@aztec/validator-client 5.0.0-private.20260318 → 5.0.0-rc.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/validator-client",
-  "version": "5.0.0-private.20260318",
+  "version": "5.0.0-rc.1",
   "main": "dest/index.js",
   "type": "module",
   "exports": {
@@ -64,30 +64,30 @@
     ]
   },
   "dependencies": {
-    "@aztec/blob-client": "5.0.0-private.20260318",
-    "@aztec/blob-lib": "5.0.0-private.20260318",
-    "@aztec/constants": "5.0.0-private.20260318",
-    "@aztec/epoch-cache": "5.0.0-private.20260318",
-    "@aztec/ethereum": "5.0.0-private.20260318",
-    "@aztec/foundation": "5.0.0-private.20260318",
-    "@aztec/node-keystore": "5.0.0-private.20260318",
-    "@aztec/noir-protocol-circuits-types": "5.0.0-private.20260318",
-    "@aztec/p2p": "5.0.0-private.20260318",
-    "@aztec/protocol-contracts": "5.0.0-private.20260318",
-    "@aztec/prover-client": "5.0.0-private.20260318",
-    "@aztec/simulator": "5.0.0-private.20260318",
-    "@aztec/slasher": "5.0.0-private.20260318",
-    "@aztec/stdlib": "5.0.0-private.20260318",
-    "@aztec/telemetry-client": "5.0.0-private.20260318",
-    "@aztec/validator-ha-signer": "5.0.0-private.20260318",
+    "@aztec/blob-client": "5.0.0-rc.1",
+    "@aztec/blob-lib": "5.0.0-rc.1",
+    "@aztec/constants": "5.0.0-rc.1",
+    "@aztec/epoch-cache": "5.0.0-rc.1",
+    "@aztec/ethereum": "5.0.0-rc.1",
+    "@aztec/foundation": "5.0.0-rc.1",
+    "@aztec/node-keystore": "5.0.0-rc.1",
+    "@aztec/noir-protocol-circuits-types": "5.0.0-rc.1",
+    "@aztec/p2p": "5.0.0-rc.1",
+    "@aztec/protocol-contracts": "5.0.0-rc.1",
+    "@aztec/prover-client": "5.0.0-rc.1",
+    "@aztec/simulator": "5.0.0-rc.1",
+    "@aztec/slasher": "5.0.0-rc.1",
+    "@aztec/stdlib": "5.0.0-rc.1",
+    "@aztec/telemetry-client": "5.0.0-rc.1",
+    "@aztec/validator-ha-signer": "5.0.0-rc.1",
     "koa": "^2.16.1",
     "koa-router": "^13.1.1",
     "tslib": "^2.4.0",
     "viem": "npm:@aztec/viem@2.38.2"
   },
   "devDependencies": {
-    "@aztec/archiver": "5.0.0-private.20260318",
-    "@aztec/world-state": "5.0.0-private.20260318",
+    "@aztec/archiver": "5.0.0-rc.1",
+    "@aztec/world-state": "5.0.0-rc.1",
     "@electric-sql/pglite": "^0.3.14",
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",

package/src/checkpoint_builder.ts

@@ -20,6 +20,7 @@ import type { ContractDataSource } from '@aztec/stdlib/contract';
 import type { L1RollupConstants } from '@aztec/stdlib/epoch-helpers';
 import { Gas } from '@aztec/stdlib/gas';
 import {
+  type BlockBuilderOptions,
   type BuildBlockInCheckpointResult,
   type FullNodeBlockBuilderConfig,
   FullNodeBlockBuilderConfigKeys,
@@ -46,6 +47,9 @@ export type { BuildBlockInCheckpointResult } from '@aztec/stdlib/interfaces/serv
 export class CheckpointBuilder implements ICheckpointBlockBuilder {
   private log: Logger;
 
+  /** Persistent contracts DB shared across all blocks in this checkpoint. */
+  protected contractsDB: PublicContractsDB;
+
   constructor(
     private checkpointBuilder: LightweightCheckpointBuilder,
     private fork: MerkleTreeWriteOperations,
@@ -60,6 +64,7 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
       ...bindings,
       instanceId: `checkpoint-${checkpointBuilder.checkpointNumber}`,
     });
+    this.contractsDB = new PublicContractsDB(this.contractDataSource, this.log.getBindings());
   }
 
   getConstantData(): CheckpointGlobalVariables {
@@ -74,7 +79,7 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     pendingTxs: Iterable<Tx> | AsyncIterable<Tx>,
     blockNumber: BlockNumber,
     timestamp: bigint,
-    opts: PublicProcessorLimits & { expectedEndState?: StateReference; minValidTxs?: number } = {},
+    opts: BlockBuilderOptions & { expectedEndState?: StateReference },
   ): Promise<BuildBlockInCheckpointResult> {
     const slot = this.checkpointBuilder.constants.slotNumber;
 
@@ -104,6 +109,8 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
       ...this.capLimitsByCheckpointBudgets(opts),
     };
 
+    // Create a block-level checkpoint on the contracts DB so we can roll back on failure
+    this.contractsDB.createCheckpoint();
     // We execute all merkle tree operations on a world state fork checkpoint
     // This enables us to discard all modifications in the event that we fail to successfully process sufficient transactions
     const forkCheckpoint = await ForkCheckpoint.new(this.fork);
@@ -112,6 +119,7 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
       const [publicProcessorDuration, [processedTxs, failedTxs, usedTxs]] = await elapsed(() =>
         processor.process(pendingTxs, cappedOpts, validator),
       );
+
       // Throw before updating state if we don't have enough valid txs
       const minValidTxs = opts.minValidTxs ?? 0;
       if (processedTxs.length < minValidTxs) {
@@ -126,6 +134,8 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
         expectedEndState: opts.expectedEndState,
       });
 
+      this.contractsDB.commitCheckpoint();
+
       this.log.debug('Built block within checkpoint', {
         header: block.header.toInspect(),
         processedTxs: processedTxs.map(tx => tx.hash.toString()),
@@ -140,6 +150,8 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
         usedTxs,
       };
     } catch (err) {
+      // Revert all changes to contracts db
+      this.contractsDB.revertCheckpoint();
       // If we reached the point of committing the checkpoint, this does nothing
       // Otherwise it reverts any changes made to the fork for this failed block
       await forkCheckpoint.revert();
@@ -167,11 +179,12 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
 
   /**
    * Caps per-block gas and blob field limits by remaining checkpoint-level budgets.
-   * Computes remaining L2 gas (mana), DA gas, and blob fields from blocks already added to the checkpoint,
-   * then returns opts with maxBlockGas and maxBlobFields capped accordingly.
+   * When building a proposal (isBuildingProposal=true), computes a fair share of remaining budget
+   * across remaining blocks scaled by the multiplier. When validating, only caps by per-block limit
+   * and remaining checkpoint budget (no redistribution or multiplier).
    */
   protected capLimitsByCheckpointBudgets(
-    opts: PublicProcessorLimits,
+    opts: BlockBuilderOptions,
   ): Pick<PublicProcessorLimits, 'maxBlockGas' | 'maxBlobFields' | 'maxTransactions'> {
     const existingBlocks = this.checkpointBuilder.getBlocks();
 
@@ -192,39 +205,33 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
     const blockEndOverhead = getNumBlockEndBlobFields(isFirstBlock);
     const maxBlobFieldsForTxs = totalBlobCapacity - usedBlobFields - blockEndOverhead;
 
-    // When redistributeCheckpointBudget is enabled (default), compute a fair share of remaining budget
-    // across remaining blocks scaled by the multiplier, instead of letting one block consume it all.
-    const redistribute = this.config.redistributeCheckpointBudget !== false;
-    const remainingBlocks = Math.max(1, (this.config.maxBlocksPerCheckpoint ?? 1) - existingBlocks.length);
-    const multiplier = this.config.perBlockAllocationMultiplier ?? 1.2;
-
-    // Cap L2 gas by remaining checkpoint mana (with fair share when redistributing)
-    const fairShareL2 = redistribute ? Math.ceil((remainingMana / remainingBlocks) * multiplier) : Infinity;
-    const cappedL2Gas = Math.min(opts.maxBlockGas?.l2Gas ?? Infinity, fairShareL2, remainingMana);
-
-    // Cap DA gas by remaining checkpoint DA gas budget (with fair share when redistributing)
-    const fairShareDA = redistribute ? Math.ceil((remainingDAGas / remainingBlocks) * multiplier) : Infinity;
-    const cappedDAGas = Math.min(opts.maxBlockGas?.daGas ?? remainingDAGas, fairShareDA, remainingDAGas);
-
-    // Cap blob fields by remaining checkpoint blob capacity (with fair share when redistributing)
-    const fairShareBlobs = redistribute ? Math.ceil((maxBlobFieldsForTxs / remainingBlocks) * multiplier) : Infinity;
-    const cappedBlobFields = Math.min(opts.maxBlobFields ?? Infinity, fairShareBlobs, maxBlobFieldsForTxs);
-
-    // Cap transaction count by remaining checkpoint tx budget (with fair share when redistributing)
-    let cappedMaxTransactions: number | undefined;
-    if (this.config.maxTxsPerCheckpoint !== undefined) {
-      const usedTxs = sum(existingBlocks.map(b => b.body.txEffects.length));
-      const remainingTxs = Math.max(0, this.config.maxTxsPerCheckpoint - usedTxs);
-      const fairShareTxs = redistribute ? Math.ceil((remainingTxs / remainingBlocks) * multiplier) : Infinity;
-      cappedMaxTransactions = Math.min(opts.maxTransactions ?? Infinity, fairShareTxs, remainingTxs);
-    } else {
-      cappedMaxTransactions = opts.maxTransactions;
+    // Remaining txs
+    const usedTxs = sum(existingBlocks.map(b => b.body.txEffects.length));
+    const remainingTxs = Math.max(0, (this.config.maxTxsPerCheckpoint ?? Infinity) - usedTxs);
+
+    // Cap by per-block limit + remaining checkpoint budget
+    let cappedL2Gas = Math.min(opts.maxBlockGas?.l2Gas ?? Infinity, remainingMana);
+    let cappedDAGas = Math.min(opts.maxBlockGas?.daGas ?? Infinity, remainingDAGas);
+    let cappedBlobFields = Math.min(opts.maxBlobFields ?? Infinity, maxBlobFieldsForTxs);
+    let cappedMaxTransactions = Math.min(opts.maxTransactions ?? Infinity, remainingTxs);
+
+    // Proposer mode: further cap by fair share of remaining budget across remaining blocks
+    if (opts.isBuildingProposal) {
+      const remainingBlocks = Math.max(1, opts.maxBlocksPerCheckpoint - existingBlocks.length);
+      const multiplier = opts.perBlockAllocationMultiplier;
+      // DA gas and blob fields use a higher multiplier so the largest contract class deploy fits a block.
+      const daMultiplier = opts.perBlockDAAllocationMultiplier ?? multiplier;
+
+      cappedL2Gas = Math.min(cappedL2Gas, Math.ceil((remainingMana / remainingBlocks) * multiplier));
+      cappedDAGas = Math.min(cappedDAGas, Math.ceil((remainingDAGas / remainingBlocks) * daMultiplier));
+      cappedBlobFields = Math.min(cappedBlobFields, Math.ceil((maxBlobFieldsForTxs / remainingBlocks) * daMultiplier));
+      cappedMaxTransactions = Math.min(cappedMaxTransactions, Math.ceil((remainingTxs / remainingBlocks) * multiplier));
     }
 
     return {
       maxBlockGas: new Gas(cappedDAGas, cappedL2Gas),
       maxBlobFields: cappedBlobFields,
-      maxTransactions: cappedMaxTransactions,
+      maxTransactions: Number.isFinite(cappedMaxTransactions) ? cappedMaxTransactions : undefined,
     };
   }
 
@@ -233,7 +240,7 @@ export class CheckpointBuilder implements ICheckpointBlockBuilder {
       ...(await getDefaultAllowedSetupFunctions()),
       ...(this.config.txPublicSetupAllowListExtend ?? []),
     ];
-    const contractsDB = new PublicContractsDB(this.contractDataSource, this.log.getBindings());
+    const contractsDB = this.contractsDB;
     const guardedFork = new GuardedMerkleTreeOperations(fork);
 
     const collectDebugLogs = this.debugLogStore.isEnabled;

package/src/config.ts

@@ -3,15 +3,27 @@ import {
   booleanConfigHelper,
   getConfigFromMappings,
   numberConfigHelper,
+  optionalNumberConfigHelper,
+  pickConfigMappings,
   secretValueConfigHelper,
 } from '@aztec/foundation/config';
 import { EthAddress } from '@aztec/foundation/eth-address';
+import { type SequencerConfig, sharedSequencerConfigMappings } from '@aztec/stdlib/config';
 import { localSignerConfigMappings, validatorHASignerConfigMappings } from '@aztec/stdlib/ha-signing';
 import type { ValidatorClientConfig } from '@aztec/stdlib/interfaces/server';
 
 export type { ValidatorClientConfig };
 
-export const validatorClientConfigMappings: ConfigMappingsType<ValidatorClientConfig> = {
+/**
+ * Default clock-disparity tolerance (ms) for proposal/attestation receive windows, mirroring the p2p config
+ * default. Used by the validator-client validators when the merged node config does not carry the value.
+ */
+export const DEFAULT_MAX_GOSSIP_CLOCK_DISPARITY_MS = 500;
+
+export const validatorClientConfigMappings: ConfigMappingsType<
+  ValidatorClientConfig & Pick<SequencerConfig, 'blockDurationMs'>
+> = {
+  ...pickConfigMappings(sharedSequencerConfigMappings, ['blockDurationMs']),
   validatorPrivateKeys: {
     env: 'VALIDATOR_PRIVATE_KEYS',
     description: 'List of private keys of the validators participating in attestation duties',
@@ -30,6 +42,12 @@ export const validatorClientConfigMappings: ConfigMappingsType<ValidatorClientCo
         .map(address => EthAddress.fromString(address.trim())),
     defaultValue: [],
   },
+  l1ChainId: {
+    env: 'L1_CHAIN_ID',
+    description: 'The chain ID of the ethereum host.',
+    parseEnv: (val: string) => +val,
+    defaultValue: 31337,
+  },
   disableValidator: {
     env: 'VALIDATOR_DISABLED',
     description: 'Do not run the validator',
@@ -49,11 +67,6 @@ export const validatorClientConfigMappings: ConfigMappingsType<ValidatorClientCo
     description: 'Interval between polling for new attestations',
     ...numberConfigHelper(200),
   },
-  validatorReexecute: {
-    env: 'VALIDATOR_REEXECUTE',
-    description: 'Re-execute transactions before attesting',
-    ...booleanConfigHelper(true),
-  },
   alwaysReexecuteBlockProposals: {
     description:
       'Whether to always reexecute block proposals, even for non-validator nodes (useful for monitoring network status).',
@@ -77,25 +90,29 @@ export const validatorClientConfigMappings: ConfigMappingsType<ValidatorClientCo
     description: 'Agree to attest to equivocated checkpoint proposals (for testing purposes only)',
     ...booleanConfigHelper(false),
   },
+  skipProposalSlotValidation: {
+    description: 'Accept proposal validation regardless of slot timing (for testing only)',
+    ...booleanConfigHelper(false),
+  },
   validateMaxL2BlockGas: {
     env: 'VALIDATOR_MAX_L2_BLOCK_GAS',
     description: 'Maximum L2 block gas for validation. Proposals exceeding this limit are rejected.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    ...optionalNumberConfigHelper(),
   },
   validateMaxDABlockGas: {
     env: 'VALIDATOR_MAX_DA_BLOCK_GAS',
     description: 'Maximum DA block gas for validation. Proposals exceeding this limit are rejected.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    ...optionalNumberConfigHelper(),
   },
   validateMaxTxsPerBlock: {
     env: 'VALIDATOR_MAX_TX_PER_BLOCK',
     description: 'Maximum transactions per block for validation. Proposals exceeding this limit are rejected.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    ...optionalNumberConfigHelper(),
   },
   validateMaxTxsPerCheckpoint: {
     env: 'VALIDATOR_MAX_TX_PER_CHECKPOINT',
     description: 'Maximum transactions per checkpoint for validation. Proposals exceeding this limit are rejected.',
-    parseEnv: (val: string) => (val ? parseInt(val, 10) : undefined),
+    ...optionalNumberConfigHelper(),
   },
   ...localSignerConfigMappings,
   ...validatorHASignerConfigMappings,
@@ -106,6 +123,8 @@ export const validatorClientConfigMappings: ConfigMappingsType<ValidatorClientCo
  * Note: If an environment variable is not set, the default value is used.
  * @returns The validator configuration.
  */
-export function getProverEnvVars(): ValidatorClientConfig {
-  return getConfigFromMappings<ValidatorClientConfig>(validatorClientConfigMappings);
+export function getProverEnvVars(): ValidatorClientConfig & Pick<SequencerConfig, 'blockDurationMs'> {
+  return getConfigFromMappings<ValidatorClientConfig & Pick<SequencerConfig, 'blockDurationMs'>>(
+    validatorClientConfigMappings,
+  );
 }

package/src/duties/validation_service.ts

@@ -1,17 +1,9 @@
-import {
-  BlockNumber,
-  type CheckpointNumber,
-  IndexWithinCheckpoint,
-  type SlotNumber,
-} from '@aztec/foundation/branded-types';
-import { Buffer32 } from '@aztec/foundation/buffer';
-import { keccak256 } from '@aztec/foundation/crypto/keccak';
+import { type CheckpointNumber, IndexWithinCheckpoint, type SlotNumber } from '@aztec/foundation/branded-types';
 import { Fr } from '@aztec/foundation/curves/bn254';
 import type { EthAddress } from '@aztec/foundation/eth-address';
 import type { Signature } from '@aztec/foundation/eth-signature';
 import { createLogger } from '@aztec/foundation/log';
-import type { CommitteeAttestationsAndSigners } from '@aztec/stdlib/block';
-import type { CreateCheckpointProposalLastBlockData } from '@aztec/stdlib/interfaces/server';
+import { CommitteeAttestationsAndSigners } from '@aztec/stdlib/block';
 import {
   BlockProposal,
   type BlockProposalOptions,
@@ -20,9 +12,10 @@ import {
   type CheckpointProposalCore,
   type CheckpointProposalOptions,
   ConsensusPayload,
-  SignatureDomainSeparator,
+  type CoordinationSignatureContext,
+  getCoordinationSignatureTypedData,
 } from '@aztec/stdlib/p2p';
-import type { CheckpointHeader } from '@aztec/stdlib/rollup';
+import { CheckpointHeader } from '@aztec/stdlib/rollup';
 import type { BlockHeader, Tx } from '@aztec/stdlib/tx';
 import { DutyAlreadySignedError, SlashingProtectionError } from '@aztec/validator-ha-signer/errors';
 import { DutyType, type SigningContext } from '@aztec/validator-ha-signer/types';
@@ -32,6 +25,7 @@ import type { ValidatorKeyStore } from '../key_store/interface.js';
 export class ValidationService {
   constructor(
     private keyStore: ValidatorKeyStore,
+    private signatureContext: CoordinationSignatureContext,
     private log = createLogger('validator:validation-service'),
   ) {}
 
@@ -52,6 +46,7 @@ export class ValidationService {
    */
   public createBlockProposal(
     blockHeader: BlockHeader,
+    checkpointNumber: CheckpointNumber,
     blockIndexWithinCheckpoint: IndexWithinCheckpoint,
     inHash: Fr,
     archive: Fr,
@@ -67,17 +62,26 @@ export class ValidationService {
 
     // Create a signer that uses the appropriate address
     const address = proposerAttesterAddress ?? this.keyStore.getAddress(0);
-    const payloadSigner = (payload: Buffer32, context: SigningContext) =>
-      this.keyStore.signMessageWithAddress(address, payload, context);
+    const payloadSigner = (
+      typedData: Parameters<ValidatorKeyStore['signTypedDataWithAddress']>[1],
+      context: SigningContext,
+    ) => this.keyStore.signTypedDataWithAddress(address, typedData, context);
+    const txsSigner = (
+      typedData: Parameters<ValidatorKeyStore['signTypedDataWithAddress']>[1],
+      context: SigningContext,
+    ) => this.keyStore.signTypedDataWithAddress(address, typedData, context);
 
     return BlockProposal.createProposalFromSigner(
       blockHeader,
+      checkpointNumber,
       blockIndexWithinCheckpoint,
       inHash,
       archive,
       txs.map(tx => tx.getTxHash()),
       options.publishFullTxs ? txs : undefined,
+      this.signatureContext,
       payloadSigner,
+      txsSigner,
     );
   }
 
@@ -86,7 +90,7 @@ export class ValidationService {
    *
    * @param checkpointHeader - The checkpoint header containing aggregated data
    * @param archive - The archive of the checkpoint
-   * @param lastBlockInfo - Info about the last block (header, index, txs) or undefined
+   * @param lastBlockProposal - Signed block proposal for the last block in the checkpoint, or undefined
    * @param proposerAttesterAddress - The address of the proposer
    * @param options - Checkpoint proposal options
    *
@@ -95,36 +99,41 @@ export class ValidationService {
   public createCheckpointProposal(
     checkpointHeader: CheckpointHeader,
     archive: Fr,
+    checkpointNumber: CheckpointNumber,
     feeAssetPriceModifier: bigint,
-    lastBlockInfo: CreateCheckpointProposalLastBlockData | undefined,
+    lastBlockProposal: BlockProposal | undefined,
     proposerAttesterAddress: EthAddress | undefined,
     options: CheckpointProposalOptions,
   ): Promise<CheckpointProposal> {
-    // For testing: change the archive to trigger state_mismatch validation failure
+    // For testing: corrupt the checkpoint so observers' checkpoint validation fails.
+    //
+    // Keep `archive` aligned with `lastBlockProposal.archiveRoot` so the archive-based lookup
+    // in `validateCheckpointProposal` (`getBlockData({ archive })`) still succeeds
     if (options.broadcastInvalidCheckpointProposal) {
-      archive = Fr.random();
+      archive = lastBlockProposal?.archiveRoot ?? Fr.random();
+      checkpointHeader = CheckpointHeader.from({
+        ...checkpointHeader,
+        epochOutHash: Fr.random(),
+      });
       this.log.warn(`Creating INVALID checkpoint proposal for slot ${checkpointHeader.slotNumber}`);
     }
 
     // Create a signer that takes payload and context, and uses the appropriate address
-    const payloadSigner = (payload: Buffer32, context: SigningContext) => {
+    const payloadSigner = (
+      typedData: Parameters<ValidatorKeyStore['signTypedDataWithAddress']>[1],
+      context: SigningContext,
+    ) => {
       const address = proposerAttesterAddress ?? this.keyStore.getAddress(0);
-      return this.keyStore.signMessageWithAddress(address, payload, context);
-    };
-
-    // Last block to include in the proposal
-    const lastBlock = lastBlockInfo && {
-      blockHeader: lastBlockInfo.blockHeader,
-      indexWithinCheckpoint: lastBlockInfo.indexWithinCheckpoint,
-      txHashes: lastBlockInfo.txs.map(tx => tx.getTxHash()),
-      txs: options.publishFullTxs ? lastBlockInfo.txs : undefined,
+      return this.keyStore.signTypedDataWithAddress(address, typedData, context);
     };
 
     return CheckpointProposal.createProposalFromSigner(
       checkpointHeader,
       archive,
+      checkpointNumber,
       feeAssetPriceModifier,
-      lastBlock,
+      lastBlockProposal,
+      this.signatureContext,
       payloadSigner,
     );
   }
@@ -142,29 +151,27 @@ export class ValidationService {
   async attestToCheckpointProposal(
     proposal: CheckpointProposalCore,
     attestors: EthAddress[],
+    checkpointNumber: CheckpointNumber,
   ): Promise<CheckpointAttestation[]> {
     // Create the attestation payload from the checkpoint proposal
-    const payload = new ConsensusPayload(proposal.checkpointHeader, proposal.archive, proposal.feeAssetPriceModifier);
-    const buf = Buffer32.fromBuffer(
-      keccak256(payload.getPayloadToSign(SignatureDomainSeparator.checkpointAttestation)),
+    const payload = new ConsensusPayload(
+      proposal.checkpointHeader,
+      proposal.archive,
+      proposal.feeAssetPriceModifier,
+      this.signatureContext,
     );
+    const typedData = getCoordinationSignatureTypedData(payload);
 
-    // TODO(spy/ha): Use checkpointNumber instead of blockNumber once CheckpointHeader includes it.
-    // CheckpointProposalCore doesn't have lastBlock info, so use 0 as a proxy.
-    // blockNumber is NOT used for the primary key so it's safe to use here.
-    // See CheckpointHeader TODO and SigningContext types documentation.
-    const blockNumber = BlockNumber(0);
     const context: SigningContext = {
       slot: proposal.slotNumber,
-      blockNumber,
+      checkpointNumber,
       dutyType: DutyType.ATTESTATION,
     };
 
     // Sign each attestor in parallel, catching HA errors per-attestor
     const results = await Promise.allSettled(
       attestors.map(async attestor => {
-        const sig = await this.keyStore.signMessageWithAddress(attestor, buf, context);
-        // return new BlockAttestation(proposal.payload, sig, proposal.signature);
+        const sig = await this.keyStore.signTypedDataWithAddress(attestor, typedData, context);
         return new CheckpointAttestation(payload, sig, proposal.signature);
       }),
     );
@@ -195,7 +202,6 @@ export class ValidationService {
    * @param attestationsAndSigners - The attestations and signers to sign
    * @param proposer - The proposer address to sign with
    * @param slot - The slot number for HA signing context
-   * @param blockNumber - The block or checkpoint number for HA signing context
    * @returns signature
    * @throws DutyAlreadySignedError if already signed by another HA node
    * @throws SlashingProtectionError if attempting to sign different data for same slot
@@ -204,17 +210,15 @@ export class ValidationService {
     attestationsAndSigners: CommitteeAttestationsAndSigners,
     proposer: EthAddress,
     slot: SlotNumber,
-    blockNumber: BlockNumber | CheckpointNumber,
+    checkpointNumber: CheckpointNumber,
   ): Promise<Signature> {
     const context: SigningContext = {
       slot,
-      blockNumber,
+      checkpointNumber,
       dutyType: DutyType.ATTESTATIONS_AND_SIGNERS,
     };
 
-    const buf = Buffer32.fromBuffer(
-      keccak256(attestationsAndSigners.getPayloadToSign(SignatureDomainSeparator.attestationsAndSigners)),
-    );
-    return this.keyStore.signMessageWithAddress(proposer, buf, context);
+    const typedData = getCoordinationSignatureTypedData(attestationsAndSigners);
+    return this.keyStore.signTypedDataWithAddress(proposer, typedData, context);
   }
 }

package/src/factory.ts

@@ -4,16 +4,20 @@ import type { DateProvider } from '@aztec/foundation/timer';
 import type { KeystoreManager } from '@aztec/node-keystore';
 import { BlockProposalValidator, type P2PClient } from '@aztec/p2p';
 import type { L2BlockSink, L2BlockSource } from '@aztec/stdlib/block';
+import type { CheckpointReexecutionTracker } from '@aztec/stdlib/checkpoint';
 import type { ValidatorClientFullConfig, WorldStateSynchronizer } from '@aztec/stdlib/interfaces/server';
 import type { L1ToL2MessageSource } from '@aztec/stdlib/messaging';
+import { ConsensusTimetable } from '@aztec/stdlib/timetable';
 import type { TelemetryClient } from '@aztec/telemetry-client';
+import type { SlashingProtectionDatabase } from '@aztec/validator-ha-signer/types';
 
-import { BlockProposalHandler } from './block_proposal_handler.js';
 import type { FullNodeCheckpointsBuilder } from './checkpoint_builder.js';
+import { DEFAULT_MAX_GOSSIP_CLOCK_DISPARITY_MS } from './config.js';
 import { ValidatorMetrics } from './metrics.js';
+import { ProposalHandler } from './proposal_handler.js';
 import { ValidatorClient } from './validator.js';
 
-export function createBlockProposalHandler(
+export function createProposalHandler(
   config: ValidatorClientFullConfig,
   deps: {
     checkpointsBuilder: FullNodeCheckpointsBuilder;
@@ -22,16 +26,28 @@ export function createBlockProposalHandler(
     l1ToL2MessageSource: L1ToL2MessageSource;
     p2pClient: P2PClient;
     epochCache: EpochCache;
+    blobClient: BlobClientInterface;
     dateProvider: DateProvider;
     telemetry: TelemetryClient;
+    reexecutionTracker: CheckpointReexecutionTracker;
   },
 ) {
   const metrics = new ValidatorMetrics(deps.telemetry);
-  const blockProposalValidator = new BlockProposalValidator(deps.epochCache, {
+  const consensusTimetable = new ConsensusTimetable({
+    l1Constants: deps.epochCache.getL1Constants(),
+    blockDuration: config.blockDurationMs / 1000,
+  });
+  const blockProposalValidator = new BlockProposalValidator(deps.epochCache, consensusTimetable, {
     txsPermitted: !config.disableTransactions,
-    maxTxsPerBlock: config.validateMaxTxsPerBlock,
+    maxTxsPerBlock: config.validateMaxTxsPerBlock ?? config.validateMaxTxsPerCheckpoint,
+    maxBlocksPerCheckpoint: config.maxBlocksPerCheckpoint,
+    signatureContext: {
+      chainId: config.l1ChainId,
+      rollupAddress: config.rollupAddress,
+    },
+    clockDisparityMs: config.maxGossipClockDisparityMs ?? DEFAULT_MAX_GOSSIP_CLOCK_DISPARITY_MS,
   });
-  return new BlockProposalHandler(
+  return new ProposalHandler(
     deps.checkpointsBuilder,
     deps.worldState,
     deps.blockSource,
@@ -39,10 +55,14 @@ export function createBlockProposalHandler(
     deps.p2pClient.getTxProvider(),
     blockProposalValidator,
     deps.epochCache,
+    consensusTimetable,
     config,
+    deps.blobClient,
+    deps.reexecutionTracker,
     metrics,
     deps.dateProvider,
     deps.telemetry,
+    undefined,
   );
 }
 
@@ -59,6 +79,8 @@ export function createValidatorClient(
     epochCache: EpochCache;
     keyStoreManager: KeystoreManager | undefined;
     blobClient: BlobClientInterface;
+    reexecutionTracker: CheckpointReexecutionTracker;
+    slashingProtectionDb?: SlashingProtectionDatabase;
   },
 ) {
   if (config.disableValidator || !deps.keyStoreManager) {
@@ -77,7 +99,9 @@ export function createValidatorClient(
     txProvider,
     deps.keyStoreManager,
     deps.blobClient,
+    deps.reexecutionTracker,
     deps.dateProvider,
     deps.telemetry,
+    deps.slashingProtectionDb,
   );
 }

package/src/index.ts

@@ -1,4 +1,4 @@
-export * from './block_proposal_handler.js';
+export * from './proposal_handler.js';
 export * from './checkpoint_builder.js';
 export * from './config.js';
 export * from './factory.js';