@aztec/validator-client 0.0.1-commit.7d4e6cd → 0.0.1-commit.858058eac

package/src/duties/validation_service.ts

@@ -1,3 +1,9 @@
+import {
+  BlockNumber,
+  type CheckpointNumber,
+  IndexWithinCheckpoint,
+  type SlotNumber,
+} from '@aztec/foundation/branded-types';
 import { Buffer32 } from '@aztec/foundation/buffer';
 import { keccak256 } from '@aztec/foundation/crypto/keccak';
 import { Fr } from '@aztec/foundation/curves/bn254';
@@ -18,6 +24,8 @@ import {
 } from '@aztec/stdlib/p2p';
 import type { CheckpointHeader } from '@aztec/stdlib/rollup';
 import type { BlockHeader, Tx } from '@aztec/stdlib/tx';
+import { DutyAlreadySignedError, SlashingProtectionError } from '@aztec/validator-ha-signer/errors';
+import { DutyType, type SigningContext } from '@aztec/validator-ha-signer/types';
 
 import type { ValidatorKeyStore } from '../key_store/interface.js';
 
@@ -31,34 +39,40 @@ export class ValidationService {
    * Create a block proposal with the given header, archive, and transactions
    *
    * @param blockHeader - The block header
-   * @param indexWithinCheckpoint - Index of this block within the checkpoint (0-indexed)
+   * @param blockIndexWithinCheckpoint - The block index within checkpoint for HA signing context
    * @param inHash - Hash of L1 to L2 messages for this checkpoint
    * @param archive - The archive of the current block
-   * @param txs - TxHash[] ordered list of transactions
+   * @param txs - Ordered list of transactions (Tx[])
+   * @param proposerAttesterAddress - The address of the proposer/attester, or undefined
    * @param options - Block proposal options (including broadcastInvalidBlockProposal for testing)
    *
    * @returns A block proposal signing the above information
+   * @throws DutyAlreadySignedError if HA signer indicates duty already signed by another node
+   * @throws SlashingProtectionError if attempting to sign different data for same slot
    */
   public createBlockProposal(
     blockHeader: BlockHeader,
-    indexWithinCheckpoint: number,
+    blockIndexWithinCheckpoint: IndexWithinCheckpoint,
     inHash: Fr,
     archive: Fr,
     txs: Tx[],
     proposerAttesterAddress: EthAddress | undefined,
     options: BlockProposalOptions,
   ): Promise<BlockProposal> {
-    const payloadSigner = this.getPayloadSigner(proposerAttesterAddress);
-
     // For testing: change the new archive to trigger state_mismatch validation failure
     if (options.broadcastInvalidBlockProposal) {
       archive = Fr.random();
       this.log.warn(`Creating INVALID block proposal for slot ${blockHeader.globalVariables.slotNumber}`);
     }
 
+    // Create a signer that uses the appropriate address
+    const address = proposerAttesterAddress ?? this.keyStore.getAddress(0);
+    const payloadSigner = (payload: Buffer32, context: SigningContext) =>
+      this.keyStore.signMessageWithAddress(address, payload, context);
+
     return BlockProposal.createProposalFromSigner(
       blockHeader,
-      indexWithinCheckpoint,
+      blockIndexWithinCheckpoint,
       inHash,
       archive,
       txs.map(tx => tx.getTxHash()),
@@ -85,14 +99,18 @@ export class ValidationService {
     proposerAttesterAddress: EthAddress | undefined,
     options: CheckpointProposalOptions,
   ): Promise<CheckpointProposal> {
-    const payloadSigner = this.getPayloadSigner(proposerAttesterAddress);
-
     // For testing: change the archive to trigger state_mismatch validation failure
     if (options.broadcastInvalidCheckpointProposal) {
       archive = Fr.random();
       this.log.warn(`Creating INVALID checkpoint proposal for slot ${checkpointHeader.slotNumber}`);
     }
 
+    // Create a signer that takes payload and context, and uses the appropriate address
+    const payloadSigner = (payload: Buffer32, context: SigningContext) => {
+      const address = proposerAttesterAddress ?? this.keyStore.getAddress(0);
+      return this.keyStore.signMessageWithAddress(address, payload, context);
+    };
+
     // Last block to include in the proposal
     const lastBlock = lastBlockInfo && {
       blockHeader: lastBlockInfo.blockHeader,
@@ -104,16 +122,6 @@ export class ValidationService {
     return CheckpointProposal.createProposalFromSigner(checkpointHeader, archive, lastBlock, payloadSigner);
   }
 
-  private getPayloadSigner(proposerAttesterAddress: EthAddress | undefined): (payload: Buffer32) => Promise<Signature> {
-    if (proposerAttesterAddress !== undefined) {
-      return (payload: Buffer32) => this.keyStore.signMessageWithAddress(proposerAttesterAddress, payload);
-    } else {
-      // if there is no proposer attester address, just use the first signer
-      const signer = this.keyStore.getAddress(0);
-      return (payload: Buffer32) => this.keyStore.signMessageWithAddress(signer, payload);
-    }
-  }
-
   /**
    * Attest with selection of validators to the given checkpoint proposal
    *
@@ -133,19 +141,79 @@ export class ValidationService {
     const buf = Buffer32.fromBuffer(
       keccak256(payload.getPayloadToSign(SignatureDomainSeparator.checkpointAttestation)),
     );
-    const signatures = await Promise.all(
-      attestors.map(attestor => this.keyStore.signMessageWithAddress(attestor, buf)),
+
+    // TODO(spy/ha): Use checkpointNumber instead of blockNumber once CheckpointHeader includes it.
+    // Currently using lastBlock.blockNumber as a proxy for checkpoint identification in HA signing.
+    // blockNumber is NOT used for the primary key so it's safe to use here.
+    // See CheckpointHeader TODO and SigningContext types documentation.
+    let blockNumber: BlockNumber;
+    try {
+      blockNumber = proposal.blockNumber;
+    } catch {
+      // Checkpoint proposal may not have lastBlock, use 0 as fallback
+      blockNumber = BlockNumber(0);
+    }
+    const context: SigningContext = {
+      slot: proposal.slotNumber,
+      blockNumber,
+      dutyType: DutyType.ATTESTATION,
+    };
+
+    // Sign each attestor in parallel, catching HA errors per-attestor
+    const results = await Promise.allSettled(
+      attestors.map(async attestor => {
+        const sig = await this.keyStore.signMessageWithAddress(attestor, buf, context);
+        // return new BlockAttestation(proposal.payload, sig, proposal.signature);
+        return new CheckpointAttestation(payload, sig, proposal.signature);
+      }),
     );
-    return signatures.map(sig => new CheckpointAttestation(payload, sig, proposal.signature));
+
+    const attestations: CheckpointAttestation[] = [];
+    for (let i = 0; i < results.length; i++) {
+      const result = results[i];
+      if (result.status === 'fulfilled') {
+        attestations.push(result.value);
+      } else {
+        const error = result.reason;
+        if (error instanceof DutyAlreadySignedError || error instanceof SlashingProtectionError) {
+          this.log.info(
+            `Attestation for slot ${proposal.slotNumber} by ${attestors[i]} already signed by another High-Availability node`,
+          );
+          // Continue with remaining attestors
+        } else {
+          throw error;
+        }
+      }
+    }
+
+    return attestations;
   }
 
-  async signAttestationsAndSigners(
+  /**
+   * Sign attestations and signers payload
+   * @param attestationsAndSigners - The attestations and signers to sign
+   * @param proposer - The proposer address to sign with
+   * @param slot - The slot number for HA signing context
+   * @param blockNumber - The block or checkpoint number for HA signing context
+   * @returns signature
+   * @throws DutyAlreadySignedError if already signed by another HA node
+   * @throws SlashingProtectionError if attempting to sign different data for same slot
+   */
+  signAttestationsAndSigners(
     attestationsAndSigners: CommitteeAttestationsAndSigners,
     proposer: EthAddress,
+    slot: SlotNumber,
+    blockNumber: BlockNumber | CheckpointNumber,
   ): Promise<Signature> {
+    const context: SigningContext = {
+      slot,
+      blockNumber,
+      dutyType: DutyType.ATTESTATIONS_AND_SIGNERS,
+    };
+
     const buf = Buffer32.fromBuffer(
       keccak256(attestationsAndSigners.getPayloadToSign(SignatureDomainSeparator.attestationsAndSigners)),
     );
-    return await this.keyStore.signMessageWithAddress(proposer, buf);
+    return this.keyStore.signMessageWithAddress(proposer, buf, context);
   }
 }

package/src/factory.ts

@@ -37,6 +37,7 @@ export function createBlockProposalHandler(
     deps.l1ToL2MessageSource,
     deps.p2pClient.getTxProvider(),
     blockProposalValidator,
+    deps.epochCache,
     config,
     metrics,
     deps.dateProvider,

package/src/key_store/ha_key_store.ts

@@ -0,0 +1,269 @@
+/**
+ * High Availability Key Store
+ *
+ * A ValidatorKeyStore wrapper that adds slashing protection for HA validator setups.
+ * When multiple validator nodes are running, only one node will sign for a given duty.
+ */
+import { Buffer32 } from '@aztec/foundation/buffer';
+import type { EthAddress } from '@aztec/foundation/eth-address';
+import type { Signature } from '@aztec/foundation/eth-signature';
+import { createLogger } from '@aztec/foundation/log';
+import type { EthRemoteSignerConfig } from '@aztec/node-keystore';
+import type { AztecAddress } from '@aztec/stdlib/aztec-address';
+import { DutyAlreadySignedError, SlashingProtectionError } from '@aztec/validator-ha-signer/errors';
+import {
+  type HAProtectedSigningContext,
+  type SigningContext,
+  isHAProtectedContext,
+} from '@aztec/validator-ha-signer/types';
+import type { ValidatorHASigner } from '@aztec/validator-ha-signer/validator-ha-signer';
+
+import { type TypedDataDefinition, hashTypedData } from 'viem';
+
+import type { ExtendedValidatorKeyStore } from './interface.js';
+
+/**
+ * High Availability Key Store
+ *
+ * Wraps a base ExtendedValidatorKeyStore and ValidatorHASigner to provide
+ * HA-protected signing operations (when context is provided).
+ *
+ * The extended interface methods (getAttesterAddresses, getCoinbaseAddress, etc.)
+ * are pure pass-through since they don't require HA coordination.
+ *
+ * Usage:
+ * ```typescript
+ * const baseKeyStore = NodeKeystoreAdapter.fromPrivateKeys(privateKeys);
+ * const haSigner = new ValidatorHASigner(db, config);
+ * const haKeyStore = new HAKeyStore(baseKeyStore, haSigner);
+ *
+ * // Without context - signs directly (no HA protection)
+ * const sig = await haKeyStore.signMessageWithAddress(addr, msg);
+ *
+ * // With context - HA protected, throws DutyAlreadySignedError if already signed
+ * const result = await haKeyStore.signMessageWithAddress(addr, msg, {
+ *   slot: 100n,
+ *   blockNumber: 50n,
+ *   dutyType: DutyType.BLOCK_PROPOSAL,
+ * });
+ * ```
+ */
+export class HAKeyStore implements ExtendedValidatorKeyStore {
+  private readonly log = createLogger('ha-key-store');
+
+  constructor(
+    private readonly baseKeyStore: ExtendedValidatorKeyStore,
+    private readonly haSigner: ValidatorHASigner,
+  ) {
+    this.log.info('HAKeyStore initialized', {
+      nodeId: haSigner.nodeId,
+    });
+  }
+
+  /**
+   * Sign typed data with all addresses.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * Returns only signatures that were successfully claimed by this node.
+   */
+  async signTypedData(typedData: TypedDataDefinition, context: SigningContext): Promise<Signature[]> {
+    // no need for HA protection on auth request and txs signatures
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signTypedData(typedData, context);
+    }
+
+    // Sign each address with HA protection
+    const addresses = this.getAddresses();
+    const results = await Promise.allSettled(
+      addresses.map(addr => this.signTypedDataWithAddress(addr, typedData, context)),
+    );
+
+    // Filter out failures (already signed by other nodes or other errors)
+    return results
+      .filter((result): result is PromiseFulfilledResult<Signature> => {
+        if (result.status === 'fulfilled') {
+          return true;
+        }
+        // Log expected HA errors (already signed) at debug level
+        if (result.reason instanceof DutyAlreadySignedError) {
+          this.log.debug(`Duty already signed by another node`, {
+            dutyType: context.dutyType,
+            slot: context.slot,
+            signedByNode: result.reason.signedByNode,
+          });
+          return false;
+        }
+        // Re-throw unexpected errors
+        throw result.reason;
+      })
+      .map(result => result.value);
+  }
+
+  /**
+   * Sign a message with all addresses.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * Returns only signatures that were successfully claimed by this node.
+   */
+  async signMessage(message: Buffer32, context: SigningContext): Promise<Signature[]> {
+    // no need for HA protection on auth request and txs signatures
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signMessage(message, context);
+    }
+
+    // Sign each address with HA protection
+    const addresses = this.getAddresses();
+    const results = await Promise.allSettled(
+      addresses.map(addr => this.signMessageWithAddress(addr, message, context)),
+    );
+
+    // Filter out failures (already signed by other nodes or other errors)
+    return results
+      .filter((result): result is PromiseFulfilledResult<Signature> => {
+        if (result.status === 'fulfilled') {
+          return true;
+        }
+        // Log expected HA errors (already signed) at debug level
+        if (result.reason instanceof DutyAlreadySignedError) {
+          this.log.debug(`Duty already signed by another node`, {
+            dutyType: context.dutyType,
+            slot: context.slot,
+            signedByNode: result.reason.signedByNode,
+          });
+          return false;
+        }
+        // Re-throw unexpected errors
+        throw result.reason;
+      })
+      .map(result => result.value);
+  }
+
+  /**
+   * Sign typed data with a specific address.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * @throws DutyAlreadySignedError if the duty was already signed by another node
+   * @throws SlashingProtectionError if attempting to sign different data for the same slot
+   */
+  async signTypedDataWithAddress(
+    address: EthAddress,
+    typedData: TypedDataDefinition,
+    context: SigningContext,
+  ): Promise<Signature> {
+    // AUTH_REQUEST and TXS bypass HA protection - multiple signatures are safe
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signTypedDataWithAddress(address, typedData, context);
+    }
+
+    // Compute signing root from typed data for HA tracking
+    const digest = hashTypedData(typedData);
+    const messageHash = Buffer32.fromString(digest);
+
+    try {
+      return await this.haSigner.signWithProtection(address, messageHash, context, () =>
+        this.baseKeyStore.signTypedDataWithAddress(address, typedData, context),
+      );
+    } catch (error) {
+      this.processSigningError(error, context);
+      throw error;
+    }
+  }
+
+  /**
+   * Sign a message with a specific address.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * @throws DutyAlreadySignedError if the duty was already signed by another node
+   * @throws SlashingProtectionError if attempting to sign different data for the same slot
+   */
+  async signMessageWithAddress(address: EthAddress, message: Buffer32, context: SigningContext): Promise<Signature> {
+    // no need for HA protection on auth request and txs signatures
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signMessageWithAddress(address, message, context);
+    }
+
+    try {
+      return await this.haSigner.signWithProtection(address, message, context, messageHash =>
+        this.baseKeyStore.signMessageWithAddress(address, messageHash, context),
+      );
+    } catch (error) {
+      this.processSigningError(error, context);
+      throw error;
+    }
+  }
+
+  // ─────────────────────────────────────────────────────────────────────────────
+  // pass-through methods (no HA logic needed)
+  // ─────────────────────────────────────────────────────────────────────────────
+
+  getAddress(index: number): EthAddress {
+    return this.baseKeyStore.getAddress(index);
+  }
+
+  getAddresses(): EthAddress[] {
+    return this.baseKeyStore.getAddresses();
+  }
+
+  getAttesterAddresses(): EthAddress[] {
+    return this.baseKeyStore.getAttesterAddresses();
+  }
+
+  getCoinbaseAddress(attesterAddress: EthAddress): EthAddress {
+    return this.baseKeyStore.getCoinbaseAddress(attesterAddress);
+  }
+
+  getPublisherAddresses(attesterAddress: EthAddress): EthAddress[] {
+    return this.baseKeyStore.getPublisherAddresses(attesterAddress);
+  }
+
+  getFeeRecipient(attesterAddress: EthAddress): AztecAddress {
+    return this.baseKeyStore.getFeeRecipient(attesterAddress);
+  }
+
+  getRemoteSignerConfig(attesterAddress: EthAddress): EthRemoteSignerConfig | undefined {
+    return this.baseKeyStore.getRemoteSignerConfig(attesterAddress);
+  }
+
+  /**
+   * Process signing errors from the HA signer.
+   * Logs expected HA errors (already signed) at appropriate levels.
+   * Re-throws unexpected errors.
+   */
+  private processSigningError(error: unknown, context: HAProtectedSigningContext) {
+    if (error instanceof DutyAlreadySignedError) {
+      this.log.debug(`Duty already signed by another node with the same payload`, {
+        dutyType: context.dutyType,
+        slot: context.slot,
+        signedByNode: error.signedByNode,
+      });
+      return;
+    }
+
+    if (error instanceof SlashingProtectionError) {
+      this.log.warn(`Duty already signed by another node with different payload`, {
+        dutyType: context.dutyType,
+        slot: context.slot,
+        existingMessageHash: error.existingMessageHash,
+        attemptedMessageHash: error.attemptedMessageHash,
+      });
+      return;
+    }
+
+    // Re-throw errors
+    throw error;
+  }
+
+  /**
+   * Start the high-availability key store
+   */
+  public async start() {
+    await this.haSigner.start();
+  }
+
+  /**
+   * Stop the high-availability key store
+   */
+  public async stop() {
+    await this.haSigner.stop();
+  }
+}

package/src/key_store/index.ts

@@ -2,3 +2,4 @@ export * from './interface.js';
 export * from './local_key_store.js';
 export * from './node_keystore_adapter.js';
 export * from './web3signer_key_store.js';
+export * from './ha_key_store.js';

package/src/key_store/interface.ts

@@ -3,6 +3,7 @@ import type { EthAddress } from '@aztec/foundation/eth-address';
 import type { Signature } from '@aztec/foundation/eth-signature';
 import type { EthRemoteSignerConfig } from '@aztec/node-keystore';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
+import type { SigningContext } from '@aztec/validator-ha-signer/types';
 
 import type { TypedDataDefinition } from 'viem';
 
@@ -26,17 +27,45 @@ export interface ValidatorKeyStore {
    */
   getAddresses(): EthAddress[];
 
-  signTypedData(typedData: TypedDataDefinition): Promise<Signature[]>;
-  signTypedDataWithAddress(address: EthAddress, typedData: TypedDataDefinition): Promise<Signature>;
+  /**
+   * Sign typed data with all keystore private keys
+   * @param typedData - The complete EIP-712 typed data structure
+   * @param context - Signing context for HA slashing protection
+   * @returns signatures (when context provided with HA, only successfully claimed signatures are returned)
+   */
+  signTypedData(typedData: TypedDataDefinition, context: SigningContext): Promise<Signature[]>;
+
+  /**
+   * Sign typed data with a specific address's private key
+   * @param address - The address of the signer to use
+   * @param typedData - The complete EIP-712 typed data structure
+   * @param context - Signing context for HA slashing protection
+   * @returns signature
+   */
+  signTypedDataWithAddress(
+    address: EthAddress,
+    typedData: TypedDataDefinition,
+    context: SigningContext,
+  ): Promise<Signature>;
+
   /**
    * Flavor of sign message that followed EIP-712 eth signed message prefix
    * Note: this is only required when we are using ecdsa signatures over secp256k1
    *
    * @param message - The message to sign.
-   * @returns The signatures.
+   * @param context - Signing context for HA slashing protection
+   * @returns The signatures (when context provided with HA, only successfully claimed signatures are returned).
    */
-  signMessage(message: Buffer32): Promise<Signature[]>;
-  signMessageWithAddress(address: EthAddress, message: Buffer32): Promise<Signature>;
+  signMessage(message: Buffer32, context: SigningContext): Promise<Signature[]>;
+
+  /**
+   * Sign a message with a specific address's private key
+   * @param address - The address of the signer to use
+   * @param message - The message to sign
+   * @param context - Signing context for HA slashing protection
+   * @returns signature
+   */
+  signMessageWithAddress(address: EthAddress, message: Buffer32, context: SigningContext): Promise<Signature>;
 }
 
 /**
@@ -79,4 +108,14 @@ export interface ExtendedValidatorKeyStore extends ValidatorKeyStore {
    * @returns the remote signer configuration or undefined
    */
   getRemoteSignerConfig(attesterAddress: EthAddress): EthRemoteSignerConfig | undefined;
+
+  /**
+   * Start the key store
+   */
+  start(): Promise<void>;
+
+  /**
+   * Stop the key store
+   */
+  stop(): Promise<void>;
 }

package/src/key_store/local_key_store.ts

@@ -2,6 +2,7 @@ import { Buffer32 } from '@aztec/foundation/buffer';
 import { Secp256k1Signer } from '@aztec/foundation/crypto/secp256k1-signer';
 import type { EthAddress } from '@aztec/foundation/eth-address';
 import type { Signature } from '@aztec/foundation/eth-signature';
+import type { SigningContext } from '@aztec/validator-ha-signer/types';
 
 import { type TypedDataDefinition, hashTypedData } from 'viem';
 
@@ -46,9 +47,10 @@ export class LocalKeyStore implements ValidatorKeyStore {
   /**
    * Sign a message with all keystore private keys
    * @param typedData - The complete EIP-712 typed data structure (domain, types, primaryType, message)
+   * @param _context - Signing context (ignored by LocalKeyStore, used for HA protection)
    * @return signature
    */
-  public signTypedData(typedData: TypedDataDefinition): Promise<Signature[]> {
+  public signTypedData(typedData: TypedDataDefinition, _context: SigningContext): Promise<Signature[]> {
     const digest = hashTypedData(typedData);
     return Promise.all(this.signers.map(signer => signer.sign(Buffer32.fromString(digest))));
   }
@@ -57,10 +59,15 @@ export class LocalKeyStore implements ValidatorKeyStore {
    * Sign a message with a specific address's private key
    * @param address - The address of the signer to use
    * @param typedData - The complete EIP-712 typed data structure (domain, types, primaryType, message)
+   * @param _context - Signing context (ignored by LocalKeyStore, used for HA protection)
    * @returns signature for the specified address
    * @throws Error if the address is not found in the keystore
    */
-  public signTypedDataWithAddress(address: EthAddress, typedData: TypedDataDefinition): Promise<Signature> {
+  public signTypedDataWithAddress(
+    address: EthAddress,
+    typedData: TypedDataDefinition,
+    _context: SigningContext,
+  ): Promise<Signature> {
     const signer = this.signersByAddress.get(address.toString());
     if (!signer) {
       throw new Error(`No signer found for address ${address.toString()}`);
@@ -73,9 +80,10 @@ export class LocalKeyStore implements ValidatorKeyStore {
    * Sign a message using eth_sign with all keystore private keys
    *
    * @param message - The message to sign
+   * @param _context - Signing context (ignored by LocalKeyStore, used for HA protection)
    * @return signatures
    */
-  public signMessage(message: Buffer32): Promise<Signature[]> {
+  public signMessage(message: Buffer32, _context: SigningContext): Promise<Signature[]> {
     return Promise.all(this.signers.map(signer => signer.signMessage(message)));
   }
 
@@ -83,10 +91,11 @@ export class LocalKeyStore implements ValidatorKeyStore {
    * Sign a message using eth_sign with a specific address's private key
    * @param address - The address of the signer to use
    * @param message - The message to sign
+   * @param _context - Signing context (ignored by LocalKeyStore, used for HA protection)
    * @returns signature for the specified address
    * @throws Error if the address is not found in the keystore
    */
-  public signMessageWithAddress(address: EthAddress, message: Buffer32): Promise<Signature> {
+  public signMessageWithAddress(address: EthAddress, message: Buffer32, _context: SigningContext): Promise<Signature> {
     const signer = this.signersByAddress.get(address.toString());
     if (!signer) {
       throw new Error(`No signer found for address ${address.toString()}`);

package/src/key_store/node_keystore_adapter.ts

@@ -6,6 +6,7 @@ import { KeystoreManager, loadKeystoreFile } from '@aztec/node-keystore';
 import type { EthRemoteSignerConfig } from '@aztec/node-keystore';
 import { AztecAddress } from '@aztec/stdlib/aztec-address';
 import { InvalidValidatorPrivateKeyError } from '@aztec/stdlib/validators';
+import type { SigningContext } from '@aztec/validator-ha-signer/types';
 
 import type { TypedDataDefinition } from 'viem';
 import { privateKeyToAccount } from 'viem/accounts';
@@ -230,9 +231,10 @@ export class NodeKeystoreAdapter implements ExtendedValidatorKeyStore {
   /**
    * Sign typed data with all attester signers across validators.
    * @param typedData EIP-712 typed data
+   * @param _context Signing context (ignored by NodeKeystoreAdapter, used for HA protection)
    * @returns Array of signatures in validator order, flattened
    */
-  async signTypedData(typedData: TypedDataDefinition): Promise<Signature[]> {
+  async signTypedData(typedData: TypedDataDefinition, _context: SigningContext): Promise<Signature[]> {
     const jobs: Promise<Signature>[] = [];
     for (const i of this.validatorIndices()) {
       const v = this.ensureValidator(i);
@@ -246,9 +248,10 @@ export class NodeKeystoreAdapter implements ExtendedValidatorKeyStore {
   /**
    * Sign a message with all attester signers across validators.
    * @param message 32-byte message (already hashed/padded as needed)
+   * @param _context Signing context (ignored by NodeKeystoreAdapter, used for HA protection)
    * @returns Array of signatures in validator order, flattened
    */
-  async signMessage(message: Buffer32): Promise<Signature[]> {
+  async signMessage(message: Buffer32, _context: SigningContext): Promise<Signature[]> {
     const jobs: Promise<Signature>[] = [];
     for (const i of this.validatorIndices()) {
       const v = this.ensureValidator(i);
@@ -264,10 +267,15 @@ export class NodeKeystoreAdapter implements ExtendedValidatorKeyStore {
    * Hydrates caches on-demand when the address is first seen.
    * @param address Address to sign with
    * @param typedData EIP-712 typed data
+   * @param _context Signing context (ignored by NodeKeystoreAdapter, used for HA protection)
    * @returns Signature from the signer matching the address
    * @throws Error when no signer exists for the address
    */
-  async signTypedDataWithAddress(address: EthAddress, typedData: TypedDataDefinition): Promise<Signature> {
+  async signTypedDataWithAddress(
+    address: EthAddress,
+    typedData: TypedDataDefinition,
+    _context: SigningContext,
+  ): Promise<Signature> {
     const entry = this.addressIndex.get(NodeKeystoreAdapter.key(address));
     if (entry) {
       return await this.keystoreManager.signTypedData(entry.signer, typedData);
@@ -290,10 +298,11 @@ export class NodeKeystoreAdapter implements ExtendedValidatorKeyStore {
    * Hydrates caches on-demand when the address is first seen.
    * @param address Address to sign with
    * @param message 32-byte message
+   * @param _context Signing context (ignored by NodeKeystoreAdapter, used for HA protection)
    * @returns Signature from the signer matching the address
    * @throws Error when no signer exists for the address
    */
-  async signMessageWithAddress(address: EthAddress, message: Buffer32): Promise<Signature> {
+  async signMessageWithAddress(address: EthAddress, message: Buffer32, _context: SigningContext): Promise<Signature> {
     const entry = this.addressIndex.get(NodeKeystoreAdapter.key(address));
     if (entry) {
       return await this.keystoreManager.signMessage(entry.signer, message);
@@ -372,4 +381,18 @@ export class NodeKeystoreAdapter implements ExtendedValidatorKeyStore {
     const validatorIndex = this.findValidatorIndexForAttester(attesterAddress);
     return this.keystoreManager.getEffectiveRemoteSignerConfig(validatorIndex, attesterAddress);
   }
+
+  /**
+   * Start the key store - no-op
+   */
+  start(): Promise<void> {
+    return Promise.resolve();
+  }
+
+  /**
+   * Stop the key store - no-op
+   */
+  stop(): Promise<void> {
+    return Promise.resolve();
+  }
 }