@aztec/validator-client 0.0.1-commit.9d2bcf6d → 0.0.1-commit.9ef841308

package/dest/validator.js

@@ -1,25 +1,20 @@
-import { getBlobsPerL1Block } from '@aztec/blob-lib';
-import { BlockNumber } from '@aztec/foundation/branded-types';
-import { TimeoutError } from '@aztec/foundation/error';
 import { createLogger } from '@aztec/foundation/log';
-import { retryUntil } from '@aztec/foundation/retry';
 import { RunningPromise } from '@aztec/foundation/running-promise';
 import { sleep } from '@aztec/foundation/sleep';
 import { DateProvider } from '@aztec/foundation/timer';
 import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol } from '@aztec/p2p';
 import { OffenseType, WANT_TO_SLASH_EVENT } from '@aztec/slasher';
 import { getEpochAtSlot } from '@aztec/stdlib/epoch-helpers';
-import { accumulateCheckpointOutHashes } from '@aztec/stdlib/messaging';
 import { AttestationTimeoutError } from '@aztec/stdlib/validators';
 import { getTelemetryClient } from '@aztec/telemetry-client';
-import { createHASigner } from '@aztec/validator-ha-signer/factory';
+import { createHASigner, createLocalSignerWithProtection, createSignerFromSharedDb } from '@aztec/validator-ha-signer/factory';
 import { DutyType } from '@aztec/validator-ha-signer/types';
 import { EventEmitter } from 'events';
-import { BlockProposalHandler } from './block_proposal_handler.js';
 import { ValidationService } from './duties/validation_service.js';
 import { HAKeyStore } from './key_store/ha_key_store.js';
 import { NodeKeystoreAdapter } from './key_store/node_keystore_adapter.js';
 import { ValidatorMetrics } from './metrics.js';
+import { ProposalHandler } from './proposal_handler.js';
 // We maintain a set of proposers who have proposed invalid blocks.
 // Just cap the set to avoid unbounded growth.
 const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
@@ -34,13 +29,10 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     keyStore;
     epochCache;
     p2pClient;
-    blockProposalHandler;
-    blockSource;
-    checkpointsBuilder;
-    worldState;
-    l1ToL2MessageSource;
+    proposalHandler;
     config;
     blobClient;
+    slashingProtectionSigner;
     dateProvider;
     tracer;
     validationService;
@@ -48,13 +40,15 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
     log;
     // Whether it has already registered handlers on the p2p client
     hasRegisteredHandlers;
-    // Used to check if we are sending the same proposal twice
-    previousProposal;
+    /** Tracks the last block proposal we created, to detect duplicate proposal attempts. */ lastProposedBlock;
+    /** Tracks the last checkpoint proposal we created. */ lastProposedCheckpoint;
     lastEpochForCommitteeUpdateLoop;
     epochCacheUpdateLoop;
+    /** Tracks the last epoch in which each attester successfully submitted at least one attestation. */ lastAttestedEpochByAttester;
     proposersOfInvalidBlocks;
-    constructor(keyStore, epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
-        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockProposalHandler = blockProposalHandler, this.blockSource = blockSource, this.checkpointsBuilder = checkpointsBuilder, this.worldState = worldState, this.l1ToL2MessageSource = l1ToL2MessageSource, this.config = config, this.blobClient = blobClient, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.proposersOfInvalidBlocks = new Set();
+    /** Tracks the last checkpoint proposal we attested to, to prevent equivocation. */ lastAttestedProposal;
+    constructor(keyStore, epochCache, p2pClient, proposalHandler, config, blobClient, slashingProtectionSigner, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
+        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.proposalHandler = proposalHandler, this.config = config, this.blobClient = blobClient, this.slashingProtectionSigner = slashingProtectionSigner, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.lastAttestedEpochByAttester = new Map(), this.proposersOfInvalidBlocks = new Set();
         // Create child logger with fisherman prefix if in fisherman mode
         this.log = config.fishermanMode ? log.createChild('[FISHERMAN]') : log;
         this.tracer = telemetry.getTracer('Validator');
@@ -93,6 +87,7 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
                 this.log.trace(`No committee found for slot`);
                 return;
             }
+            this.metrics.setCurrentEpoch(epoch);
             if (epoch !== this.lastEpochForCommitteeUpdateLoop) {
                 const me = this.getValidatorAddresses();
                 const committeeSet = new Set(committee.map((v)=>v.toString()));
@@ -108,30 +103,49 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             this.log.error(`Error updating epoch committee`, err);
         }
     }
-    static async new(config, checkpointsBuilder, worldState, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
+    static async new(config, checkpointsBuilder, worldState, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, blobClient, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), slashingProtectionDb) {
         const metrics = new ValidatorMetrics(telemetry);
         const blockProposalValidator = new BlockProposalValidator(epochCache, {
-            txsPermitted: !config.disableTransactions
+            txsPermitted: !config.disableTransactions,
+            maxTxsPerBlock: config.validateMaxTxsPerBlock
         });
-        const blockProposalHandler = new BlockProposalHandler(checkpointsBuilder, worldState, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, epochCache, config, metrics, dateProvider, telemetry);
-        let validatorKeyStore = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
-        if (config.haSigningEnabled) {
+        const proposalHandler = new ProposalHandler(checkpointsBuilder, worldState, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, epochCache, config, blobClient, metrics, dateProvider, telemetry);
+        const nodeKeystoreAdapter = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
+        let slashingProtectionSigner;
+        if (slashingProtectionDb) {
+            // Shared database mode: use a pre-existing database (e.g. for testing HA setups).
+            ({ signer: slashingProtectionSigner } = createSignerFromSharedDb(slashingProtectionDb, config, {
+                telemetryClient: telemetry,
+                dateProvider
+            }));
+        } else if (config.haSigningEnabled) {
+            // Multi-node HA mode: use PostgreSQL-backed distributed locking.
             // If maxStuckDutiesAgeMs is not explicitly set, compute it from Aztec slot duration
             const haConfig = {
                 ...config,
                 maxStuckDutiesAgeMs: config.maxStuckDutiesAgeMs ?? epochCache.getL1Constants().slotDuration * 2 * 1000
             };
-            const { signer } = await createHASigner(haConfig);
-            validatorKeyStore = new HAKeyStore(validatorKeyStore, signer);
+            ({ signer: slashingProtectionSigner } = await createHASigner(haConfig, {
+                telemetryClient: telemetry,
+                dateProvider
+            }));
+        } else {
+            // Single-node mode: use LMDB-backed local signing protection.
+            // This prevents double-signing if the node crashes and restarts mid-proposal.
+            ({ signer: slashingProtectionSigner } = await createLocalSignerWithProtection(config, {
+                telemetryClient: telemetry,
+                dateProvider
+            }));
         }
-        const validator = new ValidatorClient(validatorKeyStore, epochCache, p2pClient, blockProposalHandler, blockSource, checkpointsBuilder, worldState, l1ToL2MessageSource, config, blobClient, dateProvider, telemetry);
+        const validatorKeyStore = new HAKeyStore(nodeKeystoreAdapter, slashingProtectionSigner);
+        const validator = new ValidatorClient(validatorKeyStore, epochCache, p2pClient, proposalHandler, config, blobClient, slashingProtectionSigner, dateProvider, telemetry);
         return validator;
     }
     getValidatorAddresses() {
         return this.keyStore.getAddresses().filter((addr)=>!this.config.disabledValidators.some((disabled)=>disabled.equals(addr)));
     }
-    getBlockProposalHandler() {
-        return this.blockProposalHandler;
+    getProposalHandler() {
+        return this.proposalHandler;
     }
     signWithAddress(addr, msg, context) {
         return this.keyStore.signTypedDataWithAddress(addr, msg, context);
@@ -151,6 +165,11 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             ...config
         };
     }
+    reloadKeystore(newManager) {
+        const newAdapter = NodeKeystoreAdapter.fromKeyStoreManager(newManager);
+        this.keyStore = new HAKeyStore(newAdapter, this.slashingProtectionSigner);
+        this.validationService = new ValidationService(this.keyStore, this.log.createChild('validation-service'));
+    }
     async start() {
         if (this.epochCacheUpdateLoop.isRunning()) {
             this.log.warn(`Validator client already started`);
@@ -183,6 +202,14 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             // and processed separately via the block handler above.
             const checkpointHandler = (checkpoint, proposalSender)=>this.attestToCheckpointProposal(checkpoint, proposalSender);
             this.p2pClient.registerCheckpointProposalHandler(checkpointHandler);
+            // Duplicate proposal handler - triggers slashing for equivocation
+            this.p2pClient.registerDuplicateProposalCallback((info)=>{
+                this.handleDuplicateProposal(info);
+            });
+            // Duplicate attestation handler - triggers slashing for attestation equivocation
+            this.p2pClient.registerDuplicateAttestationCallback((info)=>{
+                this.handleDuplicateAttestation(info);
+            });
             const myAddresses = this.getValidatorAddresses();
             this.p2pClient.registerThisValidatorAddresses(myAddresses);
             await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
@@ -203,6 +230,13 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             this.log.warn(`Received block proposal with invalid signature for slot ${slotNumber}`);
             return false;
         }
+        // Log self-proposals from HA peers (same validator key on different nodes)
+        if (this.getValidatorAddresses().some((addr)=>addr.equals(proposer))) {
+            this.log.verbose(`Processing block proposal from HA peer for slot ${slotNumber}`, {
+                proposer: proposer.toString(),
+                slotNumber
+            });
+        }
         // Check if we're in the committee (for metrics purposes)
         const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.getValidatorAddresses());
         const partOfCommittee = inCommittee.length > 0;
@@ -217,12 +251,12 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         });
         // Reexecute txs if we are part of the committee, or if slashing is enabled, or if we are configured to always reexecute.
         // In fisherman mode, we always reexecute to validate proposals.
-        const { validatorReexecute, slashBroadcastedInvalidBlockPenalty, alwaysReexecuteBlockProposals, fishermanMode } = this.config;
-        const shouldReexecute = fishermanMode || slashBroadcastedInvalidBlockPenalty > 0n && validatorReexecute || partOfCommittee && validatorReexecute || alwaysReexecuteBlockProposals || this.blobClient.canUpload();
-        const validationResult = await this.blockProposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute && !escapeHatchOpen);
+        const { slashBroadcastedInvalidBlockPenalty, alwaysReexecuteBlockProposals, fishermanMode } = this.config;
+        const shouldReexecute = fishermanMode || slashBroadcastedInvalidBlockPenalty > 0n || partOfCommittee || alwaysReexecuteBlockProposals || this.blobClient.canUpload();
+        const validationResult = await this.proposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute && !escapeHatchOpen);
         if (!validationResult.isValid) {
-            this.log.warn(`Block proposal validation failed: ${validationResult.reason}`, proposalInfo);
             const reason = validationResult.reason || 'unknown';
+            this.log.warn(`Block proposal validation failed: ${reason}`, proposalInfo);
             // Classify failure reason: bad proposal vs node issue
             const badProposalReasons = [
                 'invalid_proposal',
@@ -262,46 +296,43 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
    * the lastBlock is extracted and processed separately via the block handler.
    * @returns Checkpoint attestations if valid, undefined otherwise
    */ async attestToCheckpointProposal(proposal, _proposalSender) {
-        const slotNumber = proposal.slotNumber;
+        const proposalSlotNumber = proposal.slotNumber;
         const proposer = proposal.getSender();
         // If escape hatch is open for this slot's epoch, do not attest.
-        if (await this.epochCache.isEscapeHatchOpenAtSlot(slotNumber)) {
-            this.log.warn(`Escape hatch open for slot ${slotNumber}, skipping checkpoint attestation handling`);
+        if (await this.epochCache.isEscapeHatchOpenAtSlot(proposalSlotNumber)) {
+            this.log.warn(`Escape hatch open for slot ${proposalSlotNumber}, skipping checkpoint attestation handling`);
             return undefined;
         }
-        // Reject proposals with invalid signatures
-        if (!proposer) {
-            this.log.warn(`Received checkpoint proposal with invalid signature for slot ${slotNumber}`);
+        // Ignore proposals from ourselves (may happen in HA setups)
+        if (proposer && this.getValidatorAddresses().some((addr)=>addr.equals(proposer))) {
+            this.log.debug(`Ignoring block proposal from self for slot ${proposalSlotNumber}`, {
+                proposer: proposer.toString(),
+                proposalSlotNumber
+            });
             return undefined;
         }
-        // Check that I have any address in current committee before attesting
-        const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.getValidatorAddresses());
+        // Check that I have any address in the committee where this checkpoint will land before attesting
+        const inCommittee = await this.epochCache.filterInCommittee(proposalSlotNumber, this.getValidatorAddresses());
         const partOfCommittee = inCommittee.length > 0;
         const proposalInfo = {
-            slotNumber,
+            proposalSlotNumber,
             archive: proposal.archive.toString(),
-            proposer: proposer.toString(),
-            txCount: proposal.txHashes.length
+            proposer: proposer?.toString()
         };
-        this.log.info(`Received checkpoint proposal for slot ${slotNumber}`, {
+        this.log.info(`Received checkpoint proposal for slot ${proposalSlotNumber}`, {
             ...proposalInfo,
-            txHashes: proposal.txHashes.map((t)=>t.toString()),
             fishermanMode: this.config.fishermanMode || false
         });
-        // Validate the checkpoint proposal before attesting (unless skipCheckpointProposalValidation is set)
+        // Validate the checkpoint proposal and upload blobs (unless skipCheckpointProposalValidation is set)
         if (this.config.skipCheckpointProposalValidation) {
-            this.log.warn(`Skipping checkpoint proposal validation for slot ${slotNumber}`, proposalInfo);
+            this.log.warn(`Skipping checkpoint proposal validation for slot ${proposalSlotNumber}`, proposalInfo);
         } else {
-            const validationResult = await this.validateCheckpointProposal(proposal, proposalInfo);
+            const validationResult = await this.proposalHandler.handleCheckpointProposal(proposal, proposalInfo);
             if (!validationResult.isValid) {
                 this.log.warn(`Checkpoint proposal validation failed: ${validationResult.reason}`, proposalInfo);
                 return undefined;
             }
         }
-        // Upload blobs to filestore if we can (fire and forget)
-        if (this.blobClient.canUpload()) {
-            void this.uploadBlobsForCheckpoint(proposal, proposalInfo);
-        }
         // Check that I have any address in current committee before attesting
         // In fisherman mode, we still create attestations for validation even if not in committee
         if (!partOfCommittee && !this.config.fishermanMode) {
@@ -309,12 +340,22 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             return undefined;
         }
         // Provided all of the above checks pass, we can attest to the proposal
-        this.log.info(`${partOfCommittee ? 'Attesting to' : 'Validated'} checkpoint proposal for slot ${slotNumber}`, {
+        this.log.info(`${partOfCommittee ? 'Attesting to' : 'Validated'} checkpoint proposal for slot ${proposalSlotNumber}`, {
             ...proposalInfo,
             inCommittee: partOfCommittee,
             fishermanMode: this.config.fishermanMode || false
         });
         this.metrics.incSuccessfulAttestations(inCommittee.length);
+        // Track epoch participation per attester: count each (attester, epoch) pair at most once
+        const proposalEpoch = getEpochAtSlot(proposalSlotNumber, this.epochCache.getL1Constants());
+        for (const attester of inCommittee){
+            const key = attester.toString();
+            const lastEpoch = this.lastAttestedEpochByAttester.get(key);
+            if (lastEpoch === undefined || proposalEpoch > lastEpoch) {
+                this.lastAttestedEpochByAttester.set(key, proposalEpoch);
+                this.metrics.incAttestedEpochCount(attester);
+            }
+        }
         // Determine which validators should attest
         let attestors;
         if (partOfCommittee) {
@@ -331,176 +372,39 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
         }
         if (this.config.fishermanMode) {
             // bail out early and don't save attestations to the pool in fisherman mode
-            this.log.info(`Creating checkpoint attestations for slot ${slotNumber}`, {
+            this.log.info(`Creating checkpoint attestations for slot ${proposalSlotNumber}`, {
                 ...proposalInfo,
                 attestors: attestors.map((a)=>a.toString())
             });
             return undefined;
         }
-        return this.createCheckpointAttestationsFromProposal(proposal, attestors);
-    }
-    async createCheckpointAttestationsFromProposal(proposal, attestors = []) {
-        const attestations = await this.validationService.attestToCheckpointProposal(proposal, attestors);
-        await this.p2pClient.addCheckpointAttestations(attestations);
-        return attestations;
+        return await this.createCheckpointAttestationsFromProposal(proposal, attestors);
     }
     /**
-   * Validates a checkpoint proposal by building the full checkpoint and comparing it with the proposal.
-   * @returns Validation result with isValid flag and reason if invalid.
-   */ async validateCheckpointProposal(proposal, proposalInfo) {
-        const slot = proposal.slotNumber;
-        const timeoutSeconds = 10; // TODO(palla/mbps): This should map to the timetable settings
-        // Wait for last block to sync by archive
-        let lastBlockHeader;
-        try {
-            lastBlockHeader = await retryUntil(async ()=>{
-                await this.blockSource.syncImmediate();
-                return this.blockSource.getBlockHeaderByArchive(proposal.archive);
-            }, `waiting for block with archive ${proposal.archive.toString()} for slot ${slot}`, timeoutSeconds, 0.5);
-        } catch (err) {
-            if (err instanceof TimeoutError) {
-                this.log.warn(`Timed out waiting for block with archive matching checkpoint proposal`, proposalInfo);
-                return {
-                    isValid: false,
-                    reason: 'last_block_not_found'
-                };
-            }
-            this.log.error(`Error fetching last block for checkpoint proposal`, err, proposalInfo);
-            return {
-                isValid: false,
-                reason: 'block_fetch_error'
-            };
-        }
-        if (!lastBlockHeader) {
-            this.log.warn(`Last block not found for checkpoint proposal`, proposalInfo);
-            return {
-                isValid: false,
-                reason: 'last_block_not_found'
-            };
-        }
-        // Get all full blocks for the slot and checkpoint
-        const blocks = await this.blockSource.getBlocksForSlot(slot);
-        if (blocks.length === 0) {
-            this.log.warn(`No blocks found for slot ${slot}`, proposalInfo);
-            return {
-                isValid: false,
-                reason: 'no_blocks_for_slot'
-            };
+   * Checks if we should attest to a slot based on equivocation prevention rules.
+   * @returns true if we should attest, false if we should skip
+   */ shouldAttestToSlot(slotNumber) {
+        // If attestToEquivocatedProposals is true, always allow
+        if (this.config.attestToEquivocatedProposals) {
+            return true;
         }
-        this.log.debug(`Found ${blocks.length} blocks for slot ${slot}`, {
-            ...proposalInfo,
-            blockNumbers: blocks.map((b)=>b.number)
-        });
-        // Get checkpoint constants from first block
-        const firstBlock = blocks[0];
-        const constants = this.extractCheckpointConstants(firstBlock);
-        const checkpointNumber = firstBlock.checkpointNumber;
-        // Get L1-to-L2 messages for this checkpoint
-        const l1ToL2Messages = await this.l1ToL2MessageSource.getL1ToL2Messages(checkpointNumber);
-        // Compute the previous checkpoint out hashes for the epoch.
-        // TODO: There can be a more efficient way to get the previous checkpoint out hashes without having to fetch the
-        // actual checkpoints and the blocks/txs in them.
-        const epoch = getEpochAtSlot(slot, this.epochCache.getL1Constants());
-        const previousCheckpoints = (await this.blockSource.getCheckpointsForEpoch(epoch)).filter((b)=>b.number < checkpointNumber).sort((a, b)=>a.number - b.number);
-        const previousCheckpointOutHashes = previousCheckpoints.map((c)=>c.getCheckpointOutHash());
-        // Fork world state at the block before the first block
-        const parentBlockNumber = BlockNumber(firstBlock.number - 1);
-        const fork = await this.worldState.fork(parentBlockNumber);
-        try {
-            // Create checkpoint builder with all existing blocks
-            const checkpointBuilder = await this.checkpointsBuilder.openCheckpoint(checkpointNumber, constants, l1ToL2Messages, previousCheckpointOutHashes, fork, blocks, this.log.getBindings());
-            // Complete the checkpoint to get computed values
-            const computedCheckpoint = await checkpointBuilder.completeCheckpoint();
-            // Compare checkpoint header with proposal
-            if (!computedCheckpoint.header.equals(proposal.checkpointHeader)) {
-                this.log.warn(`Checkpoint header mismatch`, {
-                    ...proposalInfo,
-                    computed: computedCheckpoint.header.toInspect(),
-                    proposal: proposal.checkpointHeader.toInspect()
-                });
-                return {
-                    isValid: false,
-                    reason: 'checkpoint_header_mismatch'
-                };
-            }
-            // Compare archive root with proposal
-            if (!computedCheckpoint.archive.root.equals(proposal.archive)) {
-                this.log.warn(`Archive root mismatch`, {
-                    ...proposalInfo,
-                    computed: computedCheckpoint.archive.root.toString(),
-                    proposal: proposal.archive.toString()
-                });
-                return {
-                    isValid: false,
-                    reason: 'archive_mismatch'
-                };
-            }
-            // Check that the accumulated epoch out hash matches the value in the proposal.
-            // The epoch out hash is the accumulated hash of all checkpoint out hashes in the epoch.
-            const checkpointOutHash = computedCheckpoint.getCheckpointOutHash();
-            const computedEpochOutHash = accumulateCheckpointOutHashes([
-                ...previousCheckpointOutHashes,
-                checkpointOutHash
-            ]);
-            const proposalEpochOutHash = proposal.checkpointHeader.epochOutHash;
-            if (!computedEpochOutHash.equals(proposalEpochOutHash)) {
-                this.log.warn(`Epoch out hash mismatch`, {
-                    proposalEpochOutHash: proposalEpochOutHash.toString(),
-                    computedEpochOutHash: computedEpochOutHash.toString(),
-                    checkpointOutHash: checkpointOutHash.toString(),
-                    previousCheckpointOutHashes: previousCheckpointOutHashes.map((h)=>h.toString()),
-                    ...proposalInfo
-                });
-                return {
-                    isValid: false,
-                    reason: 'out_hash_mismatch'
-                };
-            }
-            this.log.verbose(`Checkpoint proposal validation successful for slot ${slot}`, proposalInfo);
-            return {
-                isValid: true
-            };
-        } finally{
-            await fork.close();
+        // Check if incoming slot is strictly greater than last attested
+        if (this.lastAttestedProposal && slotNumber <= this.lastAttestedProposal.slotNumber) {
+            this.log.warn(`Refusing to process a proposal for slot ${slotNumber} given we already attested to a proposal for slot ${this.lastAttestedProposal.slotNumber}`);
+            return false;
         }
+        return true;
     }
-    /**
-   * Extract checkpoint global variables from a block.
-   */ extractCheckpointConstants(block) {
-        const gv = block.header.globalVariables;
-        return {
-            chainId: gv.chainId,
-            version: gv.version,
-            slotNumber: gv.slotNumber,
-            coinbase: gv.coinbase,
-            feeRecipient: gv.feeRecipient,
-            gasFees: gv.gasFees
-        };
-    }
-    /**
-   * Uploads blobs for a checkpoint to the filestore (fire and forget).
-   */ async uploadBlobsForCheckpoint(proposal, proposalInfo) {
-        try {
-            const lastBlockHeader = await this.blockSource.getBlockHeaderByArchive(proposal.archive);
-            if (!lastBlockHeader) {
-                this.log.warn(`Failed to get last block header for blob upload`, proposalInfo);
-                return;
-            }
-            const blocks = await this.blockSource.getBlocksForSlot(proposal.slotNumber);
-            if (blocks.length === 0) {
-                this.log.warn(`No blocks found for blob upload`, proposalInfo);
-                return;
-            }
-            const blobFields = blocks.flatMap((b)=>b.toBlobFields());
-            const blobs = getBlobsPerL1Block(blobFields);
-            await this.blobClient.sendBlobsToFilestore(blobs);
-            this.log.debug(`Uploaded ${blobs.length} blobs to filestore for checkpoint at slot ${proposal.slotNumber}`, {
-                ...proposalInfo,
-                numBlobs: blobs.length
-            });
-        } catch (err) {
-            this.log.warn(`Failed to upload blobs for checkpoint: ${err}`, proposalInfo);
+    async createCheckpointAttestationsFromProposal(proposal, attestors = []) {
+        // Equivocation check: must happen right before signing to minimize the race window
+        if (!this.shouldAttestToSlot(proposal.slotNumber)) {
+            return undefined;
         }
+        const attestations = await this.validationService.attestToCheckpointProposal(proposal, attestors);
+        // Track the proposal we attested to (to prevent equivocation)
+        this.lastAttestedProposal = proposal;
+        await this.p2pClient.addOwnCheckpointAttestations(attestations);
+        return attestations;
     }
     slashInvalidBlock(proposal) {
         const proposer = proposal.getSender();
@@ -524,23 +428,75 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             }
         ]);
     }
+    /**
+   * Handle detection of a duplicate proposal (equivocation).
+   * Emits a slash event when a proposer sends multiple proposals for the same position.
+   */ handleDuplicateProposal(info) {
+        const { slot, proposer, type } = info;
+        this.log.warn(`Triggering slash event for duplicate ${type} proposal from ${proposer.toString()} at slot ${slot}`, {
+            proposer: proposer.toString(),
+            slot,
+            type
+        });
+        // Emit slash event
+        this.emit(WANT_TO_SLASH_EVENT, [
+            {
+                validator: proposer,
+                amount: this.config.slashDuplicateProposalPenalty,
+                offenseType: OffenseType.DUPLICATE_PROPOSAL,
+                epochOrSlot: BigInt(slot)
+            }
+        ]);
+    }
+    /**
+   * Handle detection of a duplicate attestation (equivocation).
+   * Emits a slash event when an attester signs attestations for different proposals at the same slot.
+   */ handleDuplicateAttestation(info) {
+        const { slot, attester } = info;
+        this.log.warn(`Triggering slash event for duplicate attestation from ${attester.toString()} at slot ${slot}`, {
+            attester: attester.toString(),
+            slot
+        });
+        this.emit(WANT_TO_SLASH_EVENT, [
+            {
+                validator: attester,
+                amount: this.config.slashDuplicateAttestationPenalty,
+                offenseType: OffenseType.DUPLICATE_ATTESTATION,
+                epochOrSlot: BigInt(slot)
+            }
+        ]);
+    }
     async createBlockProposal(blockHeader, indexWithinCheckpoint, inHash, archive, txs, proposerAddress, options = {}) {
-        // TODO(palla/mbps): Prevent double proposals properly
-        // if (this.previousProposal?.slotNumber === blockHeader.globalVariables.slotNumber) {
-        //   this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
-        //   return Promise.resolve(undefined);
-        // }
+        // Validate that we're not creating a proposal for an older or equal position
+        if (this.lastProposedBlock) {
+            const lastSlot = this.lastProposedBlock.slotNumber;
+            const lastIndex = this.lastProposedBlock.indexWithinCheckpoint;
+            const newSlot = blockHeader.globalVariables.slotNumber;
+            if (newSlot < lastSlot || newSlot === lastSlot && indexWithinCheckpoint <= lastIndex) {
+                throw new Error(`Cannot create block proposal for slot ${newSlot} index ${indexWithinCheckpoint}: ` + `already proposed block for slot ${lastSlot} index ${lastIndex}`);
+            }
+        }
         this.log.info(`Assembling block proposal for block ${blockHeader.globalVariables.blockNumber} slot ${blockHeader.globalVariables.slotNumber}`);
         const newProposal = await this.validationService.createBlockProposal(blockHeader, indexWithinCheckpoint, inHash, archive, txs, proposerAddress, {
             ...options,
             broadcastInvalidBlockProposal: this.config.broadcastInvalidBlockProposal
         });
-        this.previousProposal = newProposal;
+        this.lastProposedBlock = newProposal;
         return newProposal;
     }
-    async createCheckpointProposal(checkpointHeader, archive, lastBlockInfo, proposerAddress, options = {}) {
+    async createCheckpointProposal(checkpointHeader, archive, feeAssetPriceModifier, lastBlockInfo, proposerAddress, options = {}) {
+        // Validate that we're not creating a proposal for an older or equal slot
+        if (this.lastProposedCheckpoint) {
+            const lastSlot = this.lastProposedCheckpoint.slotNumber;
+            const newSlot = checkpointHeader.slotNumber;
+            if (newSlot <= lastSlot) {
+                throw new Error(`Cannot create checkpoint proposal for slot ${newSlot}: ` + `already proposed checkpoint for slot ${lastSlot}`);
+            }
+        }
         this.log.info(`Assembling checkpoint proposal for slot ${checkpointHeader.slotNumber}`);
-        return await this.validationService.createCheckpointProposal(checkpointHeader, archive, lastBlockInfo, proposerAddress, options);
+        const newProposal = await this.validationService.createCheckpointProposal(checkpointHeader, archive, feeAssetPriceModifier, lastBlockInfo, proposerAddress, options);
+        this.lastProposedCheckpoint = newProposal;
+        return newProposal;
     }
     async broadcastBlockProposal(proposal) {
         await this.p2pClient.broadcastProposal(proposal);
@@ -555,6 +511,9 @@ const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
             inCommittee
         });
         const attestations = await this.createCheckpointAttestationsFromProposal(proposal, inCommittee);
+        if (!attestations) {
+            return [];
+        }
         // We broadcast our own attestations to our peers so, in case our block does not get mined on L1,
         // other nodes can see that our validators did attest to this block proposal, and do not slash us
         // due to inactivity for missed attestations.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/validator-client",
-  "version": "0.0.1-commit.9d2bcf6d",
+  "version": "0.0.1-commit.9ef841308",
   "main": "dest/index.js",
   "type": "module",
   "exports": {
@@ -64,30 +64,30 @@
     ]
   },
   "dependencies": {
-    "@aztec/blob-client": "0.0.1-commit.9d2bcf6d",
-    "@aztec/blob-lib": "0.0.1-commit.9d2bcf6d",
-    "@aztec/constants": "0.0.1-commit.9d2bcf6d",
-    "@aztec/epoch-cache": "0.0.1-commit.9d2bcf6d",
-    "@aztec/ethereum": "0.0.1-commit.9d2bcf6d",
-    "@aztec/foundation": "0.0.1-commit.9d2bcf6d",
-    "@aztec/node-keystore": "0.0.1-commit.9d2bcf6d",
-    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.9d2bcf6d",
-    "@aztec/p2p": "0.0.1-commit.9d2bcf6d",
-    "@aztec/protocol-contracts": "0.0.1-commit.9d2bcf6d",
-    "@aztec/prover-client": "0.0.1-commit.9d2bcf6d",
-    "@aztec/simulator": "0.0.1-commit.9d2bcf6d",
-    "@aztec/slasher": "0.0.1-commit.9d2bcf6d",
-    "@aztec/stdlib": "0.0.1-commit.9d2bcf6d",
-    "@aztec/telemetry-client": "0.0.1-commit.9d2bcf6d",
-    "@aztec/validator-ha-signer": "0.0.1-commit.9d2bcf6d",
+    "@aztec/blob-client": "0.0.1-commit.9ef841308",
+    "@aztec/blob-lib": "0.0.1-commit.9ef841308",
+    "@aztec/constants": "0.0.1-commit.9ef841308",
+    "@aztec/epoch-cache": "0.0.1-commit.9ef841308",
+    "@aztec/ethereum": "0.0.1-commit.9ef841308",
+    "@aztec/foundation": "0.0.1-commit.9ef841308",
+    "@aztec/node-keystore": "0.0.1-commit.9ef841308",
+    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.9ef841308",
+    "@aztec/p2p": "0.0.1-commit.9ef841308",
+    "@aztec/protocol-contracts": "0.0.1-commit.9ef841308",
+    "@aztec/prover-client": "0.0.1-commit.9ef841308",
+    "@aztec/simulator": "0.0.1-commit.9ef841308",
+    "@aztec/slasher": "0.0.1-commit.9ef841308",
+    "@aztec/stdlib": "0.0.1-commit.9ef841308",
+    "@aztec/telemetry-client": "0.0.1-commit.9ef841308",
+    "@aztec/validator-ha-signer": "0.0.1-commit.9ef841308",
     "koa": "^2.16.1",
     "koa-router": "^13.1.1",
     "tslib": "^2.4.0",
     "viem": "npm:@aztec/viem@2.38.2"
   },
   "devDependencies": {
-    "@aztec/archiver": "0.0.1-commit.9d2bcf6d",
-    "@aztec/world-state": "0.0.1-commit.9d2bcf6d",
+    "@aztec/archiver": "0.0.1-commit.9ef841308",
+    "@aztec/world-state": "0.0.1-commit.9ef841308",
     "@electric-sql/pglite": "^0.3.14",
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",