@aztec/validator-client 3.0.0-canary.a9708bd → 3.0.0-devnet.2-patch.1

package/dest/validator.js

@@ -1,68 +1,67 @@
-import { INITIAL_L2_BLOCK_NUM } from '@aztec/constants';
-import { Fr } from '@aztec/foundation/fields';
 import { createLogger } from '@aztec/foundation/log';
-import { retryUntil } from '@aztec/foundation/retry';
 import { RunningPromise } from '@aztec/foundation/running-promise';
 import { sleep } from '@aztec/foundation/sleep';
-import { DateProvider, Timer } from '@aztec/foundation/timer';
-import { AuthRequest, AuthResponse, ReqRespSubProtocol } from '@aztec/p2p';
-import { BlockProposalValidator } from '@aztec/p2p/msg_validators';
-import { computeInHashFromL1ToL2Messages } from '@aztec/prover-client/helpers';
+import { DateProvider } from '@aztec/foundation/timer';
+import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol } from '@aztec/p2p';
 import { OffenseType, WANT_TO_SLASH_EVENT } from '@aztec/slasher';
-import { getTimestampForSlot } from '@aztec/stdlib/epoch-helpers';
-import { GlobalVariables } from '@aztec/stdlib/tx';
-import { AttestationTimeoutError, ReExFailedTxsError, ReExStateMismatchError, ReExTimeoutError, TransactionsNotAvailableError } from '@aztec/stdlib/validators';
+import { AttestationTimeoutError } from '@aztec/stdlib/validators';
 import { getTelemetryClient } from '@aztec/telemetry-client';
 import { EventEmitter } from 'events';
+import { BlockProposalHandler } from './block_proposal_handler.js';
 import { ValidationService } from './duties/validation_service.js';
 import { NodeKeystoreAdapter } from './key_store/node_keystore_adapter.js';
 import { ValidatorMetrics } from './metrics.js';
 // We maintain a set of proposers who have proposed invalid blocks.
 // Just cap the set to avoid unbounded growth.
 const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
+// What errors from the block proposal handler result in slashing
+const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT = [
+    'state_mismatch',
+    'failed_txs'
+];
 /**
  * Validator Client
  */ export class ValidatorClient extends EventEmitter {
-    blockBuilder;
     keyStore;
     epochCache;
     p2pClient;
-    blockSource;
-    l1ToL2MessageSource;
-    txProvider;
+    blockProposalHandler;
     config;
     dateProvider;
-    log;
     tracer;
     validationService;
     metrics;
+    log;
+    // Whether it has already registered handlers on the p2p client
+    hasRegisteredHandlers;
     // Used to check if we are sending the same proposal twice
     previousProposal;
-    myAddresses;
     lastEpochForCommitteeUpdateLoop;
     epochCacheUpdateLoop;
-    blockProposalValidator;
     proposersOfInvalidBlocks;
-    constructor(blockBuilder, keyStore, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, config, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
-        super(), this.blockBuilder = blockBuilder, this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockSource = blockSource, this.l1ToL2MessageSource = l1ToL2MessageSource, this.txProvider = txProvider, this.config = config, this.dateProvider = dateProvider, this.log = log, this.proposersOfInvalidBlocks = new Set();
+    constructor(keyStore, epochCache, p2pClient, blockProposalHandler, config, dateProvider = new DateProvider(), telemetry = getTelemetryClient(), log = createLogger('validator')){
+        super(), this.keyStore = keyStore, this.epochCache = epochCache, this.p2pClient = p2pClient, this.blockProposalHandler = blockProposalHandler, this.config = config, this.dateProvider = dateProvider, this.hasRegisteredHandlers = false, this.proposersOfInvalidBlocks = new Set();
+        // Create child logger with fisherman prefix if in fisherman mode
+        this.log = config.fishermanMode ? log.createChild('[FISHERMAN]') : log;
         this.tracer = telemetry.getTracer('Validator');
         this.metrics = new ValidatorMetrics(telemetry);
-        this.validationService = new ValidationService(keyStore);
-        this.blockProposalValidator = new BlockProposalValidator(epochCache);
+        this.validationService = new ValidationService(keyStore, this.log.createChild('validation-service'));
         // Refresh epoch cache every second to trigger alert if participation in committee changes
-        this.myAddresses = this.keyStore.getAddresses();
-        this.epochCacheUpdateLoop = new RunningPromise(this.handleEpochCommitteeUpdate.bind(this), log, 1000);
-        this.log.verbose(`Initialized validator with addresses: ${this.myAddresses.map((a)=>a.toString()).join(', ')}`);
+        this.epochCacheUpdateLoop = new RunningPromise(this.handleEpochCommitteeUpdate.bind(this), this.log, 1000);
+        const myAddresses = this.getValidatorAddresses();
+        this.log.verbose(`Initialized validator with addresses: ${myAddresses.map((a)=>a.toString()).join(', ')}`);
     }
-    static validateKeyStoreConfiguration(keyStoreManager) {
+    static validateKeyStoreConfiguration(keyStoreManager, logger) {
         const validatorKeyStore = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
         const validatorAddresses = validatorKeyStore.getAddresses();
         // Verify that we can retrieve all required data from the key store
         for (const address of validatorAddresses){
             // Functions throw if required data is not available
+            let coinbase;
+            let feeRecipient;
             try {
-                validatorKeyStore.getCoinbaseAddress(address);
-                validatorKeyStore.getFeeRecipient(address);
+                coinbase = validatorKeyStore.getCoinbaseAddress(address);
+                feeRecipient = validatorKeyStore.getFeeRecipient(address);
             } catch (error) {
                 throw new Error(`Failed to retrieve required data for validator address ${address}, error: ${error}`);
             }
@@ -70,6 +69,7 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
             if (!publisherAddresses.length) {
                 throw new Error(`No publisher addresses found for validator address ${address}`);
             }
+            logger?.debug(`Validator ${address.toString()} configured with coinbase ${coinbase.toString()}, feeRecipient ${feeRecipient.toString()} and publishers ${publisherAddresses.map((x)=>x.toString()).join()}`);
         }
     }
     async handleEpochCommitteeUpdate() {
@@ -80,7 +80,7 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
                 return;
             }
             if (epoch !== this.lastEpochForCommitteeUpdateLoop) {
-                const me = this.myAddresses;
+                const me = this.getValidatorAddresses();
                 const committeeSet = new Set(committee.map((v)=>v.toString()));
                 const inCommittee = me.filter((a)=>committeeSet.has(a.toString()));
                 if (inCommittee.length > 0) {
@@ -95,13 +95,23 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
         }
     }
     static new(config, blockBuilder, epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, keyStoreManager, dateProvider = new DateProvider(), telemetry = getTelemetryClient()) {
-        const validator = new ValidatorClient(blockBuilder, NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager), epochCache, p2pClient, blockSource, l1ToL2MessageSource, txProvider, config, dateProvider, telemetry);
-        // TODO(PhilWindle): This seems like it could/should be done inside start()
-        validator.registerBlockProposalHandler();
+        const metrics = new ValidatorMetrics(telemetry);
+        const blockProposalValidator = new BlockProposalValidator(epochCache, {
+            txsPermitted: !config.disableTransactions
+        });
+        const blockProposalHandler = new BlockProposalHandler(blockBuilder, blockSource, l1ToL2MessageSource, txProvider, blockProposalValidator, config, metrics, dateProvider, telemetry);
+        const validator = new ValidatorClient(NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager), epochCache, p2pClient, blockProposalHandler, config, dateProvider, telemetry);
         return validator;
     }
     getValidatorAddresses() {
-        return this.keyStore.getAddresses();
+        return this.keyStore.getAddresses().filter((addr)=>!this.config.disabledValidators.some((disabled)=>disabled.equals(addr)));
+    }
+    getBlockProposalHandler() {
+        return this.blockProposalHandler;
+    }
+    // Proxy method for backwards compatibility with tests
+    reExecuteTransactions(proposal, blockNumber, txs, l1ToL2Messages) {
+        return this.blockProposalHandler.reexecuteTransactions(proposal, blockNumber, txs, l1ToL2Messages);
     }
     signWithAddress(addr, msg) {
         return this.keyStore.signTypedDataWithAddress(addr, msg);
@@ -112,37 +122,54 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
     getFeeRecipientForAttestor(attestor) {
         return this.keyStore.getFeeRecipient(attestor);
     }
-    configureSlashing(config) {
-        this.config.slashBroadcastedInvalidBlockPenalty = config.slashBroadcastedInvalidBlockPenalty ?? this.config.slashBroadcastedInvalidBlockPenalty;
+    getConfig() {
+        return this.config;
+    }
+    updateConfig(config) {
+        this.config = {
+            ...this.config,
+            ...config
+        };
     }
     async start() {
-        // Sync the committee from the smart contract
-        // https://github.com/AztecProtocol/aztec-packages/issues/7962
-        const myAddresses = this.keyStore.getAddresses();
+        if (this.epochCacheUpdateLoop.isRunning()) {
+            this.log.warn(`Validator client already started`);
+            return;
+        }
+        await this.registerHandlers();
+        const myAddresses = this.getValidatorAddresses();
         const inCommittee = await this.epochCache.filterInCommittee('now', myAddresses);
+        this.log.info(`Started validator with addresses: ${myAddresses.map((a)=>a.toString()).join(', ')}`);
         if (inCommittee.length > 0) {
-            this.log.info(`Started validator with addresses in current validator committee: ${inCommittee.map((a)=>a.toString()).join(', ')}`);
-        } else {
-            this.log.info(`Started validator with addresses: ${myAddresses.map((a)=>a.toString()).join(', ')}`);
+            this.log.info(`Addresses in current validator committee: ${inCommittee.map((a)=>a.toString()).join(', ')}`);
         }
         this.epochCacheUpdateLoop.start();
-        this.p2pClient.registerThisValidatorAddresses(myAddresses);
-        await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
         return Promise.resolve();
     }
     async stop() {
         await this.epochCacheUpdateLoop.stop();
     }
-    registerBlockProposalHandler() {
-        const handler = (block, proposalSender)=>this.attestToProposal(block, proposalSender);
-        this.p2pClient.registerBlockProposalHandler(handler);
+    /** Register handlers on the p2p client */ async registerHandlers() {
+        if (!this.hasRegisteredHandlers) {
+            this.hasRegisteredHandlers = true;
+            this.log.debug(`Registering validator handlers for p2p client`);
+            const handler = (block, proposalSender)=>this.attestToProposal(block, proposalSender);
+            this.p2pClient.registerBlockProposalHandler(handler);
+            const myAddresses = this.getValidatorAddresses();
+            this.p2pClient.registerThisValidatorAddresses(myAddresses);
+            await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
+        }
     }
     async attestToProposal(proposal, proposalSender) {
-        const slotNumber = proposal.slotNumber.toBigInt();
-        const blockNumber = proposal.blockNumber;
+        const slotNumber = proposal.slotNumber;
         const proposer = proposal.getSender();
+        // Reject proposals with invalid signatures
+        if (!proposer) {
+            this.log.warn(`Received proposal with invalid signature for slot ${slotNumber}`);
+            return undefined;
+        }
         // Check that I have any address in current committee before attesting
-        const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.keyStore.getAddresses());
+        const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.getValidatorAddresses());
         const partOfCommittee = inCommittee.length > 0;
         const proposalInfo = {
             ...proposal.toBlockInfo(),
@@ -150,164 +177,84 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
         };
         this.log.info(`Received proposal for slot ${slotNumber}`, {
             ...proposalInfo,
-            txHashes: proposal.txHashes.map((txHash)=>txHash.toString())
+            txHashes: proposal.txHashes.map((t)=>t.toString()),
+            fishermanMode: this.config.fishermanMode || false
         });
-        // Collect txs from the proposal. Note that we do this before checking if we have an address in the
-        // current committee, since we want to collect txs anyway to facilitate propagation.
-        const { txs, missingTxs } = await this.txProvider.getTxsForBlockProposal(proposal, {
-            pinnedPeer: proposalSender,
-            deadline: this.getReexecutionDeadline(proposal, this.blockBuilder.getConfig())
-        });
-        // Check that I have any address in current committee before attesting
-        if (!partOfCommittee) {
-            this.log.verbose(`No validator in the current committee, skipping attestation`, proposalInfo);
-            return undefined;
-        }
-        // Check that the proposal is from the current proposer, or the next proposer.
-        // Q: Should this be moved to the block proposal validator, so we disregard proposals from anyone?
-        const invalidProposal = await this.blockProposalValidator.validate(proposal);
-        if (invalidProposal) {
-            this.log.warn(`Proposal is not valid, skipping attestation`, proposalInfo);
-            if (partOfCommittee) {
-                this.metrics.incFailedAttestations(1, 'invalid_proposal');
-            }
-            return undefined;
-        }
-        // Check that the parent proposal is a block we know, otherwise reexecution would fail.
-        // Q: Should we move this to the block proposal validator? If there, then p2p would check it
-        // before re-broadcasting it. This means that proposals built on top of an L1-reorg'ed-out block
-        // would not be rebroadcasted. But it also means that nodes that have not fully synced would
-        // not rebroadcast the proposal.
-        if (blockNumber > INITIAL_L2_BLOCK_NUM) {
-            const config = this.blockBuilder.getConfig();
-            const deadline = this.getReexecutionDeadline(proposal, config);
-            const currentTime = this.dateProvider.now();
-            const timeoutDurationMs = deadline.getTime() - currentTime;
-            const parentBlock = timeoutDurationMs <= 0 ? undefined : await retryUntil(async ()=>{
-                const block = await this.blockSource.getBlock(blockNumber - 1);
-                if (block) {
-                    return block;
-                }
-                await this.blockSource.syncImmediate();
-                return await this.blockSource.getBlock(blockNumber - 1);
-            }, 'Force Archiver Sync', timeoutDurationMs / 1000, 0.5);
-            if (parentBlock === undefined) {
-                this.log.warn(`Parent block for ${blockNumber} not found, skipping attestation`, proposalInfo);
-                if (partOfCommittee) {
-                    this.metrics.incFailedAttestations(1, 'parent_block_not_found');
-                }
-                return undefined;
-            }
-            if (!proposal.payload.header.lastArchiveRoot.equals(parentBlock.archive.root)) {
-                this.log.warn(`Parent block archive root for proposal does not match, skipping attestation`, {
-                    proposalLastArchiveRoot: proposal.payload.header.lastArchiveRoot.toString(),
-                    parentBlockArchiveRoot: parentBlock.archive.root.toString(),
-                    ...proposalInfo
-                });
-                if (partOfCommittee) {
-                    this.metrics.incFailedAttestations(1, 'parent_block_does_not_match');
-                }
-                return undefined;
-            }
-        }
-        // Check that I have the same set of l1ToL2Messages as the proposal
-        // Q: Same as above, should this be part of p2p validation?
-        const l1ToL2Messages = await this.l1ToL2MessageSource.getL1ToL2Messages(blockNumber);
-        const computedInHash = await computeInHashFromL1ToL2Messages(l1ToL2Messages);
-        const proposalInHash = proposal.payload.header.contentCommitment.inHash;
-        if (!computedInHash.equals(proposalInHash)) {
-            this.log.warn(`L1 to L2 messages in hash mismatch, skipping attestation`, {
-                proposalInHash: proposalInHash.toString(),
-                computedInHash: computedInHash.toString(),
-                ...proposalInfo
-            });
-            if (partOfCommittee) {
-                this.metrics.incFailedAttestations(1, 'in_hash_mismatch');
-            }
-            return undefined;
-        }
-        // Check that all of the transactions in the proposal are available in the tx pool before attesting
-        if (missingTxs.length > 0) {
-            this.log.warn(`Missing ${missingTxs.length} txs to attest to proposal`, {
-                ...proposalInfo,
-                missingTxs
-            });
-            if (partOfCommittee) {
-                this.metrics.incFailedAttestations(1, 'TransactionsNotAvailableError');
-            }
-            return undefined;
-        }
-        // Try re-executing the transactions in the proposal
-        try {
-            this.log.verbose(`Processing attestation for slot ${slotNumber}`, proposalInfo);
-            if (this.config.validatorReexecute) {
-                this.log.verbose(`Re-executing transactions in the proposal before attesting`);
-                await this.reExecuteTransactions(proposal, txs, l1ToL2Messages);
+        // Reexecute txs if we are part of the committee so we can attest, or if slashing is enabled so we can slash
+        // invalid proposals even when not in the committee, or if we are configured to always reexecute for monitoring purposes.
+        // In fisherman mode, we always reexecute to validate proposals.
+        const { validatorReexecute, slashBroadcastedInvalidBlockPenalty, alwaysReexecuteBlockProposals, fishermanMode } = this.config;
+        const shouldReexecute = fishermanMode || slashBroadcastedInvalidBlockPenalty > 0n && validatorReexecute || partOfCommittee && validatorReexecute || alwaysReexecuteBlockProposals;
+        const validationResult = await this.blockProposalHandler.handleBlockProposal(proposal, proposalSender, !!shouldReexecute);
+        if (!validationResult.isValid) {
+            this.log.warn(`Proposal validation failed: ${validationResult.reason}`, proposalInfo);
+            const reason = validationResult.reason || 'unknown';
+            // Classify failure reason: bad proposal vs node issue
+            const badProposalReasons = [
+                'invalid_proposal',
+                'state_mismatch',
+                'failed_txs',
+                'in_hash_mismatch',
+                'parent_block_wrong_slot'
+            ];
+            if (badProposalReasons.includes(reason)) {
+                this.metrics.incFailedAttestationsBadProposal(1, reason, partOfCommittee);
+            } else {
+                // Node issues so we can't attest
+                this.metrics.incFailedAttestationsNodeIssue(1, reason, partOfCommittee);
             }
-        } catch (error) {
-            this.metrics.incFailedAttestations(1, error instanceof Error ? error.name : 'unknown');
-            this.log.error(`Error reexecuting txs while processing block proposal`, error, proposalInfo);
-            if (error instanceof ReExStateMismatchError && this.config.slashBroadcastedInvalidBlockPenalty > 0n) {
+            // Slash invalid block proposals (can happen even when not in committee)
+            if (validationResult.reason && SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT.includes(validationResult.reason) && slashBroadcastedInvalidBlockPenalty > 0n) {
                 this.log.warn(`Slashing proposer for invalid block proposal`, proposalInfo);
                 this.slashInvalidBlock(proposal);
             }
             return undefined;
         }
-        // Provided all of the above checks pass, we can attest to the proposal
-        this.log.info(`Attesting to proposal for slot ${slotNumber}`, proposalInfo);
-        this.metrics.incAttestations(inCommittee.length);
-        // If the above function does not throw an error, then we can attest to the proposal
-        return this.doAttestToProposal(proposal, inCommittee);
-    }
-    getReexecutionDeadline(proposal, config) {
-        const nextSlotTimestampSeconds = Number(getTimestampForSlot(proposal.slotNumber.toBigInt() + 1n, config));
-        const msNeededForPropagationAndPublishing = this.config.validatorReexecuteDeadlineMs;
-        return new Date(nextSlotTimestampSeconds * 1000 - msNeededForPropagationAndPublishing);
-    }
-    /**
-   * Re-execute the transactions in the proposal and check that the state updates match the header state
-   * @param proposal - The proposal to re-execute
-   */ async reExecuteTransactions(proposal, txs, l1ToL2Messages) {
-        const { header } = proposal.payload;
-        const { txHashes } = proposal;
-        // If we do not have all of the transactions, then we should fail
-        if (txs.length !== txHashes.length) {
-            const foundTxHashes = txs.map((tx)=>tx.getTxHash());
-            const missingTxHashes = txHashes.filter((txHash)=>!foundTxHashes.includes(txHash));
-            throw new TransactionsNotAvailableError(missingTxHashes);
+        // Check that I have any address in current committee before attesting
+        // In fisherman mode, we still create attestations for validation even if not in committee
+        if (!partOfCommittee && !this.config.fishermanMode) {
+            this.log.verbose(`No validator in the current committee, skipping attestation`, proposalInfo);
+            return undefined;
         }
-        // Use the sequencer's block building logic to re-execute the transactions
-        const timer = new Timer();
-        const config = this.blockBuilder.getConfig();
-        const globalVariables = GlobalVariables.from({
-            ...proposal.payload.header,
-            blockNumber: proposal.blockNumber,
-            timestamp: header.timestamp,
-            chainId: new Fr(config.l1ChainId),
-            version: new Fr(config.rollupVersion)
-        });
-        const { block, failedTxs } = await this.blockBuilder.buildBlock(txs, l1ToL2Messages, globalVariables, {
-            deadline: this.getReexecutionDeadline(proposal, config)
+        // Provided all of the above checks pass, we can attest to the proposal
+        this.log.info(`${partOfCommittee ? 'Attesting to' : 'Validated'} proposal for slot ${slotNumber}`, {
+            ...proposalInfo,
+            inCommittee: partOfCommittee,
+            fishermanMode: this.config.fishermanMode || false
         });
-        this.log.verbose(`Transaction re-execution complete`);
-        const numFailedTxs = failedTxs.length;
-        if (numFailedTxs > 0) {
-            this.metrics.recordFailedReexecution(proposal);
-            throw new ReExFailedTxsError(numFailedTxs);
+        this.metrics.incSuccessfulAttestations(inCommittee.length);
+        // If the above function does not throw an error, then we can attest to the proposal
+        // Determine which validators should attest
+        let attestors;
+        if (partOfCommittee) {
+            attestors = inCommittee;
+        } else if (this.config.fishermanMode) {
+            // In fisherman mode, create attestations for validation purposes even if not in committee. These won't be broadcast.
+            attestors = this.getValidatorAddresses();
+        } else {
+            attestors = [];
         }
-        if (block.body.txEffects.length !== txHashes.length) {
-            this.metrics.recordFailedReexecution(proposal);
-            throw new ReExTimeoutError();
+        // Only create attestations if we have attestors
+        if (attestors.length === 0) {
+            return undefined;
         }
-        // This function will throw an error if state updates do not match
-        if (!block.archive.root.equals(proposal.archive)) {
-            this.metrics.recordFailedReexecution(proposal);
-            throw new ReExStateMismatchError(proposal.archive, block.archive.root, proposal.payload.stateReference, block.header.state);
+        if (this.config.fishermanMode) {
+            // bail out early and don't save attestations to the pool in fisherman mode
+            this.log.info(`Creating attestations for proposal for slot ${slotNumber}`, {
+                ...proposalInfo,
+                attestors: attestors.map((a)=>a.toString())
+            });
+            return undefined;
         }
-        this.metrics.recordReex(timer.ms(), txs.length, block.header.totalManaUsed.toNumber() / 1e6);
+        return this.createBlockAttestationsFromProposal(proposal, attestors);
     }
     slashInvalidBlock(proposal) {
         const proposer = proposal.getSender();
+        // Skip if signature is invalid (shouldn't happen since we validate earlier)
+        if (!proposer) {
+            this.log.warn(`Cannot slash proposal with invalid signature`);
+            return;
+        }
         // Trim the set if it's too big.
         if (this.proposersOfInvalidBlocks.size > MAX_PROPOSERS_OF_INVALID_BLOCKS) {
             // remove oldest proposer. `values` is guaranteed to be in insertion order.
@@ -319,33 +266,46 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
                 validator: proposer,
                 amount: this.config.slashBroadcastedInvalidBlockPenalty,
                 offenseType: OffenseType.BROADCASTED_INVALID_BLOCK_PROPOSAL,
-                epochOrSlot: proposal.slotNumber.toBigInt()
+                epochOrSlot: BigInt(proposal.slotNumber)
             }
         ]);
     }
-    async createBlockProposal(blockNumber, header, archive, stateReference, txs, proposerAddress, options) {
-        if (this.previousProposal?.slotNumber.equals(header.slotNumber)) {
+    async createBlockProposal(blockNumber, header, archive, txs, proposerAddress, options) {
+        if (this.previousProposal?.slotNumber === header.slotNumber) {
             this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
             return Promise.resolve(undefined);
         }
-        const newProposal = await this.validationService.createBlockProposal(blockNumber, header, archive, stateReference, txs, proposerAddress, options);
+        const newProposal = await this.validationService.createBlockProposal(header, archive, txs, proposerAddress, {
+            ...options,
+            broadcastInvalidBlockProposal: this.config.broadcastInvalidBlockProposal
+        });
         this.previousProposal = newProposal;
         return newProposal;
     }
     async broadcastBlockProposal(proposal) {
         await this.p2pClient.broadcastProposal(proposal);
     }
+    async signAttestationsAndSigners(attestationsAndSigners, proposer) {
+        return await this.validationService.signAttestationsAndSigners(attestationsAndSigners, proposer);
+    }
     async collectOwnAttestations(proposal) {
-        const slot = proposal.payload.header.slotNumber.toBigInt();
-        const inCommittee = await this.epochCache.filterInCommittee(slot, this.keyStore.getAddresses());
+        const slot = proposal.payload.header.slotNumber;
+        const inCommittee = await this.epochCache.filterInCommittee(slot, this.getValidatorAddresses());
         this.log.debug(`Collecting ${inCommittee.length} self-attestations for slot ${slot}`, {
             inCommittee
         });
-        return this.doAttestToProposal(proposal, inCommittee);
+        const attestations = await this.createBlockAttestationsFromProposal(proposal, inCommittee);
+        // We broadcast our own attestations to our peers so, in case our block does not get mined on L1,
+        // other nodes can see that our validators did attest to this block proposal, and do not slash us
+        // due to inactivity for missed attestations.
+        void this.p2pClient.broadcastAttestations(attestations).catch((err)=>{
+            this.log.error(`Failed to broadcast self-attestations for slot ${slot}`, err);
+        });
+        return attestations;
     }
     async collectAttestations(proposal, required, deadline) {
         // Wait and poll the p2pClient's attestation pool for this block until we have enough attestations
-        const slot = proposal.payload.header.slotNumber.toBigInt();
+        const slot = proposal.payload.header.slotNumber;
         this.log.debug(`Collecting ${required} attestations for slot ${slot} with deadline ${deadline.toISOString()}`);
         if (+deadline < this.dateProvider.now()) {
             this.log.error(`Deadline ${deadline.toISOString()} for collecting ${required} attestations for slot ${slot} is in the past`);
@@ -353,14 +313,31 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
         }
         await this.collectOwnAttestations(proposal);
         const proposalId = proposal.archive.toString();
-        const myAddresses = this.keyStore.getAddresses();
+        const myAddresses = this.getValidatorAddresses();
         let attestations = [];
         while(true){
-            const collectedAttestations = await this.p2pClient.getAttestationsForSlot(slot, proposalId);
+            // Filter out attestations with a mismatching payload. This should NOT happen since we have verified
+            // the proposer signature (ie our own) before accepting the attestation into the pool via the p2p client.
+            const collectedAttestations = (await this.p2pClient.getAttestationsForSlot(slot, proposalId)).filter((attestation)=>{
+                if (!attestation.payload.equals(proposal.payload)) {
+                    this.log.warn(`Received attestation for slot ${slot} with mismatched payload from ${attestation.getSender()?.toString()}`, {
+                        attestationPayload: attestation.payload,
+                        proposalPayload: proposal.payload
+                    });
+                    return false;
+                }
+                return true;
+            });
+            // Log new attestations we collected
             const oldSenders = attestations.map((attestation)=>attestation.getSender());
             for (const collected of collectedAttestations){
                 const collectedSender = collected.getSender();
-                if (!myAddresses.some((address)=>address.equals(collectedSender)) && !oldSenders.some((sender)=>sender.equals(collectedSender))) {
+                // Skip attestations with invalid signatures
+                if (!collectedSender) {
+                    this.log.warn(`Skipping attestation with invalid signature for slot ${slot}`);
+                    continue;
+                }
+                if (!myAddresses.some((address)=>address.equals(collectedSender)) && !oldSenders.some((sender)=>sender?.equals(collectedSender))) {
                     this.log.debug(`Received attestation for slot ${slot} from ${collectedSender.toString()}`);
                 }
             }
@@ -373,11 +350,11 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
                 this.log.error(`Timeout ${deadline.toISOString()} waiting for ${required} attestations for slot ${slot}`);
                 throw new AttestationTimeoutError(attestations.length, required, slot);
             }
-            this.log.debug(`Collected ${attestations.length} attestations so far`);
+            this.log.debug(`Collected ${attestations.length} of ${required} attestations so far`);
             await sleep(this.config.attestationPollingIntervalMs);
         }
     }
-    async doAttestToProposal(proposal, attestors = []) {
+    async createBlockAttestationsFromProposal(proposal, attestors = []) {
         const attestations = await this.validationService.attestToProposal(proposal, attestors);
         await this.p2pClient.addAttestations(attestations);
         return attestations;
@@ -400,4 +377,4 @@ const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
         const authResponse = new AuthResponse(statusMessage, signature);
         return authResponse.toBuffer();
     }
-} // Conversion helpers moved into NodeKeystoreAdapter.
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/validator-client",
-  "version": "3.0.0-canary.a9708bd",
+  "version": "3.0.0-devnet.2-patch.1",
   "main": "dest/index.js",
   "type": "module",
   "exports": {
@@ -18,8 +18,8 @@
   },
   "scripts": {
     "start": "node --no-warnings ./dest/bin",
-    "build": "yarn clean && tsc -b",
-    "build:dev": "tsc -b --watch",
+    "build": "yarn clean && ../scripts/tsc.sh",
+    "build:dev": "../scripts/tsc.sh --watch",
     "clean": "rm -rf ./dest .tsbuildinfo",
     "test": "NODE_NO_WARNINGS=1 node --experimental-vm-modules ../node_modules/.bin/jest --passWithNoTests --maxWorkers=${JEST_MAX_WORKERS:-8}"
   },
@@ -64,25 +64,25 @@
     ]
   },
   "dependencies": {
-    "@aztec/constants": "3.0.0-canary.a9708bd",
-    "@aztec/epoch-cache": "3.0.0-canary.a9708bd",
-    "@aztec/ethereum": "3.0.0-canary.a9708bd",
-    "@aztec/foundation": "3.0.0-canary.a9708bd",
-    "@aztec/node-keystore": "3.0.0-canary.a9708bd",
-    "@aztec/p2p": "3.0.0-canary.a9708bd",
-    "@aztec/prover-client": "3.0.0-canary.a9708bd",
-    "@aztec/slasher": "3.0.0-canary.a9708bd",
-    "@aztec/stdlib": "3.0.0-canary.a9708bd",
-    "@aztec/telemetry-client": "3.0.0-canary.a9708bd",
+    "@aztec/constants": "3.0.0-devnet.2-patch.1",
+    "@aztec/epoch-cache": "3.0.0-devnet.2-patch.1",
+    "@aztec/ethereum": "3.0.0-devnet.2-patch.1",
+    "@aztec/foundation": "3.0.0-devnet.2-patch.1",
+    "@aztec/node-keystore": "3.0.0-devnet.2-patch.1",
+    "@aztec/p2p": "3.0.0-devnet.2-patch.1",
+    "@aztec/slasher": "3.0.0-devnet.2-patch.1",
+    "@aztec/stdlib": "3.0.0-devnet.2-patch.1",
+    "@aztec/telemetry-client": "3.0.0-devnet.2-patch.1",
     "koa": "^2.16.1",
-    "koa-router": "^12.0.0",
+    "koa-router": "^13.1.1",
     "tslib": "^2.4.0",
-    "viem": "2.23.7"
+    "viem": "npm:@aztec/viem@2.38.2"
   },
   "devDependencies": {
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",
     "@types/node": "^22.15.17",
+    "@typescript/native-preview": "7.0.0-dev.20251126.1",
     "jest": "^30.0.0",
     "jest-mock-extended": "^4.0.0",
     "ts-node": "^10.9.1",