@aztec/validator-client 0.0.1-commit.96bb3f7 → 0.0.1-commit.96dac018d

package/dest/validator.js

@@ -1,5 +1,6 @@
 import { getBlobsPerL1Block } from '@aztec/blob-lib';
-import { BlockNumber } from '@aztec/foundation/branded-types';
+import { validateFeeAssetPriceModifier } from '@aztec/ethereum/contracts';
+import { BlockNumber, SlotNumber } from '@aztec/foundation/branded-types';
 import { TimeoutError } from '@aztec/foundation/error';
 import { createLogger } from '@aztec/foundation/log';
 import { retryUntil } from '@aztec/foundation/retry';
@@ -8,11 +9,16 @@ import { sleep } from '@aztec/foundation/sleep';
 import { DateProvider } from '@aztec/foundation/timer';
 import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol } from '@aztec/p2p';
 import { OffenseType, WANT_TO_SLASH_EVENT } from '@aztec/slasher';
+import { getEpochAtSlot, getTimestampForSlot } from '@aztec/stdlib/epoch-helpers';
+import { accumulateCheckpointOutHashes } from '@aztec/stdlib/messaging';
 import { AttestationTimeoutError } from '@aztec/stdlib/validators';
 import { getTelemetryClient } from '@aztec/telemetry-client';
+import { createHASigner } from '@aztec/validator-ha-signer/factory';
+import { DutyType } from '@aztec/validator-ha-signer/types';
 import { EventEmitter } from 'events';
 import { BlockProposalHandler } from './block_proposal_handler.js';
 import { ValidationService } from './duties/validation_service.js';
+import { HAKeyStore } from './key_store/ha_key_store.js';
 import { NodeKeystoreAdapter } from './key_store/node_keystore_adapter.js';
 import { ValidatorMetrics } from './metrics.js';
 // We maintain a set of proposers who have proposed invalid blocks.
@@ -36,6 +42,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     l1ToL2MessageSource;
     config;
     blobClient;
+    haSigner;
     dateProvider;
     tracer;
     validationService;
@@ -43,17 +50,14 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     log;
     // Whether it has already registered handlers on the p2p client
     hasRegisteredHandlers;
-    // Used to check if we are sending the same proposal twice
-    previousProposal;
+    /** Tracks the last block proposal we created, to detect duplicate proposal attempts. */ lastProposedBlock;
+    /** Tracks the last checkpoint proposal we created. */ lastProposedCheckpoint;
     lastEpochForCommitteeUpdateLoop;
     epochCacheUpdateLoop;
     proposersOfInvalidBlocks;
-    // TODO(palla/mbps): Remove this once checkpoint validation is stable and we can validate all blocks properly.
-    // Tracks slots for which we have successfully validated a block proposal, so we can attest to checkpoint proposals for those slots.
-    // eslint-disable-next-line aztec-custom/no-non-primitive-in-collections
-    validatedBlockSlots;
-    constructor(keyStore, epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
-        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockProposalHandler = blockProposalHandler, this.blockSource = blockSource, this.checkpointsBuilder = checkpointsBuilder, this.worldState = worldState, this.l1ToL2MessageSource = l1ToL2MessageSource, this.config = config, this.blobClient = blobClient, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.proposersOfInvalidBlocks = new Set(), this.validatedBlockSlots = new Set();
+    /** Tracks the last checkpoint proposal we attested to, to prevent equivocation. */ lastAttestedProposal;
+    constructor(keyStore, epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, haSigner, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
+        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockProposalHandler = blockProposalHandler, this.blockSource = blockSource, this.checkpointsBuilder = checkpointsBuilder, this.worldState = worldState, this.l1ToL2MessageSource = l1ToL2MessageSource, this.config = config, this.blobClient = blobClient, this.haSigner = haSigner, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.proposersOfInvalidBlocks = new Set();
         // Create child logger with fisherman prefix if in fisherman mode
         this.log = config.fishermanMode ? log.createChild('[FISHERMAN]') : log;
         this.tracer = telemetry.getTracer('Validator');
@@ -107,13 +111,29 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             this.log.error(`Error updating epoch committee`, err);
         }
     }
-    static new(config, checkpointsBuilder, worldState, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
+    static async new(config, checkpointsBuilder, worldState, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
         const metrics = new ValidatorMetrics(telemetry);
         const blockProposalValidator = new BlockProposalValidator(epochCache, {
             txsPermitted: !config.disableTransactions
         });
-        const blockProposalHandler = new BlockProposalHandler(checkpointsBuilder, worldState, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, config, metrics, dateProvider, telemetry);
-        const validator = new ValidatorClient(NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager), epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, dateProvider, telemetry);
+        const blockProposalHandler = new BlockProposalHandler(checkpointsBuilder, worldState, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, epochCache, config, metrics, dateProvider, telemetry);
+        const nodeKeystoreAdapter = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
+        let validatorKeyStore = nodeKeystoreAdapter;
+        let haSigner;
+        if (config.haSigningEnabled) {
+            // If maxStuckDutiesAgeMs is not explicitly set, compute it from Aztec slot duration
+            const haConfig = {
+                ...config,
+                maxStuckDutiesAgeMs: config.maxStuckDutiesAgeMs ?? epochCache.getL1Constants().slotDuration * 2 * 1000
+            };
+            const { signer } = await createHASigner(haConfig, {
+                telemetryClient: telemetry,
+                dateProvider
+            });
+            haSigner = signer;
+            validatorKeyStore = new HAKeyStore(nodeKeystoreAdapter, signer);
+        }
+        const validator = new ValidatorClient(validatorKeyStore, epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, haSigner, dateProvider, telemetry);
         return validator;
     }
     getValidatorAddresses() {
@@ -122,8 +142,8 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     getBlockProposalHandler() {
         return this.blockProposalHandler;
     }
-    signWithAddress(addr, msg) {
-        return this.keyStore.signTypedDataWithAddress(addr, msg);
+    signWithAddress(addr, msg, context) {
+        return this.keyStore.signTypedDataWithAddress(addr, msg, context);
     }
     getCoinbaseForAttestor(attestor) {
         return this.keyStore.getCoinbaseAddress(attestor);
@@ -140,11 +160,26 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             ...config
         };
     }
+    reloadKeystore(newManager) {
+        if (this.config.haSigningEnabled && !this.haSigner) {
+            this.log.warn('HA signing is enabled in config but was not initialized at startup. ' + 'Restart the node to enable HA signing.');
+        } else if (!this.config.haSigningEnabled && this.haSigner) {
+            this.log.warn('HA signing was disabled via config update but the HA signer is still active. ' + 'Restart the node to fully disable HA signing.');
+        }
+        const newAdapter = NodeKeystoreAdapter.fromKeyStoreManager(newManager);
+        if (this.haSigner) {
+            this.keyStore = new HAKeyStore(newAdapter, this.haSigner);
+        } else {
+            this.keyStore = newAdapter;
+        }
+        this.validationService = new ValidationService(this.keyStore, this.log.createChild('validation-service'));
+    }
     async start() {
         if (this.epochCacheUpdateLoop.isRunning()) {
             this.log.warn(`Validator client already started`);
             return;
         }
+        await this.keyStore.start();
         await this.registerHandlers();
         const myAddresses = this.getValidatorAddresses();
         const inCommittee = await this.epochCache.filterInCommittee('now', myAddresses);
@@ -157,6 +192,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     }
     async stop() {
         await this.epochCacheUpdateLoop.stop();
+        await this.keyStore.stop();
     }
     /** Register handlers on the p2p client */ async registerHandlers() {
         if (!this.hasRegisteredHandlers) {
@@ -170,6 +206,14 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             // and processed separately via the block handler above.
             const checkpointHandler = (checkpoint, proposalSender)=>this.attestToCheckpointProposal(checkpoint, proposalSender);
             this.p2pClient.registerCheckpointProposalHandler(checkpointHandler);
+            // Duplicate proposal handler - triggers slashing for equivocation
+            this.p2pClient.registerDuplicateProposalCallback((info)=>{
+                this.handleDuplicateProposal(info);
+            });
+            // Duplicate attestation handler - triggers slashing for attestation equivocation
+            this.p2pClient.registerDuplicateAttestationCallback((info)=>{
+                this.handleDuplicateAttestation(info);
+            });
             const myAddresses = this.getValidatorAddresses();
             this.p2pClient.registerThisValidatorAddresses(myAddresses);
             await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
@@ -181,12 +225,23 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
    * @returns true if the proposal is valid, false otherwise
    */ async validateBlockProposal(proposal, proposalSender) {
         const slotNumber = proposal.slotNumber;
+        // Note: During escape hatch, we still want to "validate" proposals for observability,
+        // but we intentionally reject them and disable slashing invalid block and attestation flow.
+        const escapeHatchOpen = await this.epochCache.isEscapeHatchOpenAtSlot(slotNumber);
         const proposer = proposal.getSender();
         // Reject proposals with invalid signatures
         if (!proposer) {
             this.log.warn(`Received block proposal with invalid signature for slot ${slotNumber}`);
             return false;
         }
+        // Ignore proposals from ourselves (may happen in HA setups)
+        if (this.getValidatorAddresses().some((addr)=>addr.equals(proposer))) {
+            this.log.warn(`Ignoring block proposal from self for slot ${slotNumber}`, {
+                proposer: proposer.toString(),
+                slotNumber
+            });
+            return false;
+        }
         // Check if we're in the committee (for metrics purposes)
         const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.getValidatorAddresses());
         const partOfCommittee = inCommittee.length > 0;
@@ -203,7 +258,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         // In fisherman mode, we always reexecute to validate proposals.
         const { validatorReexecute, slashBroadcastedInvalidBlockPenalty, alwaysReexecuteBlockProposals, fishermanMode } = this.config;
         const shouldReexecute = fishermanMode || slashBroadcastedInvalidBlockPenalty > 0n && validatorReexecute || partOfCommittee && validatorReexecute || alwaysReexecuteBlockProposals || this.blobClient.canUpload();
-        const validationResult = await this.blockProposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute);
+        const validationResult = await this.blockProposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute && !escapeHatchOpen);
         if (!validationResult.isValid) {
             this.log.warn(`Block proposal validation failed: ${validationResult.reason}`, proposalInfo);
             const reason = validationResult.reason || 'unknown';
@@ -222,7 +277,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 this.metrics.incFailedAttestationsNodeIssue(1, reason, partOfCommittee);
             }
             // Slash invalid block proposals (can happen even when not in committee)
-            if (validationResult.reason && SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT.includes(validationResult.reason) && slashBroadcastedInvalidBlockPenalty > 0n) {
+            if (!escapeHatchOpen && validationResult.reason && SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT.includes(validationResult.reason) && slashBroadcastedInvalidBlockPenalty > 0n) {
                 this.log.warn(`Slashing proposer for invalid block proposal`, proposalInfo);
                 this.slashInvalidBlock(proposal);
             }
@@ -231,11 +286,13 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         this.log.info(`Validated block proposal for slot ${slotNumber}`, {
             ...proposalInfo,
             inCommittee: partOfCommittee,
-            fishermanMode: this.config.fishermanMode || false
+            fishermanMode: this.config.fishermanMode || false,
+            escapeHatchOpen
         });
-        // TODO(palla/mbps): Remove this once checkpoint validation is stable.
-        // Track that we successfully validated a block for this slot, so we can attest to checkpoint proposals for it.
-        this.validatedBlockSlots.add(slotNumber);
+        if (escapeHatchOpen) {
+            this.log.warn(`Escape hatch open for slot ${slotNumber}, rejecting block proposal`, proposalInfo);
+            return false;
+        }
         return true;
     }
     /**
@@ -246,11 +303,29 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
    */ async attestToCheckpointProposal(proposal, _proposalSender) {
         const slotNumber = proposal.slotNumber;
         const proposer = proposal.getSender();
+        // If escape hatch is open for this slot's epoch, do not attest.
+        if (await this.epochCache.isEscapeHatchOpenAtSlot(slotNumber)) {
+            this.log.warn(`Escape hatch open for slot ${slotNumber}, skipping checkpoint attestation handling`);
+            return undefined;
+        }
         // Reject proposals with invalid signatures
         if (!proposer) {
             this.log.warn(`Received checkpoint proposal with invalid signature for slot ${slotNumber}`);
             return undefined;
         }
+        // Ignore proposals from ourselves (may happen in HA setups)
+        if (this.getValidatorAddresses().some((addr)=>addr.equals(proposer))) {
+            this.log.warn(`Ignoring block proposal from self for slot ${slotNumber}`, {
+                proposer: proposer.toString(),
+                slotNumber
+            });
+            return undefined;
+        }
+        // Validate fee asset price modifier is within allowed range
+        if (!validateFeeAssetPriceModifier(proposal.feeAssetPriceModifier)) {
+            this.log.warn(`Received checkpoint proposal with invalid feeAssetPriceModifier ${proposal.feeAssetPriceModifier} for slot ${slotNumber}`);
+            return undefined;
+        }
         // Check that I have any address in current committee before attesting
         const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.getValidatorAddresses());
         const partOfCommittee = inCommittee.length > 0;
@@ -265,16 +340,9 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             txHashes: proposal.txHashes.map((t)=>t.toString()),
             fishermanMode: this.config.fishermanMode || false
         });
-        // TODO(palla/mbps): Remove this once checkpoint validation is stable.
-        // Check that we have successfully validated a block for this slot before attesting to the checkpoint.
-        if (!this.validatedBlockSlots.has(slotNumber)) {
-            this.log.warn(`No validated block found for slot ${slotNumber}, refusing to attest to checkpoint`, proposalInfo);
-            return undefined;
-        }
         // Validate the checkpoint proposal before attesting (unless skipCheckpointProposalValidation is set)
-        // TODO(palla/mbps): Change default to false once checkpoint validation is stable.
-        if (this.config.skipCheckpointProposalValidation !== false) {
-            this.log.verbose(`Skipping checkpoint proposal validation for slot ${slotNumber}`, proposalInfo);
+        if (this.config.skipCheckpointProposalValidation) {
+            this.log.warn(`Skipping checkpoint proposal validation for slot ${slotNumber}`, proposalInfo);
         } else {
             const validationResult = await this.validateCheckpointProposal(proposal, proposalInfo);
             if (!validationResult.isValid) {
@@ -321,11 +389,32 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             });
             return undefined;
         }
-        return this.createCheckpointAttestationsFromProposal(proposal, attestors);
+        return await this.createCheckpointAttestationsFromProposal(proposal, attestors);
+    }
+    /**
+   * Checks if we should attest to a slot based on equivocation prevention rules.
+   * @returns true if we should attest, false if we should skip
+   */ shouldAttestToSlot(slotNumber) {
+        // If attestToEquivocatedProposals is true, always allow
+        if (this.config.attestToEquivocatedProposals) {
+            return true;
+        }
+        // Check if incoming slot is strictly greater than last attested
+        if (this.lastAttestedProposal && slotNumber <= this.lastAttestedProposal.slotNumber) {
+            this.log.warn(`Refusing to process a proposal for slot ${slotNumber} given we already attested to a proposal for slot ${this.lastAttestedProposal.slotNumber}`);
+            return false;
+        }
+        return true;
     }
     async createCheckpointAttestationsFromProposal(proposal, attestors = []) {
+        // Equivocation check: must happen right before signing to minimize the race window
+        if (!this.shouldAttestToSlot(proposal.slotNumber)) {
+            return undefined;
+        }
         const attestations = await this.validationService.attestToCheckpointProposal(proposal, attestors);
-        await this.p2pClient.addCheckpointAttestations(attestations);
+        // Track the proposal we attested to (to prevent equivocation)
+        this.lastAttestedProposal = proposal;
+        await this.p2pClient.addOwnCheckpointAttestations(attestations);
         return attestations;
     }
     /**
@@ -333,7 +422,10 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
    * @returns Validation result with isValid flag and reason if invalid.
    */ async validateCheckpointProposal(proposal, proposalInfo) {
         const slot = proposal.slotNumber;
-        const timeoutSeconds = 10;
+        // Timeout block syncing at the start of the next slot
+        const config = this.checkpointsBuilder.getConfig();
+        const nextSlotTimestampSeconds = Number(getTimestampForSlot(SlotNumber(slot + 1), config));
+        const timeoutSeconds = Math.max(1, nextSlotTimestampSeconds - Math.floor(this.dateProvider.now() / 1000));
         // Wait for last block to sync by archive
         let lastBlockHeader;
         try {
@@ -362,18 +454,8 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 reason: 'last_block_not_found'
             };
         }
-        // Get the last full block to determine checkpoint number
-        const lastBlock = await this.blockSource.getL2BlockNew(lastBlockHeader.getBlockNumber());
-        if (!lastBlock) {
-            this.log.warn(`Last block ${lastBlockHeader.getBlockNumber()} not found`, proposalInfo);
-            return {
-                isValid: false,
-                reason: 'last_block_not_found'
-            };
-        }
-        const checkpointNumber = lastBlock.checkpointNumber;
         // Get all full blocks for the slot and checkpoint
-        const blocks = await this.getBlocksForSlot(slot, lastBlockHeader, checkpointNumber);
+        const blocks = await this.blockSource.getBlocksForSlot(slot);
         if (blocks.length === 0) {
             this.log.warn(`No blocks found for slot ${slot}`, proposalInfo);
             return {
@@ -381,6 +463,14 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 reason: 'no_blocks_for_slot'
             };
         }
+        // Ensure the last block for this slot matches the archive in the checkpoint proposal
+        if (!blocks.at(-1)?.archive.root.equals(proposal.archive)) {
+            this.log.warn(`Last block archive mismatch for checkpoint proposal`, proposalInfo);
+            return {
+                isValid: false,
+                reason: 'last_block_archive_mismatch'
+            };
+        }
         this.log.debug(`Found ${blocks.length} blocks for slot ${slot}`, {
             ...proposalInfo,
             blockNumbers: blocks.map((b)=>b.number)
@@ -388,14 +478,18 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         // Get checkpoint constants from first block
         const firstBlock = blocks[0];
         const constants = this.extractCheckpointConstants(firstBlock);
+        const checkpointNumber = firstBlock.checkpointNumber;
         // Get L1-to-L2 messages for this checkpoint
         const l1ToL2Messages = await this.l1ToL2MessageSource.getL1ToL2Messages(checkpointNumber);
+        // Collect the out hashes of all the checkpoints before this one in the same epoch
+        const epoch = getEpochAtSlot(slot, this.epochCache.getL1Constants());
+        const previousCheckpointOutHashes = (await this.blockSource.getCheckpointsDataForEpoch(epoch)).filter((c)=>c.checkpointNumber < checkpointNumber).map((c)=>c.checkpointOutHash);
         // Fork world state at the block before the first block
         const parentBlockNumber = BlockNumber(firstBlock.number - 1);
         const fork = await this.worldState.fork(parentBlockNumber);
         try {
             // Create checkpoint builder with all existing blocks
-            const checkpointBuilder = await this.checkpointsBuilder.openCheckpoint(checkpointNumber, constants, l1ToL2Messages, fork, blocks);
+            const checkpointBuilder = await this.checkpointsBuilder.openCheckpoint(checkpointNumber, constants, proposal.feeAssetPriceModifier, l1ToL2Messages, previousCheckpointOutHashes, fork, blocks, this.log.getBindings());
             // Complete the checkpoint to get computed values
             const computedCheckpoint = await checkpointBuilder.completeCheckpoint();
             // Compare checkpoint header with proposal
@@ -422,6 +516,27 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                     reason: 'archive_mismatch'
                 };
             }
+            // Check that the accumulated epoch out hash matches the value in the proposal.
+            // The epoch out hash is the accumulated hash of all checkpoint out hashes in the epoch.
+            const checkpointOutHash = computedCheckpoint.getCheckpointOutHash();
+            const computedEpochOutHash = accumulateCheckpointOutHashes([
+                ...previousCheckpointOutHashes,
+                checkpointOutHash
+            ]);
+            const proposalEpochOutHash = proposal.checkpointHeader.epochOutHash;
+            if (!computedEpochOutHash.equals(proposalEpochOutHash)) {
+                this.log.warn(`Epoch out hash mismatch`, {
+                    proposalEpochOutHash: proposalEpochOutHash.toString(),
+                    computedEpochOutHash: computedEpochOutHash.toString(),
+                    checkpointOutHash: checkpointOutHash.toString(),
+                    previousCheckpointOutHashes: previousCheckpointOutHashes.map((h)=>h.toString()),
+                    ...proposalInfo
+                });
+                return {
+                    isValid: false,
+                    reason: 'out_hash_mismatch'
+                };
+            }
             this.log.verbose(`Checkpoint proposal validation successful for slot ${slot}`, proposalInfo);
             return {
                 isValid: true
@@ -431,36 +546,6 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         }
     }
     /**
-   * Get all full blocks for a given slot and checkpoint by walking backwards from the last block.
-   * Returns blocks in ascending order (earliest to latest).
-   * TODO(palla/mbps): Add getL2BlocksForSlot() to L2BlockSource interface for efficiency.
-   */ async getBlocksForSlot(slot, lastBlockHeader, checkpointNumber) {
-        const blocks = [];
-        let currentHeader = lastBlockHeader;
-        const { genesisArchiveRoot } = await this.blockSource.getGenesisValues();
-        while(currentHeader.getSlot() === slot){
-            const block = await this.blockSource.getL2BlockNew(currentHeader.getBlockNumber());
-            if (!block) {
-                this.log.warn(`Block ${currentHeader.getBlockNumber()} not found while getting blocks for slot ${slot}`);
-                break;
-            }
-            if (block.checkpointNumber !== checkpointNumber) {
-                break;
-            }
-            blocks.unshift(block);
-            const prevArchive = currentHeader.lastArchive.root;
-            if (prevArchive.equals(genesisArchiveRoot)) {
-                break;
-            }
-            const prevHeader = await this.blockSource.getBlockHeaderByArchive(prevArchive);
-            if (!prevHeader || prevHeader.getSlot() !== slot) {
-                break;
-            }
-            currentHeader = prevHeader;
-        }
-        return blocks;
-    }
-    /**
    * Extract checkpoint global variables from a block.
    */ extractCheckpointConstants(block) {
         const gv = block.header.globalVariables;
@@ -468,6 +553,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             chainId: gv.chainId,
             version: gv.version,
             slotNumber: gv.slotNumber,
+            timestamp: gv.timestamp,
             coinbase: gv.coinbase,
             feeRecipient: gv.feeRecipient,
             gasFees: gv.gasFees
@@ -482,19 +568,13 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 this.log.warn(`Failed to get last block header for blob upload`, proposalInfo);
                 return;
             }
-            // Get the last full block to determine checkpoint number
-            const lastBlock = await this.blockSource.getL2BlockNew(lastBlockHeader.getBlockNumber());
-            if (!lastBlock) {
-                this.log.warn(`Failed to get last block for blob upload`, proposalInfo);
-                return;
-            }
-            const blocks = await this.getBlocksForSlot(proposal.slotNumber, lastBlockHeader, lastBlock.checkpointNumber);
+            const blocks = await this.blockSource.getBlocksForSlot(proposal.slotNumber);
             if (blocks.length === 0) {
                 this.log.warn(`No blocks found for blob upload`, proposalInfo);
                 return;
             }
             const blobFields = blocks.flatMap((b)=>b.toBlobFields());
-            const blobs = getBlobsPerL1Block(blobFields);
+            const blobs = await getBlobsPerL1Block(blobFields);
             await this.blobClient.sendBlobsToFilestore(blobs);
             this.log.debug(`Uploaded ${blobs.length} blobs to filestore for checkpoint at slot ${proposal.slotNumber}`, {
                 ...proposalInfo,
@@ -526,29 +606,81 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             }
         ]);
     }
-    async createBlockProposal(blockHeader, indexWithinCheckpoint, inHash, archive, txs, proposerAddress, options) {
-        // TODO(palla/mbps): Prevent double proposals properly
-        // if (this.previousProposal?.slotNumber === blockHeader.globalVariables.slotNumber) {
-        //   this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
-        //   return Promise.resolve(undefined);
-        // }
+    /**
+   * Handle detection of a duplicate proposal (equivocation).
+   * Emits a slash event when a proposer sends multiple proposals for the same position.
+   */ handleDuplicateProposal(info) {
+        const { slot, proposer, type } = info;
+        this.log.warn(`Triggering slash event for duplicate ${type} proposal from ${proposer.toString()} at slot ${slot}`, {
+            proposer: proposer.toString(),
+            slot,
+            type
+        });
+        // Emit slash event
+        this.emit(WANT_TO_SLASH_EVENT, [
+            {
+                validator: proposer,
+                amount: this.config.slashDuplicateProposalPenalty,
+                offenseType: OffenseType.DUPLICATE_PROPOSAL,
+                epochOrSlot: BigInt(slot)
+            }
+        ]);
+    }
+    /**
+   * Handle detection of a duplicate attestation (equivocation).
+   * Emits a slash event when an attester signs attestations for different proposals at the same slot.
+   */ handleDuplicateAttestation(info) {
+        const { slot, attester } = info;
+        this.log.warn(`Triggering slash event for duplicate attestation from ${attester.toString()} at slot ${slot}`, {
+            attester: attester.toString(),
+            slot
+        });
+        this.emit(WANT_TO_SLASH_EVENT, [
+            {
+                validator: attester,
+                amount: this.config.slashDuplicateAttestationPenalty,
+                offenseType: OffenseType.DUPLICATE_ATTESTATION,
+                epochOrSlot: BigInt(slot)
+            }
+        ]);
+    }
+    async createBlockProposal(blockHeader, indexWithinCheckpoint, inHash, archive, txs, proposerAddress, options = {}) {
+        // Validate that we're not creating a proposal for an older or equal position
+        if (this.lastProposedBlock) {
+            const lastSlot = this.lastProposedBlock.slotNumber;
+            const lastIndex = this.lastProposedBlock.indexWithinCheckpoint;
+            const newSlot = blockHeader.globalVariables.slotNumber;
+            if (newSlot < lastSlot || newSlot === lastSlot && indexWithinCheckpoint <= lastIndex) {
+                throw new Error(`Cannot create block proposal for slot ${newSlot} index ${indexWithinCheckpoint}: ` + `already proposed block for slot ${lastSlot} index ${lastIndex}`);
+            }
+        }
         this.log.info(`Assembling block proposal for block ${blockHeader.globalVariables.blockNumber} slot ${blockHeader.globalVariables.slotNumber}`);
         const newProposal = await this.validationService.createBlockProposal(blockHeader, indexWithinCheckpoint, inHash, archive, txs, proposerAddress, {
             ...options,
             broadcastInvalidBlockProposal: this.config.broadcastInvalidBlockProposal
         });
-        this.previousProposal = newProposal;
+        this.lastProposedBlock = newProposal;
         return newProposal;
     }
-    async createCheckpointProposal(checkpointHeader, archive, lastBlockInfo, proposerAddress, options) {
+    async createCheckpointProposal(checkpointHeader, archive, feeAssetPriceModifier, lastBlockInfo, proposerAddress, options = {}) {
+        // Validate that we're not creating a proposal for an older or equal slot
+        if (this.lastProposedCheckpoint) {
+            const lastSlot = this.lastProposedCheckpoint.slotNumber;
+            const newSlot = checkpointHeader.slotNumber;
+            if (newSlot <= lastSlot) {
+                throw new Error(`Cannot create checkpoint proposal for slot ${newSlot}: ` + `already proposed checkpoint for slot ${lastSlot}`);
+            }
+        }
         this.log.info(`Assembling checkpoint proposal for slot ${checkpointHeader.slotNumber}`);
-        return await this.validationService.createCheckpointProposal(checkpointHeader, archive, lastBlockInfo, proposerAddress, options);
+        const newProposal = await this.validationService.createCheckpointProposal(checkpointHeader, archive, feeAssetPriceModifier, lastBlockInfo, proposerAddress, options);
+        this.lastProposedCheckpoint = newProposal;
+        return newProposal;
     }
     async broadcastBlockProposal(proposal) {
         await this.p2pClient.broadcastProposal(proposal);
     }
-    async signAttestationsAndSigners(attestationsAndSigners, proposer) {
-        return await this.validationService.signAttestationsAndSigners(attestationsAndSigners, proposer);
+    async signAttestationsAndSigners(attestationsAndSigners, proposer, slot, blockNumber) {
+        return await this.validationService.signAttestationsAndSigners(attestationsAndSigners, proposer, slot, blockNumber);
     }
     async collectOwnAttestations(proposal) {
         const slot = proposal.slotNumber;
@@ -557,6 +689,9 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             inCommittee
         });
         const attestations = await this.createCheckpointAttestationsFromProposal(proposal, inCommittee);
+        if (!attestations) {
+            return [];
+        }
         // We broadcast our own attestations to our peers so, in case our block does not get mined on L1,
         // other nodes can see that our validators did attest to this block proposal, and do not slash us
         // due to inactivity for missed attestations.
@@ -630,7 +765,11 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             return Buffer.alloc(0);
         }
         const payloadToSign = authRequest.getPayloadToSign();
-        const signature = await this.keyStore.signMessageWithAddress(addressToUse, payloadToSign);
+        // AUTH_REQUEST doesn't require HA protection - multiple signatures are safe
+        const context = {
+            dutyType: DutyType.AUTH_REQUEST
+        };
+        const signature = await this.keyStore.signMessageWithAddress(addressToUse, payloadToSign, context);
         const authResponse = new AuthResponse(statusMessage, signature);
         return authResponse.toBuffer();
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/validator-client",
-  "version": "0.0.1-commit.96bb3f7",
+  "version": "0.0.1-commit.96dac018d",
   "main": "dest/index.js",
   "type": "module",
   "exports": {
@@ -64,31 +64,35 @@
     ]
   },
   "dependencies": {
-    "@aztec/blob-client": "0.0.1-commit.96bb3f7",
-    "@aztec/blob-lib": "0.0.1-commit.96bb3f7",
-    "@aztec/constants": "0.0.1-commit.96bb3f7",
-    "@aztec/epoch-cache": "0.0.1-commit.96bb3f7",
-    "@aztec/ethereum": "0.0.1-commit.96bb3f7",
-    "@aztec/foundation": "0.0.1-commit.96bb3f7",
-    "@aztec/node-keystore": "0.0.1-commit.96bb3f7",
-    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.96bb3f7",
-    "@aztec/p2p": "0.0.1-commit.96bb3f7",
-    "@aztec/protocol-contracts": "0.0.1-commit.96bb3f7",
-    "@aztec/prover-client": "0.0.1-commit.96bb3f7",
-    "@aztec/simulator": "0.0.1-commit.96bb3f7",
-    "@aztec/slasher": "0.0.1-commit.96bb3f7",
-    "@aztec/stdlib": "0.0.1-commit.96bb3f7",
-    "@aztec/telemetry-client": "0.0.1-commit.96bb3f7",
+    "@aztec/blob-client": "0.0.1-commit.96dac018d",
+    "@aztec/blob-lib": "0.0.1-commit.96dac018d",
+    "@aztec/constants": "0.0.1-commit.96dac018d",
+    "@aztec/epoch-cache": "0.0.1-commit.96dac018d",
+    "@aztec/ethereum": "0.0.1-commit.96dac018d",
+    "@aztec/foundation": "0.0.1-commit.96dac018d",
+    "@aztec/node-keystore": "0.0.1-commit.96dac018d",
+    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.96dac018d",
+    "@aztec/p2p": "0.0.1-commit.96dac018d",
+    "@aztec/protocol-contracts": "0.0.1-commit.96dac018d",
+    "@aztec/prover-client": "0.0.1-commit.96dac018d",
+    "@aztec/simulator": "0.0.1-commit.96dac018d",
+    "@aztec/slasher": "0.0.1-commit.96dac018d",
+    "@aztec/stdlib": "0.0.1-commit.96dac018d",
+    "@aztec/telemetry-client": "0.0.1-commit.96dac018d",
+    "@aztec/validator-ha-signer": "0.0.1-commit.96dac018d",
     "koa": "^2.16.1",
     "koa-router": "^13.1.1",
     "tslib": "^2.4.0",
     "viem": "npm:@aztec/viem@2.38.2"
   },
   "devDependencies": {
+    "@aztec/archiver": "0.0.1-commit.96dac018d",
+    "@aztec/world-state": "0.0.1-commit.96dac018d",
+    "@electric-sql/pglite": "^0.3.14",
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",
     "@types/node": "^22.15.17",
-    "@typescript/native-preview": "7.0.0-dev.20251126.1",
+    "@typescript/native-preview": "7.0.0-dev.20260113.1",
     "jest": "^30.0.0",
     "jest-mock-extended": "^4.0.0",
     "ts-node": "^10.9.1",