@aztec/stdlib 5.0.0-nightly.20260707 → 5.0.0-nightly.20260708
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dest/block/attestation_info.d.ts +1 -1
- package/dest/block/attestation_info.d.ts.map +1 -1
- package/dest/block/attestation_info.js +7 -4
- package/dest/block/l2_block_source.d.ts +13 -2
- package/dest/block/l2_block_source.d.ts.map +1 -1
- package/dest/block/l2_block_source.js +5 -0
- package/dest/block/proposal/attestations_and_signers.d.ts +19 -1
- package/dest/block/proposal/attestations_and_signers.d.ts.map +1 -1
- package/dest/block/proposal/attestations_and_signers.js +37 -1
- package/dest/block/validate_block_result.d.ts +16 -1
- package/dest/block/validate_block_result.d.ts.map +1 -1
- package/dest/block/validate_block_result.js +18 -3
- package/dest/config/network-consensus-config.d.ts +1 -1
- package/dest/config/network-consensus-config.d.ts.map +1 -1
- package/dest/config/network-consensus-config.js +2 -10
- package/dest/database-version/version_manager.d.ts +18 -4
- package/dest/database-version/version_manager.d.ts.map +1 -1
- package/dest/database-version/version_manager.js +76 -6
- package/dest/ha-signing/config.d.ts +19 -5
- package/dest/ha-signing/config.d.ts.map +1 -1
- package/dest/ha-signing/config.js +9 -3
- package/dest/ha-signing/local_config.d.ts +10 -2
- package/dest/ha-signing/local_config.d.ts.map +1 -1
- package/dest/ha-signing/local_config.js +8 -2
- package/dest/interfaces/aztec-node-admin.d.ts +5 -2
- package/dest/interfaces/aztec-node-admin.d.ts.map +1 -1
- package/dest/interfaces/configs.d.ts +4 -1
- package/dest/interfaces/configs.d.ts.map +1 -1
- package/dest/interfaces/configs.js +1 -0
- package/dest/interfaces/validator.d.ts +7 -3
- package/dest/interfaces/validator.d.ts.map +1 -1
- package/dest/interfaces/world_state.d.ts +14 -1
- package/dest/interfaces/world_state.d.ts.map +1 -1
- package/dest/logs/app_tagging_secret.d.ts +6 -1
- package/dest/logs/app_tagging_secret.d.ts.map +1 -1
- package/dest/logs/app_tagging_secret.js +6 -0
- package/dest/logs/shared_secret_derivation.d.ts +9 -3
- package/dest/logs/shared_secret_derivation.d.ts.map +1 -1
- package/dest/logs/shared_secret_derivation.js +13 -6
- package/dest/p2p/signature_utils.d.ts +10 -1
- package/dest/p2p/signature_utils.d.ts.map +1 -1
- package/dest/p2p/signature_utils.js +9 -1
- package/package.json +8 -8
- package/src/block/attestation_info.ts +7 -2
- package/src/block/l2_block_source.ts +13 -2
- package/src/block/proposal/attestations_and_signers.ts +43 -1
- package/src/block/validate_block_result.ts +48 -2
- package/src/config/network-consensus-config.ts +2 -13
- package/src/database-version/version_manager.ts +96 -6
- package/src/ha-signing/config.ts +23 -5
- package/src/ha-signing/local_config.ts +20 -1
- package/src/interfaces/configs.ts +3 -0
- package/src/interfaces/world_state.ts +14 -0
- package/src/logs/app_tagging_secret.ts +12 -0
- package/src/logs/shared_secret_derivation.ts +17 -8
- package/src/p2p/signature_utils.ts +9 -0
|
@@ -3,8 +3,14 @@ import type { GrumpkinScalar, Point } from '@aztec/foundation/curves/grumpkin';
|
|
|
3
3
|
import type { AztecAddress } from '../aztec-address/index.js';
|
|
4
4
|
import type { PublicKey } from '../keys/public_key.js';
|
|
5
5
|
/**
|
|
6
|
-
* Derives
|
|
7
|
-
*
|
|
6
|
+
* Derives the raw ECDH shared secret point `S = secretKey * publicKey`.
|
|
7
|
+
*
|
|
8
|
+
* @throws If the publicKey is zero.
|
|
9
|
+
*/
|
|
10
|
+
export declare function deriveEcdhSharedSecretPoint(secretKey: GrumpkinScalar, publicKey: PublicKey): Promise<Point>;
|
|
11
|
+
/**
|
|
12
|
+
* Derives an app-siloed ECDH shared secret from keys: ECDHs `S = secretKey * publicKey` via
|
|
13
|
+
* {@link deriveEcdhSharedSecretPoint}, then app-silos it via {@link appSiloEcdhSharedSecretPoint}.
|
|
8
14
|
*
|
|
9
15
|
* @param secretKey - The secret key used to derive shared secret.
|
|
10
16
|
* @param publicKey - The public key used to derive shared secret.
|
|
@@ -22,4 +28,4 @@ export declare function appSiloEcdhSharedSecret(secretKey: GrumpkinScalar, publi
|
|
|
22
28
|
* @param app - The contract address to silo to.
|
|
23
29
|
*/
|
|
24
30
|
export declare function appSiloEcdhSharedSecretPoint(point: Point, app: AztecAddress): Promise<Fr>;
|
|
25
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
31
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2hhcmVkX3NlY3JldF9kZXJpdmF0aW9uLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvbG9ncy9zaGFyZWRfc2VjcmV0X2Rlcml2YXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBR0EsT0FBTyxLQUFLLEVBQUUsRUFBRSxFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFDekQsT0FBTyxLQUFLLEVBQUUsY0FBYyxFQUFFLEtBQUssRUFBRSxNQUFNLG1DQUFtQyxDQUFDO0FBRS9FLE9BQU8sS0FBSyxFQUFFLFlBQVksRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQzlELE9BQU8sS0FBSyxFQUFFLFNBQVMsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBRXZEOzs7O0dBSUc7QUFDSCx3QkFBZ0IsMkJBQTJCLENBQUMsU0FBUyxFQUFFLGNBQWMsRUFBRSxTQUFTLEVBQUUsU0FBUyxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FPM0c7QUFFRDs7Ozs7Ozs7O0dBU0c7QUFDSCx3QkFBc0IsdUJBQXVCLENBQzNDLFNBQVMsRUFBRSxjQUFjLEVBQ3pCLFNBQVMsRUFBRSxTQUFTLEVBQ3BCLGVBQWUsRUFBRSxZQUFZLEdBQzVCLE9BQU8sQ0FBQyxFQUFFLENBQUMsQ0FHYjtBQUVEOzs7Ozs7O0dBT0c7QUFDSCx3QkFBZ0IsNEJBQTRCLENBQUMsS0FBSyxFQUFFLEtBQUssRUFBRSxHQUFHLEVBQUUsWUFBWSxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUMsQ0FFekYifQ==
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shared_secret_derivation.d.ts","sourceRoot":"","sources":["../../src/logs/shared_secret_derivation.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AACzD,OAAO,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAC;AAE/E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;;;;;;;GASG;AACH,wBAAsB,uBAAuB,CAC3C,SAAS,EAAE,cAAc,EACzB,SAAS,EAAE,SAAS,EACpB,eAAe,EAAE,YAAY,GAC5B,OAAO,CAAC,EAAE,CAAC,
|
|
1
|
+
{"version":3,"file":"shared_secret_derivation.d.ts","sourceRoot":"","sources":["../../src/logs/shared_secret_derivation.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AACzD,OAAO,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAC;AAE/E,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;;GAIG;AACH,wBAAgB,2BAA2B,CAAC,SAAS,EAAE,cAAc,EAAE,SAAS,EAAE,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,CAO3G;AAED;;;;;;;;;GASG;AACH,wBAAsB,uBAAuB,CAC3C,SAAS,EAAE,cAAc,EACzB,SAAS,EAAE,SAAS,EACpB,eAAe,EAAE,YAAY,GAC5B,OAAO,CAAC,EAAE,CAAC,CAGb;AAED;;;;;;;GAOG;AACH,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,YAAY,GAAG,OAAO,CAAC,EAAE,CAAC,CAEzF"}
|
|
@@ -2,8 +2,18 @@ import { DomainSeparator } from '@aztec/constants';
|
|
|
2
2
|
import { Grumpkin } from '@aztec/foundation/crypto/grumpkin';
|
|
3
3
|
import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
|
|
4
4
|
/**
|
|
5
|
-
* Derives
|
|
6
|
-
*
|
|
5
|
+
* Derives the raw ECDH shared secret point `S = secretKey * publicKey`.
|
|
6
|
+
*
|
|
7
|
+
* @throws If the publicKey is zero.
|
|
8
|
+
*/ export function deriveEcdhSharedSecretPoint(secretKey, publicKey) {
|
|
9
|
+
if (publicKey.isZero()) {
|
|
10
|
+
throw new Error(`Attempting to derive a shared secret with a zero public key. You have probably passed a zero public key in your Noir code somewhere thinking that the note won't be broadcast... but it was.`);
|
|
11
|
+
}
|
|
12
|
+
return Grumpkin.mul(publicKey, secretKey);
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Derives an app-siloed ECDH shared secret from keys: ECDHs `S = secretKey * publicKey` via
|
|
16
|
+
* {@link deriveEcdhSharedSecretPoint}, then app-silos it via {@link appSiloEcdhSharedSecretPoint}.
|
|
7
17
|
*
|
|
8
18
|
* @param secretKey - The secret key used to derive shared secret.
|
|
9
19
|
* @param publicKey - The public key used to derive shared secret.
|
|
@@ -11,10 +21,7 @@ import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
|
|
|
11
21
|
* @returns The app-siloed shared secret as a Field.
|
|
12
22
|
* @throws If the publicKey is zero.
|
|
13
23
|
*/ export async function appSiloEcdhSharedSecret(secretKey, publicKey, contractAddress) {
|
|
14
|
-
|
|
15
|
-
throw new Error(`Attempting to derive a shared secret with a zero public key. You have probably passed a zero public key in your Noir code somewhere thinking that the note won't be broadcast... but it was.`);
|
|
16
|
-
}
|
|
17
|
-
const rawSharedSecret = await Grumpkin.mul(publicKey, secretKey);
|
|
24
|
+
const rawSharedSecret = await deriveEcdhSharedSecretPoint(secretKey, publicKey);
|
|
18
25
|
return appSiloEcdhSharedSecretPoint(rawSharedSecret, contractAddress);
|
|
19
26
|
}
|
|
20
27
|
/**
|
|
@@ -28,6 +28,15 @@ export declare function hasValidSignatureContext(signable: Signable, expected: C
|
|
|
28
28
|
export declare function getCoordinationSignatureTypedDataForPayloadHash(payloadHash: Buffer32, type: CoordinationSignatureType, context: CoordinationSignatureContext): TypedDataDefinition;
|
|
29
29
|
export declare function getCoordinationSignatureTypedData(signable: Signable): TypedDataDefinition;
|
|
30
30
|
export declare function getHashedSignaturePayloadTypedData(signable: Signable): Buffer32;
|
|
31
|
+
/**
|
|
32
|
+
* Recovers the sender of a gossiped coordination message. Deliberately lenient (allowYParityAsV): a
|
|
33
|
+
* signature whose recovery byte is in yParity form (v ∈ {0, 1}) still resolves to its sender, so the P2P
|
|
34
|
+
* layer can attribute and accept it and then canonicalize on ingress (CheckpointAttestation.
|
|
35
|
+
* withNormalizedSignature, A-1351) before it reaches the L1 bundle. This is intentionally looser than
|
|
36
|
+
* on-chain checkpoint validation (getAttestationInfoFromPayload), which recovers strictly to mirror L1's
|
|
37
|
+
* ECDSA.recover — do not unify the two. These proposal/attestation signatures are P2P-only and never reach
|
|
38
|
+
* L1 verbatim, so leniency here cannot leak a non-canonical byte onto L1.
|
|
39
|
+
*/
|
|
31
40
|
export declare function recoverCoordinationSigner(signable: Signable, signature: Signature): EthAddress | undefined;
|
|
32
41
|
export declare function getHashedSignaturePayload(s: Signable): Buffer32;
|
|
33
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
42
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmF0dXJlX3V0aWxzLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcDJwL3NpZ25hdHVyZV91dGlscy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFHcEQsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBQzNELE9BQU8sS0FBSyxFQUFFLFNBQVMsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBQ2pFLE9BQU8sRUFBRSxLQUFLLFlBQVksRUFBcUIsTUFBTSw2QkFBNkIsQ0FBQztBQUVuRixPQUFPLEVBQUUsS0FBSyxtQkFBbUIsRUFBaUIsTUFBTSxNQUFNLENBQUM7QUFHL0QsT0FBTyxLQUFLLEVBQUUsTUFBTSxFQUFFLE1BQU0scUJBQXFCLENBQUM7QUFFbEQsTUFBTSxNQUFNLHlCQUF5QixHQUNqQyxlQUFlLEdBQ2Ysb0JBQW9CLEdBQ3BCLHVCQUF1QixHQUN2Qix3QkFBd0IsR0FDeEIsV0FBVyxDQUFDO0FBRWhCLE1BQU0sTUFBTSw0QkFBNEIsR0FBRztJQUN6QyxPQUFPLEVBQUUsTUFBTSxDQUFDO0lBQ2hCLGFBQWEsRUFBRSxVQUFVLENBQUM7Q0FDM0IsQ0FBQztBQUVGLGVBQU8sTUFBTSxvQ0FBb0MsRUFBRSw0QkFHbEQsQ0FBQztBQUVGLGVBQU8sTUFBTSxrQ0FBa0MsRUFBRSxNQUFNLENBQUMsNEJBQTRCLENBR2xGLENBQUM7QUFFSCxNQUFNLFdBQVcsUUFBUTtJQUN2QixRQUFRLENBQUMsV0FBVyxFQUFFLHlCQUF5QixDQUFDO0lBQ2hELFFBQVEsQ0FBQyxnQkFBZ0IsRUFBRSw0QkFBNEIsQ0FBQztJQUN4RCxnQkFBZ0IsSUFBSSxNQUFNLENBQUM7Q0FDNUI7QUFFRCx3QkFBZ0Isa0NBQWtDLENBQ2hELENBQUMsRUFBRSw0QkFBNEIsRUFDL0IsQ0FBQyxFQUFFLDRCQUE0QixHQUM5QixPQUFPLENBRVQ7QUFFRCx3QkFBZ0IscUNBQXFDLENBQUMsR0FBRyxFQUFFLDRCQUE0QixHQUFHLE1BQU0sQ0FFL0Y7QUFFRCx3QkFBZ0IsZ0NBQWdDLENBQUMsTUFBTSxFQUFFLFlBQVksR0FBRyw0QkFBNEIsQ0FJbkc7QUFFRDs7OztHQUlHO0FBQ0gsd0JBQWdCLHdCQUF3QixDQUFDLFFBQVEsRUFBRSxRQUFRLEVBQUUsUUFBUSxFQUFFLDRCQUE0QixHQUFHLE9BQU8sQ0FFNUc7QUFxQkQsd0JBQWdCLCtDQUErQyxDQUM3RCxXQUFXLEVBQUUsUUFBUSxFQUNyQixJQUFJLEVBQUUseUJBQXlCLEVBQy9CLE9BQU8sRUFBRSw0QkFBNEIsR0FDcEMsbUJBQW1CLENBY3JCO0FBRUQsd0JBQWdCLGlDQUFpQyxDQUFDLFFBQVEsRUFBRSxRQUFRLEdBQUcsbUJBQW1CLENBR3pGO0FBRUQsd0JBQWdCLGtDQUFrQyxDQUFDLFFBQVEsRUFBRSxRQUFRLEdBQUcsUUFBUSxDQUUvRTtBQUVEOzs7Ozs7OztHQVFHO0FBQ0gsd0JBQWdCLHlCQUF5QixDQUFDLFFBQVEsRUFBRSxRQUFRLEVBQUUsU0FBUyxFQUFFLFNBQVMsR0FBRyxVQUFVLEdBQUcsU0FBUyxDQUcxRztBQUVELHdCQUFnQix5QkFBeUIsQ0FBQyxDQUFDLEVBQUUsUUFBUSxHQUFHLFFBQVEsQ0FFL0QifQ==
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signature_utils.d.ts","sourceRoot":"","sources":["../../src/p2p/signature_utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAGpD,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAC3D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,KAAK,YAAY,EAAqB,MAAM,6BAA6B,CAAC;AAEnF,OAAO,EAAE,KAAK,mBAAmB,EAAiB,MAAM,MAAM,CAAC;AAG/D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAElD,MAAM,MAAM,yBAAyB,GACjC,eAAe,GACf,oBAAoB,GACpB,uBAAuB,GACvB,wBAAwB,GACxB,WAAW,CAAC;AAEhB,MAAM,MAAM,4BAA4B,GAAG;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,UAAU,CAAC;CAC3B,CAAC;AAEF,eAAO,MAAM,oCAAoC,EAAE,4BAGlD,CAAC;AAEF,eAAO,MAAM,kCAAkC,EAAE,MAAM,CAAC,4BAA4B,CAGlF,CAAC;AAEH,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,WAAW,EAAE,yBAAyB,CAAC;IAChD,QAAQ,CAAC,gBAAgB,EAAE,4BAA4B,CAAC;IACxD,gBAAgB,IAAI,MAAM,CAAC;CAC5B;AAED,wBAAgB,kCAAkC,CAChD,CAAC,EAAE,4BAA4B,EAC/B,CAAC,EAAE,4BAA4B,GAC9B,OAAO,CAET;AAED,wBAAgB,qCAAqC,CAAC,GAAG,EAAE,4BAA4B,GAAG,MAAM,CAE/F;AAED,wBAAgB,gCAAgC,CAAC,MAAM,EAAE,YAAY,GAAG,4BAA4B,CAInG;AAED;;;;GAIG;AACH,wBAAgB,wBAAwB,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,4BAA4B,GAAG,OAAO,CAE5G;AAqBD,wBAAgB,+CAA+C,CAC7D,WAAW,EAAE,QAAQ,EACrB,IAAI,EAAE,yBAAyB,EAC/B,OAAO,EAAE,4BAA4B,GACpC,mBAAmB,CAcrB;AAED,wBAAgB,iCAAiC,CAAC,QAAQ,EAAE,QAAQ,GAAG,mBAAmB,CAGzF;AAED,wBAAgB,kCAAkC,CAAC,QAAQ,EAAE,QAAQ,GAAG,QAAQ,CAE/E;AAED,wBAAgB,yBAAyB,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,CAG1G;AAED,wBAAgB,yBAAyB,CAAC,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAE/D"}
|
|
1
|
+
{"version":3,"file":"signature_utils.d.ts","sourceRoot":"","sources":["../../src/p2p/signature_utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAGpD,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAC3D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,KAAK,YAAY,EAAqB,MAAM,6BAA6B,CAAC;AAEnF,OAAO,EAAE,KAAK,mBAAmB,EAAiB,MAAM,MAAM,CAAC;AAG/D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAElD,MAAM,MAAM,yBAAyB,GACjC,eAAe,GACf,oBAAoB,GACpB,uBAAuB,GACvB,wBAAwB,GACxB,WAAW,CAAC;AAEhB,MAAM,MAAM,4BAA4B,GAAG;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,UAAU,CAAC;CAC3B,CAAC;AAEF,eAAO,MAAM,oCAAoC,EAAE,4BAGlD,CAAC;AAEF,eAAO,MAAM,kCAAkC,EAAE,MAAM,CAAC,4BAA4B,CAGlF,CAAC;AAEH,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,WAAW,EAAE,yBAAyB,CAAC;IAChD,QAAQ,CAAC,gBAAgB,EAAE,4BAA4B,CAAC;IACxD,gBAAgB,IAAI,MAAM,CAAC;CAC5B;AAED,wBAAgB,kCAAkC,CAChD,CAAC,EAAE,4BAA4B,EAC/B,CAAC,EAAE,4BAA4B,GAC9B,OAAO,CAET;AAED,wBAAgB,qCAAqC,CAAC,GAAG,EAAE,4BAA4B,GAAG,MAAM,CAE/F;AAED,wBAAgB,gCAAgC,CAAC,MAAM,EAAE,YAAY,GAAG,4BAA4B,CAInG;AAED;;;;GAIG;AACH,wBAAgB,wBAAwB,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,4BAA4B,GAAG,OAAO,CAE5G;AAqBD,wBAAgB,+CAA+C,CAC7D,WAAW,EAAE,QAAQ,EACrB,IAAI,EAAE,yBAAyB,EAC/B,OAAO,EAAE,4BAA4B,GACpC,mBAAmB,CAcrB;AAED,wBAAgB,iCAAiC,CAAC,QAAQ,EAAE,QAAQ,GAAG,mBAAmB,CAGzF;AAED,wBAAgB,kCAAkC,CAAC,QAAQ,EAAE,QAAQ,GAAG,QAAQ,CAE/E;AAED;;;;;;;;GAQG;AACH,wBAAgB,yBAAyB,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,CAG1G;AAED,wBAAgB,yBAAyB,CAAC,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAE/D"}
|
|
@@ -112,7 +112,15 @@ export function getCoordinationSignatureTypedData(signable) {
|
|
|
112
112
|
export function getHashedSignaturePayloadTypedData(signable) {
|
|
113
113
|
return Buffer32.fromString(hashTypedData(getCoordinationSignatureTypedData(signable)));
|
|
114
114
|
}
|
|
115
|
-
|
|
115
|
+
/**
|
|
116
|
+
* Recovers the sender of a gossiped coordination message. Deliberately lenient (allowYParityAsV): a
|
|
117
|
+
* signature whose recovery byte is in yParity form (v ∈ {0, 1}) still resolves to its sender, so the P2P
|
|
118
|
+
* layer can attribute and accept it and then canonicalize on ingress (CheckpointAttestation.
|
|
119
|
+
* withNormalizedSignature, A-1351) before it reaches the L1 bundle. This is intentionally looser than
|
|
120
|
+
* on-chain checkpoint validation (getAttestationInfoFromPayload), which recovers strictly to mirror L1's
|
|
121
|
+
* ECDSA.recover — do not unify the two. These proposal/attestation signatures are P2P-only and never reach
|
|
122
|
+
* L1 verbatim, so leniency here cannot leak a non-canonical byte onto L1.
|
|
123
|
+
*/ export function recoverCoordinationSigner(signable, signature) {
|
|
116
124
|
const digest = getHashedSignaturePayloadTypedData(signable);
|
|
117
125
|
return tryRecoverAddress(digest, signature, {
|
|
118
126
|
allowYParityAsV: true
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aztec/stdlib",
|
|
3
|
-
"version": "5.0.0-nightly.
|
|
3
|
+
"version": "5.0.0-nightly.20260708",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"inherits": [
|
|
6
6
|
"../package.common.json",
|
|
@@ -92,13 +92,13 @@
|
|
|
92
92
|
},
|
|
93
93
|
"dependencies": {
|
|
94
94
|
"@aws-sdk/client-s3": "^3.892.0",
|
|
95
|
-
"@aztec/bb.js": "5.0.0-nightly.
|
|
96
|
-
"@aztec/blob-lib": "5.0.0-nightly.
|
|
97
|
-
"@aztec/constants": "5.0.0-nightly.
|
|
98
|
-
"@aztec/ethereum": "5.0.0-nightly.
|
|
99
|
-
"@aztec/foundation": "5.0.0-nightly.
|
|
100
|
-
"@aztec/l1-artifacts": "5.0.0-nightly.
|
|
101
|
-
"@aztec/noir-noirc_abi": "5.0.0-nightly.
|
|
95
|
+
"@aztec/bb.js": "5.0.0-nightly.20260708",
|
|
96
|
+
"@aztec/blob-lib": "5.0.0-nightly.20260708",
|
|
97
|
+
"@aztec/constants": "5.0.0-nightly.20260708",
|
|
98
|
+
"@aztec/ethereum": "5.0.0-nightly.20260708",
|
|
99
|
+
"@aztec/foundation": "5.0.0-nightly.20260708",
|
|
100
|
+
"@aztec/l1-artifacts": "5.0.0-nightly.20260708",
|
|
101
|
+
"@aztec/noir-noirc_abi": "5.0.0-nightly.20260708",
|
|
102
102
|
"@google-cloud/storage": "^7.15.0",
|
|
103
103
|
"axios": "^1.15.1",
|
|
104
104
|
"json-stringify-deterministic": "1.0.12",
|
|
@@ -60,9 +60,14 @@ export function getAttestationInfoFromPayload(
|
|
|
60
60
|
return { address: attestation.address, status: 'provided-as-address' as const };
|
|
61
61
|
}
|
|
62
62
|
|
|
63
|
-
// Try to recover address from signature
|
|
63
|
+
// Try to recover address from signature. Recover with default opts (no allowYParityAsV): a slot
|
|
64
|
+
// whose recovery byte is in yParity form (v ∈ {0, 1}) is judged invalid here, matching L1 proving
|
|
65
|
+
// (ValidatorSelectionLib.verifyAttestations → ECDSA.recover only accepts v ∈ {27, 28}). A malicious
|
|
66
|
+
// proposer that lands such a slot cannot have it silently treated as valid off-chain; it is routed to
|
|
67
|
+
// invalid-attestation and invalidated. The gossip receipt path (recoverCoordinationSigner) stays
|
|
68
|
+
// lenient with allowYParityAsV; A-1351 normalizes on pool ingress and before the L1 bundle.
|
|
64
69
|
try {
|
|
65
|
-
const recoveredAddress = recoverAddress(hashedPayload, attestation.signature
|
|
70
|
+
const recoveredAddress = recoverAddress(hashedPayload, attestation.signature);
|
|
66
71
|
return { address: recoveredAddress, status: 'recovered-from-signature' as const };
|
|
67
72
|
} catch {
|
|
68
73
|
// Signature present but recovery failed
|
|
@@ -63,8 +63,18 @@ export type CheckpointQuery =
|
|
|
63
63
|
| { slot: SlotNumber }
|
|
64
64
|
| { tag: 'checkpointed' | 'proven' | 'finalized' };
|
|
65
65
|
|
|
66
|
-
/**
|
|
67
|
-
|
|
66
|
+
/**
|
|
67
|
+
* Query a range of confirmed checkpoints by start/limit, by slot anchor, or by epoch.
|
|
68
|
+
*
|
|
69
|
+
* The `fromSlot` variant walks the slot index: it returns up to `limit` checkpoints anchored at
|
|
70
|
+
* `fromSlot`, ordered nearest-first. With `reverse` it takes the checkpoints at or before the slot
|
|
71
|
+
* (descending); otherwise the checkpoints at or after it (ascending). Use `limit: 1, reverse: true`
|
|
72
|
+
* to find the latest checkpoint at or before a slot in a single range scan.
|
|
73
|
+
*/
|
|
74
|
+
export type CheckpointsQuery =
|
|
75
|
+
| { from: CheckpointNumber; limit: number }
|
|
76
|
+
| { fromSlot: SlotNumber; limit: number; reverse?: boolean }
|
|
77
|
+
| { epoch: EpochNumber };
|
|
68
78
|
|
|
69
79
|
/**
|
|
70
80
|
* Lookup a proposed (archiver-internal, not-yet-L1-confirmed) checkpoint.
|
|
@@ -81,6 +91,7 @@ export const CheckpointQuerySchema: z.ZodType<CheckpointQuery, unknown> = z.unio
|
|
|
81
91
|
|
|
82
92
|
export const CheckpointsQuerySchema: z.ZodType<CheckpointsQuery, unknown> = z.union([
|
|
83
93
|
z.object({ from: CheckpointNumberSchema, limit: z.number().int().min(1) }).strict(),
|
|
94
|
+
z.object({ fromSlot: SlotNumberSchema, limit: z.number().int().min(1), reverse: z.boolean().optional() }).strict(),
|
|
84
95
|
z.object({ epoch: EpochNumberSchema }).strict(),
|
|
85
96
|
]);
|
|
86
97
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { ViemCommitteeAttestations } from '@aztec/ethereum/contracts';
|
|
2
|
-
import { hexToBuffer } from '@aztec/foundation/string';
|
|
2
|
+
import { bufferToHex, hexToBuffer } from '@aztec/foundation/string';
|
|
3
3
|
|
|
4
4
|
import { encodeAbiParameters, parseAbiParameters } from 'viem';
|
|
5
5
|
import { z } from 'zod';
|
|
@@ -157,3 +157,45 @@ export class MaliciousCommitteeAttestationsAndSigners extends CommitteeAttestati
|
|
|
157
157
|
return this.signers;
|
|
158
158
|
}
|
|
159
159
|
}
|
|
160
|
+
|
|
161
|
+
/**
|
|
162
|
+
* Malicious extension of CommitteeAttestationsAndSigners that rewrites every non-proposer signature slot's
|
|
163
|
+
* recovery byte to yParity form (v ∈ {0, 1}) in the packed output, after the honest `packAttestations` has
|
|
164
|
+
* already canonicalized it to v ∈ {27, 28}. Models a malicious selected proposer that hand-crafts
|
|
165
|
+
* `propose()` calldata L1 accepts but no honest node can byte-replay: each rewritten signature still
|
|
166
|
+
* recovers to the same member (r, s and the recovery parity are preserved), the bitmap bits stay set, and
|
|
167
|
+
* `getSigners()` stays consistent, so `propose()` does not revert `SignersSizeMismatch` -- yet the
|
|
168
|
+
* checkpoint can never be proven (`ECDSA.recover` rejects v ∉ {27, 28}). The proposer's own slot is left
|
|
169
|
+
* canonical so L1 `verifyProposer` (which recovers that slot) still accepts the checkpoint. For testing only.
|
|
170
|
+
*/
|
|
171
|
+
export class MaliciousYParityCommitteeAttestationsAndSigners extends CommitteeAttestationsAndSigners {
|
|
172
|
+
constructor(
|
|
173
|
+
attestations: CommitteeAttestation[],
|
|
174
|
+
/** Committee index of the proposer's own slot, left canonical so `propose()` passes `verifyProposer`. */
|
|
175
|
+
private proposerIndex: number,
|
|
176
|
+
signatureContext: CoordinationSignatureContext,
|
|
177
|
+
) {
|
|
178
|
+
super(attestations, signatureContext);
|
|
179
|
+
}
|
|
180
|
+
|
|
181
|
+
override getPackedAttestations(): ViemCommitteeAttestations {
|
|
182
|
+
const packed = super.getPackedAttestations();
|
|
183
|
+
const data = hexToBuffer(packed.signaturesOrAddresses);
|
|
184
|
+
|
|
185
|
+
// Walk the packed byte-vector and rewrite every non-proposer signed slot's v-byte to yParity form. A
|
|
186
|
+
// signed slot occupies 65 bytes (v, r, s); an empty slot occupies 20 bytes (address only).
|
|
187
|
+
let offset = 0;
|
|
188
|
+
for (let i = 0; i < this.attestations.length; i++) {
|
|
189
|
+
const isSigned = !this.attestations[i].signature.isEmpty();
|
|
190
|
+
if (isSigned && i !== this.proposerIndex) {
|
|
191
|
+
// `packAttestations` canonicalized v to 27/28; rewrite back to the equivalent yParity byte (0/1),
|
|
192
|
+
// preserving the recovery parity so the signature still recovers to the same member.
|
|
193
|
+
const v = data[offset];
|
|
194
|
+
data[offset] = v >= 27 ? v - 27 : v;
|
|
195
|
+
}
|
|
196
|
+
offset += isSigned ? 65 : 20;
|
|
197
|
+
}
|
|
198
|
+
|
|
199
|
+
return { signatureIndices: packed.signatureIndices, signaturesOrAddresses: bufferToHex(data) };
|
|
200
|
+
}
|
|
201
|
+
}
|
|
@@ -1,7 +1,9 @@
|
|
|
1
|
+
import type { ViemCommitteeAttestations } from '@aztec/ethereum/contracts';
|
|
1
2
|
import { EpochNumber, EpochNumberSchema } from '@aztec/foundation/branded-types';
|
|
2
3
|
import { EthAddress } from '@aztec/foundation/eth-address';
|
|
3
4
|
import { type ZodFor, schemas } from '@aztec/foundation/schemas';
|
|
4
5
|
import { BufferReader, serializeToBuffer } from '@aztec/foundation/serialize';
|
|
6
|
+
import { bufferToHex, hexToBuffer } from '@aztec/foundation/string';
|
|
5
7
|
|
|
6
8
|
import { z } from 'zod';
|
|
7
9
|
|
|
@@ -30,6 +32,14 @@ export type ValidateCheckpointNegativeResult =
|
|
|
30
32
|
attestors: EthAddress[];
|
|
31
33
|
/** Committee attestations for this checkpoint as they were posted to L1 */
|
|
32
34
|
attestations: CommitteeAttestation[];
|
|
35
|
+
/**
|
|
36
|
+
* The exact packed `CommitteeAttestations` tuple as posted to L1 calldata, carried verbatim so the
|
|
37
|
+
* invalidation evidence is byte-faithful to the stored `attestationsHash`. A repack via
|
|
38
|
+
* `packAttestations` is not a round-trip inverse of `fromPacked`, so it would diverge from the hash
|
|
39
|
+
* and revert `invalidateBadAttestation`/`invalidateInsufficientAttestations`. Always populated on the
|
|
40
|
+
* calldata validation path, the only production source of invalidation evidence.
|
|
41
|
+
*/
|
|
42
|
+
verbatimAttestations: ViemCommitteeAttestations;
|
|
33
43
|
/** Reason for the checkpoint being invalid: not enough attestations were posted */
|
|
34
44
|
reason: 'insufficient-attestations';
|
|
35
45
|
}
|
|
@@ -47,6 +57,12 @@ export type ValidateCheckpointNegativeResult =
|
|
|
47
57
|
attestors: EthAddress[];
|
|
48
58
|
/** Committee attestations for this checkpoint as they were posted to L1 */
|
|
49
59
|
attestations: CommitteeAttestation[];
|
|
60
|
+
/**
|
|
61
|
+
* The exact packed `CommitteeAttestations` tuple as posted to L1 calldata, carried verbatim so the
|
|
62
|
+
* invalidation evidence is byte-faithful to the stored `attestationsHash`. See the same field on the
|
|
63
|
+
* insufficient-attestations variant for why a repack cannot be used.
|
|
64
|
+
*/
|
|
65
|
+
verbatimAttestations: ViemCommitteeAttestations;
|
|
50
66
|
/** Reason for the checkpoint being invalid: an invalid attestation was posted */
|
|
51
67
|
reason: 'invalid-attestation';
|
|
52
68
|
/** Index in the attestations array of the invalid attestation posted */
|
|
@@ -56,6 +72,12 @@ export type ValidateCheckpointNegativeResult =
|
|
|
56
72
|
/** Result type for validating checkpoint attestations */
|
|
57
73
|
export type ValidateCheckpointResult = { valid: true } | ValidateCheckpointNegativeResult;
|
|
58
74
|
|
|
75
|
+
/** Zod schema for the raw packed `CommitteeAttestations` viem tuple (two 0x-prefixed hex strings). */
|
|
76
|
+
const ViemCommitteeAttestationsSchema: ZodFor<ViemCommitteeAttestations> = z.object({
|
|
77
|
+
signatureIndices: schemas.HexStringWith0x,
|
|
78
|
+
signaturesOrAddresses: schemas.HexStringWith0x,
|
|
79
|
+
});
|
|
80
|
+
|
|
59
81
|
export const ValidateCheckpointResultSchema: ZodFor<ValidateCheckpointResult> = z.union([
|
|
60
82
|
z.object({ valid: z.literal(true) }),
|
|
61
83
|
z.object({
|
|
@@ -66,6 +88,7 @@ export const ValidateCheckpointResultSchema: ZodFor<ValidateCheckpointResult> =
|
|
|
66
88
|
seed: schemas.BigInt,
|
|
67
89
|
attestors: z.array(schemas.EthAddress),
|
|
68
90
|
attestations: z.array(CommitteeAttestation.schema),
|
|
91
|
+
verbatimAttestations: ViemCommitteeAttestationsSchema,
|
|
69
92
|
reason: z.literal('insufficient-attestations'),
|
|
70
93
|
}),
|
|
71
94
|
z.object({
|
|
@@ -76,6 +99,7 @@ export const ValidateCheckpointResultSchema: ZodFor<ValidateCheckpointResult> =
|
|
|
76
99
|
seed: schemas.BigInt,
|
|
77
100
|
attestors: z.array(schemas.EthAddress),
|
|
78
101
|
attestations: z.array(CommitteeAttestation.schema),
|
|
102
|
+
verbatimAttestations: ViemCommitteeAttestationsSchema,
|
|
79
103
|
reason: z.literal('invalid-attestation'),
|
|
80
104
|
invalidIndex: z.number(),
|
|
81
105
|
}),
|
|
@@ -87,6 +111,8 @@ export function serializeValidateCheckpointResult(result: ValidateCheckpointResu
|
|
|
87
111
|
}
|
|
88
112
|
|
|
89
113
|
const checkpointBuffer = serializeCheckpointInfo(result.checkpoint);
|
|
114
|
+
const signatureIndices = hexToBuffer(result.verbatimAttestations.signatureIndices);
|
|
115
|
+
const signaturesOrAddresses = hexToBuffer(result.verbatimAttestations.signaturesOrAddresses);
|
|
90
116
|
return serializeToBuffer(
|
|
91
117
|
result.valid,
|
|
92
118
|
result.reason,
|
|
@@ -101,6 +127,10 @@ export function serializeValidateCheckpointResult(result: ValidateCheckpointResu
|
|
|
101
127
|
result.attestations.length,
|
|
102
128
|
result.attestations,
|
|
103
129
|
result.reason === 'invalid-attestation' ? result.invalidIndex : 0,
|
|
130
|
+
signatureIndices.length,
|
|
131
|
+
signatureIndices,
|
|
132
|
+
signaturesOrAddresses.length,
|
|
133
|
+
signaturesOrAddresses,
|
|
104
134
|
);
|
|
105
135
|
}
|
|
106
136
|
|
|
@@ -118,10 +148,26 @@ export function deserializeValidateCheckpointResult(bufferOrReader: Buffer | Buf
|
|
|
118
148
|
const attestors = reader.readVector(EthAddress, MAX_COMMITTEE_SIZE);
|
|
119
149
|
const attestations = reader.readVector(CommitteeAttestation, MAX_COMMITTEE_SIZE);
|
|
120
150
|
const invalidIndex = reader.readNumber();
|
|
151
|
+
const verbatimAttestations: ViemCommitteeAttestations = {
|
|
152
|
+
signatureIndices: bufferToHex(reader.readBuffer()),
|
|
153
|
+
signaturesOrAddresses: bufferToHex(reader.readBuffer()),
|
|
154
|
+
};
|
|
155
|
+
|
|
121
156
|
if (reason === 'insufficient-attestations') {
|
|
122
|
-
return { valid, reason, checkpoint, committee, epoch, seed, attestors, attestations };
|
|
157
|
+
return { valid, reason, checkpoint, committee, epoch, seed, attestors, attestations, verbatimAttestations };
|
|
123
158
|
} else if (reason === 'invalid-attestation') {
|
|
124
|
-
return {
|
|
159
|
+
return {
|
|
160
|
+
valid,
|
|
161
|
+
reason,
|
|
162
|
+
checkpoint,
|
|
163
|
+
committee,
|
|
164
|
+
epoch,
|
|
165
|
+
seed,
|
|
166
|
+
attestors,
|
|
167
|
+
invalidIndex,
|
|
168
|
+
attestations,
|
|
169
|
+
verbatimAttestations,
|
|
170
|
+
};
|
|
125
171
|
} else {
|
|
126
172
|
const _: never = reason;
|
|
127
173
|
throw new Error(`Unknown reason: ${reason}`);
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { type L1ContractsConfig, l1ContractsConfigMappings } from '@aztec/ethereum/config';
|
|
1
|
+
import { type L1ContractsConfig, l1ContractsConfigMappings, validateSlotDurations } from '@aztec/ethereum/config';
|
|
2
2
|
import { type EnvVar, pickConfigMappings } from '@aztec/foundation/config';
|
|
3
3
|
|
|
4
4
|
import type { SequencerConfig } from '../interfaces/configs.js';
|
|
@@ -156,21 +156,10 @@ export function validateNetworkConsensusConfig(config: NetworkConsensusConfig):
|
|
|
156
156
|
return errors;
|
|
157
157
|
}
|
|
158
158
|
|
|
159
|
-
|
|
160
|
-
errors.push(`ethereumSlotDuration must be positive (got ${config.ethereumSlotDuration})`);
|
|
161
|
-
}
|
|
159
|
+
errors.push(...validateSlotDurations(config));
|
|
162
160
|
if (config.blockDurationMs <= 0) {
|
|
163
161
|
errors.push(`blockDurationMs must be positive (got ${config.blockDurationMs})`);
|
|
164
162
|
}
|
|
165
|
-
if (config.aztecSlotDuration <= 0) {
|
|
166
|
-
errors.push(`aztecSlotDuration must be positive (got ${config.aztecSlotDuration})`);
|
|
167
|
-
}
|
|
168
|
-
if (config.ethereumSlotDuration > 0 && config.aztecSlotDuration % config.ethereumSlotDuration !== 0) {
|
|
169
|
-
errors.push(
|
|
170
|
-
`aztecSlotDuration (${config.aztecSlotDuration}s) must be a multiple of ethereumSlotDuration ` +
|
|
171
|
-
`(${config.ethereumSlotDuration}s)`,
|
|
172
|
-
);
|
|
173
|
-
}
|
|
174
163
|
if (config.blockDurationMs / 1000 > config.aztecSlotDuration) {
|
|
175
164
|
errors.push(
|
|
176
165
|
`blockDurationMs (${config.blockDurationMs}ms) exceeds aztecSlotDuration (${config.aztecSlotDuration}s)`,
|
|
@@ -6,11 +6,20 @@ import { join } from 'path';
|
|
|
6
6
|
|
|
7
7
|
import { DatabaseVersion } from './database_version.js';
|
|
8
8
|
|
|
9
|
-
export type DatabaseVersionManagerFs = Pick<typeof fs, 'readFile' | '
|
|
9
|
+
export type DatabaseVersionManagerFs = Pick<typeof fs, 'readFile' | 'rm' | 'mkdir' | 'rename' | 'open'>;
|
|
10
10
|
|
|
11
11
|
export const DATABASE_VERSION_FILE_NAME = 'db_version';
|
|
12
12
|
export type SchemaVersionMismatchPolicy = 'reset' | 'throw';
|
|
13
13
|
|
|
14
|
+
/**
|
|
15
|
+
* How to react when the version file exists but cannot be read (permissions, IO error, truncation).
|
|
16
|
+
* `'reset'` (default) treats the store as unversioned and lets the reset path run — safe for stores
|
|
17
|
+
* where an empty state is legitimate. `'throw'` refuses to open, leaving data untouched — required
|
|
18
|
+
* for protection stores (e.g. signing protection) that must never be silently wiped by a transient
|
|
19
|
+
* filesystem error. A genuinely missing file (ENOENT) is a first boot and is never affected by this.
|
|
20
|
+
*/
|
|
21
|
+
export type VersionFileReadFailurePolicy = 'reset' | 'throw';
|
|
22
|
+
|
|
14
23
|
export type DatabaseVersionManagerOptions<T> = {
|
|
15
24
|
schemaVersion: number;
|
|
16
25
|
rollupAddress: EthAddress;
|
|
@@ -18,6 +27,7 @@ export type DatabaseVersionManagerOptions<T> = {
|
|
|
18
27
|
onOpen: (dataDir: string) => Promise<T>;
|
|
19
28
|
onUpgrade?: (dataDir: string, currentVersion: number, latestVersion: number) => Promise<void>;
|
|
20
29
|
schemaVersionMismatchPolicy?: SchemaVersionMismatchPolicy;
|
|
30
|
+
versionFileReadFailurePolicy?: VersionFileReadFailurePolicy;
|
|
21
31
|
fileSystem?: DatabaseVersionManagerFs;
|
|
22
32
|
log?: Logger;
|
|
23
33
|
};
|
|
@@ -37,6 +47,7 @@ export class DatabaseVersionManager<T> {
|
|
|
37
47
|
private onOpen: (dataDir: string) => Promise<T>;
|
|
38
48
|
private onUpgrade?: (dataDir: string, currentVersion: number, latestVersion: number) => Promise<void>;
|
|
39
49
|
private schemaVersionMismatchPolicy: SchemaVersionMismatchPolicy;
|
|
50
|
+
private versionFileReadFailurePolicy: VersionFileReadFailurePolicy;
|
|
40
51
|
private fileSystem: DatabaseVersionManagerFs;
|
|
41
52
|
private log: Logger;
|
|
42
53
|
|
|
@@ -47,8 +58,11 @@ export class DatabaseVersionManager<T> {
|
|
|
47
58
|
* @param rollupAddress - The rollup contract address
|
|
48
59
|
* @param dataDirectory - The directory where version information will be stored
|
|
49
60
|
* @param onOpen - A callback to the open the database at the given location
|
|
50
|
-
* @param onUpgrade - An optional callback to upgrade the database before opening. If not provided it will reset the
|
|
61
|
+
* @param onUpgrade - An optional callback to upgrade the database before opening. If not provided it will reset the
|
|
62
|
+
* database. Must be idempotent: since the version marker is written only after a successful open, a crash after
|
|
63
|
+
* onUpgrade but before the marker is written re-runs onUpgrade on the next start.
|
|
51
64
|
* @param schemaVersionMismatchPolicy - Whether schema mismatches should reset data or throw
|
|
65
|
+
* @param versionFileReadFailurePolicy - Whether an unreadable (non-missing) version file should reset data or throw
|
|
52
66
|
* @param fileSystem - An interface to access the filesystem
|
|
53
67
|
* @param log - Optional custom logger
|
|
54
68
|
* @param options - Configuration options
|
|
@@ -60,6 +74,7 @@ export class DatabaseVersionManager<T> {
|
|
|
60
74
|
onOpen,
|
|
61
75
|
onUpgrade,
|
|
62
76
|
schemaVersionMismatchPolicy = 'reset',
|
|
77
|
+
versionFileReadFailurePolicy = 'reset',
|
|
63
78
|
fileSystem = fs,
|
|
64
79
|
log = createLogger(`foundation:version-manager`),
|
|
65
80
|
}: DatabaseVersionManagerOptions<T>) {
|
|
@@ -74,13 +89,40 @@ export class DatabaseVersionManager<T> {
|
|
|
74
89
|
this.onOpen = onOpen;
|
|
75
90
|
this.onUpgrade = onUpgrade;
|
|
76
91
|
this.schemaVersionMismatchPolicy = schemaVersionMismatchPolicy;
|
|
92
|
+
this.versionFileReadFailurePolicy = versionFileReadFailurePolicy;
|
|
77
93
|
this.fileSystem = fileSystem;
|
|
78
94
|
this.log = log;
|
|
79
95
|
}
|
|
80
96
|
|
|
81
97
|
static async writeVersion(version: DatabaseVersion, dataDir: string, fileSystem: DatabaseVersionManagerFs = fs) {
|
|
82
98
|
await fileSystem.mkdir(dataDir, { recursive: true });
|
|
83
|
-
|
|
99
|
+
const finalPath = join(dataDir, DatabaseVersionManager.VERSION_FILE);
|
|
100
|
+
const tmpPath = `${finalPath}.tmp`;
|
|
101
|
+
|
|
102
|
+
// Atomic durable write: fill a temp file, fsync it, then rename it into place. The marker only
|
|
103
|
+
// becomes visible under its final name once its bytes are durably on disk, so a crash mid-write
|
|
104
|
+
// can never leave a "valid" version file sitting over an empty or partially-populated data dir.
|
|
105
|
+
const handle = await fileSystem.open(tmpPath, 'w');
|
|
106
|
+
try {
|
|
107
|
+
await handle.writeFile(version.toBuffer());
|
|
108
|
+
await handle.sync();
|
|
109
|
+
} finally {
|
|
110
|
+
await handle.close();
|
|
111
|
+
}
|
|
112
|
+
await fileSystem.rename(tmpPath, finalPath);
|
|
113
|
+
|
|
114
|
+
// Best-effort fsync of the containing directory so the rename itself survives a crash. Not all
|
|
115
|
+
// filesystems support directory fsync, so a failure here is non-fatal.
|
|
116
|
+
try {
|
|
117
|
+
const dirHandle = await fileSystem.open(dataDir, 'r');
|
|
118
|
+
try {
|
|
119
|
+
await dirHandle.sync();
|
|
120
|
+
} finally {
|
|
121
|
+
await dirHandle.close();
|
|
122
|
+
}
|
|
123
|
+
} catch {
|
|
124
|
+
// directory fsync is best-effort
|
|
125
|
+
}
|
|
84
126
|
}
|
|
85
127
|
|
|
86
128
|
/**
|
|
@@ -105,6 +147,17 @@ export class DatabaseVersionManager<T> {
|
|
|
105
147
|
storedVersion = DatabaseVersion.empty();
|
|
106
148
|
// only turn off these logs if the data dir didn't exist before
|
|
107
149
|
shouldLogDataReset = false;
|
|
150
|
+
} else if (this.versionFileReadFailurePolicy === 'throw') {
|
|
151
|
+
// The version file exists but could not be read/parsed (permissions, IO error, truncation).
|
|
152
|
+
// Treating this as "unversioned" would reset the data directory, silently wiping a store that
|
|
153
|
+
// must fail closed. Refuse to open instead, leaving the data untouched for the operator.
|
|
154
|
+
const code = (err as Error & { code?: string })?.code;
|
|
155
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
156
|
+
throw new Error(
|
|
157
|
+
`Failed to read database version file at ${this.versionFile} (${code ?? 'unknown error'}: ${message}). ` +
|
|
158
|
+
`Refusing to open the database; data was NOT reset. Resolve the underlying filesystem error and retry.`,
|
|
159
|
+
{ cause: err },
|
|
160
|
+
);
|
|
108
161
|
} else {
|
|
109
162
|
this.log.warn(`Failed to read stored version information: ${err}. Defaulting to empty version`);
|
|
110
163
|
storedVersion = DatabaseVersion.empty();
|
|
@@ -159,10 +212,47 @@ export class DatabaseVersionManager<T> {
|
|
|
159
212
|
await this.resetDataDirectory();
|
|
160
213
|
}
|
|
161
214
|
|
|
162
|
-
//
|
|
163
|
-
|
|
215
|
+
// Open the database first, then record the version marker. Writing the marker only after a
|
|
216
|
+
// successful open makes it a post-commit record: if the process crashes between the reset and a
|
|
217
|
+
// durable open, no marker is left behind, so the next startup re-runs the reset instead of
|
|
218
|
+
// trusting a marker that sits over empty or partially-initialized data.
|
|
219
|
+
const instance = await this.onOpen(this.dataDirectory);
|
|
164
220
|
|
|
165
|
-
|
|
221
|
+
// Only (re)write the marker when it would actually change — first boot, reset, or upgrade. On a
|
|
222
|
+
// normal boot it already matches, so skipping avoids an unnecessary fsync (and the directory
|
|
223
|
+
// write permission the temp-file+rename needs) and, more importantly, any window where a
|
|
224
|
+
// marker-write failure would orphan the database we just opened.
|
|
225
|
+
if (!storedVersion.equals(this.currentVersion)) {
|
|
226
|
+
try {
|
|
227
|
+
await this.writeVersion();
|
|
228
|
+
} catch (err) {
|
|
229
|
+
// The database opened but recording the marker failed; close the freshly opened instance so
|
|
230
|
+
// we do not leak its file handles / locks before propagating the failure.
|
|
231
|
+
await this.closeQuietly(instance);
|
|
232
|
+
throw err;
|
|
233
|
+
}
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
return [instance, needsReset];
|
|
237
|
+
}
|
|
238
|
+
|
|
239
|
+
/**
|
|
240
|
+
* Best-effort close of a just-opened database instance, used to avoid leaking handles/locks when a
|
|
241
|
+
* post-open step fails. Swallows close errors so the original failure is the one that propagates.
|
|
242
|
+
*/
|
|
243
|
+
private async closeQuietly(instance: T): Promise<void> {
|
|
244
|
+
const closable = instance as
|
|
245
|
+
| { close?: () => Promise<void> | void; [Symbol.asyncDispose]?: () => Promise<void> }
|
|
246
|
+
| undefined;
|
|
247
|
+
const dispose = closable?.close ?? closable?.[Symbol.asyncDispose];
|
|
248
|
+
if (typeof dispose !== 'function') {
|
|
249
|
+
return;
|
|
250
|
+
}
|
|
251
|
+
try {
|
|
252
|
+
await dispose.call(closable);
|
|
253
|
+
} catch (err) {
|
|
254
|
+
this.log.warn(`Failed to close database after version-write failure: ${err}`);
|
|
255
|
+
}
|
|
166
256
|
}
|
|
167
257
|
|
|
168
258
|
/**
|
package/src/ha-signing/config.ts
CHANGED
|
@@ -25,8 +25,20 @@ export type BaseSignerConfig = {
|
|
|
25
25
|
nodeId: string;
|
|
26
26
|
/** How long to wait between polls when a duty is being signed (ms) */
|
|
27
27
|
pollingIntervalMs: number;
|
|
28
|
-
/**
|
|
29
|
-
|
|
28
|
+
/**
|
|
29
|
+
* How long (ms) to wait for a peer node's in-progress signing before giving up and treating the
|
|
30
|
+
* duty as already handled. This is the cross-node wait/poll timeout, distinct from
|
|
31
|
+
* signerCallTimeoutMs (the hard upper bound on this node's own signer call).
|
|
32
|
+
*/
|
|
33
|
+
peerSigningTimeoutMs: number;
|
|
34
|
+
/**
|
|
35
|
+
* Hard upper bound (ms) on a single signer call made by this node. If the (possibly remote)
|
|
36
|
+
* signer does not return within this time, the call is aborted, the duty lock is released, and
|
|
37
|
+
* signing fails so it can be safely retried. The effective value is clamped to
|
|
38
|
+
* maxStuckDutiesAgeMs / 2 at construction, so a slow signer's lock is always released before
|
|
39
|
+
* stuck-duty cleanup could reclaim it. Defaults to 30_000 when unset.
|
|
40
|
+
*/
|
|
41
|
+
signerCallTimeoutMs?: number;
|
|
30
42
|
/** Maximum age of a stuck duty in ms (defaults to 2x hardcoded Aztec slot duration if not set) */
|
|
31
43
|
maxStuckDutiesAgeMs?: number;
|
|
32
44
|
/** Optional: clean up old duties after this many hours (disabled if not set) */
|
|
@@ -44,11 +56,16 @@ export const baseSignerConfigMappings: ConfigMappingsType<BaseSignerConfig> = {
|
|
|
44
56
|
description: 'The number of ms to wait between polls when a duty is being signed',
|
|
45
57
|
...numberConfigHelper(100),
|
|
46
58
|
},
|
|
47
|
-
|
|
59
|
+
peerSigningTimeoutMs: {
|
|
48
60
|
env: 'VALIDATOR_HA_SIGNING_TIMEOUT_MS',
|
|
49
|
-
description:
|
|
61
|
+
description: "How long to wait for a peer node's in-progress signing before giving up",
|
|
50
62
|
...numberConfigHelper(3_000),
|
|
51
63
|
},
|
|
64
|
+
signerCallTimeoutMs: {
|
|
65
|
+
env: 'VALIDATOR_SIGNER_CALL_TIMEOUT_MS',
|
|
66
|
+
description: 'Hard upper bound in ms on a single signer call before it is aborted (default 30000)',
|
|
67
|
+
...numberConfigHelper(30_000),
|
|
68
|
+
},
|
|
52
69
|
maxStuckDutiesAgeMs: {
|
|
53
70
|
env: 'VALIDATOR_HA_MAX_STUCK_DUTIES_AGE_MS',
|
|
54
71
|
description: 'The maximum age of a stuck duty in ms (defaults to 2x Aztec slot duration)',
|
|
@@ -65,7 +82,8 @@ export const baseSignerConfigMappings: ConfigMappingsType<BaseSignerConfig> = {
|
|
|
65
82
|
export const BaseSignerConfigSchema = z.object({
|
|
66
83
|
nodeId: z.string(),
|
|
67
84
|
pollingIntervalMs: z.number().min(0),
|
|
68
|
-
|
|
85
|
+
peerSigningTimeoutMs: z.number().min(0),
|
|
86
|
+
signerCallTimeoutMs: z.number().min(0).optional(),
|
|
69
87
|
maxStuckDutiesAgeMs: z.number().min(0).optional(),
|
|
70
88
|
cleanupOldDutiesAfterHours: z.number().min(0).optional(),
|
|
71
89
|
...pickL1ContractAddressesSchema('rollupAddress'),
|