npm - @aztec/validator-client - Versions diffs - 0.0.1-commit.ff7989d6c → 0.0.1-commit.ffe5b04ea - Mend

@aztec/validator-client 0.0.1-commit.ff7989d6c → 0.0.1-commit.ffe5b04ea

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/README.md +42 -0
package/dest/block_proposal_handler.d.ts +2 -2
package/dest/block_proposal_handler.d.ts.map +1 -1
package/dest/block_proposal_handler.js +45 -26
package/dest/checkpoint_builder.d.ts +13 -3
package/dest/checkpoint_builder.d.ts.map +1 -1
package/dest/checkpoint_builder.js +71 -18
package/dest/config.d.ts +1 -1
package/dest/config.d.ts.map +1 -1
package/dest/config.js +22 -1
package/dest/duties/validation_service.d.ts +1 -1
package/dest/duties/validation_service.d.ts.map +1 -1
package/dest/duties/validation_service.js +2 -8
package/dest/factory.d.ts +1 -1
package/dest/factory.d.ts.map +1 -1
package/dest/factory.js +2 -1
package/dest/index.d.ts +1 -2
package/dest/index.d.ts.map +1 -1
package/dest/index.js +0 -1
package/dest/metrics.d.ts +9 -1
package/dest/metrics.d.ts.map +1 -1
package/dest/metrics.js +12 -0
package/dest/validator.d.ts +5 -3
package/dest/validator.d.ts.map +1 -1
package/dest/validator.js +50 -25
package/package.json +19 -19
package/src/block_proposal_handler.ts +52 -33
package/src/checkpoint_builder.ts +83 -14
package/src/config.ts +22 -1
package/src/duties/validation_service.ts +2 -8
package/src/factory.ts +1 -0
package/src/index.ts +0 -1
package/src/metrics.ts +18 -0
package/src/validator.ts +48 -27
package/dest/tx_validator/index.d.ts +0 -3
package/dest/tx_validator/index.d.ts.map +0 -1
package/dest/tx_validator/index.js +0 -2
package/dest/tx_validator/nullifier_cache.d.ts +0 -14
package/dest/tx_validator/nullifier_cache.d.ts.map +0 -1
package/dest/tx_validator/nullifier_cache.js +0 -24
package/dest/tx_validator/tx_validator_factory.d.ts +0 -19
package/dest/tx_validator/tx_validator_factory.d.ts.map +0 -1
package/dest/tx_validator/tx_validator_factory.js +0 -54
package/src/tx_validator/index.ts +0 -2
package/src/tx_validator/nullifier_cache.ts +0 -30
package/src/tx_validator/tx_validator_factory.ts +0 -154

package/src/checkpoint_builder.ts CHANGED Viewed

@@ -1,10 +1,12 @@
+import { NUM_CHECKPOINT_END_MARKER_FIELDS, getNumBlockEndBlobFields } from '@aztec/blob-lib/encoding';
+import { BLOBS_PER_CHECKPOINT, FIELDS_PER_BLOB, MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT } from '@aztec/constants';
 import { BlockNumber, CheckpointNumber } from '@aztec/foundation/branded-types';
-import { merge, pick } from '@aztec/foundation/collection';
+import { merge, pick, sum } from '@aztec/foundation/collection';
 import { Fr } from '@aztec/foundation/curves/bn254';
 import { type Logger, type LoggerBindings, createLogger } from '@aztec/foundation/log';
 import { bufferToHex } from '@aztec/foundation/string';
 import { DateProvider, elapsed } from '@aztec/foundation/timer';
-import { getDefaultAllowedSetupFunctions } from '@aztec/p2p/msg_validators';
+import { createTxValidatorForBlockBuilding, getDefaultAllowedSetupFunctions } from '@aztec/p2p/msg_validators';
 import { LightweightCheckpointBuilder } from '@aztec/prover-client/light';
 import {
   GuardedMerkleTreeOperations,
@@ -28,12 +30,11 @@ import {
   type PublicProcessorLimits,
   type WorldStateSynchronizer,
 } from '@aztec/stdlib/interfaces/server';
+import { type DebugLogStore, NullDebugLogStore } from '@aztec/stdlib/logs';
 import { MerkleTreeId } from '@aztec/stdlib/trees';
 import { type CheckpointGlobalVariables, GlobalVariables, StateReference, Tx } from '@aztec/stdlib/tx';
 import { type TelemetryClient, getTelemetryClient } from '@aztec/telemetry-client';
-import { createValidatorForBlockBuilding } from './tx_validator/tx_validator_factory.js';
 // Re-export for backward compatibility
 export type { BuildBlockInCheckpointResult } from '@aztec/stdlib/interfaces/server';
@@ -52,6 +53,7 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     private dateProvider: DateProvider,
     private telemetryClient: TelemetryClient,
     bindings?: LoggerBindings,
+    private debugLogStore: DebugLogStore = new NullDebugLogStore(),
   ) {
     this.log = createLogger('checkpoint-builder', {
       ...bindings,
@@ -65,6 +67,7 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
   /**
    * Builds a single block within this checkpoint.
+   * Automatically caps gas and blob field limits based on checkpoint-level budgets and prior blocks.
    */
   async buildBlock(
     pendingTxs: Iterable<Tx> | AsyncIterable<Tx>,
@@ -94,8 +97,14 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     });
     const { processor, validator } = await this.makeBlockBuilderDeps(globalVariables, this.fork);
-    const [publicProcessorDuration, [processedTxs, failedTxs, usedTxs, _, usedTxBlobFields]] = await elapsed(() =>
-      processor.process(pendingTxs, opts, validator),
+    // Cap gas limits amd available blob fields by remaining checkpoint-level budgets
+    const cappedOpts: PublicProcessorLimits & { expectedEndState?: StateReference } = {
+      ...opts,
+      ...this.capLimitsByCheckpointBudgets(opts),
+    };
+    const [publicProcessorDuration, [processedTxs, failedTxs, usedTxs]] = await elapsed(() =>
+      processor.process(pendingTxs, cappedOpts, validator),
     );
     // Throw if we didn't collect a single valid tx and we're not allowed to build empty blocks
@@ -105,13 +114,10 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     }
     // Add block to checkpoint
-    const block = await this.checkpointBuilder.addBlock(globalVariables, processedTxs, {
+    const { block } = await this.checkpointBuilder.addBlock(globalVariables, processedTxs, {
       expectedEndState: opts.expectedEndState,
     });
-    // How much public gas was processed
-    const publicGas = processedTxs.reduce((acc, tx) => acc.add(tx.gasUsed.publicGas), Gas.empty());
     this.log.debug('Built block within checkpoint', {
       header: block.header.toInspect(),
       processedTxs: processedTxs.map(tx => tx.hash.toString()),
@@ -120,12 +126,10 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     return {
       block,
-      publicGas,
       publicProcessorDuration,
       numTxs: processedTxs.length,
       failedTxs,
       usedTxs,
-      usedTxBlobFields,
     };
   }
@@ -147,11 +151,71 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     return this.checkpointBuilder.clone().completeCheckpoint();
   }
+  /**
+   * Caps per-block gas and blob field limits by remaining checkpoint-level budgets.
+   * Computes remaining L2 gas (mana), DA gas, and blob fields from blocks already added to the checkpoint,
+   * then returns opts with maxBlockGas and maxBlobFields capped accordingly.
+   */
+  protected capLimitsByCheckpointBudgets(
+    opts: PublicProcessorLimits,
+  ): Pick<PublicProcessorLimits, 'maxBlockGas' | 'maxBlobFields' | 'maxTransactions'> {
+    const existingBlocks = this.checkpointBuilder.getBlocks();
+    // Remaining L2 gas (mana)
+    // IMPORTANT: This assumes mana is computed solely based on L2 gas used in transactions.
+    // This may change in the future.
+    const usedMana = sum(existingBlocks.map(b => b.header.totalManaUsed.toNumber()));
+    const remainingMana = this.config.rollupManaLimit - usedMana;
+    // Remaining DA gas
+    const usedDAGas = sum(existingBlocks.map(b => b.computeDAGasUsed())) ?? 0;
+    const remainingDAGas = MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT - usedDAGas;
+    // Remaining blob fields (block blob fields include both tx data and block-end overhead)
+    const usedBlobFields = sum(existingBlocks.map(b => b.toBlobFields().length));
+    const totalBlobCapacity = BLOBS_PER_CHECKPOINT * FIELDS_PER_BLOB - NUM_CHECKPOINT_END_MARKER_FIELDS;
+    const isFirstBlock = existingBlocks.length === 0;
+    const blockEndOverhead = getNumBlockEndBlobFields(isFirstBlock);
+    const maxBlobFieldsForTxs = totalBlobCapacity - usedBlobFields - blockEndOverhead;
+    // Cap L2 gas by remaining checkpoint mana
+    const cappedL2Gas = Math.min(opts.maxBlockGas?.l2Gas ?? remainingMana, remainingMana);
+    // Cap DA gas by remaining checkpoint DA gas budget
+    const cappedDAGas = Math.min(opts.maxBlockGas?.daGas ?? remainingDAGas, remainingDAGas);
+    // Cap blob fields by remaining checkpoint blob capacity
+    const cappedBlobFields =
+      opts.maxBlobFields !== undefined ? Math.min(opts.maxBlobFields, maxBlobFieldsForTxs) : maxBlobFieldsForTxs;
+    // Cap transaction count by remaining checkpoint tx budget
+    let cappedMaxTransactions: number | undefined;
+    if (this.config.maxTxsPerCheckpoint !== undefined) {
+      const usedTxs = sum(existingBlocks.map(b => b.body.txEffects.length));
+      const remainingTxs = Math.max(0, this.config.maxTxsPerCheckpoint - usedTxs);
+      cappedMaxTransactions =
+        opts.maxTransactions !== undefined ? Math.min(opts.maxTransactions, remainingTxs) : remainingTxs;
+    } else {
+      cappedMaxTransactions = opts.maxTransactions;
+    }
+    return {
+      maxBlockGas: new Gas(cappedDAGas, cappedL2Gas),
+      maxBlobFields: cappedBlobFields,
+      maxTransactions: cappedMaxTransactions,
+    };
+  }
   protected async makeBlockBuilderDeps(globalVariables: GlobalVariables, fork: MerkleTreeWriteOperations) {
-    const txPublicSetupAllowList = this.config.txPublicSetupAllowList ?? (await getDefaultAllowedSetupFunctions());
+    const txPublicSetupAllowList = [
+      ...(await getDefaultAllowedSetupFunctions()),
+      ...(this.config.txPublicSetupAllowListExtend ?? []),
+    ];
     const contractsDB = new PublicContractsDB(this.contractDataSource, this.log.getBindings());
     const guardedFork = new GuardedMerkleTreeOperations(fork);
+    const collectDebugLogs = this.debugLogStore.isEnabled;
     const bindings = this.log.getBindings();
     const publicTxSimulator = createPublicTxSimulatorForBlockBuilding(
       guardedFork,
@@ -159,6 +223,7 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
       globalVariables,
       this.telemetryClient,
       bindings,
+      collectDebugLogs,
     );
     const processor = new PublicProcessor(
@@ -170,9 +235,10 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
       this.telemetryClient,
       createLogger('simulator:public-processor', bindings),
       this.config,
+      this.debugLogStore,
     );
-    const validator = createValidatorForBlockBuilding(
+    const validator = createTxValidatorForBlockBuilding(
       fork,
       this.contractDataSource,
       globalVariables,
@@ -197,6 +263,7 @@ export class FullNodeCheckpointsBuilder implements ICheckpointsBuilder {
     private contractDataSource: ContractDataSource,
     private dateProvider: DateProvider,
     private telemetryClient: TelemetryClient = getTelemetryClient(),
+    private debugLogStore: DebugLogStore = new NullDebugLogStore(),
   ) {
     this.log = createLogger('checkpoint-builder');
   }
@@ -251,6 +318,7 @@ export class FullNodeCheckpointsBuilder implements ICheckpointsBuilder {
       this.dateProvider,
       this.telemetryClient,
       bindings,
+      this.debugLogStore,
     );
   }
@@ -311,6 +379,7 @@ export class FullNodeCheckpointsBuilder implements ICheckpointsBuilder {
       this.dateProvider,
       this.telemetryClient,
       bindings,
+      this.debugLogStore,
     );
   }

package/src/config.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import {
   secretValueConfigHelper,
 } from '@aztec/foundation/config';
 import { EthAddress } from '@aztec/foundation/eth-address';
-import { validatorHASignerConfigMappings } from '@aztec/stdlib/ha-signing';
+import { localSignerConfigMappings, validatorHASignerConfigMappings } from '@aztec/stdlib/ha-signing';
 import type { ValidatorClientConfig } from '@aztec/stdlib/interfaces/server';
 export type { ValidatorClientConfig };
@@ -77,6 +77,27 @@ export const validatorClientConfigMappings: ConfigMappingsType<ValidatorClientCo
     description: 'Agree to attest to equivocated checkpoint proposals (for testing purposes only)',
     ...booleanConfigHelper(false),
   },
+  validateMaxL2BlockGas: {
+    env: 'VALIDATOR_MAX_L2_BLOCK_GAS',
+    description: 'Maximum L2 block gas for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
+  validateMaxDABlockGas: {
+    env: 'VALIDATOR_MAX_DA_BLOCK_GAS',
+    description: 'Maximum DA block gas for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
+  validateMaxTxsPerBlock: {
+    env: 'VALIDATOR_MAX_TX_PER_BLOCK',
+    description: 'Maximum transactions per block for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
+  validateMaxTxsPerCheckpoint: {
+    env: 'VALIDATOR_MAX_TX_PER_CHECKPOINT',
+    description: 'Maximum transactions per checkpoint for validation. Proposals exceeding this limit are rejected.',
+    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+  },
+  ...localSignerConfigMappings,
   ...validatorHASignerConfigMappings,
 };

package/src/duties/validation_service.ts CHANGED Viewed

@@ -150,16 +150,10 @@ export class ValidationService {
     );
     // TODO(spy/ha): Use checkpointNumber instead of blockNumber once CheckpointHeader includes it.
-    // Currently using lastBlock.blockNumber as a proxy for checkpoint identification in HA signing.
+    // CheckpointProposalCore doesn't have lastBlock info, so use 0 as a proxy.
     // blockNumber is NOT used for the primary key so it's safe to use here.
     // See CheckpointHeader TODO and SigningContext types documentation.
-    let blockNumber: BlockNumber;
-    try {
-      blockNumber = proposal.blockNumber;
-    } catch {
-      // Checkpoint proposal may not have lastBlock, use 0 as fallback
-      blockNumber = BlockNumber(0);
-    }
+    const blockNumber = BlockNumber(0);
     const context: SigningContext = {
       slot: proposal.slotNumber,
       blockNumber,

package/src/factory.ts CHANGED Viewed

@@ -29,6 +29,7 @@ export function createBlockProposalHandler(
   const metrics = new ValidatorMetrics(deps.telemetry);
   const blockProposalValidator = new BlockProposalValidator(deps.epochCache, {
     txsPermitted: !config.disableTransactions,
+    maxTxsPerBlock: config.validateMaxTxsPerBlock,
   });
   return new BlockProposalHandler(
     deps.checkpointsBuilder,

package/src/index.ts CHANGED Viewed

@@ -4,4 +4,3 @@ export * from './config.js';
 export * from './factory.js';
 export * from './validator.js';
 export * from './key_store/index.js';
-export * from './tx_validator/index.js';

package/src/metrics.ts CHANGED Viewed

@@ -1,3 +1,5 @@
+import type { EpochNumber } from '@aztec/foundation/branded-types';
+import type { EthAddress } from '@aztec/foundation/eth-address';
 import type { BlockProposal } from '@aztec/stdlib/p2p';
 import {
   Attributes,
@@ -16,6 +18,8 @@ export class ValidatorMetrics {
   private successfulAttestationsCount: UpDownCounter;
   private failedAttestationsBadProposalCount: UpDownCounter;
   private failedAttestationsNodeIssueCount: UpDownCounter;
+  private currentEpoch: Gauge;
+  private attestedEpochCount: UpDownCounter;
   private reexMana: Histogram;
   private reexTx: Histogram;
@@ -64,6 +68,10 @@ export class ValidatorMetrics {
       },
     );
+    this.currentEpoch = meter.createGauge(Metrics.VALIDATOR_CURRENT_EPOCH);
+    this.attestedEpochCount = createUpDownCounterWithDefault(meter, Metrics.VALIDATOR_ATTESTED_EPOCH_COUNT);
     this.reexMana = meter.createHistogram(Metrics.VALIDATOR_RE_EXECUTION_MANA);
     this.reexTx = meter.createHistogram(Metrics.VALIDATOR_RE_EXECUTION_TX_COUNT);
@@ -110,4 +118,14 @@ export class ValidatorMetrics {
       [Attributes.IS_COMMITTEE_MEMBER]: inCommittee,
     });
   }
+  /** Update the gauge tracking the current epoch number (proxy for total epochs elapsed). */
+  public setCurrentEpoch(epoch: EpochNumber) {
+    this.currentEpoch.record(Number(epoch));
+  }
+  /** Increment the count of epochs in which the given attester submitted at least one attestation. */
+  public incAttestedEpochCount(attester: EthAddress) {
+    this.attestedEpochCount.add(1, { [Attributes.ATTESTER_ADDRESS]: attester.toString() });
+  }
 }

package/src/validator.ts CHANGED Viewed

@@ -24,6 +24,7 @@ import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol }
 import { OffenseType, WANT_TO_SLASH_EVENT, type Watcher, type WatcherEmitter } from '@aztec/slasher';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
 import type { CommitteeAttestationsAndSigners, L2Block, L2BlockSink, L2BlockSource } from '@aztec/stdlib/block';
+import { validateCheckpoint } from '@aztec/stdlib/checkpoint';
 import { getEpochAtSlot, getTimestampForSlot } from '@aztec/stdlib/epoch-helpers';
 import type {
   CreateCheckpointProposalLastBlockData,
@@ -45,7 +46,7 @@ import type { CheckpointHeader } from '@aztec/stdlib/rollup';
 import type { BlockHeader, CheckpointGlobalVariables, Tx } from '@aztec/stdlib/tx';
 import { AttestationTimeoutError } from '@aztec/stdlib/validators';
 import { type TelemetryClient, type Tracer, getTelemetryClient } from '@aztec/telemetry-client';
-import { createHASigner } from '@aztec/validator-ha-signer/factory';
+import { createHASigner, createLocalSignerWithProtection } from '@aztec/validator-ha-signer/factory';
 import { DutyType, type SigningContext } from '@aztec/validator-ha-signer/types';
 import type { ValidatorHASigner } from '@aztec/validator-ha-signer/validator-ha-signer';
@@ -89,6 +90,8 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
   private lastEpochForCommitteeUpdateLoop: EpochNumber | undefined;
   private epochCacheUpdateLoop: RunningPromise;
+  /** Tracks the last epoch in which each attester successfully submitted at least one attestation. */
+  private lastAttestedEpochByAttester: Map<string, EpochNumber> = new Map();
   private proposersOfInvalidBlocks: Set<string> = new Set();
@@ -106,7 +109,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     private l1ToL2MessageSource: L1ToL2MessageSource,
     private config: ValidatorClientFullConfig,
     private blobClient: BlobClientInterface,
-    private haSigner: ValidatorHASigner | undefined,
+    private slashingProtectionSigner: ValidatorHASigner,
     private dateProvider: DateProvider = new DateProvider(),
     telemetry: TelemetryClient = getTelemetryClient(),
     log = createLogger('validator'),
@@ -160,6 +163,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
         this.log.trace(`No committee found for slot`);
         return;
       }
+      this.metrics.setCurrentEpoch(epoch);
       if (epoch !== this.lastEpochForCommitteeUpdateLoop) {
         const me = this.getValidatorAddresses();
         const committeeSet = new Set(committee.map(v => v.toString()));
@@ -197,6 +201,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     const metrics = new ValidatorMetrics(telemetry);
     const blockProposalValidator = new BlockProposalValidator(epochCache, {
       txsPermitted: !config.disableTransactions,
+      maxTxsPerBlock: config.validateMaxTxsPerBlock,
     });
     const blockProposalHandler = new BlockProposalHandler(
       checkpointsBuilder,
@@ -213,18 +218,27 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     );
     const nodeKeystoreAdapter = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
-    let validatorKeyStore: ExtendedValidatorKeyStore = nodeKeystoreAdapter;
-    let haSigner: ValidatorHASigner | undefined;
+    let slashingProtectionSigner: ValidatorHASigner;
     if (config.haSigningEnabled) {
+      // Multi-node HA mode: use PostgreSQL-backed distributed locking.
       // If maxStuckDutiesAgeMs is not explicitly set, compute it from Aztec slot duration
       const haConfig = {
         ...config,
         maxStuckDutiesAgeMs: config.maxStuckDutiesAgeMs ?? epochCache.getL1Constants().slotDuration * 2 * 1000,
       };
-      const { signer } = await createHASigner(haConfig, { telemetryClient: telemetry, dateProvider });
-      haSigner = signer;
-      validatorKeyStore = new HAKeyStore(nodeKeystoreAdapter, signer);
+      ({ signer: slashingProtectionSigner } = await createHASigner(haConfig, {
+        telemetryClient: telemetry,
+        dateProvider,
+      }));
+    } else {
+      // Single-node mode: use LMDB-backed local signing protection.
+      // This prevents double-signing if the node crashes and restarts mid-proposal.
+      ({ signer: slashingProtectionSigner } = await createLocalSignerWithProtection(config, {
+        telemetryClient: telemetry,
+        dateProvider,
+      }));
     }
+    const validatorKeyStore: ExtendedValidatorKeyStore = new HAKeyStore(nodeKeystoreAdapter, slashingProtectionSigner);
     const validator = new ValidatorClient(
       validatorKeyStore,
@@ -237,7 +251,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
       l1ToL2MessageSource,
       config,
       blobClient,
-      haSigner,
+      slashingProtectionSigner,
       dateProvider,
       telemetry,
     );
@@ -276,24 +290,8 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
   }
   public reloadKeystore(newManager: KeystoreManager): void {
-    if (this.config.haSigningEnabled && !this.haSigner) {
-      this.log.warn(
-        'HA signing is enabled in config but was not initialized at startup. ' +
-          'Restart the node to enable HA signing.',
-      );
-    } else if (!this.config.haSigningEnabled && this.haSigner) {
-      this.log.warn(
-        'HA signing was disabled via config update but the HA signer is still active. ' +
-          'Restart the node to fully disable HA signing.',
-      );
-    }
     const newAdapter = NodeKeystoreAdapter.fromKeyStoreManager(newManager);
-    if (this.haSigner) {
-      this.keyStore = new HAKeyStore(newAdapter, this.haSigner);
-    } else {
-      this.keyStore = newAdapter;
-    }
+    this.keyStore = new HAKeyStore(newAdapter, this.slashingProtectionSigner);
     this.validationService = new ValidationService(this.keyStore, this.log.createChild('validation-service'));
   }
@@ -515,11 +513,9 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
       slotNumber,
       archive: proposal.archive.toString(),
       proposer: proposer.toString(),
-      txCount: proposal.txHashes.length,
     };
     this.log.info(`Received checkpoint proposal for slot ${slotNumber}`, {
       ...proposalInfo,
-      txHashes: proposal.txHashes.map(t => t.toString()),
       fishermanMode: this.config.fishermanMode || false,
     });
@@ -555,6 +551,17 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     this.metrics.incSuccessfulAttestations(inCommittee.length);
+    // Track epoch participation per attester: count each (attester, epoch) pair at most once
+    const proposalEpoch = getEpochAtSlot(slotNumber, this.epochCache.getL1Constants());
+    for (const attester of inCommittee) {
+      const key = attester.toString();
+      const lastEpoch = this.lastAttestedEpochByAttester.get(key);
+      if (lastEpoch === undefined || proposalEpoch > lastEpoch) {
+        this.lastAttestedEpochByAttester.set(key, proposalEpoch);
+        this.metrics.incAttestedEpochCount(attester);
+      }
+    }
     // Determine which validators should attest
     let attestors: EthAddress[];
     if (partOfCommittee) {
@@ -751,6 +758,20 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
         return { isValid: false, reason: 'out_hash_mismatch' };
       }
+      // Final round of validations on the checkpoint, just in case.
+      try {
+        validateCheckpoint(computedCheckpoint, {
+          rollupManaLimit: this.checkpointsBuilder.getConfig().rollupManaLimit,
+          maxDABlockGas: this.config.validateMaxDABlockGas,
+          maxL2BlockGas: this.config.validateMaxL2BlockGas,
+          maxTxsPerBlock: this.config.validateMaxTxsPerBlock,
+          maxTxsPerCheckpoint: this.config.validateMaxTxsPerCheckpoint,
+        });
+      } catch (err) {
+        this.log.warn(`Checkpoint validation failed: ${err}`, proposalInfo);
+        return { isValid: false, reason: 'checkpoint_validation_failed' };
+      }
       this.log.verbose(`Checkpoint proposal validation successful for slot ${slot}`, proposalInfo);
       return { isValid: true };
     } finally {

package/dest/tx_validator/index.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-export * from './nullifier_cache.js';
-export * from './tx_validator_factory.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy90eF92YWxpZGF0b3IvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsY0FBYyxzQkFBc0IsQ0FBQztBQUNyQyxjQUFjLDJCQUEyQixDQUFDIn0=

package/dest/tx_validator/index.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/tx_validator/index.ts"],"names":[],"mappings":"AAAA,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC"}

package/dest/tx_validator/index.js DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export * from './nullifier_cache.js';
2	- export * from './tx_validator_factory.js';

package/dest/tx_validator/nullifier_cache.d.ts DELETED Viewed

@@ -1,14 +0,0 @@
-import type { NullifierSource } from '@aztec/p2p';
-import type { MerkleTreeReadOperations } from '@aztec/stdlib/interfaces/server';
-/**
- * Implements a nullifier source by checking a DB and an in-memory collection.
- * Intended for validating transactions as they are added to a block.
- */
-export declare class NullifierCache implements NullifierSource {
-    private db;
-    nullifiers: Set<string>;
-    constructor(db: MerkleTreeReadOperations);
-    nullifiersExist(nullifiers: Buffer[]): Promise<boolean[]>;
-    addNullifiers(nullifiers: Buffer[]): void;
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibnVsbGlmaWVyX2NhY2hlLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdHhfdmFsaWRhdG9yL251bGxpZmllcl9jYWNoZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssRUFBRSxlQUFlLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFDbEQsT0FBTyxLQUFLLEVBQUUsd0JBQXdCLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUdoRjs7O0dBR0c7QUFDSCxxQkFBYSxjQUFlLFlBQVcsZUFBZTtJQUd4QyxPQUFPLENBQUMsRUFBRTtJQUZ0QixVQUFVLEVBQUUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBRXhCLFlBQW9CLEVBQUUsRUFBRSx3QkFBd0IsRUFFL0M7SUFFWSxlQUFlLENBQUMsVUFBVSxFQUFFLE1BQU0sRUFBRSxHQUFHLE9BQU8sQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQU9yRTtJQUVNLGFBQWEsQ0FBQyxVQUFVLEVBQUUsTUFBTSxFQUFFLFFBSXhDO0NBQ0YifQ==

package/dest/tx_validator/nullifier_cache.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"nullifier_cache.d.ts","sourceRoot":"","sources":["../../src/tx_validator/nullifier_cache.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC;AAGhF;;;GAGG;AACH,qBAAa,cAAe,YAAW,eAAe;IAGxC,OAAO,CAAC,EAAE;IAFtB,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAExB,YAAoB,EAAE,EAAE,wBAAwB,EAE/C;IAEY,eAAe,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAOrE;IAEM,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,QAIxC;CACF"}

package/dest/tx_validator/nullifier_cache.js DELETED Viewed

@@ -1,24 +0,0 @@
-import { MerkleTreeId } from '@aztec/stdlib/trees';
-/**
- * Implements a nullifier source by checking a DB and an in-memory collection.
- * Intended for validating transactions as they are added to a block.
- */ export class NullifierCache {
-    db;
-    nullifiers;
-    constructor(db){
-        this.db = db;
-        this.nullifiers = new Set();
-    }
-    async nullifiersExist(nullifiers) {
-        const cacheResults = nullifiers.map((n)=>this.nullifiers.has(n.toString()));
-        const toCheckDb = nullifiers.filter((_n, index)=>!cacheResults[index]);
-        const dbHits = await this.db.findLeafIndices(MerkleTreeId.NULLIFIER_TREE, toCheckDb);
-        let dbIndex = 0;
-        return nullifiers.map((_n, index)=>cacheResults[index] || dbHits[dbIndex++] !== undefined);
-    }
-    addNullifiers(nullifiers) {
-        for (const nullifier of nullifiers){
-            this.nullifiers.add(nullifier.toString());
-        }
-    }
-}

package/dest/tx_validator/tx_validator_factory.d.ts DELETED Viewed

@@ -1,19 +0,0 @@
-import { BlockNumber } from '@aztec/foundation/branded-types';
-import type { LoggerBindings } from '@aztec/foundation/log';
-import type { ContractDataSource } from '@aztec/stdlib/contract';
-import type { GasFees } from '@aztec/stdlib/gas';
-import type { AllowedElement, ClientProtocolCircuitVerifier, MerkleTreeReadOperations, PublicProcessorValidator } from '@aztec/stdlib/interfaces/server';
-import { GlobalVariables, type Tx, type TxValidator } from '@aztec/stdlib/tx';
-import type { UInt64 } from '@aztec/stdlib/types';
-export declare function createValidatorForAcceptingTxs(db: MerkleTreeReadOperations, contractDataSource: ContractDataSource, verifier: ClientProtocolCircuitVerifier | undefined, { l1ChainId, rollupVersion, setupAllowList, gasFees, skipFeeEnforcement, timestamp, blockNumber, txsPermitted }: {
-    l1ChainId: number;
-    rollupVersion: number;
-    setupAllowList: AllowedElement[];
-    gasFees: GasFees;
-    skipFeeEnforcement?: boolean;
-    timestamp: UInt64;
-    blockNumber: BlockNumber;
-    txsPermitted: boolean;
-}, bindings?: LoggerBindings): TxValidator<Tx>;
-export declare function createValidatorForBlockBuilding(db: MerkleTreeReadOperations, contractDataSource: ContractDataSource, globalVariables: GlobalVariables, setupAllowList: AllowedElement[], bindings?: LoggerBindings): PublicProcessorValidator;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHhfdmFsaWRhdG9yX2ZhY3RvcnkuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy90eF92YWxpZGF0b3IvdHhfdmFsaWRhdG9yX2ZhY3RvcnkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFdBQVcsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBRTlELE9BQU8sS0FBSyxFQUFFLGNBQWMsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBaUI1RCxPQUFPLEtBQUssRUFBRSxrQkFBa0IsRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBQ2pFLE9BQU8sS0FBSyxFQUFFLE9BQU8sRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBQ2pELE9BQU8sS0FBSyxFQUNWLGNBQWMsRUFDZCw2QkFBNkIsRUFDN0Isd0JBQXdCLEVBQ3hCLHdCQUF3QixFQUN6QixNQUFNLGlDQUFpQyxDQUFDO0FBRXpDLE9BQU8sRUFBRSxlQUFlLEVBQUUsS0FBSyxFQUFFLEVBQUUsS0FBSyxXQUFXLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUM5RSxPQUFPLEtBQUssRUFBRSxNQUFNLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUlsRCx3QkFBZ0IsOEJBQThCLENBQzVDLEVBQUUsRUFBRSx3QkFBd0IsRUFDNUIsa0JBQWtCLEVBQUUsa0JBQWtCLEVBQ3RDLFFBQVEsRUFBRSw2QkFBNkIsR0FBRyxTQUFTLEVBQ25ELEVBQ0UsU0FBUyxFQUNULGFBQWEsRUFDYixjQUFjLEVBQ2QsT0FBTyxFQUNQLGtCQUFrQixFQUNsQixTQUFTLEVBQ1QsV0FBVyxFQUNYLFlBQVksRUFDYixFQUFFO0lBQ0QsU0FBUyxFQUFFLE1BQU0sQ0FBQztJQUNsQixhQUFhLEVBQUUsTUFBTSxDQUFDO0lBQ3RCLGNBQWMsRUFBRSxjQUFjLEVBQUUsQ0FBQztJQUNqQyxPQUFPLEVBQUUsT0FBTyxDQUFDO0lBQ2pCLGtCQUFrQixDQUFDLEVBQUUsT0FBTyxDQUFDO0lBQzdCLFNBQVMsRUFBRSxNQUFNLENBQUM7SUFDbEIsV0FBVyxFQUFFLFdBQVcsQ0FBQztJQUN6QixZQUFZLEVBQUUsT0FBTyxDQUFDO0NBQ3ZCLEVBQ0QsUUFBUSxDQUFDLEVBQUUsY0FBYyxHQUN4QixXQUFXLENBQUMsRUFBRSxDQUFDLENBcUNqQjtBQUVELHdCQUFnQiwrQkFBK0IsQ0FDN0MsRUFBRSxFQUFFLHdCQUF3QixFQUM1QixrQkFBa0IsRUFBRSxrQkFBa0IsRUFDdEMsZUFBZSxFQUFFLGVBQWUsRUFDaEMsY0FBYyxFQUFFLGNBQWMsRUFBRSxFQUNoQyxRQUFRLENBQUMsRUFBRSxjQUFjLEdBQ3hCLHdCQUF3QixDQWlCMUIifQ==

package/dest/tx_validator/tx_validator_factory.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"tx_validator_factory.d.ts","sourceRoot":"","sources":["../../src/tx_validator/tx_validator_factory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,iCAAiC,CAAC;AAE9D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAiB5D,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AACjE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,EACV,cAAc,EACd,6BAA6B,EAC7B,wBAAwB,EACxB,wBAAwB,EACzB,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,KAAK,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC9E,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAIlD,wBAAgB,8BAA8B,CAC5C,EAAE,EAAE,wBAAwB,EAC5B,kBAAkB,EAAE,kBAAkB,EACtC,QAAQ,EAAE,6BAA6B,GAAG,SAAS,EACnD,EACE,SAAS,EACT,aAAa,EACb,cAAc,EACd,OAAO,EACP,kBAAkB,EAClB,SAAS,EACT,WAAW,EACX,YAAY,EACb,EAAE;IACD,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,cAAc,EAAE,CAAC;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,WAAW,CAAC;IACzB,YAAY,EAAE,OAAO,CAAC;CACvB,EACD,QAAQ,CAAC,EAAE,cAAc,GACxB,WAAW,CAAC,EAAE,CAAC,CAqCjB;AAED,wBAAgB,+BAA+B,CAC7C,EAAE,EAAE,wBAAwB,EAC5B,kBAAkB,EAAE,kBAAkB,EACtC,eAAe,EAAE,eAAe,EAChC,cAAc,EAAE,cAAc,EAAE,EAChC,QAAQ,CAAC,EAAE,cAAc,GACxB,wBAAwB,CAiB1B"}

package/dest/tx_validator/tx_validator_factory.js DELETED Viewed

@@ -1,54 +0,0 @@
-import { Fr } from '@aztec/foundation/curves/bn254';
-import { getVKTreeRoot } from '@aztec/noir-protocol-circuits-types/vk-tree';
-import { AggregateTxValidator, ArchiveCache, BlockHeaderTxValidator, DataTxValidator, DoubleSpendTxValidator, GasTxValidator, MetadataTxValidator, PhasesTxValidator, SizeTxValidator, TimestampTxValidator, TxPermittedValidator, TxProofValidator } from '@aztec/p2p';
-import { ProtocolContractAddress, protocolContractsHash } from '@aztec/protocol-contracts';
-import { DatabasePublicStateSource } from '@aztec/stdlib/trees';
-import { NullifierCache } from './nullifier_cache.js';
-export function createValidatorForAcceptingTxs(db, contractDataSource, verifier, { l1ChainId, rollupVersion, setupAllowList, gasFees, skipFeeEnforcement, timestamp, blockNumber, txsPermitted }, bindings) {
-    const validators = [
-        new TxPermittedValidator(txsPermitted, bindings),
-        new SizeTxValidator(bindings),
-        new DataTxValidator(bindings),
-        new MetadataTxValidator({
-            l1ChainId: new Fr(l1ChainId),
-            rollupVersion: new Fr(rollupVersion),
-            protocolContractsHash,
-            vkTreeRoot: getVKTreeRoot()
-        }, bindings),
-        new TimestampTxValidator({
-            timestamp,
-            blockNumber
-        }, bindings),
-        new DoubleSpendTxValidator(new NullifierCache(db), bindings),
-        new PhasesTxValidator(contractDataSource, setupAllowList, timestamp, bindings),
-        new BlockHeaderTxValidator(new ArchiveCache(db), bindings)
-    ];
-    if (!skipFeeEnforcement) {
-        validators.push(new GasTxValidator(new DatabasePublicStateSource(db), ProtocolContractAddress.FeeJuice, gasFees, bindings));
-    }
-    if (verifier) {
-        validators.push(new TxProofValidator(verifier, bindings));
-    }
-    return new AggregateTxValidator(...validators);
-}
-export function createValidatorForBlockBuilding(db, contractDataSource, globalVariables, setupAllowList, bindings) {
-    const nullifierCache = new NullifierCache(db);
-    const archiveCache = new ArchiveCache(db);
-    const publicStateSource = new DatabasePublicStateSource(db);
-    return {
-        preprocessValidator: preprocessValidator(nullifierCache, archiveCache, publicStateSource, contractDataSource, globalVariables, setupAllowList, bindings),
-        nullifierCache
-    };
-}
-function preprocessValidator(nullifierCache, archiveCache, publicStateSource, contractDataSource, globalVariables, setupAllowList, bindings) {
-    // We don't include the TxProofValidator nor the DataTxValidator here because they are already checked by the time we get to block building.
-    return new AggregateTxValidator(new MetadataTxValidator({
-        l1ChainId: globalVariables.chainId,
-        rollupVersion: globalVariables.version,
-        protocolContractsHash,
-        vkTreeRoot: getVKTreeRoot()
-    }, bindings), new TimestampTxValidator({
-        timestamp: globalVariables.timestamp,
-        blockNumber: globalVariables.blockNumber
-    }, bindings), new DoubleSpendTxValidator(nullifierCache, bindings), new PhasesTxValidator(contractDataSource, setupAllowList, globalVariables.timestamp, bindings), new GasTxValidator(publicStateSource, ProtocolContractAddress.FeeJuice, globalVariables.gasFees, bindings), new BlockHeaderTxValidator(archiveCache, bindings));
-}

package/src/tx_validator/index.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export * from './nullifier_cache.js';
2	- export * from './tx_validator_factory.js';