@aztec/validator-client 0.0.1-commit.fce3e4f → 0.0.1-commit.ffe5b04ea

package/src/duties/validation_service.ts

@@ -1,19 +1,31 @@
+import {
+  BlockNumber,
+  type CheckpointNumber,
+  IndexWithinCheckpoint,
+  type SlotNumber,
+} from '@aztec/foundation/branded-types';
 import { Buffer32 } from '@aztec/foundation/buffer';
-import { keccak256 } from '@aztec/foundation/crypto';
+import { keccak256 } from '@aztec/foundation/crypto/keccak';
+import { Fr } from '@aztec/foundation/curves/bn254';
 import type { EthAddress } from '@aztec/foundation/eth-address';
 import type { Signature } from '@aztec/foundation/eth-signature';
-import { Fr } from '@aztec/foundation/fields';
 import { createLogger } from '@aztec/foundation/log';
 import type { CommitteeAttestationsAndSigners } from '@aztec/stdlib/block';
+import type { CreateCheckpointProposalLastBlockData } from '@aztec/stdlib/interfaces/server';
 import {
-  BlockAttestation,
   BlockProposal,
   type BlockProposalOptions,
+  CheckpointAttestation,
+  CheckpointProposal,
+  type CheckpointProposalCore,
+  type CheckpointProposalOptions,
   ConsensusPayload,
   SignatureDomainSeparator,
 } from '@aztec/stdlib/p2p';
 import type { CheckpointHeader } from '@aztec/stdlib/rollup';
-import type { Tx } from '@aztec/stdlib/tx';
+import type { BlockHeader, Tx } from '@aztec/stdlib/tx';
+import { DutyAlreadySignedError, SlashingProtectionError } from '@aztec/validator-ha-signer/errors';
+import { DutyType, type SigningContext } from '@aztec/validator-ha-signer/types';
 
 import type { ValidatorKeyStore } from '../key_store/interface.js';
 
@@ -26,72 +38,183 @@ export class ValidationService {
   /**
    * Create a block proposal with the given header, archive, and transactions
    *
-   * @param header - The block header
+   * @param blockHeader - The block header
+   * @param blockIndexWithinCheckpoint - The block index within checkpoint for HA signing context
+   * @param inHash - Hash of L1 to L2 messages for this checkpoint
    * @param archive - The archive of the current block
-   * @param txs - TxHash[] ordered list of transactions
+   * @param txs - Ordered list of transactions (Tx[])
+   * @param proposerAttesterAddress - The address of the proposer/attester, or undefined
    * @param options - Block proposal options (including broadcastInvalidBlockProposal for testing)
    *
-   * @returns A block proposal signing the above information (not the current implementation!!!)
+   * @returns A block proposal signing the above information
+   * @throws DutyAlreadySignedError if HA signer indicates duty already signed by another node
+   * @throws SlashingProtectionError if attempting to sign different data for same slot
    */
-  async createBlockProposal(
-    header: CheckpointHeader,
+  public createBlockProposal(
+    blockHeader: BlockHeader,
+    blockIndexWithinCheckpoint: IndexWithinCheckpoint,
+    inHash: Fr,
     archive: Fr,
     txs: Tx[],
     proposerAttesterAddress: EthAddress | undefined,
     options: BlockProposalOptions,
   ): Promise<BlockProposal> {
-    let payloadSigner: (payload: Buffer32) => Promise<Signature>;
-    if (proposerAttesterAddress !== undefined) {
-      payloadSigner = (payload: Buffer32) => this.keyStore.signMessageWithAddress(proposerAttesterAddress, payload);
-    } else {
-      // if there is no proposer attester address, just use the first signer
-      const signer = this.keyStore.getAddress(0);
-      payloadSigner = (payload: Buffer32) => this.keyStore.signMessageWithAddress(signer, payload);
-    }
-    // TODO: check if this is calculated earlier / can not be recomputed
-    const txHashes = await Promise.all(txs.map(tx => tx.getTxHash()));
-
     // For testing: change the new archive to trigger state_mismatch validation failure
     if (options.broadcastInvalidBlockProposal) {
       archive = Fr.random();
-      this.log.warn(`Creating INVALID block proposal for slot ${header.slotNumber}`);
+      this.log.warn(`Creating INVALID block proposal for slot ${blockHeader.globalVariables.slotNumber}`);
     }
 
+    // Create a signer that uses the appropriate address
+    const address = proposerAttesterAddress ?? this.keyStore.getAddress(0);
+    const payloadSigner = (payload: Buffer32, context: SigningContext) =>
+      this.keyStore.signMessageWithAddress(address, payload, context);
+
     return BlockProposal.createProposalFromSigner(
-      new ConsensusPayload(header, archive),
-      txHashes,
+      blockHeader,
+      blockIndexWithinCheckpoint,
+      inHash,
+      archive,
+      txs.map(tx => tx.getTxHash()),
       options.publishFullTxs ? txs : undefined,
       payloadSigner,
     );
   }
 
   /**
-   * Attest with selection of validators to the given block proposal, constructed by the current sequencer
+   * Create a checkpoint proposal with the last block header and checkpoint header
+   *
+   * @param checkpointHeader - The checkpoint header containing aggregated data
+   * @param archive - The archive of the checkpoint
+   * @param lastBlockInfo - Info about the last block (header, index, txs) or undefined
+   * @param proposerAttesterAddress - The address of the proposer
+   * @param options - Checkpoint proposal options
+   *
+   * @returns A checkpoint proposal signing the above information
+   */
+  public createCheckpointProposal(
+    checkpointHeader: CheckpointHeader,
+    archive: Fr,
+    feeAssetPriceModifier: bigint,
+    lastBlockInfo: CreateCheckpointProposalLastBlockData | undefined,
+    proposerAttesterAddress: EthAddress | undefined,
+    options: CheckpointProposalOptions,
+  ): Promise<CheckpointProposal> {
+    // For testing: change the archive to trigger state_mismatch validation failure
+    if (options.broadcastInvalidCheckpointProposal) {
+      archive = Fr.random();
+      this.log.warn(`Creating INVALID checkpoint proposal for slot ${checkpointHeader.slotNumber}`);
+    }
+
+    // Create a signer that takes payload and context, and uses the appropriate address
+    const payloadSigner = (payload: Buffer32, context: SigningContext) => {
+      const address = proposerAttesterAddress ?? this.keyStore.getAddress(0);
+      return this.keyStore.signMessageWithAddress(address, payload, context);
+    };
+
+    // Last block to include in the proposal
+    const lastBlock = lastBlockInfo && {
+      blockHeader: lastBlockInfo.blockHeader,
+      indexWithinCheckpoint: lastBlockInfo.indexWithinCheckpoint,
+      txHashes: lastBlockInfo.txs.map(tx => tx.getTxHash()),
+      txs: options.publishFullTxs ? lastBlockInfo.txs : undefined,
+    };
+
+    return CheckpointProposal.createProposalFromSigner(
+      checkpointHeader,
+      archive,
+      feeAssetPriceModifier,
+      lastBlock,
+      payloadSigner,
+    );
+  }
+
+  /**
+   * Attest with selection of validators to the given checkpoint proposal
    *
    * NOTE: This is just a blind signing.
    *       We assume that the proposal is valid and DA guarantees have been checked previously.
    *
-   * @param proposal - The proposal to attest to
+   * @param proposal - The checkpoint proposal (core version without lastBlock) to attest to
    * @param attestors - The validators to attest with
-   * @returns attestations
+   * @returns checkpoint attestations
    */
-  async attestToProposal(proposal: BlockProposal, attestors: EthAddress[]): Promise<BlockAttestation[]> {
+  async attestToCheckpointProposal(
+    proposal: CheckpointProposalCore,
+    attestors: EthAddress[],
+  ): Promise<CheckpointAttestation[]> {
+    // Create the attestation payload from the checkpoint proposal
+    const payload = new ConsensusPayload(proposal.checkpointHeader, proposal.archive, proposal.feeAssetPriceModifier);
     const buf = Buffer32.fromBuffer(
-      keccak256(proposal.payload.getPayloadToSign(SignatureDomainSeparator.blockAttestation)),
+      keccak256(payload.getPayloadToSign(SignatureDomainSeparator.checkpointAttestation)),
     );
-    const signatures = await Promise.all(
-      attestors.map(attestor => this.keyStore.signMessageWithAddress(attestor, buf)),
+
+    // TODO(spy/ha): Use checkpointNumber instead of blockNumber once CheckpointHeader includes it.
+    // CheckpointProposalCore doesn't have lastBlock info, so use 0 as a proxy.
+    // blockNumber is NOT used for the primary key so it's safe to use here.
+    // See CheckpointHeader TODO and SigningContext types documentation.
+    const blockNumber = BlockNumber(0);
+    const context: SigningContext = {
+      slot: proposal.slotNumber,
+      blockNumber,
+      dutyType: DutyType.ATTESTATION,
+    };
+
+    // Sign each attestor in parallel, catching HA errors per-attestor
+    const results = await Promise.allSettled(
+      attestors.map(async attestor => {
+        const sig = await this.keyStore.signMessageWithAddress(attestor, buf, context);
+        // return new BlockAttestation(proposal.payload, sig, proposal.signature);
+        return new CheckpointAttestation(payload, sig, proposal.signature);
+      }),
     );
-    return signatures.map(sig => new BlockAttestation(proposal.payload, sig, proposal.signature));
+
+    const attestations: CheckpointAttestation[] = [];
+    for (let i = 0; i < results.length; i++) {
+      const result = results[i];
+      if (result.status === 'fulfilled') {
+        attestations.push(result.value);
+      } else {
+        const error = result.reason;
+        if (error instanceof DutyAlreadySignedError || error instanceof SlashingProtectionError) {
+          this.log.info(
+            `Attestation for slot ${proposal.slotNumber} by ${attestors[i]} already signed by another High-Availability node`,
+          );
+          // Continue with remaining attestors
+        } else {
+          throw error;
+        }
+      }
+    }
+
+    return attestations;
   }
 
-  async signAttestationsAndSigners(
+  /**
+   * Sign attestations and signers payload
+   * @param attestationsAndSigners - The attestations and signers to sign
+   * @param proposer - The proposer address to sign with
+   * @param slot - The slot number for HA signing context
+   * @param blockNumber - The block or checkpoint number for HA signing context
+   * @returns signature
+   * @throws DutyAlreadySignedError if already signed by another HA node
+   * @throws SlashingProtectionError if attempting to sign different data for same slot
+   */
+  signAttestationsAndSigners(
     attestationsAndSigners: CommitteeAttestationsAndSigners,
     proposer: EthAddress,
+    slot: SlotNumber,
+    blockNumber: BlockNumber | CheckpointNumber,
   ): Promise<Signature> {
+    const context: SigningContext = {
+      slot,
+      blockNumber,
+      dutyType: DutyType.ATTESTATIONS_AND_SIGNERS,
+    };
+
     const buf = Buffer32.fromBuffer(
       keccak256(attestationsAndSigners.getPayloadToSign(SignatureDomainSeparator.attestationsAndSigners)),
     );
-    return await this.keyStore.signMessageWithAddress(proposer, buf);
+    return this.keyStore.signMessageWithAddress(proposer, buf, context);
   }
 }

package/src/factory.ts

@@ -1,21 +1,24 @@
+import type { BlobClientInterface } from '@aztec/blob-client/client';
 import type { EpochCache } from '@aztec/epoch-cache';
 import type { DateProvider } from '@aztec/foundation/timer';
 import type { KeystoreManager } from '@aztec/node-keystore';
 import { BlockProposalValidator, type P2PClient } from '@aztec/p2p';
-import type { L2BlockSource } from '@aztec/stdlib/block';
-import type { IFullNodeBlockBuilder, ValidatorClientFullConfig } from '@aztec/stdlib/interfaces/server';
+import type { L2BlockSink, L2BlockSource } from '@aztec/stdlib/block';
+import type { ValidatorClientFullConfig, WorldStateSynchronizer } from '@aztec/stdlib/interfaces/server';
 import type { L1ToL2MessageSource } from '@aztec/stdlib/messaging';
 import type { TelemetryClient } from '@aztec/telemetry-client';
 
 import { BlockProposalHandler } from './block_proposal_handler.js';
+import type { FullNodeCheckpointsBuilder } from './checkpoint_builder.js';
 import { ValidatorMetrics } from './metrics.js';
 import { ValidatorClient } from './validator.js';
 
 export function createBlockProposalHandler(
   config: ValidatorClientFullConfig,
   deps: {
-    blockBuilder: IFullNodeBlockBuilder;
-    blockSource: L2BlockSource;
+    checkpointsBuilder: FullNodeCheckpointsBuilder;
+    worldState: WorldStateSynchronizer;
+    blockSource: L2BlockSource & L2BlockSink;
     l1ToL2MessageSource: L1ToL2MessageSource;
     p2pClient: P2PClient;
     epochCache: EpochCache;
@@ -26,13 +29,16 @@ export function createBlockProposalHandler(
   const metrics = new ValidatorMetrics(deps.telemetry);
   const blockProposalValidator = new BlockProposalValidator(deps.epochCache, {
     txsPermitted: !config.disableTransactions,
+    maxTxsPerBlock: config.validateMaxTxsPerBlock,
   });
   return new BlockProposalHandler(
-    deps.blockBuilder,
+    deps.checkpointsBuilder,
+    deps.worldState,
     deps.blockSource,
     deps.l1ToL2MessageSource,
     deps.p2pClient.getTxProvider(),
     blockProposalValidator,
+    deps.epochCache,
     config,
     metrics,
     deps.dateProvider,
@@ -43,14 +49,16 @@ export function createBlockProposalHandler(
 export function createValidatorClient(
   config: ValidatorClientFullConfig,
   deps: {
-    blockBuilder: IFullNodeBlockBuilder;
+    checkpointsBuilder: FullNodeCheckpointsBuilder;
+    worldState: WorldStateSynchronizer;
     p2pClient: P2PClient;
-    blockSource: L2BlockSource;
+    blockSource: L2BlockSource & L2BlockSink;
     l1ToL2MessageSource: L1ToL2MessageSource;
     telemetry: TelemetryClient;
     dateProvider: DateProvider;
     epochCache: EpochCache;
     keyStoreManager: KeystoreManager | undefined;
+    blobClient: BlobClientInterface;
   },
 ) {
   if (config.disableValidator || !deps.keyStoreManager) {
@@ -60,13 +68,15 @@ export function createValidatorClient(
   const txProvider = deps.p2pClient.getTxProvider();
   return ValidatorClient.new(
     config,
-    deps.blockBuilder,
+    deps.checkpointsBuilder,
+    deps.worldState,
     deps.epochCache,
     deps.p2pClient,
     deps.blockSource,
     deps.l1ToL2MessageSource,
     txProvider,
     deps.keyStoreManager,
+    deps.blobClient,
     deps.dateProvider,
     deps.telemetry,
   );

package/src/index.ts

@@ -1,4 +1,5 @@
 export * from './block_proposal_handler.js';
+export * from './checkpoint_builder.js';
 export * from './config.js';
 export * from './factory.js';
 export * from './validator.js';

package/src/key_store/ha_key_store.ts

@@ -0,0 +1,269 @@
+/**
+ * High Availability Key Store
+ *
+ * A ValidatorKeyStore wrapper that adds slashing protection for HA validator setups.
+ * When multiple validator nodes are running, only one node will sign for a given duty.
+ */
+import { Buffer32 } from '@aztec/foundation/buffer';
+import type { EthAddress } from '@aztec/foundation/eth-address';
+import type { Signature } from '@aztec/foundation/eth-signature';
+import { createLogger } from '@aztec/foundation/log';
+import type { EthRemoteSignerConfig } from '@aztec/node-keystore';
+import type { AztecAddress } from '@aztec/stdlib/aztec-address';
+import { DutyAlreadySignedError, SlashingProtectionError } from '@aztec/validator-ha-signer/errors';
+import {
+  type HAProtectedSigningContext,
+  type SigningContext,
+  isHAProtectedContext,
+} from '@aztec/validator-ha-signer/types';
+import type { ValidatorHASigner } from '@aztec/validator-ha-signer/validator-ha-signer';
+
+import { type TypedDataDefinition, hashTypedData } from 'viem';
+
+import type { ExtendedValidatorKeyStore } from './interface.js';
+
+/**
+ * High Availability Key Store
+ *
+ * Wraps a base ExtendedValidatorKeyStore and ValidatorHASigner to provide
+ * HA-protected signing operations (when context is provided).
+ *
+ * The extended interface methods (getAttesterAddresses, getCoinbaseAddress, etc.)
+ * are pure pass-through since they don't require HA coordination.
+ *
+ * Usage:
+ * ```typescript
+ * const baseKeyStore = NodeKeystoreAdapter.fromPrivateKeys(privateKeys);
+ * const haSigner = new ValidatorHASigner(db, config);
+ * const haKeyStore = new HAKeyStore(baseKeyStore, haSigner);
+ *
+ * // Without context - signs directly (no HA protection)
+ * const sig = await haKeyStore.signMessageWithAddress(addr, msg);
+ *
+ * // With context - HA protected, throws DutyAlreadySignedError if already signed
+ * const result = await haKeyStore.signMessageWithAddress(addr, msg, {
+ *   slot: 100n,
+ *   blockNumber: 50n,
+ *   dutyType: DutyType.BLOCK_PROPOSAL,
+ * });
+ * ```
+ */
+export class HAKeyStore implements ExtendedValidatorKeyStore {
+  private readonly log = createLogger('ha-key-store');
+
+  constructor(
+    private readonly baseKeyStore: ExtendedValidatorKeyStore,
+    private readonly haSigner: ValidatorHASigner,
+  ) {
+    this.log.info('HAKeyStore initialized', {
+      nodeId: haSigner.nodeId,
+    });
+  }
+
+  /**
+   * Sign typed data with all addresses.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * Returns only signatures that were successfully claimed by this node.
+   */
+  async signTypedData(typedData: TypedDataDefinition, context: SigningContext): Promise<Signature[]> {
+    // no need for HA protection on auth request and txs signatures
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signTypedData(typedData, context);
+    }
+
+    // Sign each address with HA protection
+    const addresses = this.getAddresses();
+    const results = await Promise.allSettled(
+      addresses.map(addr => this.signTypedDataWithAddress(addr, typedData, context)),
+    );
+
+    // Filter out failures (already signed by other nodes or other errors)
+    return results
+      .filter((result): result is PromiseFulfilledResult<Signature> => {
+        if (result.status === 'fulfilled') {
+          return true;
+        }
+        // Log expected HA errors (already signed) at debug level
+        if (result.reason instanceof DutyAlreadySignedError) {
+          this.log.debug(`Duty already signed by another node`, {
+            dutyType: context.dutyType,
+            slot: context.slot,
+            signedByNode: result.reason.signedByNode,
+          });
+          return false;
+        }
+        // Re-throw unexpected errors
+        throw result.reason;
+      })
+      .map(result => result.value);
+  }
+
+  /**
+   * Sign a message with all addresses.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * Returns only signatures that were successfully claimed by this node.
+   */
+  async signMessage(message: Buffer32, context: SigningContext): Promise<Signature[]> {
+    // no need for HA protection on auth request and txs signatures
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signMessage(message, context);
+    }
+
+    // Sign each address with HA protection
+    const addresses = this.getAddresses();
+    const results = await Promise.allSettled(
+      addresses.map(addr => this.signMessageWithAddress(addr, message, context)),
+    );
+
+    // Filter out failures (already signed by other nodes or other errors)
+    return results
+      .filter((result): result is PromiseFulfilledResult<Signature> => {
+        if (result.status === 'fulfilled') {
+          return true;
+        }
+        // Log expected HA errors (already signed) at debug level
+        if (result.reason instanceof DutyAlreadySignedError) {
+          this.log.debug(`Duty already signed by another node`, {
+            dutyType: context.dutyType,
+            slot: context.slot,
+            signedByNode: result.reason.signedByNode,
+          });
+          return false;
+        }
+        // Re-throw unexpected errors
+        throw result.reason;
+      })
+      .map(result => result.value);
+  }
+
+  /**
+   * Sign typed data with a specific address.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * @throws DutyAlreadySignedError if the duty was already signed by another node
+   * @throws SlashingProtectionError if attempting to sign different data for the same slot
+   */
+  async signTypedDataWithAddress(
+    address: EthAddress,
+    typedData: TypedDataDefinition,
+    context: SigningContext,
+  ): Promise<Signature> {
+    // AUTH_REQUEST and TXS bypass HA protection - multiple signatures are safe
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signTypedDataWithAddress(address, typedData, context);
+    }
+
+    // Compute signing root from typed data for HA tracking
+    const digest = hashTypedData(typedData);
+    const messageHash = Buffer32.fromString(digest);
+
+    try {
+      return await this.haSigner.signWithProtection(address, messageHash, context, () =>
+        this.baseKeyStore.signTypedDataWithAddress(address, typedData, context),
+      );
+    } catch (error) {
+      this.processSigningError(error, context);
+      throw error;
+    }
+  }
+
+  /**
+   * Sign a message with a specific address.
+   * Coordinates across nodes to prevent double-signing for most duty types.
+   * AUTH_REQUEST and TXS duties bypass HA protection since signing multiple times is safe.
+   * @throws DutyAlreadySignedError if the duty was already signed by another node
+   * @throws SlashingProtectionError if attempting to sign different data for the same slot
+   */
+  async signMessageWithAddress(address: EthAddress, message: Buffer32, context: SigningContext): Promise<Signature> {
+    // no need for HA protection on auth request and txs signatures
+    if (!isHAProtectedContext(context)) {
+      return this.baseKeyStore.signMessageWithAddress(address, message, context);
+    }
+
+    try {
+      return await this.haSigner.signWithProtection(address, message, context, messageHash =>
+        this.baseKeyStore.signMessageWithAddress(address, messageHash, context),
+      );
+    } catch (error) {
+      this.processSigningError(error, context);
+      throw error;
+    }
+  }
+
+  // ─────────────────────────────────────────────────────────────────────────────
+  // pass-through methods (no HA logic needed)
+  // ─────────────────────────────────────────────────────────────────────────────
+
+  getAddress(index: number): EthAddress {
+    return this.baseKeyStore.getAddress(index);
+  }
+
+  getAddresses(): EthAddress[] {
+    return this.baseKeyStore.getAddresses();
+  }
+
+  getAttesterAddresses(): EthAddress[] {
+    return this.baseKeyStore.getAttesterAddresses();
+  }
+
+  getCoinbaseAddress(attesterAddress: EthAddress): EthAddress {
+    return this.baseKeyStore.getCoinbaseAddress(attesterAddress);
+  }
+
+  getPublisherAddresses(attesterAddress: EthAddress): EthAddress[] {
+    return this.baseKeyStore.getPublisherAddresses(attesterAddress);
+  }
+
+  getFeeRecipient(attesterAddress: EthAddress): AztecAddress {
+    return this.baseKeyStore.getFeeRecipient(attesterAddress);
+  }
+
+  getRemoteSignerConfig(attesterAddress: EthAddress): EthRemoteSignerConfig | undefined {
+    return this.baseKeyStore.getRemoteSignerConfig(attesterAddress);
+  }
+
+  /**
+   * Process signing errors from the HA signer.
+   * Logs expected HA errors (already signed) at appropriate levels.
+   * Re-throws unexpected errors.
+   */
+  private processSigningError(error: unknown, context: HAProtectedSigningContext) {
+    if (error instanceof DutyAlreadySignedError) {
+      this.log.debug(`Duty already signed by another node with the same payload`, {
+        dutyType: context.dutyType,
+        slot: context.slot,
+        signedByNode: error.signedByNode,
+      });
+      return;
+    }
+
+    if (error instanceof SlashingProtectionError) {
+      this.log.warn(`Duty already signed by another node with different payload`, {
+        dutyType: context.dutyType,
+        slot: context.slot,
+        existingMessageHash: error.existingMessageHash,
+        attemptedMessageHash: error.attemptedMessageHash,
+      });
+      return;
+    }
+
+    // Re-throw errors
+    throw error;
+  }
+
+  /**
+   * Start the high-availability key store
+   */
+  public async start() {
+    await this.haSigner.start();
+  }
+
+  /**
+   * Stop the high-availability key store
+   */
+  public async stop() {
+    await this.haSigner.stop();
+  }
+}

package/src/key_store/index.ts

@@ -2,3 +2,4 @@ export * from './interface.js';
 export * from './local_key_store.js';
 export * from './node_keystore_adapter.js';
 export * from './web3signer_key_store.js';
+export * from './ha_key_store.js';

package/src/key_store/interface.ts

@@ -3,6 +3,7 @@ import type { EthAddress } from '@aztec/foundation/eth-address';
 import type { Signature } from '@aztec/foundation/eth-signature';
 import type { EthRemoteSignerConfig } from '@aztec/node-keystore';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
+import type { SigningContext } from '@aztec/validator-ha-signer/types';
 
 import type { TypedDataDefinition } from 'viem';
 
@@ -26,17 +27,45 @@ export interface ValidatorKeyStore {
    */
   getAddresses(): EthAddress[];
 
-  signTypedData(typedData: TypedDataDefinition): Promise<Signature[]>;
-  signTypedDataWithAddress(address: EthAddress, typedData: TypedDataDefinition): Promise<Signature>;
+  /**
+   * Sign typed data with all keystore private keys
+   * @param typedData - The complete EIP-712 typed data structure
+   * @param context - Signing context for HA slashing protection
+   * @returns signatures (when context provided with HA, only successfully claimed signatures are returned)
+   */
+  signTypedData(typedData: TypedDataDefinition, context: SigningContext): Promise<Signature[]>;
+
+  /**
+   * Sign typed data with a specific address's private key
+   * @param address - The address of the signer to use
+   * @param typedData - The complete EIP-712 typed data structure
+   * @param context - Signing context for HA slashing protection
+   * @returns signature
+   */
+  signTypedDataWithAddress(
+    address: EthAddress,
+    typedData: TypedDataDefinition,
+    context: SigningContext,
+  ): Promise<Signature>;
+
   /**
    * Flavor of sign message that followed EIP-712 eth signed message prefix
    * Note: this is only required when we are using ecdsa signatures over secp256k1
    *
    * @param message - The message to sign.
-   * @returns The signatures.
+   * @param context - Signing context for HA slashing protection
+   * @returns The signatures (when context provided with HA, only successfully claimed signatures are returned).
    */
-  signMessage(message: Buffer32): Promise<Signature[]>;
-  signMessageWithAddress(address: EthAddress, message: Buffer32): Promise<Signature>;
+  signMessage(message: Buffer32, context: SigningContext): Promise<Signature[]>;
+
+  /**
+   * Sign a message with a specific address's private key
+   * @param address - The address of the signer to use
+   * @param message - The message to sign
+   * @param context - Signing context for HA slashing protection
+   * @returns signature
+   */
+  signMessageWithAddress(address: EthAddress, message: Buffer32, context: SigningContext): Promise<Signature>;
 }
 
 /**
@@ -79,4 +108,14 @@ export interface ExtendedValidatorKeyStore extends ValidatorKeyStore {
    * @returns the remote signer configuration or undefined
    */
   getRemoteSignerConfig(attesterAddress: EthAddress): EthRemoteSignerConfig | undefined;
+
+  /**
+   * Start the key store
+   */
+  start(): Promise<void>;
+
+  /**
+   * Stop the key store
+   */
+  stop(): Promise<void>;
 }