@aztec/validator-client 0.0.1-commit.f504929 → 0.0.1-commit.f81dbcf

package/src/checkpoint_builder.ts

@@ -1,5 +1,7 @@
+import { NUM_CHECKPOINT_END_MARKER_FIELDS, getNumBlockEndBlobFields } from '@aztec/blob-lib/encoding';
+import { BLOBS_PER_CHECKPOINT, FIELDS_PER_BLOB, MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT } from '@aztec/constants';
 import { BlockNumber, CheckpointNumber } from '@aztec/foundation/branded-types';
-import { merge, pick } from '@aztec/foundation/collection';
+import { merge, pick, sum } from '@aztec/foundation/collection';
 import { Fr } from '@aztec/foundation/curves/bn254';
 import { type Logger, type LoggerBindings, createLogger } from '@aztec/foundation/log';
 import { bufferToHex } from '@aztec/foundation/string';
@@ -23,8 +25,8 @@ import {
   FullNodeBlockBuilderConfigKeys,
   type ICheckpointBlockBuilder,
   type ICheckpointsBuilder,
+  InsufficientValidTxsError,
   type MerkleTreeWriteOperations,
-  NoValidTxsError,
   type PublicProcessorLimits,
   type WorldStateSynchronizer,
 } from '@aztec/stdlib/interfaces/server';
@@ -32,6 +34,7 @@ import { type DebugLogStore, NullDebugLogStore } from '@aztec/stdlib/logs';
 import { MerkleTreeId } from '@aztec/stdlib/trees';
 import { type CheckpointGlobalVariables, GlobalVariables, StateReference, Tx } from '@aztec/stdlib/tx';
 import { type TelemetryClient, getTelemetryClient } from '@aztec/telemetry-client';
+import { ForkCheckpoint } from '@aztec/world-state';
 
 // Re-export for backward compatibility
 export type { BuildBlockInCheckpointResult } from '@aztec/stdlib/interfaces/server';
@@ -65,12 +68,13 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
 
   /**
    * Builds a single block within this checkpoint.
+   * Automatically caps gas and blob field limits based on checkpoint-level budgets and prior blocks.
    */
   async buildBlock(
     pendingTxs: Iterable<Tx> | AsyncIterable<Tx>,
     blockNumber: BlockNumber,
     timestamp: bigint,
-    opts: PublicProcessorLimits & { expectedEndState?: StateReference } = {},
+    opts: PublicProcessorLimits & { expectedEndState?: StateReference; minValidTxs?: number } = {},
   ): Promise<BuildBlockInCheckpointResult> {
     const slot = this.checkpointBuilder.constants.slotNumber;
 
@@ -94,39 +98,53 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     });
     const { processor, validator } = await this.makeBlockBuilderDeps(globalVariables, this.fork);
 
-    const [publicProcessorDuration, [processedTxs, failedTxs, usedTxs, _, usedTxBlobFields]] = await elapsed(() =>
-      processor.process(pendingTxs, opts, validator),
-    );
-
-    // Throw if we didn't collect a single valid tx and we're not allowed to build empty blocks
-    // (only the first block in a checkpoint can be empty)
-    if (processedTxs.length === 0 && this.checkpointBuilder.getBlockCount() > 0) {
-      throw new NoValidTxsError(failedTxs);
-    }
-
-    // Add block to checkpoint
-    const { block } = await this.checkpointBuilder.addBlock(globalVariables, processedTxs, {
-      expectedEndState: opts.expectedEndState,
-    });
-
-    // How much public gas was processed
-    const publicGas = processedTxs.reduce((acc, tx) => acc.add(tx.gasUsed.publicGas), Gas.empty());
+    // Cap gas limits amd available blob fields by remaining checkpoint-level budgets
+    const cappedOpts: PublicProcessorLimits & { expectedEndState?: StateReference } = {
+      ...opts,
+      ...this.capLimitsByCheckpointBudgets(opts),
+    };
 
-    this.log.debug('Built block within checkpoint', {
-      header: block.header.toInspect(),
-      processedTxs: processedTxs.map(tx => tx.hash.toString()),
-      failedTxs: failedTxs.map(tx => tx.tx.txHash.toString()),
-    });
+    // We execute all merkle tree operations on a world state fork checkpoint
+    // This enables us to discard all modifications in the event that we fail to successfully process sufficient transactions
+    const forkCheckpoint = await ForkCheckpoint.new(this.fork);
 
-    return {
-      block,
-      publicGas,
-      publicProcessorDuration,
-      numTxs: processedTxs.length,
-      failedTxs,
-      usedTxs,
-      usedTxBlobFields,
-    };
+    try {
+      const [publicProcessorDuration, [processedTxs, failedTxs, usedTxs]] = await elapsed(() =>
+        processor.process(pendingTxs, cappedOpts, validator),
+      );
+      // Throw before updating state if we don't have enough valid txs
+      const minValidTxs = opts.minValidTxs ?? 0;
+      if (processedTxs.length < minValidTxs) {
+        throw new InsufficientValidTxsError(processedTxs.length, minValidTxs, failedTxs);
+      }
+
+      // Commit the fork checkpoint
+      await forkCheckpoint.commit();
+
+      // Add block to checkpoint
+      const block = await this.checkpointBuilder.addBlock(globalVariables, processedTxs, {
+        expectedEndState: opts.expectedEndState,
+      });
+
+      this.log.debug('Built block within checkpoint', {
+        header: block.header.toInspect(),
+        processedTxs: processedTxs.map(tx => tx.hash.toString()),
+        failedTxs: failedTxs.map(tx => tx.tx.txHash.toString()),
+      });
+
+      return {
+        block,
+        publicProcessorDuration,
+        numTxs: processedTxs.length,
+        failedTxs,
+        usedTxs,
+      };
+    } catch (err) {
+      // If we reached the point of committing the checkpoint, this does nothing
+      // Otherwise it reverts any changes made to the fork for this failed block
+      await forkCheckpoint.revert();
+      throw err;
+    }
   }
 
   /** Completes the checkpoint and returns it. */
@@ -147,6 +165,61 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     return this.checkpointBuilder.clone().completeCheckpoint();
   }
 
+  /**
+   * Caps per-block gas and blob field limits by remaining checkpoint-level budgets.
+   * Computes remaining L2 gas (mana), DA gas, and blob fields from blocks already added to the checkpoint,
+   * then returns opts with maxBlockGas and maxBlobFields capped accordingly.
+   */
+  protected capLimitsByCheckpointBudgets(
+    opts: PublicProcessorLimits,
+  ): Pick<PublicProcessorLimits, 'maxBlockGas' | 'maxBlobFields' | 'maxTransactions'> {
+    const existingBlocks = this.checkpointBuilder.getBlocks();
+
+    // Remaining L2 gas (mana)
+    // IMPORTANT: This assumes mana is computed solely based on L2 gas used in transactions.
+    // This may change in the future.
+    const usedMana = sum(existingBlocks.map(b => b.header.totalManaUsed.toNumber()));
+    const remainingMana = this.config.rollupManaLimit - usedMana;
+
+    // Remaining DA gas
+    const usedDAGas = sum(existingBlocks.map(b => b.computeDAGasUsed())) ?? 0;
+    const remainingDAGas = MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT - usedDAGas;
+
+    // Remaining blob fields (block blob fields include both tx data and block-end overhead)
+    const usedBlobFields = sum(existingBlocks.map(b => b.toBlobFields().length));
+    const totalBlobCapacity = BLOBS_PER_CHECKPOINT * FIELDS_PER_BLOB - NUM_CHECKPOINT_END_MARKER_FIELDS;
+    const isFirstBlock = existingBlocks.length === 0;
+    const blockEndOverhead = getNumBlockEndBlobFields(isFirstBlock);
+    const maxBlobFieldsForTxs = totalBlobCapacity - usedBlobFields - blockEndOverhead;
+
+    // Cap L2 gas by remaining checkpoint mana
+    const cappedL2Gas = Math.min(opts.maxBlockGas?.l2Gas ?? remainingMana, remainingMana);
+
+    // Cap DA gas by remaining checkpoint DA gas budget
+    const cappedDAGas = Math.min(opts.maxBlockGas?.daGas ?? remainingDAGas, remainingDAGas);
+
+    // Cap blob fields by remaining checkpoint blob capacity
+    const cappedBlobFields =
+      opts.maxBlobFields !== undefined ? Math.min(opts.maxBlobFields, maxBlobFieldsForTxs) : maxBlobFieldsForTxs;
+
+    // Cap transaction count by remaining checkpoint tx budget
+    let cappedMaxTransactions: number | undefined;
+    if (this.config.maxTxsPerCheckpoint !== undefined) {
+      const usedTxs = sum(existingBlocks.map(b => b.body.txEffects.length));
+      const remainingTxs = Math.max(0, this.config.maxTxsPerCheckpoint - usedTxs);
+      cappedMaxTransactions =
+        opts.maxTransactions !== undefined ? Math.min(opts.maxTransactions, remainingTxs) : remainingTxs;
+    } else {
+      cappedMaxTransactions = opts.maxTransactions;
+    }
+
+    return {
+      maxBlockGas: new Gas(cappedDAGas, cappedL2Gas),
+      maxBlobFields: cappedBlobFields,
+      maxTransactions: cappedMaxTransactions,
+    };
+  }
+
   protected async makeBlockBuilderDeps(globalVariables: GlobalVariables, fork: MerkleTreeWriteOperations) {
     const txPublicSetupAllowList = [
       ...(await getDefaultAllowedSetupFunctions()),

package/src/config.ts

@@ -6,8 +6,8 @@ import {
   secretValueConfigHelper,
 } from '@aztec/foundation/config';
 import { EthAddress } from '@aztec/foundation/eth-address';
-import { validatorHASignerConfigMappings } from '@aztec/stdlib/ha-signing';
 import type { ValidatorClientConfig } from '@aztec/stdlib/interfaces/server';
+import { validatorHASignerConfigMappings } from '@aztec/validator-ha-signer/config';
 
 export type { ValidatorClientConfig };
 
@@ -77,6 +77,26 @@ export const validatorClientConfigMappings: ConfigMappingsType<ValidatorClientCo
     description: 'Agree to attest to equivocated checkpoint proposals (for testing purposes only)',
     ...booleanConfigHelper(false),
   },
+  validateMaxL2BlockGas: {
+    env: 'VALIDATOR_MAX_L2_BLOCK_GAS',
+    description: 'Maximum L2 block gas for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
+  validateMaxDABlockGas: {
+    env: 'VALIDATOR_MAX_DA_BLOCK_GAS',
+    description: 'Maximum DA block gas for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
+  validateMaxTxsPerBlock: {
+    env: 'VALIDATOR_MAX_TX_PER_BLOCK',
+    description: 'Maximum transactions per block for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
+  validateMaxTxsPerCheckpoint: {
+    env: 'VALIDATOR_MAX_TX_PER_CHECKPOINT',
+    description: 'Maximum transactions per checkpoint for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
   ...validatorHASignerConfigMappings,
 };
 

package/src/duties/validation_service.ts

@@ -150,16 +150,10 @@ export class ValidationService {
     );
 
     // TODO(spy/ha): Use checkpointNumber instead of blockNumber once CheckpointHeader includes it.
-    // Currently using lastBlock.blockNumber as a proxy for checkpoint identification in HA signing.
+    // CheckpointProposalCore doesn't have lastBlock info, so use 0 as a proxy.
     // blockNumber is NOT used for the primary key so it's safe to use here.
     // See CheckpointHeader TODO and SigningContext types documentation.
-    let blockNumber: BlockNumber;
-    try {
-      blockNumber = proposal.blockNumber;
-    } catch {
-      // Checkpoint proposal may not have lastBlock, use 0 as fallback
-      blockNumber = BlockNumber(0);
-    }
+    const blockNumber = BlockNumber(0);
     const context: SigningContext = {
       slot: proposal.slotNumber,
       blockNumber,
@@ -183,7 +177,7 @@ export class ValidationService {
       } else {
         const error = result.reason;
         if (error instanceof DutyAlreadySignedError || error instanceof SlashingProtectionError) {
-          this.log.info(
+          this.log.verbose(
             `Attestation for slot ${proposal.slotNumber} by ${attestors[i]} already signed by another High-Availability node`,
           );
           // Continue with remaining attestors

package/src/factory.ts

@@ -29,7 +29,7 @@ export function createBlockProposalHandler(
   const metrics = new ValidatorMetrics(deps.telemetry);
   const blockProposalValidator = new BlockProposalValidator(deps.epochCache, {
     txsPermitted: !config.disableTransactions,
-    maxTxsPerBlock: config.maxTxsPerBlock,
+    maxTxsPerBlock: config.validateMaxTxsPerBlock ?? config.validateMaxTxsPerCheckpoint,
   });
   return new BlockProposalHandler(
     deps.checkpointsBuilder,

package/src/key_store/ha_key_store.ts

@@ -240,7 +240,7 @@ export class HAKeyStore implements ExtendedValidatorKeyStore {
     }
 
     if (error instanceof SlashingProtectionError) {
-      this.log.warn(`Duty already signed by another node with different payload`, {
+      this.log.info(`Duty already signed by another node with different payload`, {
         dutyType: context.dutyType,
         slot: context.slot,
         existingMessageHash: error.existingMessageHash,

package/src/validator.ts

@@ -24,6 +24,7 @@ import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol }
 import { OffenseType, WANT_TO_SLASH_EVENT, type Watcher, type WatcherEmitter } from '@aztec/slasher';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
 import type { CommitteeAttestationsAndSigners, L2Block, L2BlockSink, L2BlockSource } from '@aztec/stdlib/block';
+import { validateCheckpoint } from '@aztec/stdlib/checkpoint';
 import { getEpochAtSlot, getTimestampForSlot } from '@aztec/stdlib/epoch-helpers';
 import type {
   CreateCheckpointProposalLastBlockData,
@@ -200,7 +201,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     const metrics = new ValidatorMetrics(telemetry);
     const blockProposalValidator = new BlockProposalValidator(epochCache, {
       txsPermitted: !config.disableTransactions,
-      maxTxsPerBlock: config.maxTxsPerBlock,
+      maxTxsPerBlock: config.validateMaxTxsPerBlock,
     });
     const blockProposalHandler = new BlockProposalHandler(
       checkpointsBuilder,
@@ -225,7 +226,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
         ...config,
         maxStuckDutiesAgeMs: config.maxStuckDutiesAgeMs ?? epochCache.getL1Constants().slotDuration * 2 * 1000,
       };
-      const { signer } = await createHASigner(haConfig, { telemetryClient: telemetry, dateProvider });
+      const { signer } = await createHASigner(haConfig);
       haSigner = signer;
       validatorKeyStore = new HAKeyStore(nodeKeystoreAdapter, signer);
     }
@@ -386,7 +387,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
 
     // Ignore proposals from ourselves (may happen in HA setups)
     if (this.getValidatorAddresses().some(addr => addr.equals(proposer))) {
-      this.log.warn(`Ignoring block proposal from self for slot ${slotNumber}`, {
+      this.log.debug(`Ignoring block proposal from self for slot ${slotNumber}`, {
         proposer: proposer.toString(),
         slotNumber,
       });
@@ -422,9 +423,10 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     );
 
     if (!validationResult.isValid) {
-      this.log.warn(`Block proposal validation failed: ${validationResult.reason}`, proposalInfo);
-
       const reason = validationResult.reason || 'unknown';
+
+      this.log.warn(`Block proposal validation failed: ${reason}`, proposalInfo);
+
       // Classify failure reason: bad proposal vs node issue
       const badProposalReasons: BlockProposalValidationFailureReason[] = [
         'invalid_proposal',
@@ -496,7 +498,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
 
     // Ignore proposals from ourselves (may happen in HA setups)
     if (this.getValidatorAddresses().some(addr => addr.equals(proposer))) {
-      this.log.warn(`Ignoring block proposal from self for slot ${slotNumber}`, {
+      this.log.debug(`Ignoring block proposal from self for slot ${slotNumber}`, {
         proposer: proposer.toString(),
         slotNumber,
       });
@@ -519,11 +521,9 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
       slotNumber,
       archive: proposal.archive.toString(),
       proposer: proposer.toString(),
-      txCount: proposal.txHashes.length,
     };
     this.log.info(`Received checkpoint proposal for slot ${slotNumber}`, {
       ...proposalInfo,
-      txHashes: proposal.txHashes.map(t => t.toString()),
       fishermanMode: this.config.fishermanMode || false,
     });
 
@@ -766,6 +766,20 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
         return { isValid: false, reason: 'out_hash_mismatch' };
       }
 
+      // Final round of validations on the checkpoint, just in case.
+      try {
+        validateCheckpoint(computedCheckpoint, {
+          rollupManaLimit: this.checkpointsBuilder.getConfig().rollupManaLimit,
+          maxDABlockGas: this.config.validateMaxDABlockGas,
+          maxL2BlockGas: this.config.validateMaxL2BlockGas,
+          maxTxsPerBlock: this.config.validateMaxTxsPerBlock,
+          maxTxsPerCheckpoint: this.config.validateMaxTxsPerCheckpoint,
+        });
+      } catch (err) {
+        this.log.warn(`Checkpoint validation failed: ${err}`, proposalInfo);
+        return { isValid: false, reason: 'checkpoint_validation_failed' };
+      }
+
       this.log.verbose(`Checkpoint proposal validation successful for slot ${slot}`, proposalInfo);
       return { isValid: true };
     } finally {