckpointEquivocationWatcherConfig>): void;
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    /** Public for tests. */
+    onEquivocationDetected(event: CheckpointEquivocationDetectedEvent): Promise<void>;
+}
+export {};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hlY2twb2ludF9lcXVpdm9jYXRpb25fd2F0Y2hlci5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3dhdGNoZXJzL2NoZWNrcG9pbnRfZXF1aXZvY2F0aW9uX3dhdGNoZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsbUJBQW1CLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUc5RCxPQUFPLEVBQ0wsS0FBSyxtQ0FBbUMsRUFDeEMsS0FBSyx5QkFBeUIsRUFFL0IsTUFBTSxxQkFBcUIsQ0FBQztBQUM3QixPQUFPLEtBQUssRUFBRSxhQUFhLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUtyRSxPQUFPLEVBQTZDLEtBQUssT0FBTyxFQUFFLEtBQUssY0FBYyxFQUFFLE1BQU0sZUFBZSxDQUFDO0FBRTdHLFFBQUEsTUFBTSx1Q0FBdUMsNENBQTZDLENBQUM7QUFFM0YsS0FBSyxtQ0FBbUMsR0FBRyxJQUFJLENBQzdDLGFBQWEsRUFDYixDQUFDLE9BQU8sdUNBQXVDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FDekQsQ0FBQztBQUVGLEtBQUssdUJBQXVCLEdBQUcsSUFBSSxDQUFDLHlCQUF5QixFQUFFLFFBQVEsQ0FBQyxDQUFDO0FBQ3pFLEtBQUssY0FBYyxHQUFHLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxrQ0FBa0MsQ0FBQyxDQUFDOztBQUVwRjs7Ozs7R0FLRztBQUNILHFCQUFhLDZCQUE4QixTQUFRLGtDQUEyQyxZQUFXLE9BQU87SUFNNUcsT0FBTyxDQUFDLFFBQVEsQ0FBQyxhQUFhO0lBQzlCLE9BQU8sQ0FBQyxRQUFRLENBQUMsVUFBVTtJQU43QixPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBMkQ7SUFDL0UsT0FBTyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQXNEO0lBQzlFLE9BQU8sQ0FBQyxNQUFNLENBQXNDO0lBRXBELFlBQ21CLGFBQWEsRUFBRSx1QkFBdUIsRUFDdEMsVUFBVSxFQUFFLGNBQWMsRUFDM0MsTUFBTSxFQUFFLG1DQUFtQyxFQVU1QztJQUVNLFlBQVksQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLG1DQUFtQyxDQUFDLEdBQUcsSUFBSSxDQUc5RTtJQUVNLEtBQUssSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLENBRzVCO0lBRU0sSUFBSSxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FHM0I7SUFFRCx3QkFBd0I7SUFDWCxzQkFBc0IsQ0FBQyxLQUFLLEVBQUUsbUNBQW1DLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxDQTJCN0Y7Q0FDRiJ9

package/dest/watchers/checkpoint_equivocation_watcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"checkpoint_equivocation_watcher.d.ts","sourceRoot":"","sources":["../../src/watchers/checkpoint_equivocation_watcher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAG9D,OAAO,EACL,KAAK,mCAAmC,EACxC,KAAK,yBAAyB,EAE/B,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAKrE,OAAO,EAA6C,KAAK,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,eAAe,CAAC;AAE7G,QAAA,MAAM,uCAAuC,4CAA6C,CAAC;AAE3F,KAAK,mCAAmC,GAAG,IAAI,CAC7C,aAAa,EACb,CAAC,OAAO,uCAAuC,CAAC,CAAC,MAAM,CAAC,CACzD,CAAC;AAEF,KAAK,uBAAuB,GAAG,IAAI,CAAC,yBAAyB,EAAE,QAAQ,CAAC,CAAC;AACzE,KAAK,cAAc,GAAG,IAAI,CAAC,mBAAmB,EAAE,kCAAkC,CAAC,CAAC;;AAEpF;;;;;GAKG;AACH,qBAAa,6BAA8B,SAAQ,kCAA2C,YAAW,OAAO;IAM5G,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAN7B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAA2D;IAC/E,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAsD;IAC9E,OAAO,CAAC,MAAM,CAAsC;IAEpD,YACmB,aAAa,EAAE,uBAAuB,EACtC,UAAU,EAAE,cAAc,EAC3C,MAAM,EAAE,mCAAmC,EAU5C;IAEM,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,mCAAmC,CAAC,GAAG,IAAI,CAG9E;IAEM,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAG5B;IAEM,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAG3B;IAED,wBAAwB;IACX,sBAAsB,CAAC,KAAK,EAAE,mCAAmC,GAAG,OAAO,CAAC,IAAI,CAAC,CA2B7F;CACF"}

package/dest/watchers/checkpoint_equivocation_watcher.js

@@ -0,0 +1,69 @@
+import { merge, pick } from '@aztec/foundation/collection';
+import { createLogger } from '@aztec/foundation/log';
+import { L2BlockSourceEvents } from '@aztec/stdlib/block';
+import { OffenseType, getOffenseTypeName } from '@aztec/stdlib/slashing';
+import EventEmitter from 'node:events';
+import { WANT_TO_SLASH_EVENT } from '../watcher.js';
+const CheckpointEquivocationWatcherConfigKeys = [
+    'slashDuplicateProposalPenalty'
+];
+/**
+ * Slashes the slot proposer for DUPLICATE_PROPOSAL when the archiver detects that a
+ * locally-stored proposed checkpoint disagrees with the L1-confirmed checkpoint at the
+ * same slot. Both are signed by the slot proposer (the proposed one by accepting it via
+ * P2P or building it locally; the L1 one by submission), so the proposer equivocated.
+ */ export class CheckpointEquivocationWatcher extends EventEmitter {
+    l2BlockSource;
+    epochCache;
+    log;
+    handler;
+    config;
+    constructor(l2BlockSource, epochCache, config){
+        super(), this.l2BlockSource = l2BlockSource, this.epochCache = epochCache, this.log = createLogger('checkpoint-equivocation-watcher');
+        this.config = pick(config, ...CheckpointEquivocationWatcherConfigKeys);
+        this.handler = (event)=>{
+            this.onEquivocationDetected(event).catch((err)=>this.log.error('Failed to handle checkpoint equivocation event', err));
+        };
+        this.log.info('CheckpointEquivocationWatcher initialized');
+    }
+    updateConfig(config) {
+        this.config = merge(this.config, pick(config, ...CheckpointEquivocationWatcherConfigKeys));
+        this.log.verbose('CheckpointEquivocationWatcher config updated', this.config);
+    }
+    start() {
+        this.l2BlockSource.events.on(L2BlockSourceEvents.CheckpointEquivocationDetected, this.handler);
+        return Promise.resolve();
+    }
+    stop() {
+        this.l2BlockSource.events.off(L2BlockSourceEvents.CheckpointEquivocationDetected, this.handler);
+        return Promise.resolve();
+    }
+    /** Public for tests. */ async onEquivocationDetected(event) {
+        const proposer = await this.epochCache.getProposerAttesterAddressInSlot(event.slotNumber);
+        if (!proposer) {
+            this.log.warn(`Cannot attribute checkpoint equivocation: no proposer for slot ${event.slotNumber}`, {
+                slotNumber: event.slotNumber,
+                checkpointNumber: event.checkpointNumber
+            });
+            return;
+        }
+        const slashArgs = {
+            validator: proposer,
+            amount: this.config.slashDuplicateProposalPenalty,
+            offenseType: OffenseType.DUPLICATE_PROPOSAL,
+            epochOrSlot: BigInt(event.slotNumber)
+        };
+        this.log.info(`Detected checkpoint equivocation offense`, {
+            slotNumber: event.slotNumber,
+            checkpointNumber: event.checkpointNumber,
+            amount: slashArgs.amount,
+            offenseType: getOffenseTypeName(slashArgs.offenseType),
+            l1ArchiveRoot: event.l1ArchiveRoot.toString(),
+            proposedArchiveRoot: event.proposedArchiveRoot.toString(),
+            validator: proposer.toString()
+        });
+        this.emit(WANT_TO_SLASH_EVENT, [
+            slashArgs
+        ]);
+    }
+}

package/dest/watchers/data_withholding_watcher.d.ts

@@ -0,0 +1,63 @@
+import type { EpochCache } from '@aztec/epoch-cache';
+import type { EthAddress } from '@aztec/foundation/eth-address';
+import { type Logger } from '@aztec/foundation/log';
+import type { L2BlockSource } from '@aztec/stdlib/block';
+import type { CheckpointReexecutionTracker, PublishedCheckpoint } from '@aztec/stdlib/checkpoint';
+import type { ITxProvider, P2PApi, SlasherConfig } from '@aztec/stdlib/interfaces/server';
+import { type CoordinationSignatureContext } from '@aztec/stdlib/p2p';
+import { type Watcher, type WatcherEmitter } from '../watcher.js';
+declare const DataWithholdingWatcherConfigKeys: readonly ["slashDataWithholdingPenalty", "slashDataWithholdingToleranceSlots"];
+type DataWithholdingWatcherConfig = Pick<SlasherConfig, (typeof DataWithholdingWatcherConfigKeys)[number]>;
+declare const DataWithholdingWatcher_base: new () => WatcherEmitter;
+/**
+ * Detects data-withholding offenses by probing the local mempool for the txs in published
+ * checkpoints once they are old enough that an honest node should have collected them.
+ *
+ * Per AZIP-7: once `slashDataWithholdingToleranceSlots` full slots have elapsed after the
+ * checkpoint's slot — i.e. at `slotStart(checkpoint.slot + slashDataWithholdingToleranceSlots
+ * + 1)` — if any tx from the checkpoint's blocks is still missing locally, the checkpoint's
+ * attesters are considered at fault for not making the data available, and we emit a slash
+ * for them.
+ *
+ * The watcher ticks at quarter-eth-slot cadence (matching the Sentinel template). On boot it
+ * floors processing at the current slot — restart-time gaps are accepted and not back-filled,
+ * matching the Sentinel approach.
+ */
+export declare class DataWithholdingWatcher extends DataWithholdingWatcher_base implements Watcher {
+    private readonly epochCache;
+    private readonly l2BlockSource;
+    private readonly txProvider;
+    private readonly p2p;
+    private readonly reexecutionTracker;
+    private readonly signatureContext;
+    private readonly log;
+    private runningPromise;
+    private initialSlot;
+    private lastCheckedSlot;
+    private config;
+    constructor(epochCache: EpochCache, l2BlockSource: Pick<L2BlockSource, 'getCheckpoint' | 'getSyncedL2SlotNumber'>, txProvider: Pick<ITxProvider, 'hasTxs'>, p2p: Pick<P2PApi, 'getCheckpointAttestationsForSlot'>, reexecutionTracker: Pick<CheckpointReexecutionTracker, 'getTxsCollectedRecord'>, signatureContext: CoordinationSignatureContext, config: DataWithholdingWatcherConfig, log?: Logger);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    updateConfig(config: Partial<SlasherConfig>): void;
+    /**
+     * Runs every tick. Walks newly-eligible slots and probes their checkpoints for data
+     * availability; emits a DATA_WITHHOLDING slash for any checkpoint whose txs are missing.
+     */
+    work(): Promise<void>;
+    private processSlot;
+    /**
+     * Returns the union of:
+     *   1. attesters whose signatures landed in the published checkpoint on L1, and
+     *   2. attesters we observed signing the same proposal on p2p (the proposer publishes as
+     *      soon as it has hit committee quorum, so honest peer attestations that arrive after
+     *      that point are dropped — but they still vouched for the data and
+     *      should be slashed for withholding it).
+     *
+     *
+     * Exposed as protected so tests can substitute a deterministic recovery without having
+     * to construct real secp256k1 signatures.
+     */
+    protected extractAttesters(published: PublishedCheckpoint): Promise<EthAddress[]>;
+}
+export {};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGF0YV93aXRoaG9sZGluZ193YXRjaGVyLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvd2F0Y2hlcnMvZGF0YV93aXRoaG9sZGluZ193YXRjaGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxFQUFFLFVBQVUsRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBR3JELE9BQU8sS0FBSyxFQUFFLFVBQVUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBQ2hFLE9BQU8sRUFBRSxLQUFLLE1BQU0sRUFBZ0IsTUFBTSx1QkFBdUIsQ0FBQztBQUVsRSxPQUFPLEtBQUssRUFBRSxhQUFhLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUV6RCxPQUFPLEtBQUssRUFBRSw0QkFBNEIsRUFBRSxtQkFBbUIsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQ2xHLE9BQU8sS0FBSyxFQUFFLFdBQVcsRUFBRSxNQUFNLEVBQUUsYUFBYSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDMUYsT0FBTyxFQUFvQixLQUFLLDRCQUE0QixFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFNeEYsT0FBTyxFQUE2QyxLQUFLLE9BQU8sRUFBRSxLQUFLLGNBQWMsRUFBRSxNQUFNLGVBQWUsQ0FBQztBQUU3RyxRQUFBLE1BQU0sZ0NBQWdDLGdGQUFpRixDQUFDO0FBRXhILEtBQUssNEJBQTRCLEdBQUcsSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDLE9BQU8sZ0NBQWdDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDOztBQUUzRzs7Ozs7Ozs7Ozs7OztHQWFHO0FBQ0gscUJBQWEsc0JBQXVCLFNBQVEsMkJBQTJDLFlBQVcsT0FBTztJQU9yRyxPQUFPLENBQUMsUUFBUSxDQUFDLFVBQVU7SUFDM0IsT0FBTyxDQUFDLFFBQVEsQ0FBQyxhQUFhO0lBQzlCLE9BQU8sQ0FBQyxRQUFRLENBQUMsVUFBVTtJQUMzQixPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUc7SUFDcEIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxrQkFBa0I7SUFDbkMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0I7SUFFakMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHO0lBYnRCLE9BQU8sQ0FBQyxjQUFjLENBQWlCO0lBQ3ZDLE9BQU8sQ0FBQyxXQUFXLENBQXlCO0lBQzVDLE9BQU8sQ0FBQyxlQUFlLENBQXlCO0lBQ2hELE9BQU8sQ0FBQyxNQUFNLENBQStCO0lBRTdDLFlBQ21CLFVBQVUsRUFBRSxVQUFVLEVBQ3RCLGFBQWEsRUFBRSxJQUFJLENBQUMsYUFBYSxFQUFFLGVBQWUsR0FBRyx1QkFBdUIsQ0FBQyxFQUM3RSxVQUFVLEVBQUUsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsRUFDdkMsR0FBRyxFQUFFLElBQUksQ0FBQyxNQUFNLEVBQUUsa0NBQWtDLENBQUMsRUFDckQsa0JBQWtCLEVBQUUsSUFBSSxDQUFDLDRCQUE0QixFQUFFLHVCQUF1QixDQUFDLEVBQy9FLGdCQUFnQixFQUFFLDRCQUE0QixFQUMvRCxNQUFNLEVBQUUsNEJBQTRCLEVBQ25CLEdBQUcsR0FBRSxNQUFpRCxFQU94RTtJQUVZLEtBQUssSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLENBUWxDO0lBRU0sSUFBSSxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FFM0I7SUFFTSxZQUFZLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxhQUFhLENBQUMsR0FBRyxJQUFJLENBR3hEO0lBRUQ7OztPQUdHO0lBQ1UsSUFBSSxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0E4QmpDO1lBR2EsV0FBVztJQTZFekI7Ozs7Ozs7Ozs7O09BV0c7SUFDSCxVQUFnQixnQkFBZ0IsQ0FBQyxTQUFTLEVBQUUsbUJBQW1CLEdBQUcsT0FBTyxDQUFDLFVBQVUsRUFBRSxDQUFDLENBbUJ0RjtDQUNGIn0=

package/dest/watchers/data_withholding_watcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"data_withholding_watcher.d.ts","sourceRoot":"","sources":["../../src/watchers/data_withholding_watcher.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGrD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,uBAAuB,CAAC;AAElE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEzD,OAAO,KAAK,EAAE,4BAA4B,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAClG,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAC1F,OAAO,EAAoB,KAAK,4BAA4B,EAAE,MAAM,mBAAmB,CAAC;AAMxF,OAAO,EAA6C,KAAK,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,eAAe,CAAC;AAE7G,QAAA,MAAM,gCAAgC,gFAAiF,CAAC;AAExH,KAAK,4BAA4B,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,OAAO,gCAAgC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;;AAE3G;;;;;;;;;;;;;GAaG;AACH,qBAAa,sBAAuB,SAAQ,2BAA2C,YAAW,OAAO;IAOrG,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,kBAAkB;IACnC,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IAEjC,OAAO,CAAC,QAAQ,CAAC,GAAG;IAbtB,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,WAAW,CAAyB;IAC5C,OAAO,CAAC,eAAe,CAAyB;IAChD,OAAO,CAAC,MAAM,CAA+B;IAE7C,YACmB,UAAU,EAAE,UAAU,EACtB,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,eAAe,GAAG,uBAAuB,CAAC,EAC7E,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,EACvC,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,kCAAkC,CAAC,EACrD,kBAAkB,EAAE,IAAI,CAAC,4BAA4B,EAAE,uBAAuB,CAAC,EAC/E,gBAAgB,EAAE,4BAA4B,EAC/D,MAAM,EAAE,4BAA4B,EACnB,GAAG,GAAE,MAAiD,EAOxE;IAEY,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAQlC;IAEM,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAE3B;IAEM,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,GAAG,IAAI,CAGxD;IAED;;;OAGG;IACU,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CA8BjC;YAGa,WAAW;IA6EzB;;;;;;;;;;;OAWG;IACH,UAAgB,gBAAgB,CAAC,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAmBtF;CACF"}

package/dest/watchers/data_withholding_watcher.js

@@ -0,0 +1,193 @@
+import { CheckpointProposalHash, SlotNumber } from '@aztec/foundation/branded-types';
+import { compactArray, merge, pick } from '@aztec/foundation/collection';
+import { createLogger } from '@aztec/foundation/log';
+import { RunningPromise } from '@aztec/foundation/promise';
+import { getAttestationInfoFromPublishedCheckpoint } from '@aztec/stdlib/block';
+import { ConsensusPayload } from '@aztec/stdlib/p2p';
+import { OffenseType, getOffenseTypeName } from '@aztec/stdlib/slashing';
+import EventEmitter from 'node:events';
+import { WANT_TO_SLASH_EVENT } from '../watcher.js';
+const DataWithholdingWatcherConfigKeys = [
+    'slashDataWithholdingPenalty',
+    'slashDataWithholdingToleranceSlots'
+];
+/**
+ * Detects data-withholding offenses by probing the local mempool for the txs in published
+ * checkpoints once they are old enough that an honest node should have collected them.
+ *
+ * Per AZIP-7: once `slashDataWithholdingToleranceSlots` full slots have elapsed after the
+ * checkpoint's slot — i.e. at `slotStart(checkpoint.slot + slashDataWithholdingToleranceSlots
+ * + 1)` — if any tx from the checkpoint's blocks is still missing locally, the checkpoint's
+ * attesters are considered at fault for not making the data available, and we emit a slash
+ * for them.
+ *
+ * The watcher ticks at quarter-eth-slot cadence (matching the Sentinel template). On boot it
+ * floors processing at the current slot — restart-time gaps are accepted and not back-filled,
+ * matching the Sentinel approach.
+ */ export class DataWithholdingWatcher extends EventEmitter {
+    epochCache;
+    l2BlockSource;
+    txProvider;
+    p2p;
+    reexecutionTracker;
+    signatureContext;
+    log;
+    runningPromise;
+    initialSlot;
+    lastCheckedSlot;
+    config;
+    constructor(epochCache, l2BlockSource, txProvider, p2p, reexecutionTracker, signatureContext, config, log = createLogger('data-withholding-watcher')){
+        super(), this.epochCache = epochCache, this.l2BlockSource = l2BlockSource, this.txProvider = txProvider, this.p2p = p2p, this.reexecutionTracker = reexecutionTracker, this.signatureContext = signatureContext, this.log = log;
+        this.config = pick(config, ...DataWithholdingWatcherConfigKeys);
+        const interval = epochCache.getL1Constants().ethereumSlotDuration * 1000 / 4;
+        this.runningPromise = new RunningPromise(this.work.bind(this), log, interval);
+        this.log.verbose(`DataWithholdingWatcher initialized`, this.config);
+    }
+    async start() {
+        // Floor processing at the archiver's synced slot rather than the wallclock — restart-time
+        // gaps before the archiver catches up are accepted and not back-filled. Falls back to the
+        // wallclock if the archiver isn't ready yet (cold start).
+        const syncedSlot = await this.l2BlockSource.getSyncedL2SlotNumber();
+        this.initialSlot = syncedSlot ?? this.epochCache.getSlotNow();
+        this.log.info(`Starting data-withholding watcher with initial slot ${this.initialSlot}`);
+        this.runningPromise.start();
+    }
+    stop() {
+        return this.runningPromise.stop();
+    }
+    updateConfig(config) {
+        this.config = merge(this.config, pick(config, ...DataWithholdingWatcherConfigKeys));
+        this.log.verbose('DataWithholdingWatcher config updated', this.config);
+    }
+    /**
+   * Runs every tick. Walks newly-eligible slots and probes their checkpoints for data
+   * availability; emits a DATA_WITHHOLDING slash for any checkpoint whose txs are missing.
+   */ async work() {
+        if (this.initialSlot === undefined) {
+            return;
+        }
+        // tolerance is the number of full slots that must elapse after the checkpoint's slot
+        // before we declare its data missing. For checkpoint slot S, we therefore process S
+        // only once we are in slot `S + tolerance + 1` or later. Drive this off the archiver's
+        // synced slot rather than the wallclock so we don't make claims about slots we haven't
+        // fully ingested yet (archiver may lag behind L1).
+        const tolerance = this.config.slashDataWithholdingToleranceSlots;
+        const currentSlot = await this.l2BlockSource.getSyncedL2SlotNumber() ?? this.epochCache.getSlotNow();
+        if (currentSlot <= tolerance) {
+            return;
+        }
+        const targetSlot = SlotNumber(currentSlot - tolerance - 1);
+        if (targetSlot <= this.initialSlot) {
+            return;
+        }
+        const startSlot = this.lastCheckedSlot === undefined ? this.initialSlot : this.lastCheckedSlot;
+        for(let slot = SlotNumber(startSlot + 1); slot <= targetSlot; slot = SlotNumber(slot + 1)){
+            try {
+                await this.processSlot(slot);
+            } catch (err) {
+                this.log.error(`Error processing slot ${slot} for data-withholding check`, err, {
+                    slot
+                });
+            }
+            this.lastCheckedSlot = slot;
+        }
+    }
+    /** Probes the checkpoint at the given slot, if any, and emits a slash on missing txs. */ async processSlot(slot) {
+        const published = await this.l2BlockSource.getCheckpoint({
+            slot
+        });
+        if (!published) {
+            this.log.trace(`No published checkpoint at slot ${slot}`, {
+                slot
+            });
+            return;
+        }
+        const checkpointNumber = published.checkpoint.number;
+        // Per-block tx-collection records (true | false | undefined) for every block in this
+        // published checkpoint. Captured by the validator's proposal handler at the moment of
+        // tx collection (i.e. by the *re-execution* deadline). Used as a positive short-circuit
+        // only: a `true` for every block means we know the data was available locally, so this
+        // checkpoint cannot be a data-withholding offense. A `false` does *not* trigger a slash
+        // on its own — the re-execution deadline is much earlier than the data-withholding
+        // tolerance window, so missing txs at that earlier deadline may still arrive in time.
+        // Anything other than all-true falls through to the mempool probe, which respects the
+        // tolerance window.
+        const collectionRecords = published.checkpoint.blocks.map((block, idx)=>this.reexecutionTracker.getTxsCollectedRecord(block.header.getSlot(), idx));
+        if (collectionRecords.every((r)=>r === true)) {
+            this.log.trace(`All blocks for checkpoint at slot ${slot} were collected locally; skipping`, {
+                slot,
+                checkpointNumber
+            });
+            return;
+        }
+        const txHashes = published.checkpoint.blocks.flatMap((block)=>block.body.txEffects.map((txEffect)=>txEffect.txHash));
+        if (txHashes.length === 0) {
+            this.log.trace(`Checkpoint at slot ${slot} has no txs`, {
+                slot
+            });
+            return;
+        }
+        const availability = await this.txProvider.hasTxs(txHashes);
+        const missingTxs = txHashes.filter((_, i)=>!availability[i]);
+        if (missingTxs.length === 0) {
+            this.log.trace(`All ${txHashes.length} txs available for checkpoint at slot ${slot}`, {
+                slot
+            });
+            return;
+        }
+        const attesters = await this.extractAttesters(published);
+        if (attesters.length === 0) {
+            this.log.warn(`Detected data withholding at slot ${slot} but no recoverable attesters`, {
+                slot,
+                checkpointNumber,
+                missingTxs: missingTxs.map((h)=>h.toString()),
+                records: collectionRecords
+            });
+            return;
+        }
+        this.log.info(`Detected data withholding offense at slot ${slot}`, {
+            slot,
+            checkpointNumber,
+            amount: this.config.slashDataWithholdingPenalty,
+            offenseType: getOffenseTypeName(OffenseType.DATA_WITHHOLDING),
+            missingTxs: missingTxs.map((h)=>h.toString()),
+            records: collectionRecords,
+            attesters: attesters.map((a)=>a.toString())
+        });
+        const args = attesters.map((validator)=>({
+                validator,
+                amount: this.config.slashDataWithholdingPenalty,
+                offenseType: OffenseType.DATA_WITHHOLDING,
+                epochOrSlot: BigInt(slot)
+            }));
+        this.emit(WANT_TO_SLASH_EVENT, args);
+    }
+    /**
+   * Returns the union of:
+   *   1. attesters whose signatures landed in the published checkpoint on L1, and
+   *   2. attesters we observed signing the same proposal on p2p (the proposer publishes as
+   *      soon as it has hit committee quorum, so honest peer attestations that arrive after
+   *      that point are dropped — but they still vouched for the data and
+   *      should be slashed for withholding it).
+   *
+   *
+   * Exposed as protected so tests can substitute a deterministic recovery without having
+   * to construct real secp256k1 signatures.
+   */ async extractAttesters(published) {
+        const fromL1 = getAttestationInfoFromPublishedCheckpoint(published, this.signatureContext).filter((info)=>info.status === 'recovered-from-signature').map((info)=>info.address);
+        const slot = published.checkpoint.header.slotNumber;
+        const proposalPayloadHash = CheckpointProposalHash.fromBuffer(ConsensusPayload.fromCheckpoint(published.checkpoint, this.signatureContext).getPayloadHash());
+        const fromP2p = await this.p2p.getCheckpointAttestationsForSlot(slot, proposalPayloadHash).then((attestations)=>attestations.map((a)=>a.getSender()));
+        // Dedupe
+        const all = new Map();
+        for (const addr of compactArray([
+            ...fromL1,
+            ...fromP2p
+        ])){
+            all.set(addr.toString(), addr);
+        }
+        return [
+            ...all.values()
+        ];
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/slasher",
-  "version": "0.0.1-commit.e558bd1c",
+  "version": "0.0.1-commit.e57c76e",
   "type": "module",
   "exports": {
     ".": "./dest/index.js",
@@ -56,20 +56,20 @@
     ]
   },
   "dependencies": {
-    "@aztec/epoch-cache": "0.0.1-commit.e558bd1c",
-    "@aztec/ethereum": "0.0.1-commit.e558bd1c",
-    "@aztec/foundation": "0.0.1-commit.e558bd1c",
-    "@aztec/kv-store": "0.0.1-commit.e558bd1c",
-    "@aztec/l1-artifacts": "0.0.1-commit.e558bd1c",
-    "@aztec/stdlib": "0.0.1-commit.e558bd1c",
-    "@aztec/telemetry-client": "0.0.1-commit.e558bd1c",
+    "@aztec/epoch-cache": "0.0.1-commit.e57c76e",
+    "@aztec/ethereum": "0.0.1-commit.e57c76e",
+    "@aztec/foundation": "0.0.1-commit.e57c76e",
+    "@aztec/kv-store": "0.0.1-commit.e57c76e",
+    "@aztec/l1-artifacts": "0.0.1-commit.e57c76e",
+    "@aztec/stdlib": "0.0.1-commit.e57c76e",
+    "@aztec/telemetry-client": "0.0.1-commit.e57c76e",
     "source-map-support": "^0.5.21",
     "tslib": "^2.4.0",
     "viem": "npm:@aztec/viem@2.38.2",
-    "zod": "^3.23.8"
+    "zod": "^4"
   },
   "devDependencies": {
-    "@aztec/aztec.js": "0.0.1-commit.e558bd1c",
+    "@aztec/aztec.js": "0.0.1-commit.e57c76e",
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",
     "@types/node": "^22.15.17",