@aztec/validator-client 0.0.1-commit.7d4e6cd → 0.0.1-commit.87a0206

package/dest/validator.js

@@ -8,11 +8,16 @@ import { sleep } from '@aztec/foundation/sleep';
 import { DateProvider } from '@aztec/foundation/timer';
 import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol } from '@aztec/p2p';
 import { OffenseType, WANT_TO_SLASH_EVENT } from '@aztec/slasher';
+import { getEpochAtSlot } from '@aztec/stdlib/epoch-helpers';
+import { accumulateCheckpointOutHashes } from '@aztec/stdlib/messaging';
 import { AttestationTimeoutError } from '@aztec/stdlib/validators';
 import { getTelemetryClient } from '@aztec/telemetry-client';
+import { createHASigner } from '@aztec/validator-ha-signer/factory';
+import { DutyType } from '@aztec/validator-ha-signer/types';
 import { EventEmitter } from 'events';
 import { BlockProposalHandler } from './block_proposal_handler.js';
 import { ValidationService } from './duties/validation_service.js';
+import { HAKeyStore } from './key_store/ha_key_store.js';
 import { NodeKeystoreAdapter } from './key_store/node_keystore_adapter.js';
 import { ValidatorMetrics } from './metrics.js';
 // We maintain a set of proposers who have proposed invalid blocks.
@@ -48,12 +53,8 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     lastEpochForCommitteeUpdateLoop;
     epochCacheUpdateLoop;
     proposersOfInvalidBlocks;
-    // TODO(palla/mbps): Remove this once checkpoint validation is stable and we can validate all blocks properly.
-    // Tracks slots for which we have successfully validated a block proposal, so we can attest to checkpoint proposals for those slots.
-    // eslint-disable-next-line aztec-custom/no-non-primitive-in-collections
-    validatedBlockSlots;
     constructor(keyStore, epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
-        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockProposalHandler = blockProposalHandler, this.blockSource = blockSource, this.checkpointsBuilder = checkpointsBuilder, this.worldState = worldState, this.l1ToL2MessageSource = l1ToL2MessageSource, this.config = config, this.blobClient = blobClient, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.proposersOfInvalidBlocks = new Set(), this.validatedBlockSlots = new Set();
+        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockProposalHandler = blockProposalHandler, this.blockSource = blockSource, this.checkpointsBuilder = checkpointsBuilder, this.worldState = worldState, this.l1ToL2MessageSource = l1ToL2MessageSource, this.config = config, this.blobClient = blobClient, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.proposersOfInvalidBlocks = new Set();
         // Create child logger with fisherman prefix if in fisherman mode
         this.log = config.fishermanMode ? log.createChild('[FISHERMAN]') : log;
         this.tracer = telemetry.getTracer('Validator');
@@ -107,13 +108,23 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             this.log.error(`Error updating epoch committee`, err);
         }
     }
-    static new(config, checkpointsBuilder, worldState, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
+    static async new(config, checkpointsBuilder, worldState, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
         const metrics = new ValidatorMetrics(telemetry);
         const blockProposalValidator = new BlockProposalValidator(epochCache, {
             txsPermitted: !config.disableTransactions
         });
-        const blockProposalHandler = new BlockProposalHandler(checkpointsBuilder, worldState, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, config, metrics, dateProvider, telemetry);
-        const validator = new ValidatorClient(NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager), epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, dateProvider, telemetry);
+        const blockProposalHandler = new BlockProposalHandler(checkpointsBuilder, worldState, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, epochCache, config, metrics, dateProvider, telemetry);
+        let validatorKeyStore = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
+        if (config.haSigningEnabled) {
+            // If maxStuckDutiesAgeMs is not explicitly set, compute it from Aztec slot duration
+            const haConfig = {
+                ...config,
+                maxStuckDutiesAgeMs: config.maxStuckDutiesAgeMs ?? epochCache.getL1Constants().slotDuration * 2 * 1000
+            };
+            const { signer } = await createHASigner(haConfig);
+            validatorKeyStore = new HAKeyStore(validatorKeyStore, signer);
+        }
+        const validator = new ValidatorClient(validatorKeyStore, epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, dateProvider, telemetry);
         return validator;
     }
     getValidatorAddresses() {
@@ -122,8 +133,8 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     getBlockProposalHandler() {
         return this.blockProposalHandler;
     }
-    signWithAddress(addr, msg) {
-        return this.keyStore.signTypedDataWithAddress(addr, msg);
+    signWithAddress(addr, msg, context) {
+        return this.keyStore.signTypedDataWithAddress(addr, msg, context);
     }
     getCoinbaseForAttestor(attestor) {
         return this.keyStore.getCoinbaseAddress(attestor);
@@ -145,6 +156,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             this.log.warn(`Validator client already started`);
             return;
         }
+        await this.keyStore.start();
         await this.registerHandlers();
         const myAddresses = this.getValidatorAddresses();
         const inCommittee = await this.epochCache.filterInCommittee('now', myAddresses);
@@ -157,6 +169,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     }
     async stop() {
         await this.epochCacheUpdateLoop.stop();
+        await this.keyStore.stop();
     }
     /** Register handlers on the p2p client */ async registerHandlers() {
         if (!this.hasRegisteredHandlers) {
@@ -170,6 +183,10 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             // and processed separately via the block handler above.
             const checkpointHandler = (checkpoint, proposalSender)=>this.attestToCheckpointProposal(checkpoint, proposalSender);
             this.p2pClient.registerCheckpointProposalHandler(checkpointHandler);
+            // Duplicate proposal handler - triggers slashing for equivocation
+            this.p2pClient.registerDuplicateProposalCallback((info)=>{
+                this.handleDuplicateProposal(info);
+            });
             const myAddresses = this.getValidatorAddresses();
             this.p2pClient.registerThisValidatorAddresses(myAddresses);
             await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
@@ -181,6 +198,9 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
    * @returns true if the proposal is valid, false otherwise
    */ async validateBlockProposal(proposal, proposalSender) {
         const slotNumber = proposal.slotNumber;
+        // Note: During escape hatch, we still want to "validate" proposals for observability,
+        // but we intentionally reject them and disable slashing invalid block and attestation flow.
+        const escapeHatchOpen = await this.epochCache.isEscapeHatchOpenAtSlot(slotNumber);
         const proposer = proposal.getSender();
         // Reject proposals with invalid signatures
         if (!proposer) {
@@ -203,7 +223,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         // In fisherman mode, we always reexecute to validate proposals.
         const { validatorReexecute, slashBroadcastedInvalidBlockPenalty, alwaysReexecuteBlockProposals, fishermanMode } = this.config;
         const shouldReexecute = fishermanMode || slashBroadcastedInvalidBlockPenalty > 0n && validatorReexecute || partOfCommittee && validatorReexecute || alwaysReexecuteBlockProposals || this.blobClient.canUpload();
-        const validationResult = await this.blockProposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute);
+        const validationResult = await this.blockProposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute && !escapeHatchOpen);
         if (!validationResult.isValid) {
             this.log.warn(`Block proposal validation failed: ${validationResult.reason}`, proposalInfo);
             const reason = validationResult.reason || 'unknown';
@@ -222,7 +242,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 this.metrics.incFailedAttestationsNodeIssue(1, reason, partOfCommittee);
             }
             // Slash invalid block proposals (can happen even when not in committee)
-            if (validationResult.reason && SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT.includes(validationResult.reason) && slashBroadcastedInvalidBlockPenalty > 0n) {
+            if (!escapeHatchOpen && validationResult.reason && SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT.includes(validationResult.reason) && slashBroadcastedInvalidBlockPenalty > 0n) {
                 this.log.warn(`Slashing proposer for invalid block proposal`, proposalInfo);
                 this.slashInvalidBlock(proposal);
             }
@@ -231,11 +251,13 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         this.log.info(`Validated block proposal for slot ${slotNumber}`, {
             ...proposalInfo,
             inCommittee: partOfCommittee,
-            fishermanMode: this.config.fishermanMode || false
+            fishermanMode: this.config.fishermanMode || false,
+            escapeHatchOpen
         });
-        // TODO(palla/mbps): Remove this once checkpoint validation is stable.
-        // Track that we successfully validated a block for this slot, so we can attest to checkpoint proposals for it.
-        this.validatedBlockSlots.add(slotNumber);
+        if (escapeHatchOpen) {
+            this.log.warn(`Escape hatch open for slot ${slotNumber}, rejecting block proposal`, proposalInfo);
+            return false;
+        }
         return true;
     }
     /**
@@ -246,6 +268,11 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
    */ async attestToCheckpointProposal(proposal, _proposalSender) {
         const slotNumber = proposal.slotNumber;
         const proposer = proposal.getSender();
+        // If escape hatch is open for this slot's epoch, do not attest.
+        if (await this.epochCache.isEscapeHatchOpenAtSlot(slotNumber)) {
+            this.log.warn(`Escape hatch open for slot ${slotNumber}, skipping checkpoint attestation handling`);
+            return undefined;
+        }
         // Reject proposals with invalid signatures
         if (!proposer) {
             this.log.warn(`Received checkpoint proposal with invalid signature for slot ${slotNumber}`);
@@ -265,16 +292,9 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             txHashes: proposal.txHashes.map((t)=>t.toString()),
             fishermanMode: this.config.fishermanMode || false
         });
-        // TODO(palla/mbps): Remove this once checkpoint validation is stable.
-        // Check that we have successfully validated a block for this slot before attesting to the checkpoint.
-        if (!this.validatedBlockSlots.has(slotNumber)) {
-            this.log.warn(`No validated block found for slot ${slotNumber}, refusing to attest to checkpoint`, proposalInfo);
-            return undefined;
-        }
         // Validate the checkpoint proposal before attesting (unless skipCheckpointProposalValidation is set)
-        // TODO(palla/mbps): Change default to false once checkpoint validation is stable.
-        if (this.config.skipCheckpointProposalValidation !== false) {
-            this.log.verbose(`Skipping checkpoint proposal validation for slot ${slotNumber}`, proposalInfo);
+        if (this.config.skipCheckpointProposalValidation) {
+            this.log.warn(`Skipping checkpoint proposal validation for slot ${slotNumber}`, proposalInfo);
         } else {
             const validationResult = await this.validateCheckpointProposal(proposal, proposalInfo);
             if (!validationResult.isValid) {
@@ -325,7 +345,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     }
     async createCheckpointAttestationsFromProposal(proposal, attestors = []) {
         const attestations = await this.validationService.attestToCheckpointProposal(proposal, attestors);
-        await this.p2pClient.addCheckpointAttestations(attestations);
+        await this.p2pClient.addOwnCheckpointAttestations(attestations);
         return attestations;
     }
     /**
@@ -333,7 +353,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
    * @returns Validation result with isValid flag and reason if invalid.
    */ async validateCheckpointProposal(proposal, proposalInfo) {
         const slot = proposal.slotNumber;
-        const timeoutSeconds = 10;
+        const timeoutSeconds = 10; // TODO(palla/mbps): This should map to the timetable settings
         // Wait for last block to sync by archive
         let lastBlockHeader;
         try {
@@ -362,18 +382,8 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 reason: 'last_block_not_found'
             };
         }
-        // Get the last full block to determine checkpoint number
-        const lastBlock = await this.blockSource.getL2BlockNew(lastBlockHeader.getBlockNumber());
-        if (!lastBlock) {
-            this.log.warn(`Last block ${lastBlockHeader.getBlockNumber()} not found`, proposalInfo);
-            return {
-                isValid: false,
-                reason: 'last_block_not_found'
-            };
-        }
-        const checkpointNumber = lastBlock.checkpointNumber;
         // Get all full blocks for the slot and checkpoint
-        const blocks = await this.getBlocksForSlot(slot, lastBlockHeader, checkpointNumber);
+        const blocks = await this.blockSource.getBlocksForSlot(slot);
         if (blocks.length === 0) {
             this.log.warn(`No blocks found for slot ${slot}`, proposalInfo);
             return {
@@ -388,14 +398,21 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         // Get checkpoint constants from first block
         const firstBlock = blocks[0];
         const constants = this.extractCheckpointConstants(firstBlock);
+        const checkpointNumber = firstBlock.checkpointNumber;
         // Get L1-to-L2 messages for this checkpoint
         const l1ToL2Messages = await this.l1ToL2MessageSource.getL1ToL2Messages(checkpointNumber);
+        // Compute the previous checkpoint out hashes for the epoch.
+        // TODO: There can be a more efficient way to get the previous checkpoint out hashes without having to fetch the
+        // actual checkpoints and the blocks/txs in them.
+        const epoch = getEpochAtSlot(slot, this.epochCache.getL1Constants());
+        const previousCheckpoints = (await this.blockSource.getCheckpointsForEpoch(epoch)).filter((b)=>b.number < checkpointNumber).sort((a, b)=>a.number - b.number);
+        const previousCheckpointOutHashes = previousCheckpoints.map((c)=>c.getCheckpointOutHash());
         // Fork world state at the block before the first block
         const parentBlockNumber = BlockNumber(firstBlock.number - 1);
         const fork = await this.worldState.fork(parentBlockNumber);
         try {
             // Create checkpoint builder with all existing blocks
-            const checkpointBuilder = await this.checkpointsBuilder.openCheckpoint(checkpointNumber, constants, l1ToL2Messages, fork, blocks);
+            const checkpointBuilder = await this.checkpointsBuilder.openCheckpoint(checkpointNumber, constants, l1ToL2Messages, previousCheckpointOutHashes, fork, blocks, this.log.getBindings());
             // Complete the checkpoint to get computed values
             const computedCheckpoint = await checkpointBuilder.completeCheckpoint();
             // Compare checkpoint header with proposal
@@ -422,6 +439,27 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                     reason: 'archive_mismatch'
                 };
             }
+            // Check that the accumulated epoch out hash matches the value in the proposal.
+            // The epoch out hash is the accumulated hash of all checkpoint out hashes in the epoch.
+            const checkpointOutHash = computedCheckpoint.getCheckpointOutHash();
+            const computedEpochOutHash = accumulateCheckpointOutHashes([
+                ...previousCheckpointOutHashes,
+                checkpointOutHash
+            ]);
+            const proposalEpochOutHash = proposal.checkpointHeader.epochOutHash;
+            if (!computedEpochOutHash.equals(proposalEpochOutHash)) {
+                this.log.warn(`Epoch out hash mismatch`, {
+                    proposalEpochOutHash: proposalEpochOutHash.toString(),
+                    computedEpochOutHash: computedEpochOutHash.toString(),
+                    checkpointOutHash: checkpointOutHash.toString(),
+                    previousCheckpointOutHashes: previousCheckpointOutHashes.map((h)=>h.toString()),
+                    ...proposalInfo
+                });
+                return {
+                    isValid: false,
+                    reason: 'out_hash_mismatch'
+                };
+            }
             this.log.verbose(`Checkpoint proposal validation successful for slot ${slot}`, proposalInfo);
             return {
                 isValid: true
@@ -431,36 +469,6 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         }
     }
     /**
-   * Get all full blocks for a given slot and checkpoint by walking backwards from the last block.
-   * Returns blocks in ascending order (earliest to latest).
-   * TODO(palla/mbps): Add getL2BlocksForSlot() to L2BlockSource interface for efficiency.
-   */ async getBlocksForSlot(slot, lastBlockHeader, checkpointNumber) {
-        const blocks = [];
-        let currentHeader = lastBlockHeader;
-        const { genesisArchiveRoot } = await this.blockSource.getGenesisValues();
-        while(currentHeader.getSlot() === slot){
-            const block = await this.blockSource.getL2BlockNew(currentHeader.getBlockNumber());
-            if (!block) {
-                this.log.warn(`Block ${currentHeader.getBlockNumber()} not found while getting blocks for slot ${slot}`);
-                break;
-            }
-            if (block.checkpointNumber !== checkpointNumber) {
-                break;
-            }
-            blocks.unshift(block);
-            const prevArchive = currentHeader.lastArchive.root;
-            if (prevArchive.equals(genesisArchiveRoot)) {
-                break;
-            }
-            const prevHeader = await this.blockSource.getBlockHeaderByArchive(prevArchive);
-            if (!prevHeader || prevHeader.getSlot() !== slot) {
-                break;
-            }
-            currentHeader = prevHeader;
-        }
-        return blocks;
-    }
-    /**
    * Extract checkpoint global variables from a block.
    */ extractCheckpointConstants(block) {
         const gv = block.header.globalVariables;
@@ -482,13 +490,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 this.log.warn(`Failed to get last block header for blob upload`, proposalInfo);
                 return;
             }
-            // Get the last full block to determine checkpoint number
-            const lastBlock = await this.blockSource.getL2BlockNew(lastBlockHeader.getBlockNumber());
-            if (!lastBlock) {
-                this.log.warn(`Failed to get last block for blob upload`, proposalInfo);
-                return;
-            }
-            const blocks = await this.getBlocksForSlot(proposal.slotNumber, lastBlockHeader, lastBlock.checkpointNumber);
+            const blocks = await this.blockSource.getBlocksForSlot(proposal.slotNumber);
             if (blocks.length === 0) {
                 this.log.warn(`No blocks found for blob upload`, proposalInfo);
                 return;
@@ -526,7 +528,27 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             }
         ]);
     }
-    async createBlockProposal(blockHeader, indexWithinCheckpoint, inHash, archive, txs, proposerAddress, options) {
+    /**
+   * Handle detection of a duplicate proposal (equivocation).
+   * Emits a slash event when a proposer sends multiple proposals for the same position.
+   */ handleDuplicateProposal(info) {
+        const { slot, proposer, type } = info;
+        this.log.warn(`Triggering slash event for duplicate ${type} proposal from ${proposer.toString()} at slot ${slot}`, {
+            proposer: proposer.toString(),
+            slot,
+            type
+        });
+        // Emit slash event
+        this.emit(WANT_TO_SLASH_EVENT, [
+            {
+                validator: proposer,
+                amount: this.config.slashDuplicateProposalPenalty,
+                offenseType: OffenseType.DUPLICATE_PROPOSAL,
+                epochOrSlot: BigInt(slot)
+            }
+        ]);
+    }
+    async createBlockProposal(blockHeader, indexWithinCheckpoint, inHash, archive, txs, proposerAddress, options = {}) {
         // TODO(palla/mbps): Prevent double proposals properly
         // if (this.previousProposal?.slotNumber === blockHeader.globalVariables.slotNumber) {
         //   this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
@@ -540,15 +562,15 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         this.previousProposal = newProposal;
         return newProposal;
     }
-    async createCheckpointProposal(checkpointHeader, archive, lastBlockInfo, proposerAddress, options) {
+    async createCheckpointProposal(checkpointHeader, archive, lastBlockInfo, proposerAddress, options = {}) {
         this.log.info(`Assembling checkpoint proposal for slot ${checkpointHeader.slotNumber}`);
         return await this.validationService.createCheckpointProposal(checkpointHeader, archive, lastBlockInfo, proposerAddress, options);
     }
     async broadcastBlockProposal(proposal) {
         await this.p2pClient.broadcastProposal(proposal);
     }
-    async signAttestationsAndSigners(attestationsAndSigners, proposer) {
-        return await this.validationService.signAttestationsAndSigners(attestationsAndSigners, proposer);
+    async signAttestationsAndSigners(attestationsAndSigners, proposer, slot, blockNumber) {
+        return await this.validationService.signAttestationsAndSigners(attestationsAndSigners, proposer, slot, blockNumber);
     }
     async collectOwnAttestations(proposal) {
         const slot = proposal.slotNumber;
@@ -630,7 +652,11 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             return Buffer.alloc(0);
         }
         const payloadToSign = authRequest.getPayloadToSign();
-        const signature = await this.keyStore.signMessageWithAddress(addressToUse, payloadToSign);
+        // AUTH_REQUEST doesn't require HA protection - multiple signatures are safe
+        const context = {
+            dutyType: DutyType.AUTH_REQUEST
+        };
+        const signature = await this.keyStore.signMessageWithAddress(addressToUse, payloadToSign, context);
         const authResponse = new AuthResponse(statusMessage, signature);
         return authResponse.toBuffer();
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/validator-client",
-  "version": "0.0.1-commit.7d4e6cd",
+  "version": "0.0.1-commit.87a0206",
   "main": "dest/index.js",
   "type": "module",
   "exports": {
@@ -64,31 +64,35 @@
     ]
   },
   "dependencies": {
-    "@aztec/blob-client": "0.0.1-commit.7d4e6cd",
-    "@aztec/blob-lib": "0.0.1-commit.7d4e6cd",
-    "@aztec/constants": "0.0.1-commit.7d4e6cd",
-    "@aztec/epoch-cache": "0.0.1-commit.7d4e6cd",
-    "@aztec/ethereum": "0.0.1-commit.7d4e6cd",
-    "@aztec/foundation": "0.0.1-commit.7d4e6cd",
-    "@aztec/node-keystore": "0.0.1-commit.7d4e6cd",
-    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.7d4e6cd",
-    "@aztec/p2p": "0.0.1-commit.7d4e6cd",
-    "@aztec/protocol-contracts": "0.0.1-commit.7d4e6cd",
-    "@aztec/prover-client": "0.0.1-commit.7d4e6cd",
-    "@aztec/simulator": "0.0.1-commit.7d4e6cd",
-    "@aztec/slasher": "0.0.1-commit.7d4e6cd",
-    "@aztec/stdlib": "0.0.1-commit.7d4e6cd",
-    "@aztec/telemetry-client": "0.0.1-commit.7d4e6cd",
+    "@aztec/blob-client": "0.0.1-commit.87a0206",
+    "@aztec/blob-lib": "0.0.1-commit.87a0206",
+    "@aztec/constants": "0.0.1-commit.87a0206",
+    "@aztec/epoch-cache": "0.0.1-commit.87a0206",
+    "@aztec/ethereum": "0.0.1-commit.87a0206",
+    "@aztec/foundation": "0.0.1-commit.87a0206",
+    "@aztec/node-keystore": "0.0.1-commit.87a0206",
+    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.87a0206",
+    "@aztec/p2p": "0.0.1-commit.87a0206",
+    "@aztec/protocol-contracts": "0.0.1-commit.87a0206",
+    "@aztec/prover-client": "0.0.1-commit.87a0206",
+    "@aztec/simulator": "0.0.1-commit.87a0206",
+    "@aztec/slasher": "0.0.1-commit.87a0206",
+    "@aztec/stdlib": "0.0.1-commit.87a0206",
+    "@aztec/telemetry-client": "0.0.1-commit.87a0206",
+    "@aztec/validator-ha-signer": "0.0.1-commit.87a0206",
     "koa": "^2.16.1",
     "koa-router": "^13.1.1",
     "tslib": "^2.4.0",
     "viem": "npm:@aztec/viem@2.38.2"
   },
   "devDependencies": {
+    "@aztec/archiver": "0.0.1-commit.87a0206",
+    "@aztec/world-state": "0.0.1-commit.87a0206",
+    "@electric-sql/pglite": "^0.3.14",
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",
     "@types/node": "^22.15.17",
-    "@typescript/native-preview": "7.0.0-dev.20251126.1",
+    "@typescript/native-preview": "7.0.0-dev.20260113.1",
     "jest": "^30.0.0",
     "jest-mock-extended": "^4.0.0",
     "ts-node": "^10.9.1",

package/src/block_proposal_handler.ts

@@ -1,17 +1,22 @@
 import { INITIAL_L2_BLOCK_NUM } from '@aztec/constants';
+import type { EpochCache } from '@aztec/epoch-cache';
 import { BlockNumber, CheckpointNumber, SlotNumber } from '@aztec/foundation/branded-types';
+import { chunkBy } from '@aztec/foundation/collection';
 import { Fr } from '@aztec/foundation/curves/bn254';
 import { TimeoutError } from '@aztec/foundation/error';
 import { createLogger } from '@aztec/foundation/log';
 import { retryUntil } from '@aztec/foundation/retry';
 import { DateProvider, Timer } from '@aztec/foundation/timer';
 import type { P2P, PeerId } from '@aztec/p2p';
-import { TxProvider } from '@aztec/p2p';
 import { BlockProposalValidator } from '@aztec/p2p/msg_validators';
-import type { L2BlockNew, L2BlockSink, L2BlockSource } from '@aztec/stdlib/block';
-import { getTimestampForSlot } from '@aztec/stdlib/epoch-helpers';
-import type { ValidatorClientFullConfig, WorldStateSynchronizer } from '@aztec/stdlib/interfaces/server';
-import { type L1ToL2MessageSource, computeInHashFromL1ToL2Messages } from '@aztec/stdlib/messaging';
+import type { L2Block, L2BlockSink, L2BlockSource } from '@aztec/stdlib/block';
+import { getEpochAtSlot, getTimestampForSlot } from '@aztec/stdlib/epoch-helpers';
+import type { ITxProvider, ValidatorClientFullConfig, WorldStateSynchronizer } from '@aztec/stdlib/interfaces/server';
+import {
+  type L1ToL2MessageSource,
+  computeCheckpointOutHash,
+  computeInHashFromL1ToL2Messages,
+} from '@aztec/stdlib/messaging';
 import type { BlockProposal } from '@aztec/stdlib/p2p';
 import { BlockHeader, type CheckpointGlobalVariables, type FailedTx, type Tx } from '@aztec/stdlib/tx';
 import {
@@ -39,7 +44,7 @@ export type BlockProposalValidationFailureReason =
   | 'unknown_error';
 
 type ReexecuteTransactionsResult = {
-  block: L2BlockNew;
+  block: L2Block;
   failedTxs: FailedTx[];
   reexecutionTimeMs: number;
   totalManaUsed: number;
@@ -72,8 +77,9 @@ export class BlockProposalHandler {
     private worldState: WorldStateSynchronizer,
     private blockSource: L2BlockSource & L2BlockSink,
     private l1ToL2MessageSource: L1ToL2MessageSource,
-    private txProvider: TxProvider,
+    private txProvider: ITxProvider,
     private blockProposalValidator: BlockProposalValidator,
+    private epochCache: EpochCache,
     private config: ValidatorClientFullConfig,
     private metrics?: ValidatorMetrics,
     private dateProvider: DateProvider = new DateProvider(),
@@ -140,8 +146,8 @@ export class BlockProposalHandler {
 
     // Check that the proposal is from the current proposer, or the next proposer
     // This should have been handled by the p2p layer, but we double check here out of caution
-    const invalidProposal = await this.blockProposalValidator.validate(proposal);
-    if (invalidProposal) {
+    const validationResult = await this.blockProposalValidator.validate(proposal);
+    if (validationResult.result !== 'accept') {
       this.log.warn(`Proposal is not valid, skipping processing`, proposalInfo);
       return { isValid: false, reason: 'invalid_proposal' };
     }
@@ -153,9 +159,9 @@ export class BlockProposalHandler {
       return { isValid: false, reason: 'parent_block_not_found' };
     }
 
-    // Check that the parent block's slot is less than the proposal's slot (should not happen, but we check anyway)
-    if (parentBlockHeader !== 'genesis' && parentBlockHeader.getSlot() >= slotNumber) {
-      this.log.warn(`Parent block slot is greater than or equal to proposal slot, skipping processing`, {
+    // Check that the parent block's slot is not greater than the proposal's slot.
+    if (parentBlockHeader !== 'genesis' && parentBlockHeader.getSlot() > slotNumber) {
+      this.log.warn(`Parent block slot is greater than proposal slot, skipping processing`, {
         parentBlockSlot: parentBlockHeader.getSlot().toString(),
         proposalSlot: slotNumber.toString(),
         ...proposalInfo,
@@ -212,6 +218,18 @@ export class BlockProposalHandler {
     // Try re-executing the transactions in the proposal if needed
     let reexecutionResult;
     if (shouldReexecute) {
+      // Compute the previous checkpoint out hashes for the epoch.
+      // TODO(leila/mbps): There can be a more efficient way to get the previous checkpoint out
+      // hashes without having to fetch all the blocks.
+      const epoch = getEpochAtSlot(slotNumber, this.epochCache.getL1Constants());
+      const checkpointedBlocks = (await this.blockSource.getCheckpointedBlocksForEpoch(epoch))
+        .filter(b => b.block.number < blockNumber)
+        .sort((a, b) => a.block.number - b.block.number);
+      const blocksByCheckpoint = chunkBy(checkpointedBlocks, b => b.checkpointNumber);
+      const previousCheckpointOutHashes = blocksByCheckpoint.map(checkpointBlocks =>
+        computeCheckpointOutHash(checkpointBlocks.map(b => b.block.body.txEffects.map(tx => tx.l2ToL1Msgs))),
+      );
+
       try {
         this.log.verbose(`Re-executing transactions in the proposal`, proposalInfo);
         reexecutionResult = await this.reexecuteTransactions(
@@ -220,6 +238,7 @@ export class BlockProposalHandler {
           checkpointNumber,
           txs,
           l1ToL2Messages,
+          previousCheckpointOutHashes,
         );
       } catch (error) {
         this.log.error(`Error reexecuting txs while processing block proposal`, error, proposalInfo);
@@ -229,7 +248,6 @@ export class BlockProposalHandler {
     }
 
     // If we succeeded, push this block into the archiver (unless disabled)
-    // TODO(palla/mbps): Change default to false once block sync is stable.
     if (reexecutionResult?.block && this.config.skipPushProposedBlocksToArchiver === false) {
       await this.blockSource.addBlock(reexecutionResult?.block);
     }
@@ -297,7 +315,7 @@ export class BlockProposalHandler {
     // TODO(palla/mbps): The block header should include the checkpoint number to avoid this lookup,
     // or at least the L2BlockSource should return a different struct that includes it.
     const parentBlockNumber = parentBlockHeader.getBlockNumber();
-    const parentBlock = await this.blockSource.getL2BlockNew(parentBlockNumber);
+    const parentBlock = await this.blockSource.getL2Block(parentBlockNumber);
     if (!parentBlock) {
       this.log.warn(`Parent block ${parentBlockNumber} not found in archiver`, proposalInfo);
       return { reason: 'invalid_proposal' };
@@ -338,7 +356,7 @@ export class BlockProposalHandler {
    */
   private validateNonFirstBlockInCheckpoint(
     proposal: BlockProposal,
-    parentBlock: L2BlockNew,
+    parentBlock: L2Block,
     proposalInfo: object,
   ): CheckpointComputationResult | undefined {
     const proposalGlobals = proposal.blockHeader.globalVariables;
@@ -414,31 +432,7 @@ export class BlockProposalHandler {
 
   private getReexecutionDeadline(slot: SlotNumber, config: { l1GenesisTime: bigint; slotDuration: number }): Date {
     const nextSlotTimestampSeconds = Number(getTimestampForSlot(SlotNumber(slot + 1), config));
-    const msNeededForPropagationAndPublishing = this.config.validatorReexecuteDeadlineMs;
-    return new Date(nextSlotTimestampSeconds * 1000 - msNeededForPropagationAndPublishing);
-  }
-
-  /**
-   * Gets all prior blocks in the same checkpoint (same slot and checkpoint number) up to but not including upToBlockNumber.
-   */
-  private async getBlocksInCheckpoint(
-    slot: SlotNumber,
-    upToBlockNumber: BlockNumber,
-    checkpointNumber: CheckpointNumber,
-  ): Promise<L2BlockNew[]> {
-    const blocks: L2BlockNew[] = [];
-    let currentBlockNumber = BlockNumber(upToBlockNumber - 1);
-
-    while (currentBlockNumber >= INITIAL_L2_BLOCK_NUM) {
-      const block = await this.blockSource.getL2BlockNew(currentBlockNumber);
-      if (!block || block.header.getSlot() !== slot || block.checkpointNumber !== checkpointNumber) {
-        break;
-      }
-      blocks.unshift(block);
-      currentBlockNumber = BlockNumber(currentBlockNumber - 1);
-    }
-
-    return blocks;
+    return new Date(nextSlotTimestampSeconds * 1000);
   }
 
   private getReexecuteFailureReason(err: any) {
@@ -459,6 +453,7 @@ export class BlockProposalHandler {
     checkpointNumber: CheckpointNumber,
     txs: Tx[],
     l1ToL2Messages: Fr[],
+    previousCheckpointOutHashes: Fr[],
   ): Promise<ReexecuteTransactionsResult> {
     const { blockHeader, txHashes } = proposal;
 
@@ -473,11 +468,13 @@ export class BlockProposalHandler {
     const slot = proposal.slotNumber;
     const config = this.checkpointsBuilder.getConfig();
 
-    // Get prior blocks in this checkpoint (same slot and checkpoint number)
-    const priorBlocks = await this.getBlocksInCheckpoint(slot, blockNumber, checkpointNumber);
+    // Get prior blocks in this checkpoint (same slot before current block)
+    const allBlocksInSlot = await this.blockSource.getBlocksForSlot(slot);
+    const priorBlocks = allBlocksInSlot.filter(b => b.number < blockNumber && b.header.getSlot() === slot);
 
     // Fork before the block to be built
     const parentBlockNumber = BlockNumber(blockNumber - 1);
+    await this.worldState.syncImmediate(parentBlockNumber);
     using fork = await this.worldState.fork(parentBlockNumber);
 
     // Build checkpoint constants from proposal (excludes blockNumber and timestamp which are per-block)
@@ -495,8 +492,10 @@ export class BlockProposalHandler {
       checkpointNumber,
       constants,
       l1ToL2Messages,
+      previousCheckpointOutHashes,
       fork,
       priorBlocks,
+      this.log.getBindings(),
     );
 
     // Build the new block