@aztec/validator-client 4.0.0-nightly.20250907 → 4.0.0-nightly.20260108

package/src/validator.ts

@@ -1,44 +1,32 @@
-import { INITIAL_L2_BLOCK_NUM } from '@aztec/constants';
+import type { BlobClientInterface } from '@aztec/blob-client/client';
+import { getBlobsPerL1Block } from '@aztec/blob-lib';
 import type { EpochCache } from '@aztec/epoch-cache';
+import { BlockNumber, EpochNumber } from '@aztec/foundation/branded-types';
+import { Fr } from '@aztec/foundation/curves/bn254';
 import type { EthAddress } from '@aztec/foundation/eth-address';
-import { Fr } from '@aztec/foundation/fields';
-import { createLogger } from '@aztec/foundation/log';
-import { retryUntil } from '@aztec/foundation/retry';
+import type { Signature } from '@aztec/foundation/eth-signature';
+import { type Logger, createLogger } from '@aztec/foundation/log';
 import { RunningPromise } from '@aztec/foundation/running-promise';
 import { sleep } from '@aztec/foundation/sleep';
-import { DateProvider, Timer } from '@aztec/foundation/timer';
+import { DateProvider } from '@aztec/foundation/timer';
 import type { KeystoreManager } from '@aztec/node-keystore';
-import type { P2P, PeerId } from '@aztec/p2p';
-import { AuthRequest, AuthResponse, ReqRespSubProtocol, TxProvider } from '@aztec/p2p';
-import { BlockProposalValidator } from '@aztec/p2p/msg_validators';
-import { computeInHashFromL1ToL2Messages } from '@aztec/prover-client/helpers';
-import {
-  OffenseType,
-  type SlasherConfig,
-  WANT_TO_SLASH_EVENT,
-  type Watcher,
-  type WatcherEmitter,
-} from '@aztec/slasher';
+import type { P2P, PeerId, TxProvider } from '@aztec/p2p';
+import { AuthRequest, AuthResponse, BlockProposalValidator, ReqRespSubProtocol } from '@aztec/p2p';
+import { OffenseType, WANT_TO_SLASH_EVENT, type Watcher, type WatcherEmitter } from '@aztec/slasher';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
-import type { L2BlockSource } from '@aztec/stdlib/block';
-import { getTimestampForSlot } from '@aztec/stdlib/epoch-helpers';
+import type { CommitteeAttestationsAndSigners, L2BlockSource } from '@aztec/stdlib/block';
 import type { IFullNodeBlockBuilder, Validator, ValidatorClientFullConfig } from '@aztec/stdlib/interfaces/server';
 import type { L1ToL2MessageSource } from '@aztec/stdlib/messaging';
 import type { BlockAttestation, BlockProposal, BlockProposalOptions } from '@aztec/stdlib/p2p';
-import { GlobalVariables, type ProposedBlockHeader, type StateReference, type Tx } from '@aztec/stdlib/tx';
-import {
-  AttestationTimeoutError,
-  ReExFailedTxsError,
-  ReExStateMismatchError,
-  ReExTimeoutError,
-  TransactionsNotAvailableError,
-} from '@aztec/stdlib/validators';
-import { type TelemetryClient, type Tracer, getTelemetryClient } from '@aztec/telemetry-client';
+import type { CheckpointHeader } from '@aztec/stdlib/rollup';
+import type { Tx } from '@aztec/stdlib/tx';
+import { AttestationTimeoutError } from '@aztec/stdlib/validators';
+import { Attributes, type TelemetryClient, type Tracer, getTelemetryClient, trackSpan } from '@aztec/telemetry-client';
 
 import { EventEmitter } from 'events';
 import type { TypedDataDefinition } from 'viem';
 
-import type { ValidatorClientConfig } from './config.js';
+import { BlockProposalHandler, type BlockProposalValidationFailureReason } from './block_proposal_handler.js';
 import { ValidationService } from './duties/validation_service.js';
 import { NodeKeystoreAdapter } from './key_store/node_keystore_adapter.js';
 import { ValidatorMetrics } from './metrics.js';
@@ -47,6 +35,12 @@ import { ValidatorMetrics } from './metrics.js';
 // Just cap the set to avoid unbounded growth.
 const MAX_PROPOSERS_OF_INVALID_BLOCKS = 1000;
 
+// What errors from the block proposal handler result in slashing
+const SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT: BlockProposalValidationFailureReason[] = [
+  'state_mismatch',
+  'failed_txs',
+];
+
 /**
  * Validator Client
  */
@@ -54,54 +48,58 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
   public readonly tracer: Tracer;
   private validationService: ValidationService;
   private metrics: ValidatorMetrics;
+  private log: Logger;
+
+  // Whether it has already registered handlers on the p2p client
+  private hasRegisteredHandlers = false;
 
   // Used to check if we are sending the same proposal twice
   private previousProposal?: BlockProposal;
 
-  private lastEpochForCommitteeUpdateLoop: bigint | undefined;
+  private lastEpochForCommitteeUpdateLoop: EpochNumber | undefined;
   private epochCacheUpdateLoop: RunningPromise;
 
-  private blockProposalValidator: BlockProposalValidator;
-
   private proposersOfInvalidBlocks: Set<string> = new Set();
 
   protected constructor(
-    private blockBuilder: IFullNodeBlockBuilder,
     private keyStore: NodeKeystoreAdapter,
     private epochCache: EpochCache,
     private p2pClient: P2P,
-    private blockSource: L2BlockSource,
-    private l1ToL2MessageSource: L1ToL2MessageSource,
-    private txProvider: TxProvider,
+    private blockProposalHandler: BlockProposalHandler,
     private config: ValidatorClientFullConfig,
+    private blobClient: BlobClientInterface,
     private dateProvider: DateProvider = new DateProvider(),
     telemetry: TelemetryClient = getTelemetryClient(),
-    private log = createLogger('validator'),
+    log = createLogger('validator'),
   ) {
     super();
+
+    // Create child logger with fisherman prefix if in fisherman mode
+    this.log = config.fishermanMode ? log.createChild('[FISHERMAN]') : log;
+
     this.tracer = telemetry.getTracer('Validator');
     this.metrics = new ValidatorMetrics(telemetry);
 
-    this.validationService = new ValidationService(keyStore);
-
-    this.blockProposalValidator = new BlockProposalValidator(epochCache);
+    this.validationService = new ValidationService(keyStore, this.log.createChild('validation-service'));
 
     // Refresh epoch cache every second to trigger alert if participation in committee changes
-    this.epochCacheUpdateLoop = new RunningPromise(this.handleEpochCommitteeUpdate.bind(this), log, 1000);
+    this.epochCacheUpdateLoop = new RunningPromise(this.handleEpochCommitteeUpdate.bind(this), this.log, 1000);
 
     const myAddresses = this.getValidatorAddresses();
     this.log.verbose(`Initialized validator with addresses: ${myAddresses.map(a => a.toString()).join(', ')}`);
   }
 
-  public static validateKeyStoreConfiguration(keyStoreManager: KeystoreManager) {
+  public static validateKeyStoreConfiguration(keyStoreManager: KeystoreManager, logger?: Logger) {
     const validatorKeyStore = NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager);
     const validatorAddresses = validatorKeyStore.getAddresses();
     // Verify that we can retrieve all required data from the key store
     for (const address of validatorAddresses) {
       // Functions throw if required data is not available
+      let coinbase: EthAddress;
+      let feeRecipient: AztecAddress;
       try {
-        validatorKeyStore.getCoinbaseAddress(address);
-        validatorKeyStore.getFeeRecipient(address);
+        coinbase = validatorKeyStore.getCoinbaseAddress(address);
+        feeRecipient = validatorKeyStore.getFeeRecipient(address);
       } catch (error) {
         throw new Error(`Failed to retrieve required data for validator address ${address}, error: ${error}`);
       }
@@ -110,6 +108,9 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
       if (!publisherAddresses.length) {
         throw new Error(`No publisher addresses found for validator address ${address}`);
       }
+      logger?.debug(
+        `Validator ${address.toString()} configured with coinbase ${coinbase.toString()}, feeRecipient ${feeRecipient.toString()} and publishers ${publisherAddresses.map(x => x.toString()).join()}`,
+      );
     }
   }
 
@@ -141,7 +142,7 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
   }
 
   static new(
-    config: ValidatorClientConfig & Pick<SlasherConfig, 'slashBroadcastedInvalidBlockPenalty'>,
+    config: ValidatorClientFullConfig,
     blockBuilder: IFullNodeBlockBuilder,
     epochCache: EpochCache,
     p2pClient: P2P,
@@ -149,24 +150,37 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     l1ToL2MessageSource: L1ToL2MessageSource,
     txProvider: TxProvider,
     keyStoreManager: KeystoreManager,
+    blobClient: BlobClientInterface,
     dateProvider: DateProvider = new DateProvider(),
     telemetry: TelemetryClient = getTelemetryClient(),
   ) {
-    const validator = new ValidatorClient(
+    const metrics = new ValidatorMetrics(telemetry);
+    const blockProposalValidator = new BlockProposalValidator(epochCache, {
+      txsPermitted: !config.disableTransactions,
+    });
+    const blockProposalHandler = new BlockProposalHandler(
       blockBuilder,
-      NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager),
-      epochCache,
-      p2pClient,
       blockSource,
       l1ToL2MessageSource,
       txProvider,
+      blockProposalValidator,
+      config,
+      metrics,
+      dateProvider,
+      telemetry,
+    );
+
+    const validator = new ValidatorClient(
+      NodeKeystoreAdapter.fromKeyStoreManager(keyStoreManager),
+      epochCache,
+      p2pClient,
+      blockProposalHandler,
       config,
+      blobClient,
       dateProvider,
       telemetry,
     );
 
-    // TODO(PhilWindle): This seems like it could/should be done inside start()
-    validator.registerBlockProposalHandler();
     return validator;
   }
 
@@ -176,6 +190,20 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
       .filter(addr => !this.config.disabledValidators.some(disabled => disabled.equals(addr)));
   }
 
+  public getBlockProposalHandler() {
+    return this.blockProposalHandler;
+  }
+
+  // Proxy method for backwards compatibility with tests
+  public reExecuteTransactions(
+    proposal: BlockProposal,
+    blockNumber: BlockNumber,
+    txs: any[],
+    l1ToL2Messages: Fr[],
+  ): Promise<any> {
+    return this.blockProposalHandler.reexecuteTransactions(proposal, blockNumber, txs, l1ToL2Messages);
+  }
+
   public signWithAddress(addr: EthAddress, msg: TypedDataDefinition) {
     return this.keyStore.signTypedDataWithAddress(addr, msg);
   }
@@ -197,26 +225,21 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
   }
 
   public async start() {
-    // Sync the committee from the smart contract
-    // https://github.com/AztecProtocol/aztec-packages/issues/7962
+    if (this.epochCacheUpdateLoop.isRunning()) {
+      this.log.warn(`Validator client already started`);
+      return;
+    }
 
-    const myAddresses = this.getValidatorAddresses();
+    await this.registerHandlers();
 
+    const myAddresses = this.getValidatorAddresses();
     const inCommittee = await this.epochCache.filterInCommittee('now', myAddresses);
+    this.log.info(`Started validator with addresses: ${myAddresses.map(a => a.toString()).join(', ')}`);
     if (inCommittee.length > 0) {
-      this.log.info(
-        `Started validator with addresses in current validator committee: ${inCommittee
-          .map(a => a.toString())
-          .join(', ')}`,
-      );
-    } else {
-      this.log.info(`Started validator with addresses: ${myAddresses.map(a => a.toString()).join(', ')}`);
+      this.log.info(`Addresses in current validator committee: ${inCommittee.map(a => a.toString()).join(', ')}`);
     }
     this.epochCacheUpdateLoop.start();
 
-    this.p2pClient.registerThisValidatorAddresses(myAddresses);
-    await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
-
     return Promise.resolve();
   }
 
@@ -224,223 +247,165 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     await this.epochCacheUpdateLoop.stop();
   }
 
-  public registerBlockProposalHandler() {
-    const handler = (block: BlockProposal, proposalSender: PeerId): Promise<BlockAttestation[] | undefined> =>
-      this.attestToProposal(block, proposalSender);
-    this.p2pClient.registerBlockProposalHandler(handler);
+  /** Register handlers on the p2p client */
+  public async registerHandlers() {
+    if (!this.hasRegisteredHandlers) {
+      this.hasRegisteredHandlers = true;
+      this.log.debug(`Registering validator handlers for p2p client`);
+
+      const handler = (block: BlockProposal, proposalSender: PeerId): Promise<BlockAttestation[] | undefined> =>
+        this.attestToProposal(block, proposalSender);
+      this.p2pClient.registerBlockProposalHandler(handler);
+
+      const myAddresses = this.getValidatorAddresses();
+      this.p2pClient.registerThisValidatorAddresses(myAddresses);
+
+      await this.p2pClient.addReqRespSubProtocol(ReqRespSubProtocol.AUTH, this.handleAuthRequest.bind(this));
+    }
   }
 
+  @trackSpan('validator.attestToProposal', (proposal, proposalSender) => ({
+    [Attributes.BLOCK_HASH]: proposal.payload.header.hash.toString(),
+    [Attributes.PEER_ID]: proposalSender.toString(),
+  }))
   async attestToProposal(proposal: BlockProposal, proposalSender: PeerId): Promise<BlockAttestation[] | undefined> {
-    const slotNumber = proposal.slotNumber.toBigInt();
-    const blockNumber = proposal.blockNumber;
+    const slotNumber = proposal.slotNumber;
     const proposer = proposal.getSender();
 
+    // Reject proposals with invalid signatures
+    if (!proposer) {
+      this.log.warn(`Received proposal with invalid signature for slot ${slotNumber}`);
+      return undefined;
+    }
+
     // Check that I have any address in current committee before attesting
     const inCommittee = await this.epochCache.filterInCommittee(slotNumber, this.getValidatorAddresses());
     const partOfCommittee = inCommittee.length > 0;
 
-    const proposalInfo = {
-      ...proposal.toBlockInfo(),
-      proposer: proposer.toString(),
-    };
-
+    const proposalInfo = { ...proposal.toBlockInfo(), proposer: proposer.toString() };
     this.log.info(`Received proposal for slot ${slotNumber}`, {
       ...proposalInfo,
-      txHashes: proposal.txHashes.map(txHash => txHash.toString()),
-    });
-
-    // Collect txs from the proposal. Note that we do this before checking if we have an address in the
-    // current committee, since we want to collect txs anyway to facilitate propagation.
-    const { txs, missingTxs } = await this.txProvider.getTxsForBlockProposal(proposal, {
-      pinnedPeer: proposalSender,
-      deadline: this.getReexecutionDeadline(proposal, this.blockBuilder.getConfig()),
+      txHashes: proposal.txHashes.map(t => t.toString()),
+      fishermanMode: this.config.fishermanMode || false,
     });
 
-    // Check that I have any address in current committee before attesting
-    if (!partOfCommittee) {
-      this.log.verbose(`No validator in the current committee, skipping attestation`, proposalInfo);
-      return undefined;
-    }
-
-    // Check that the proposal is from the current proposer, or the next proposer.
-    // Q: Should this be moved to the block proposal validator, so we disregard proposals from anyone?
-    const invalidProposal = await this.blockProposalValidator.validate(proposal);
-    if (invalidProposal) {
-      this.log.warn(`Proposal is not valid, skipping attestation`, proposalInfo);
-      if (partOfCommittee) {
-        this.metrics.incFailedAttestations(1, 'invalid_proposal');
-      }
-      return undefined;
-    }
-
-    // Check that the parent proposal is a block we know, otherwise reexecution would fail.
-    // Q: Should we move this to the block proposal validator? If there, then p2p would check it
-    // before re-broadcasting it. This means that proposals built on top of an L1-reorg'ed-out block
-    // would not be rebroadcasted. But it also means that nodes that have not fully synced would
-    // not rebroadcast the proposal.
-    if (blockNumber > INITIAL_L2_BLOCK_NUM) {
-      const config = this.blockBuilder.getConfig();
-      const deadline = this.getReexecutionDeadline(proposal, config);
-      const currentTime = this.dateProvider.now();
-      const timeoutDurationMs = deadline.getTime() - currentTime;
-      const parentBlock =
-        timeoutDurationMs <= 0
-          ? undefined
-          : await retryUntil(
-              async () => {
-                const block = await this.blockSource.getBlock(blockNumber - 1);
-                if (block) {
-                  return block;
-                }
-                await this.blockSource.syncImmediate();
-                return await this.blockSource.getBlock(blockNumber - 1);
-              },
-              'Force Archiver Sync',
-              timeoutDurationMs / 1000, // Continue retrying until the deadline
-              0.5, // Retry every 500ms
-            );
-
-      if (parentBlock === undefined) {
-        this.log.warn(`Parent block for ${blockNumber} not found, skipping attestation`, proposalInfo);
-        if (partOfCommittee) {
-          this.metrics.incFailedAttestations(1, 'parent_block_not_found');
-        }
-        return undefined;
-      }
-
-      if (!proposal.payload.header.lastArchiveRoot.equals(parentBlock.archive.root)) {
-        this.log.warn(`Parent block archive root for proposal does not match, skipping attestation`, {
-          proposalLastArchiveRoot: proposal.payload.header.lastArchiveRoot.toString(),
-          parentBlockArchiveRoot: parentBlock.archive.root.toString(),
-          ...proposalInfo,
-        });
-        if (partOfCommittee) {
-          this.metrics.incFailedAttestations(1, 'parent_block_does_not_match');
-        }
-        return undefined;
-      }
-    }
-
-    // Check that I have the same set of l1ToL2Messages as the proposal
-    // Q: Same as above, should this be part of p2p validation?
-    const l1ToL2Messages = await this.l1ToL2MessageSource.getL1ToL2Messages(blockNumber);
-    const computedInHash = await computeInHashFromL1ToL2Messages(l1ToL2Messages);
-    const proposalInHash = proposal.payload.header.contentCommitment.inHash;
-    if (!computedInHash.equals(proposalInHash)) {
-      this.log.warn(`L1 to L2 messages in hash mismatch, skipping attestation`, {
-        proposalInHash: proposalInHash.toString(),
-        computedInHash: computedInHash.toString(),
-        ...proposalInfo,
-      });
-      if (partOfCommittee) {
-        this.metrics.incFailedAttestations(1, 'in_hash_mismatch');
-      }
-      return undefined;
-    }
+    // Reexecute txs if we are part of the committee so we can attest, or if slashing is enabled so we can slash
+    // invalid proposals even when not in the committee, or if we are configured to always reexecute for monitoring purposes.
+    // In fisherman mode, we always reexecute to validate proposals.
+    const { validatorReexecute, slashBroadcastedInvalidBlockPenalty, alwaysReexecuteBlockProposals, fishermanMode } =
+      this.config;
+    const shouldReexecute =
+      fishermanMode ||
+      (slashBroadcastedInvalidBlockPenalty > 0n && validatorReexecute) ||
+      (partOfCommittee && validatorReexecute) ||
+      alwaysReexecuteBlockProposals ||
+      this.blobClient.canUpload();
+
+    const validationResult = await this.blockProposalHandler.handleBlockProposal(
+      proposal,
+      proposalSender,
+      !!shouldReexecute,
+    );
 
-    // Check that all of the transactions in the proposal are available in the tx pool before attesting
-    if (missingTxs.length > 0) {
-      this.log.warn(`Missing ${missingTxs.length} txs to attest to proposal`, { ...proposalInfo, missingTxs });
-      if (partOfCommittee) {
-        this.metrics.incFailedAttestations(1, 'TransactionsNotAvailableError');
+    if (!validationResult.isValid) {
+      this.log.warn(`Proposal validation failed: ${validationResult.reason}`, proposalInfo);
+
+      const reason = validationResult.reason || 'unknown';
+      // Classify failure reason: bad proposal vs node issue
+      const badProposalReasons: BlockProposalValidationFailureReason[] = [
+        'invalid_proposal',
+        'state_mismatch',
+        'failed_txs',
+        'in_hash_mismatch',
+        'parent_block_wrong_slot',
+      ];
+
+      if (badProposalReasons.includes(reason as BlockProposalValidationFailureReason)) {
+        this.metrics.incFailedAttestationsBadProposal(1, reason, partOfCommittee);
+      } else {
+        // Node issues so we can't attest
+        this.metrics.incFailedAttestationsNodeIssue(1, reason, partOfCommittee);
       }
-      return undefined;
-    }
 
-    // Try re-executing the transactions in the proposal
-    try {
-      this.log.verbose(`Processing attestation for slot ${slotNumber}`, proposalInfo);
-      if (this.config.validatorReexecute) {
-        this.log.verbose(`Re-executing transactions in the proposal before attesting`);
-        await this.reExecuteTransactions(proposal, txs, l1ToL2Messages);
-      }
-    } catch (error: any) {
-      this.metrics.incFailedAttestations(1, error instanceof Error ? error.name : 'unknown');
-      this.log.error(`Error reexecuting txs while processing block proposal`, error, proposalInfo);
-      if (error instanceof ReExStateMismatchError && this.config.slashBroadcastedInvalidBlockPenalty > 0n) {
+      // Slash invalid block proposals (can happen even when not in committee)
+      if (
+        validationResult.reason &&
+        SLASHABLE_BLOCK_PROPOSAL_VALIDATION_RESULT.includes(validationResult.reason) &&
+        slashBroadcastedInvalidBlockPenalty > 0n
+      ) {
         this.log.warn(`Slashing proposer for invalid block proposal`, proposalInfo);
         this.slashInvalidBlock(proposal);
       }
       return undefined;
     }
 
-    // Provided all of the above checks pass, we can attest to the proposal
-    this.log.info(`Attesting to proposal for slot ${slotNumber}`, proposalInfo);
-    this.metrics.incAttestations(inCommittee.length);
-
-    // If the above function does not throw an error, then we can attest to the proposal
-    return this.doAttestToProposal(proposal, inCommittee);
-  }
-
-  private getReexecutionDeadline(
-    proposal: BlockProposal,
-    config: { l1GenesisTime: bigint; slotDuration: number },
-  ): Date {
-    const nextSlotTimestampSeconds = Number(getTimestampForSlot(proposal.slotNumber.toBigInt() + 1n, config));
-    const msNeededForPropagationAndPublishing = this.config.validatorReexecuteDeadlineMs;
-    return new Date(nextSlotTimestampSeconds * 1000 - msNeededForPropagationAndPublishing);
-  }
-
-  /**
-   * Re-execute the transactions in the proposal and check that the state updates match the header state
-   * @param proposal - The proposal to re-execute
-   */
-  async reExecuteTransactions(proposal: BlockProposal, txs: Tx[], l1ToL2Messages: Fr[]): Promise<void> {
-    const { header } = proposal.payload;
-    const { txHashes } = proposal;
-
-    // If we do not have all of the transactions, then we should fail
-    if (txs.length !== txHashes.length) {
-      const foundTxHashes = txs.map(tx => tx.getTxHash());
-      const missingTxHashes = txHashes.filter(txHash => !foundTxHashes.includes(txHash));
-      throw new TransactionsNotAvailableError(missingTxHashes);
+    // Check that I have any address in current committee before attesting
+    // In fisherman mode, we still create attestations for validation even if not in committee
+    if (!partOfCommittee && !this.config.fishermanMode) {
+      this.log.verbose(`No validator in the current committee, skipping attestation`, proposalInfo);
+      return undefined;
     }
 
-    // Use the sequencer's block building logic to re-execute the transactions
-    const timer = new Timer();
-    const config = this.blockBuilder.getConfig();
-    const globalVariables = GlobalVariables.from({
-      ...proposal.payload.header,
-      blockNumber: proposal.blockNumber,
-      timestamp: header.timestamp,
-      chainId: new Fr(config.l1ChainId),
-      version: new Fr(config.rollupVersion),
-    });
-
-    const { block, failedTxs } = await this.blockBuilder.buildBlock(txs, l1ToL2Messages, globalVariables, {
-      deadline: this.getReexecutionDeadline(proposal, config),
+    // Provided all of the above checks pass, we can attest to the proposal
+    this.log.info(`${partOfCommittee ? 'Attesting to' : 'Validated'} proposal for slot ${slotNumber}`, {
+      ...proposalInfo,
+      inCommittee: partOfCommittee,
+      fishermanMode: this.config.fishermanMode || false,
     });
 
-    this.log.verbose(`Transaction re-execution complete`);
-    const numFailedTxs = failedTxs.length;
-
-    if (numFailedTxs > 0) {
-      this.metrics.recordFailedReexecution(proposal);
-      throw new ReExFailedTxsError(numFailedTxs);
+    this.metrics.incSuccessfulAttestations(inCommittee.length);
+
+    // Upload blobs to filestore after successful re-execution (fire-and-forget)
+    if (validationResult.reexecutionResult?.block && this.blobClient.canUpload()) {
+      void Promise.resolve().then(async () => {
+        try {
+          const blobFields = validationResult.reexecutionResult!.block.getCheckpointBlobFields();
+          const blobs = getBlobsPerL1Block(blobFields);
+          await this.blobClient.sendBlobsToFilestore(blobs);
+          this.log.debug(`Uploaded ${blobs.length} blobs to filestore from re-execution`, proposalInfo);
+        } catch (err) {
+          this.log.warn(`Failed to upload blobs from re-execution`, err);
+        }
+      });
     }
 
-    if (block.body.txEffects.length !== txHashes.length) {
-      this.metrics.recordFailedReexecution(proposal);
-      throw new ReExTimeoutError();
+    // If the above function does not throw an error, then we can attest to the proposal
+    // Determine which validators should attest
+    let attestors: EthAddress[];
+    if (partOfCommittee) {
+      attestors = inCommittee;
+    } else if (this.config.fishermanMode) {
+      // In fisherman mode, create attestations for validation purposes even if not in committee. These won't be broadcast.
+      attestors = this.getValidatorAddresses();
+    } else {
+      attestors = [];
     }
 
-    // This function will throw an error if state updates do not match
-    if (!block.archive.root.equals(proposal.archive)) {
-      this.metrics.recordFailedReexecution(proposal);
-      throw new ReExStateMismatchError(
-        proposal.archive,
-        block.archive.root,
-        proposal.payload.stateReference,
-        block.header.state,
-      );
+    // Only create attestations if we have attestors
+    if (attestors.length === 0) {
+      return undefined;
     }
 
-    this.metrics.recordReex(timer.ms(), txs.length, block.header.totalManaUsed.toNumber() / 1e6);
+    if (this.config.fishermanMode) {
+      // bail out early and don't save attestations to the pool in fisherman mode
+      this.log.info(`Creating attestations for proposal for slot ${slotNumber}`, {
+        ...proposalInfo,
+        attestors: attestors.map(a => a.toString()),
+      });
+      return undefined;
+    }
+    return this.createBlockAttestationsFromProposal(proposal, attestors);
   }
 
   private slashInvalidBlock(proposal: BlockProposal) {
     const proposer = proposal.getSender();
 
+    // Skip if signature is invalid (shouldn't happen since we validate earlier)
+    if (!proposer) {
+      this.log.warn(`Cannot slash proposal with invalid signature`);
+      return;
+    }
+
     // Trim the set if it's too big.
     if (this.proposersOfInvalidBlocks.size > MAX_PROPOSERS_OF_INVALID_BLOCKS) {
       // remove oldest proposer. `values` is guaranteed to be in insertion order.
@@ -454,52 +419,76 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
         validator: proposer,
         amount: this.config.slashBroadcastedInvalidBlockPenalty,
         offenseType: OffenseType.BROADCASTED_INVALID_BLOCK_PROPOSAL,
-        epochOrSlot: proposal.slotNumber.toBigInt(),
+        epochOrSlot: BigInt(proposal.slotNumber),
       },
     ]);
   }
 
+  // TODO(palla/mbps): Block proposal should not require a checkpoint proposal
   async createBlockProposal(
-    blockNumber: number,
-    header: ProposedBlockHeader,
+    blockNumber: BlockNumber,
+    header: CheckpointHeader,
     archive: Fr,
-    stateReference: StateReference,
     txs: Tx[],
     proposerAddress: EthAddress | undefined,
     options: BlockProposalOptions,
-  ): Promise<BlockProposal | undefined> {
-    if (this.previousProposal?.slotNumber.equals(header.slotNumber)) {
-      this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
-      return Promise.resolve(undefined);
-    }
-
-    const newProposal = await this.validationService.createBlockProposal(
-      blockNumber,
-      header,
-      archive,
-      stateReference,
-      txs,
-      proposerAddress,
-      options,
-    );
+  ): Promise<BlockProposal> {
+    // TODO(palla/mbps): Prevent double proposals properly
+    // if (this.previousProposal?.slotNumber === header.slotNumber) {
+    //   this.log.verbose(`Already made a proposal for the same slot, skipping proposal`);
+    //   return Promise.resolve(undefined);
+    // }
+
+    this.log.info(`Assembling block proposal for block ${blockNumber} slot ${header.slotNumber}`);
+    const newProposal = await this.validationService.createBlockProposal(header, archive, txs, proposerAddress, {
+      ...options,
+      broadcastInvalidBlockProposal: this.config.broadcastInvalidBlockProposal,
+    });
     this.previousProposal = newProposal;
     return newProposal;
   }
 
+  // TODO(palla/mbps): Effectively create a checkpoint proposal different from a block proposal
+  createCheckpointProposal(
+    header: CheckpointHeader,
+    archive: Fr,
+    txs: Tx[],
+    proposerAddress: EthAddress | undefined,
+    options: BlockProposalOptions,
+  ): Promise<BlockProposal> {
+    this.log.info(`Assembling checkpoint proposal for slot ${header.slotNumber}`);
+    return this.createBlockProposal(0 as BlockNumber, header, archive, txs, proposerAddress, options);
+  }
+
   async broadcastBlockProposal(proposal: BlockProposal): Promise<void> {
     await this.p2pClient.broadcastProposal(proposal);
   }
 
+  async signAttestationsAndSigners(
+    attestationsAndSigners: CommitteeAttestationsAndSigners,
+    proposer: EthAddress,
+  ): Promise<Signature> {
+    return await this.validationService.signAttestationsAndSigners(attestationsAndSigners, proposer);
+  }
+
   async collectOwnAttestations(proposal: BlockProposal): Promise<BlockAttestation[]> {
-    const slot = proposal.payload.header.slotNumber.toBigInt();
+    const slot = proposal.payload.header.slotNumber;
     const inCommittee = await this.epochCache.filterInCommittee(slot, this.getValidatorAddresses());
     this.log.debug(`Collecting ${inCommittee.length} self-attestations for slot ${slot}`, { inCommittee });
-    return this.doAttestToProposal(proposal, inCommittee);
+    const attestations = await this.createBlockAttestationsFromProposal(proposal, inCommittee);
+
+    // We broadcast our own attestations to our peers so, in case our block does not get mined on L1,
+    // other nodes can see that our validators did attest to this block proposal, and do not slash us
+    // due to inactivity for missed attestations.
+    void this.p2pClient.broadcastAttestations(attestations).catch(err => {
+      this.log.error(`Failed to broadcast self-attestations for slot ${slot}`, err);
+    });
+    return attestations;
   }
 
   async collectAttestations(proposal: BlockProposal, required: number, deadline: Date): Promise<BlockAttestation[]> {
     // Wait and poll the p2pClient's attestation pool for this block until we have enough attestations
-    const slot = proposal.payload.header.slotNumber.toBigInt();
+    const slot = proposal.payload.header.slotNumber;
     this.log.debug(`Collecting ${required} attestations for slot ${slot} with deadline ${deadline.toISOString()}`);
 
     if (+deadline < this.dateProvider.now()) {
@@ -516,13 +505,33 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
 
     let attestations: BlockAttestation[] = [];
     while (true) {
-      const collectedAttestations = await this.p2pClient.getAttestationsForSlot(slot, proposalId);
+      // Filter out attestations with a mismatching payload. This should NOT happen since we have verified
+      // the proposer signature (ie our own) before accepting the attestation into the pool via the p2p client.
+      const collectedAttestations = (await this.p2pClient.getAttestationsForSlot(slot, proposalId)).filter(
+        attestation => {
+          if (!attestation.payload.equals(proposal.payload)) {
+            this.log.warn(
+              `Received attestation for slot ${slot} with mismatched payload from ${attestation.getSender()?.toString()}`,
+              { attestationPayload: attestation.payload, proposalPayload: proposal.payload },
+            );
+            return false;
+          }
+          return true;
+        },
+      );
+
+      // Log new attestations we collected
       const oldSenders = attestations.map(attestation => attestation.getSender());
       for (const collected of collectedAttestations) {
         const collectedSender = collected.getSender();
+        // Skip attestations with invalid signatures
+        if (!collectedSender) {
+          this.log.warn(`Skipping attestation with invalid signature for slot ${slot}`);
+          continue;
+        }
         if (
           !myAddresses.some(address => address.equals(collectedSender)) &&
-          !oldSenders.some(sender => sender.equals(collectedSender))
+          !oldSenders.some(sender => sender?.equals(collectedSender))
         ) {
           this.log.debug(`Received attestation for slot ${slot} from ${collectedSender.toString()}`);
         }
@@ -539,12 +548,15 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
         throw new AttestationTimeoutError(attestations.length, required, slot);
       }
 
-      this.log.debug(`Collected ${attestations.length} attestations so far`);
+      this.log.debug(`Collected ${attestations.length} of ${required} attestations so far`);
       await sleep(this.config.attestationPollingIntervalMs);
     }
   }
 
-  private async doAttestToProposal(proposal: BlockProposal, attestors: EthAddress[] = []): Promise<BlockAttestation[]> {
+  private async createBlockAttestationsFromProposal(
+    proposal: BlockProposal,
+    attestors: EthAddress[] = [],
+  ): Promise<BlockAttestation[]> {
     const attestations = await this.validationService.attestToProposal(proposal, attestors);
     await this.p2pClient.addAttestations(attestations);
     return attestations;
@@ -573,5 +585,3 @@ export class ValidatorClient extends (EventEmitter as new () => WatcherEmitter)
     return authResponse.toBuffer();
   }
 }
-
-// Conversion helpers moved into NodeKeystoreAdapter.