@aztec/validator-client 0.0.0-test.1 → 0.0.1-commit.03f7ef2

package/dest/validator.js

@@ -1,69 +1,149 @@
-import { Buffer32 } from '@aztec/foundation/buffer';
+import { getBlobsPerL1Block } from '@aztec/blob-lib';
 import { createLogger } from '@aztec/foundation/log';
 import { RunningPromise } from '@aztec/foundation/running-promise';
 import { sleep } from '@aztec/foundation/sleep';
 import { DateProvider } from '@aztec/foundation/timer';
-import { BlockProposalValidator } from '@aztec/p2p/msg_validators';
-import { WithTracer, getTelemetryClient } from '@aztec/telemetry-client';
+import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol } from '@aztec/p2p';
+import { OffenseType, WANT_TO_SLASH_EVENT } from '@aztec/slasher';
+import { AttestationTimeoutError } from '@aztec/stdlib/validators';
+import { getTelemetryClient } from '@aztec/telemetry-client';
+import { EventEmitter } from 'events';
+import { BlockProposalHandler } from './block_proposal_handler.js';
 import { ValidationService } from './duties/validation_service.js';
-import { AttestationTimeoutError, BlockBuilderNotProvidedError, InvalidValidatorPrivateKeyError, ReExFailedTxsError, ReExStateMismatchError, ReExTimeoutError, TransactionsNotAvailableError } from './errors/validator.error.js';
-import { LocalKeyStore } from './key_store/local_key_store.js';
+import { NodeKeystoreAdapter } from './key_store/node_keystore_adapter.js';
 import { ValidatorMetrics } from './metrics.js';
+// We maintain a set of proposers who have proposed invalid blocks.
+// Just cap the set to avoid unbounded growth.
+const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
+// What errors from the block proposal handler result in slashing
+const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
+    'state_mismatch',
+    'failed_txs'
+];
 /**
  * Validator Client
- */ export class ValidatorClient extends WithTracer {
+ */ export class ValidatorClient extends EventEmitter {
     keyStore;
     epochCache;
     p2pClient;
+    blockProposalHandler;
     config;
+    fileStoreBlobUploadClient;
     dateProvider;
-    log;
+    tracer;
     validationService;
     metrics;
+    log;
+    // Whether it has already registered handlers on the p2p client
+    hasRegisteredHandlers;
     // Used to check if we are sending the same proposal twice
     previousProposal;
-    // Callback registered to: sequencer.buildBlock
-    blockBuilder;
+    lastEpochForCommitteeUpdateLoop;
     epochCacheUpdateLoop;
-    blockProposalValidator;
-    constructor(keyStore, epochCache, p2pClient, config, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
-        // Instantiate tracer
-        super(telemetry, 'Validator'), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.config = config, this.dateProvider = dateProvider, this.log = log, this.blockBuilder = undefined;
+    proposersOfInvalidBlocks;
+    constructor(keyStore, epochCache, p2pClient, blockProposalHandler, config, fileStoreBlobUploadClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
+        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockProposalHandler = blockProposalHandler, this.config = config, this.fileStoreBlobUploadClient = fileStoreBlobUploadClient, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.proposersOfInvalidBlocks = new Set();
+        // Create child logger with fisherman prefix if in fisherman mode
+        this.log = config.fishermanMode ? log.createChild('[FISHERMAN]') : log;
+        this.tracer = telemetry.getTracer('Validator');
         this.metrics = new ValidatorMetrics(telemetry);
-        this.validationService = new ValidationService(keyStore);
-        this.blockProposalValidator = new BlockProposalValidator(epochCache);
-        // Refresh epoch cache every second to trigger commiteeChanged event
-        this.epochCacheUpdateLoop = new RunningPromise(()=>this.epochCache.getCommittee().then(()=>{}).catch((err)=>log.error('Error updating validator committee', err)), log, 1000);
-        // Listen to commiteeChanged event to alert operator when their validator has entered the committee
-        this.epochCache.on('committeeChanged', (newCommittee, epochNumber)=>{
-            const me = this.keyStore.getAddress();
-            if (newCommittee.some((addr)=>addr.equals(me))) {
-                this.log.info(`Validator ${me.toString()} is on the validator committee for epoch ${epochNumber}`);
-            } else {
-                this.log.verbose(`Validator ${me.toString()} not on the validator committee for epoch ${epochNumber}`);
+        this.validationService = new ValidationService(keyStore, this.log.createChild('validation-service'));
+        // Refresh epoch cache every second to trigger alert if participation in committee changes
+        this.epochCacheUpdateLoop = new RunningPromise(this.handleEpochCommitteeUpdate.bind(this), this.log, 1000);
+        const myAddresses = this.getValidatorAddresses();
+        this.log.verbose(`Initialized validator with addresses: ${myAddresses.map((a)=>a.toString()).join(', ')}`);
+    }
+    static validateKeyStoreConfiguration(keyStoreManager, logger) {
+        const validatorKeyStore = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
+        const validatorAddresses = validatorKeyStore.getAddresses();
+        // Verify that we can retrieve all required data from the key store
+        for (const address of validatorAddresses){
+            // Functions throw if required data is not available
+            let coinbase;
+            let feeRecipient;
+            try {
+                coinbase = validatorKeyStore.getCoinbaseAddress(address);
+                feeRecipient = validatorKeyStore.getFeeRecipient(address);
+            } catch (error) {
+                throw new Error(`Failed to retrieve required data for validator address ${address}, error: ${error}`);
             }
-        });
-        this.log.verbose(`Initialized validator with address ${this.keyStore.getAddress().toString()}`);
+            const publisherAddresses = validatorKeyStore.getPublisherAddresses(address);
+            if (!publisherAddresses.length) {
+                throw new Error(`No publisher addresses found for validator address ${address}`);
+            }
+            logger?.debug(`Validator ${address.toString()} configured with coinbase ${coinbase.toString()}, feeRecipient ${feeRecipient.toString()} and publishers ${publisherAddresses.map((x)=>x.toString()).join()}`);
+        }
     }
-    static new(config, epochCache, p2pClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
-        if (!config.validatorPrivateKey) {
-            throw new InvalidValidatorPrivateKeyError();
+    async handleEpochCommitteeUpdate() {
+        try {
+            const { committee, epoch } = await this.epochCache.getCommittee('next');
+            if (!committee) {
+                this.log.trace(`No committee found for slot`);
+                return;
+            }
+            if (epoch !== this.lastEpochForCommitteeUpdateLoop) {
+                const me = this.getValidatorAddresses();
+                const committeeSet = new Set(committee.map((v)=>v.toString()));
+                const inCommittee = me.filter((a)=>committeeSet.has(a.toString()));
+                if (inCommittee.length > 0) {
+                    this.log.info(`Validators ${inCommittee.map((a)=>a.toString()).join(',')} are on the validator committee for epoch ${epoch}`);
+                } else {
+                    this.log.verbose(`Validators ${me.map((a)=>a.toString()).join(', ')} are not on the validator committee for epoch ${epoch}`);
+                }
+                this.lastEpochForCommitteeUpdateLoop = epoch;
+            }
+        } catch (err) {
+            this.log.error(`Error updating epoch committee`, err);
         }
-        const privateKey = validatePrivateKey(config.validatorPrivateKey);
-        const localKeyStore = new LocalKeyStore(privateKey);
-        const validator = new ValidatorClient(localKeyStore, epochCache, p2pClient, config, dateProvider, telemetry);
-        validator.registerBlockProposalHandler();
+    }
+    static new(config, blockBuilder, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, fileStoreBlobUploadClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
+        const metrics = new ValidatorMetrics(telemetry);
+        const blockProposalValidator = new BlockProposalValidator(epochCache, {
+            txsPermitted: !config.disableTransactions
+        });
+        const blockProposalHandler = new BlockProposalHandler(blockBuilder, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, config, metrics, dateProvider, telemetry);
+        const validator = new ValidatorClient(NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager), epochCache, p2pClient, blockProposalHandler, config, fileStoreBlobUploadClient, dateProvider, telemetry);
         return validator;
     }
+    getValidatorAddresses() {
+        return this.keyStore.getAddresses().filter((addr)=>!this.config.disabledValidators.some((disabled)=>disabled.equals(addr)));
+    }
+    getBlockProposalHandler() {
+        return this.blockProposalHandler;
+    }
+    // Proxy method for backwards compatibility with tests
+    reExecuteTransactions(proposal, blockNumber, txs, l1ToL2Messages) {
+        return this.blockProposalHandler.reexecuteTransactions(proposal, blockNumber, txs, l1ToL2Messages);
+    }
+    signWithAddress(addr, msg) {
+        return this.keyStore.signTypedDataWithAddress(addr, msg);
+    }
+    getCoinbaseForAttestor(attestor) {
+        return this.keyStore.getCoinbaseAddress(attestor);
+    }
+    getFeeRecipientForAttestor(attestor) {
+        return this.keyStore.getFeeRecipient(attestor);
+    }
+    getConfig() {
+        return this.config;
+    }
+    updateConfig(config) {
+        this.config = {
+            ...this.config,
+            ...config
+        };
+    }
     async start() {
-        // Sync the committee from the smart contract
-        // https://github.com/AztecProtocol/aztec-packages/issues/7962
-        const me = this.keyStore.getAddress();
-        const inCommittee = await this.epochCache.isInCommittee(me);
-        if (inCommittee) {
-            this.log.info(`Started validator with address ${me.toString()} in current validator committee`);
-        } else {
-            this.log.info(`Started validator with address ${me.toString()}`);
+        if (this.epochCacheUpdateLoop.isRunning()) {
+            this.log.warn(`Validator client already started`);
+            return;
+        }
+        await this.registerHandlers();
+        const myAddresses = this.getValidatorAddresses();
+        const inCommittee = await this.epochCache.filterInCommittee('now', myAddresses);
+        this.log.info(`Started validator with addresses: ${myAddresses.map((a)=>a.toString()).join(', ')}`);
+        if (inCommittee.length > 0) {
+            this.log.info(`Addresses in current validator committee: ${inCommittee.map((a)=>a.toString()).join(', ')}`);
         }
         this.epochCacheUpdateLoop.start();
         return Promise.resolve();
@@ -71,155 +151,216 @@ import { ValidatorMetrics } from './metrics.js';
     async stop() {
         await this.epochCacheUpdateLoop.stop();
     }
-    registerBlockProposalHandler() {
-        const handler = (block)=>{
-            return this.attestToProposal(block);
-        };
-        this.p2pClient.registerBlockProposalHandler(handler);
-    }
-    /**
-   * Register a callback function for building a block
-   *
-   * We reuse the sequencer's block building functionality for re-execution
-   */ registerBlockBuilder(blockBuilder) {
-        this.blockBuilder = blockBuilder;
-    }
-    async attestToProposal(proposal) {
-        const slotNumber = proposal.slotNumber.toNumber();
-        const proposalInfo = {
-            slotNumber,
-            blockNumber: proposal.payload.header.globalVariables.blockNumber.toNumber(),
-            archive: proposal.payload.archive.toString(),
-            txCount: proposal.payload.txHashes.length,
-            txHashes: proposal.payload.txHashes.map((txHash)=>txHash.toString())
-        };
-        this.log.verbose(`Received request to attest for slot ${slotNumber}`);
-        // Check that I am in the committee
-        if (!await this.epochCache.isInCommittee(this.keyStore.getAddress())) {
-            this.log.verbose(`Not in the committee, skipping attestation`);
-            return undefined;
+    /** Register handlers on the p2p client */ async registerHandlers() {
+        if (!this.hasRegisteredHandlers) {
+            this.hasRegisteredHandlers = true;
+            this.log.debug(`Registering validator handlers for p2p client`);
+            const handler = (block, proposalSender)=>this.attestToProposal(block, proposalSender);
+            this.p2pClient.registerBlockProposalHandler(handler);
+            const myAddresses = this.getValidatorAddresses();
+            this.p2pClient.registerThisValidatorAddresses(myAddresses);
+            await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
         }
-        // Check that the proposal is from the current proposer, or the next proposer.
-        const invalidProposal = await this.blockProposalValidator.validate(proposal);
-        if (invalidProposal) {
-            this.log.verbose(`Proposal is not valid, skipping attestation`);
+    }
+    async attestToProposal(proposal, proposalSender) {
+        const slotNumber = proposal.slotNumber;
+        const proposer = proposal.getSender();
+        // Reject proposals with invalid signatures
+        if (!proposer) {
+            this.log.warn(`Received proposal with invalid signature for slot ${slotNumber}`);
             return undefined;
         }
-        // Check that all of the transactions in the proposal are available in the tx pool before attesting
-        this.log.verbose(`Processing attestation for slot ${slotNumber}`, proposalInfo);
-        try {
-            await this.ensureTransactionsAreAvailable(proposal);
-            if (this.config.validatorReexecute) {
-                this.log.verbose(`Re-executing transactions in the proposal before attesting`);
-                await this.reExecuteTransactions(proposal);
-            }
-        } catch (error) {
-            // If the transactions are not available, then we should not attempt to attest
-            if (error instanceof TransactionsNotAvailableError) {
-                this.log.error(`Transactions not available, skipping attestation`, error, proposalInfo);
+        // Check that I have any address in current committee before attesting
+        const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.getValidatorAddresses());
+        const partOfCommittee = inCommittee.length > 0;
+        const proposalInfo = {
+            ...proposal.toBlockInfo(),
+            proposer: proposer.toString()
+        };
+        this.log.info(`Received proposal for slot ${slotNumber}`, {
+            ...proposalInfo,
+            txHashes: proposal.txHashes.map((t)=>t.toString()),
+            fishermanMode: this.config.fishermanMode || false
+        });
+        // Reexecute txs if we are part of the committee so we can attest, or if slashing is enabled so we can slash
+        // invalid proposals even when not in the committee, or if we are configured to always reexecute for monitoring purposes.
+        // In fisherman mode, we always reexecute to validate proposals.
+        const { validatorReexecute, slashBroadcastedInvalidBlockPenalty, alwaysReexecuteBlockProposals, fishermanMode } = this.config;
+        const shouldReexecute = fishermanMode || slashBroadcastedInvalidBlockPenalty > 0n && validatorReexecute || partOfCommittee && validatorReexecute || alwaysReexecuteBlockProposals || this.fileStoreBlobUploadClient;
+        const validationResult = await this.blockProposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute);
+        if (!validationResult.isValid) {
+            this.log.warn(`Proposal validation failed: ${validationResult.reason}`, proposalInfo);
+            const reason = validationResult.reason || 'unknown';
+            // Classify failure reason: bad proposal vs node issue
+            const badProposalReasons = [
+                'invalid_proposal',
+                'state_mismatch',
+                'failed_txs',
+                'in_hash_mismatch',
+                'parent_block_wrong_slot'
+            ];
+            if (badProposalReasons.includes(reason)) {
+                this.metrics.incFailedAttestationsBadProposal(1, reason, partOfCommittee);
             } else {
-                // This branch most commonly be hit if the transactions are available, but the re-execution fails
-                // Catch all error handler
-                this.log.error(`Failed to attest to proposal`, error, proposalInfo);
+                // Node issues so we can't attest
+                this.metrics.incFailedAttestationsNodeIssue(1, reason, partOfCommittee);
+            }
+            // Slash invalid block proposals (can happen even when not in committee)
+            if (validationResult.reason && SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT.includes(validationResult.reason) && slashBroadcastedInvalidBlockPenalty > 0n) {
+                this.log.warn(`Slashing proposer for invalid block proposal`, proposalInfo);
+                this.slashInvalidBlock(proposal);
             }
             return undefined;
         }
+        // Check that I have any address in current committee before attesting
+        // In fisherman mode, we still create attestations for validation even if not in committee
+        if (!partOfCommittee && !this.config.fishermanMode) {
+            this.log.verbose(`No validator in the current committee, skipping attestation`, proposalInfo);
+            return undefined;
+        }
         // Provided all of the above checks pass, we can attest to the proposal
-        this.log.info(`Attesting to proposal for slot ${slotNumber}`, proposalInfo);
+        this.log.info(`${partOfCommittee ? 'Attesting to' : 'Validated'} proposal for slot ${slotNumber}`, {
+            ...proposalInfo,
+            inCommittee: partOfCommittee,
+            fishermanMode: this.config.fishermanMode || false
+        });
+        this.metrics.incSuccessfulAttestations(inCommittee.length);
+        // Upload blobs to filestore after successful re-execution (fire-and-forget)
+        if (validationResult.reexecutionResult?.block && this.fileStoreBlobUploadClient) {
+            void Promise.resolve().then(async ()=>{
+                try {
+                    const blobFields = validationResult.reexecutionResult.block.getCheckpointBlobFields();
+                    const blobs = getBlobsPerL1Block(blobFields);
+                    await this.fileStoreBlobUploadClient.saveBlobs(blobs, true);
+                    this.log.debug(`Uploaded ${blobs.length} blobs to filestore from re-execution`, proposalInfo);
+                } catch (err) {
+                    this.log.warn(`Failed to upload blobs from re-execution`, err);
+                }
+            });
+        }
         // If the above function does not throw an error, then we can attest to the proposal
-        return this.validationService.attestToProposal(proposal);
-    }
-    /**
-   * Re-execute the transactions in the proposal and check that the state updates match the header state
-   * @param proposal - The proposal to re-execute
-   */ async reExecuteTransactions(proposal) {
-        const { header, txHashes } = proposal.payload;
-        const txs = (await Promise.all(txHashes.map((tx)=>this.p2pClient.getTxByHash(tx)))).filter((tx)=>tx !== undefined);
-        // If we cannot request all of the transactions, then we should fail
-        if (txs.length !== txHashes.length) {
-            throw new TransactionsNotAvailableError(txHashes);
-        }
-        // Assertion: This check will fail if re-execution is not enabled
-        if (this.blockBuilder === undefined) {
-            throw new BlockBuilderNotProvidedError();
-        }
-        // Use the sequencer's block building logic to re-execute the transactions
-        const stopTimer = this.metrics.reExecutionTimer();
-        const { block, numFailedTxs } = await this.blockBuilder(txs, header.globalVariables, {
-            validateOnly: true
+        // Determine which validators should attest
+        let attestors;
+        if (partOfCommittee) {
+            attestors = inCommittee;
+        } else if (this.config.fishermanMode) {
+            // In fisherman mode, create attestations for validation purposes even if not in committee. These won't be broadcast.
+            attestors = this.getValidatorAddresses();
+        } else {
+            attestors = [];
+        }
+        // Only create attestations if we have attestors
+        if (attestors.length === 0) {
+            return undefined;
+        }
+        if (this.config.fishermanMode) {
+            // bail out early and don't save attestations to the pool in fisherman mode
+            this.log.info(`Creating attestations for proposal for slot ${slotNumber}`, {
+                ...proposalInfo,
+                attestors: attestors.map((a)=>a.toString())
+            });
+            return undefined;
+        }
+        return this.createBlockAttestationsFromProposal(proposal, attestors);
+    }
+    slashInvalidBlock(proposal) {
+        const proposer = proposal.getSender();
+        // Skip if signature is invalid (shouldn't happen since we validate earlier)
+        if (!proposer) {
+            this.log.warn(`Cannot slash proposal with invalid signature`);
+            return;
+        }
+        // Trim the set if it's too big.
+        if (this.proposersOfInvalidBlocks.size > MAX_PROPOSERS_OF_INVALID_BLOCKS) {
+            // remove oldest proposer. `values` is guaranteed to be in insertion order.
+            this.proposersOfInvalidBlocks.delete(this.proposersOfInvalidBlocks.values().next().value);
+        }
+        this.proposersOfInvalidBlocks.add(proposer.toString());
+        this.emit(WANT_TO_SLASH_EVENT, [
+            {
+                validator: proposer,
+                amount: this.config.slashBroadcastedInvalidBlockPenalty,
+                offenseType: OffenseType.BROADCASTED_INVALID_BLOCK_PROPOSAL,
+                epochOrSlot: BigInt(proposal.slotNumber)
+            }
+        ]);
+    }
+    // TODO(palla/mbps): Block proposal should not require a checkpoint proposal
+    async createBlockProposal(blockNumber, header, archive, txs, proposerAddress, options) {
+        // TODO(palla/mbps): Prevent double proposals properly
+        // if (this.previousProposal?.slotNumber === header.slotNumber) {
+        //   this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
+        //   return Promise.resolve(undefined);
+        // }
+        this.log.info(`Assembling block proposal for block ${blockNumber} slot ${header.slotNumber}`);
+        const newProposal = await this.validationService.createBlockProposal(header, archive, txs, proposerAddress, {
+            ...options,
+            broadcastInvalidBlockProposal: this.config.broadcastInvalidBlockProposal
         });
-        stopTimer();
-        this.log.verbose(`Transaction re-execution complete`);
-        if (numFailedTxs > 0) {
-            await this.metrics.recordFailedReexecution(proposal);
-            throw new ReExFailedTxsError(numFailedTxs);
-        }
-        if (block.body.txEffects.length !== txHashes.length) {
-            await this.metrics.recordFailedReexecution(proposal);
-            throw new ReExTimeoutError();
-        }
-        // This function will throw an error if state updates do not match
-        if (!block.archive.root.equals(proposal.archive)) {
-            await this.metrics.recordFailedReexecution(proposal);
-            throw new ReExStateMismatchError();
-        }
-    }
-    /**
-   * Ensure that all of the transactions in the proposal are available in the tx pool before attesting
-   *
-   * 1. Check if the local tx pool contains all of the transactions in the proposal
-   * 2. If any transactions are not in the local tx pool, request them from the network
-   * 3. If we cannot retrieve them from the network, throw an error
-   * @param proposal - The proposal to attest to
-   */ async ensureTransactionsAreAvailable(proposal) {
-        const txHashes = proposal.payload.txHashes;
-        const transactionStatuses = await Promise.all(txHashes.map((txHash)=>this.p2pClient.getTxStatus(txHash)));
-        const missingTxs = txHashes.filter((_, index)=>![
-                'pending',
-                'mined'
-            ].includes(transactionStatuses[index] ?? ''));
-        if (missingTxs.length === 0) {
-            return; // All transactions are available
-        }
-        this.log.verbose(`Missing ${missingTxs.length} transactions in the tx pool, requesting from the network`);
-        const requestedTxs = await this.p2pClient.requestTxs(missingTxs);
-        if (requestedTxs.some((tx)=>tx === undefined)) {
-            throw new TransactionsNotAvailableError(missingTxs);
-        }
-    }
-    async createBlockProposal(header, archive, txs) {
-        if (this.previousProposal?.slotNumber.equals(header.globalVariables.slotNumber)) {
-            this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
-            return Promise.resolve(undefined);
-        }
-        const newProposal = await this.validationService.createBlockProposal(header, archive, txs);
         this.previousProposal = newProposal;
         return newProposal;
     }
-    broadcastBlockProposal(proposal) {
-        this.p2pClient.broadcastProposal(proposal);
+    // TODO(palla/mbps): Effectively create a checkpoint proposal different from a block proposal
+    createCheckpointProposal(header, archive, txs, proposerAddress, options) {
+        this.log.info(`Assembling checkpoint proposal for slot ${header.slotNumber}`);
+        return this.createBlockProposal(0, header, archive, txs, proposerAddress, options);
+    }
+    async broadcastBlockProposal(proposal) {
+        await this.p2pClient.broadcastProposal(proposal);
+    }
+    async signAttestationsAndSigners(attestationsAndSigners, proposer) {
+        return await this.validationService.signAttestationsAndSigners(attestationsAndSigners, proposer);
+    }
+    async collectOwnAttestations(proposal) {
+        const slot = proposal.payload.header.slotNumber;
+        const inCommittee = await this.epochCache.filterInCommittee(slot, this.getValidatorAddresses());
+        this.log.debug(`Collecting ${inCommittee.length} self-attestations for slot ${slot}`, {
+            inCommittee
+        });
+        const attestations = await this.createBlockAttestationsFromProposal(proposal, inCommittee);
+        // We broadcast our own attestations to our peers so, in case our block does not get mined on L1,
+        // other nodes can see that our validators did attest to this block proposal, and do not slash us
+        // due to inactivity for missed attestations.
+        void this.p2pClient.broadcastAttestations(attestations).catch((err)=>{
+            this.log.error(`Failed to broadcast self-attestations for slot ${slot}`, err);
+        });
+        return attestations;
     }
-    // TODO(https://github.com/AztecProtocol/aztec-packages/issues/7962)
     async collectAttestations(proposal, required, deadline) {
         // Wait and poll the p2pClient's attestation pool for this block until we have enough attestations
-        const slot = proposal.payload.header.globalVariables.slotNumber.toBigInt();
+        const slot = proposal.payload.header.slotNumber;
         this.log.debug(`Collecting ${required} attestations for slot ${slot} with deadline ${deadline.toISOString()}`);
         if (+deadline < this.dateProvider.now()) {
             this.log.error(`Deadline ${deadline.toISOString()} for collecting ${required} attestations for slot ${slot} is in the past`);
-            throw new AttestationTimeoutError(required, slot);
+            throw new AttestationTimeoutError(0, required, slot);
         }
+        await this.collectOwnAttestations(proposal);
         const proposalId = proposal.archive.toString();
-        const myAttestation = await this.validationService.attestToProposal(proposal);
+        const myAddresses = this.getValidatorAddresses();
         let attestations = [];
         while(true){
-            const collectedAttestations = [
-                myAttestation,
-                ...await this.p2pClient.getAttestationsForSlot(slot, proposalId)
-            ];
-            const oldSenders = await Promise.all(attestations.map((attestation)=>attestation.getSender()));
+            // Filter out attestations with a mismatching payload. This should NOT happen since we have verified
+            // the proposer signature (ie our own) before accepting the attestation into the pool via the p2p client.
+            const collectedAttestations = (await this.p2pClient.getAttestationsForSlot(slot, proposalId)).filter((attestation)=>{
+                if (!attestation.payload.equals(proposal.payload)) {
+                    this.log.warn(`Received attestation for slot ${slot} with mismatched payload from ${attestation.getSender()?.toString()}`, {
+                        attestationPayload: attestation.payload,
+                        proposalPayload: proposal.payload
+                    });
+                    return false;
+                }
+                return true;
+            });
+            // Log new attestations we collected
+            const oldSenders = attestations.map((attestation)=>attestation.getSender());
             for (const collected of collectedAttestations){
-                const collectedSender = await collected.getSender();
-                if (!oldSenders.some((sender)=>sender.equals(collectedSender))) {
+                const collectedSender = collected.getSender();
+                // Skip attestations with invalid signatures
+                if (!collectedSender) {
+                    this.log.warn(`Skipping attestation with invalid signature for slot ${slot}`);
+                    continue;
+                }
+                if (!myAddresses.some((address)=>address.equals(collectedSender)) && !oldSenders.some((sender)=>sender?.equals(collectedSender))) {
                     this.log.debug(`Received attestation for slot ${slot} from ${collectedSender.toString()}`);
                 }
             }
@@ -230,17 +371,33 @@ import { ValidatorMetrics } from './metrics.js';
             }
             if (+deadline < this.dateProvider.now()) {
                 this.log.error(`Timeout ${deadline.toISOString()} waiting for ${required} attestations for slot ${slot}`);
-                throw new AttestationTimeoutError(required, slot);
+                throw new AttestationTimeoutError(attestations.length, required, slot);
             }
-            this.log.debug(`Collected ${attestations.length} attestations so far`);
+            this.log.debug(`Collected ${attestations.length} of ${required} attestations so far`);
             await sleep(this.config.attestationPollingIntervalMs);
         }
     }
-}
-function validatePrivateKey(privateKey) {
-    try {
-        return Buffer32.fromString(privateKey);
-    } catch (error) {
-        throw new InvalidValidatorPrivateKeyError();
+    async createBlockAttestationsFromProposal(proposal, attestors = []) {
+        const attestations = await this.validationService.attestToProposal(proposal, attestors);
+        await this.p2pClient.addAttestations(attestations);
+        return attestations;
+    }
+    async handleAuthRequest(peer, msg) {
+        const authRequest = AuthRequest.fromBuffer(msg);
+        const statusMessage = await this.p2pClient.handleAuthRequestFromPeer(authRequest, peer).catch((_)=>undefined);
+        if (statusMessage === undefined) {
+            return Buffer.alloc(0);
+        }
+        // Find a validator address that is in the set
+        const allRegisteredValidators = await this.epochCache.getRegisteredValidators();
+        const addressToUse = this.getValidatorAddresses().find((address)=>allRegisteredValidators.find((v)=>v.equals(address)) !== undefined);
+        if (addressToUse === undefined) {
+            // We don't have a registered address
+            return Buffer.alloc(0);
+        }
+        const payloadToSign = authRequest.getPayloadToSign();
+        const signature = await this.keyStore.signMessageWithAddress(addressToUse, payloadToSign);
+        const authResponse = new AuthResponse(statusMessage, signature);
+        return authResponse.toBuffer();
     }
 }