@aztec/validator-ha-signer 0.0.1-commit.3469e52 → 0.0.1-commit.3895657bc

package/README.md

@@ -36,7 +36,6 @@ import { createHASigner } from '@aztec/validator-ha-signer/factory';
 
 const { signer, db } = await createHASigner({
   databaseUrl: process.env.DATABASE_URL,
-  haSigningEnabled: true,
   nodeId: 'validator-node-1',
   pollingIntervalMs: 100,
   signingTimeoutMs: 3000,
@@ -81,7 +80,6 @@ const db = new PostgresSlashingProtectionDatabase(pool);
 await db.initialize();
 
 const signer = new ValidatorHASigner(db, {
-  haSigningEnabled: true,
   nodeId: 'validator-node-1',
   pollingIntervalMs: 100,
   signingTimeoutMs: 3000,
@@ -178,6 +176,16 @@ All signing operations require a `SigningContext` that includes:
 
 Note: `AUTH_REQUEST` duties bypass HA protection since signing multiple times is safe for authentication requests.
 
+## Important Limitations
+
+### Database Isolation Per Rollup Version
+
+**You cannot use the same database to provide slashing protection for validator nodes running on different rollup versions** (e.g., current rollup and old rollup simultaneously).
+
+When the HA signer performs background cleanup via `cleanupOutdatedRollupDuties()`, it removes all duties where the rollup address doesn't match the current rollup address. If two validators running on different rollup versions share the same database, they will delete each other's duties during cleanup.
+
+**Solution**: Use separate databases for validators running on different rollup versions. Each rollup version requires its own isolated slashing protection database.
+
 ## Development
 
 ```bash

package/dest/db/index.d.ts

@@ -1,4 +1,5 @@
 export * from './types.js';
 export * from './schema.js';
 export * from './postgres.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9kYi9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxjQUFjLFlBQVksQ0FBQztBQUMzQixjQUFjLGFBQWEsQ0FBQztBQUM1QixjQUFjLGVBQWUsQ0FBQyJ9
+export * from './lmdb.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9kYi9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxjQUFjLFlBQVksQ0FBQztBQUMzQixjQUFjLGFBQWEsQ0FBQztBQUM1QixjQUFjLGVBQWUsQ0FBQztBQUM5QixjQUFjLFdBQVcsQ0FBQyJ9

package/dest/db/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/db/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/db/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC;AAC9B,cAAc,WAAW,CAAC"}

package/dest/db/index.js

@@ -1,3 +1,4 @@
 export * from './types.js';
 export * from './schema.js';
 export * from './postgres.js';
+export * from './lmdb.js';

package/dest/db/lmdb.d.ts

@@ -0,0 +1,66 @@
+/**
+ * LMDB implementation of SlashingProtectionDatabase
+ *
+ * Provides local (single-node) double-signing protection using LMDB as the backend.
+ * Suitable for nodes that do NOT run in a high-availability multi-node setup.
+ *
+ * The LMDB store is single-writer, making setIfNotExists inherently atomic.
+ * This means we get crash-restart protection without needing an external database.
+ */
+import { SlotNumber } from '@aztec/foundation/branded-types';
+import { EthAddress } from '@aztec/foundation/eth-address';
+import type { DateProvider } from '@aztec/foundation/timer';
+import type { AztecAsyncKVStore } from '@aztec/kv-store';
+import type { SlashingProtectionDatabase, TryInsertOrGetResult } from '../types.js';
+import { type CheckAndRecordParams, DutyType } from './types.js';
+/**
+ * LMDB-backed implementation of SlashingProtectionDatabase.
+ *
+ * Provides single-node double-signing protection that survives crashes and restarts.
+ * Does not provide cross-node coordination (that requires the PostgreSQL implementation).
+ */
+export declare class LmdbSlashingProtectionDatabase implements SlashingProtectionDatabase {
+    private readonly store;
+    private readonly dateProvider;
+    static readonly SCHEMA_VERSION = 1;
+    private readonly duties;
+    private readonly log;
+    constructor(store: AztecAsyncKVStore, dateProvider: DateProvider);
+    /**
+     * Atomically try to insert a new duty record, or get the existing one if present.
+     *
+     * LMDB is single-writer so the read-then-write inside transactionAsync is naturally atomic.
+     */
+    tryInsertOrGetExisting(params: CheckAndRecordParams): Promise<TryInsertOrGetResult>;
+    /**
+     * Update a duty to 'signed' status with the signature.
+     * Only succeeds if the lockToken matches.
+     */
+    updateDutySigned(rollupAddress: EthAddress, validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, signature: string, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
+    /**
+     * Delete a duty record.
+     * Only succeeds if the lockToken matches.
+     */
+    deleteDuty(rollupAddress: EthAddress, validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
+    /**
+     * Cleanup own stuck duties (SIGNING status older than maxAgeMs).
+     */
+    cleanupOwnStuckDuties(nodeId: string, maxAgeMs: number): Promise<number>;
+    /**
+     * Cleanup duties with outdated rollup address.
+     *
+     * This is always a no-op for the LMDB implementation: the underlying store is created via
+     * DatabaseVersionManager (in factory.ts), which already resets the entire data directory at
+     * startup whenever the rollup address changes.
+     */
+    cleanupOutdatedRollupDuties(_currentRollupAddress: EthAddress): Promise<number>;
+    /**
+     * Cleanup old signed duties older than maxAgeMs.
+     */
+    cleanupOldDuties(maxAgeMs: number): Promise<number>;
+    /**
+     * Close the underlying LMDB store.
+     */
+    close(): Promise<void>;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibG1kYi5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2RiL2xtZGIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7Ozs7O0dBUUc7QUFDSCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFFN0QsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBRTNELE9BQU8sS0FBSyxFQUFFLFlBQVksRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzVELE9BQU8sS0FBSyxFQUFFLGlCQUFpQixFQUFpQixNQUFNLGlCQUFpQixDQUFDO0FBRXhFLE9BQU8sS0FBSyxFQUFFLDBCQUEwQixFQUFFLG9CQUFvQixFQUFFLE1BQU0sYUFBYSxDQUFDO0FBQ3BGLE9BQU8sRUFDTCxLQUFLLG9CQUFvQixFQUV6QixRQUFRLEVBSVQsTUFBTSxZQUFZLENBQUM7QUFZcEI7Ozs7O0dBS0c7QUFDSCxxQkFBYSw4QkFBK0IsWUFBVywwQkFBMEI7SUFPN0UsT0FBTyxDQUFDLFFBQVEsQ0FBQyxLQUFLO0lBQ3RCLE9BQU8sQ0FBQyxRQUFRLENBQUMsWUFBWTtJQVAvQixnQkFBdUIsY0FBYyxLQUFLO0lBRTFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUEwQztJQUNqRSxPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBUztJQUU3QixZQUNtQixLQUFLLEVBQUUsaUJBQWlCLEVBQ3hCLFlBQVksRUFBRSxZQUFZLEVBSTVDO0lBRUQ7Ozs7T0FJRztJQUNVLHNCQUFzQixDQUFDLE1BQU0sRUFBRSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsb0JBQW9CLENBQUMsQ0E0Qy9GO0lBRUQ7OztPQUdHO0lBQ0ksZ0JBQWdCLENBQ3JCLGFBQWEsRUFBRSxVQUFVLEVBQ3pCLGdCQUFnQixFQUFFLFVBQVUsRUFDNUIsSUFBSSxFQUFFLFVBQVUsRUFDaEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsU0FBUyxFQUFFLE1BQU0sRUFDakIsU0FBUyxFQUFFLE1BQU0sRUFDakIsMEJBQTBCLEVBQUUsTUFBTSxHQUNqQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBMENsQjtJQUVEOzs7T0FHRztJQUNJLFVBQVUsQ0FDZixhQUFhLEVBQUUsVUFBVSxFQUN6QixnQkFBZ0IsRUFBRSxVQUFVLEVBQzVCLElBQUksRUFBRSxVQUFVLEVBQ2hCLFFBQVEsRUFBRSxRQUFRLEVBQ2xCLFNBQVMsRUFBRSxNQUFNLEVBQ2pCLDBCQUEwQixFQUFFLE1BQU0sR0FDakMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQXlCbEI7SUFFRDs7T0FFRztJQUNJLHFCQUFxQixDQUFDLE1BQU0sRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLE1BQU0sR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLENBZTlFO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksMkJBQTJCLENBQUMscUJBQXFCLEVBQUUsVUFBVSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FFckY7SUFFRDs7T0FFRztJQUNJLGdCQUFnQixDQUFDLFFBQVEsRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQW1CekQ7SUFFRDs7T0FFRztJQUNVLEtBQUssSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLENBR2xDO0NBQ0YifQ==

package/dest/db/lmdb.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lmdb.d.ts","sourceRoot":"","sources":["../../src/db/lmdb.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAE7D,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAE3D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,KAAK,EAAE,iBAAiB,EAAiB,MAAM,iBAAiB,CAAC;AAExE,OAAO,KAAK,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACpF,OAAO,EACL,KAAK,oBAAoB,EAEzB,QAAQ,EAIT,MAAM,YAAY,CAAC;AAYpB;;;;;GAKG;AACH,qBAAa,8BAA+B,YAAW,0BAA0B;IAO7E,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAP/B,gBAAuB,cAAc,KAAK;IAE1C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0C;IACjE,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B,YACmB,KAAK,EAAE,iBAAiB,EACxB,YAAY,EAAE,YAAY,EAI5C;IAED;;;;OAIG;IACU,sBAAsB,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CA4C/F;IAED;;;OAGG;IACI,gBAAgB,CACrB,aAAa,EAAE,UAAU,EACzB,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CA0ClB;IAED;;;OAGG;IACI,UAAU,CACf,aAAa,EAAE,UAAU,EACzB,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CAyBlB;IAED;;OAEG;IACI,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAe9E;IAED;;;;;;OAMG;IACI,2BAA2B,CAAC,qBAAqB,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAErF;IAED;;OAEG;IACI,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAmBzD;IAED;;OAEG;IACU,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAGlC;CACF"}

package/dest/db/lmdb.js

@@ -0,0 +1,188 @@
+/**
+ * LMDB implementation of SlashingProtectionDatabase
+ *
+ * Provides local (single-node) double-signing protection using LMDB as the backend.
+ * Suitable for nodes that do NOT run in a high-availability multi-node setup.
+ *
+ * The LMDB store is single-writer, making setIfNotExists inherently atomic.
+ * This means we get crash-restart protection without needing an external database.
+ */ import { randomBytes } from '@aztec/foundation/crypto/random';
+import { createLogger } from '@aztec/foundation/log';
+import { DutyStatus, getBlockIndexFromDutyIdentifier, recordFromFields } from './types.js';
+function dutyKey(rollupAddress, validatorAddress, slot, dutyType, blockIndexWithinCheckpoint) {
+    return `${rollupAddress}:${validatorAddress}:${slot}:${dutyType}:${blockIndexWithinCheckpoint}`;
+}
+/**
+ * LMDB-backed implementation of SlashingProtectionDatabase.
+ *
+ * Provides single-node double-signing protection that survives crashes and restarts.
+ * Does not provide cross-node coordination (that requires the PostgreSQL implementation).
+ */ export class LmdbSlashingProtectionDatabase {
+    store;
+    dateProvider;
+    static SCHEMA_VERSION = 1;
+    duties;
+    log;
+    constructor(store, dateProvider){
+        this.store = store;
+        this.dateProvider = dateProvider;
+        this.log = createLogger('slashing-protection:lmdb');
+        this.duties = store.openMap('signing-protection-duties');
+    }
+    /**
+   * Atomically try to insert a new duty record, or get the existing one if present.
+   *
+   * LMDB is single-writer so the read-then-write inside transactionAsync is naturally atomic.
+   */ async tryInsertOrGetExisting(params) {
+        const blockIndexWithinCheckpoint = getBlockIndexFromDutyIdentifier(params);
+        const key = dutyKey(params.rollupAddress.toString(), params.validatorAddress.toString(), params.slot.toString(), params.dutyType, blockIndexWithinCheckpoint);
+        const lockToken = randomBytes(16).toString('hex');
+        const now = this.dateProvider.now();
+        const result = await this.store.transactionAsync(async ()=>{
+            const existing = await this.duties.getAsync(key);
+            if (existing) {
+                return {
+                    isNew: false,
+                    record: {
+                        ...existing,
+                        lockToken: ''
+                    }
+                };
+            }
+            const newRecord = {
+                rollupAddress: params.rollupAddress.toString(),
+                validatorAddress: params.validatorAddress.toString(),
+                slot: params.slot.toString(),
+                blockNumber: params.blockNumber.toString(),
+                blockIndexWithinCheckpoint,
+                dutyType: params.dutyType,
+                status: DutyStatus.SIGNING,
+                messageHash: params.messageHash,
+                nodeId: params.nodeId,
+                lockToken,
+                startedAtMs: now
+            };
+            await this.duties.set(key, newRecord);
+            return {
+                isNew: true,
+                record: newRecord
+            };
+        });
+        if (result.isNew) {
+            this.log.debug(`Acquired lock for duty ${params.dutyType} at slot ${params.slot}`, {
+                validatorAddress: params.validatorAddress.toString(),
+                nodeId: params.nodeId
+            });
+        }
+        return {
+            isNew: result.isNew,
+            record: recordFromFields(result.record)
+        };
+    }
+    /**
+   * Update a duty to 'signed' status with the signature.
+   * Only succeeds if the lockToken matches.
+   */ updateDutySigned(rollupAddress, validatorAddress, slot, dutyType, signature, lockToken, blockIndexWithinCheckpoint) {
+        const key = dutyKey(rollupAddress.toString(), validatorAddress.toString(), slot.toString(), dutyType, blockIndexWithinCheckpoint);
+        return this.store.transactionAsync(async ()=>{
+            const existing = await this.duties.getAsync(key);
+            if (!existing) {
+                this.log.warn('Failed to update duty to signed: duty not found', {
+                    rollupAddress: rollupAddress.toString(),
+                    validatorAddress: validatorAddress.toString(),
+                    slot: slot.toString(),
+                    dutyType,
+                    blockIndexWithinCheckpoint
+                });
+                return false;
+            }
+            if (existing.lockToken !== lockToken) {
+                this.log.warn('Failed to update duty to signed: invalid token', {
+                    rollupAddress: rollupAddress.toString(),
+                    validatorAddress: validatorAddress.toString(),
+                    slot: slot.toString(),
+                    dutyType,
+                    blockIndexWithinCheckpoint
+                });
+                return false;
+            }
+            await this.duties.set(key, {
+                ...existing,
+                status: DutyStatus.SIGNED,
+                signature,
+                completedAtMs: this.dateProvider.now()
+            });
+            return true;
+        });
+    }
+    /**
+   * Delete a duty record.
+   * Only succeeds if the lockToken matches.
+   */ deleteDuty(rollupAddress, validatorAddress, slot, dutyType, lockToken, blockIndexWithinCheckpoint) {
+        const key = dutyKey(rollupAddress.toString(), validatorAddress.toString(), slot.toString(), dutyType, blockIndexWithinCheckpoint);
+        return this.store.transactionAsync(async ()=>{
+            const existing = await this.duties.getAsync(key);
+            if (!existing || existing.lockToken !== lockToken) {
+                this.log.warn('Failed to delete duty: invalid token or duty not found', {
+                    rollupAddress: rollupAddress.toString(),
+                    validatorAddress: validatorAddress.toString(),
+                    slot: slot.toString(),
+                    dutyType,
+                    blockIndexWithinCheckpoint
+                });
+                return false;
+            }
+            await this.duties.delete(key);
+            return true;
+        });
+    }
+    /**
+   * Cleanup own stuck duties (SIGNING status older than maxAgeMs).
+   */ cleanupOwnStuckDuties(nodeId, maxAgeMs) {
+        const cutoffMs = this.dateProvider.now() - maxAgeMs;
+        return this.store.transactionAsync(async ()=>{
+            const keysToDelete = [];
+            for await (const [key, record] of this.duties.entriesAsync()){
+                if (record.nodeId === nodeId && record.status === DutyStatus.SIGNING && record.startedAtMs < cutoffMs) {
+                    keysToDelete.push(key);
+                }
+            }
+            for (const key of keysToDelete){
+                await this.duties.delete(key);
+            }
+            return keysToDelete.length;
+        });
+    }
+    /**
+   * Cleanup duties with outdated rollup address.
+   *
+   * This is always a no-op for the LMDB implementation: the underlying store is created via
+   * DatabaseVersionManager (in factory.ts), which already resets the entire data directory at
+   * startup whenever the rollup address changes.
+   */ cleanupOutdatedRollupDuties(_currentRollupAddress) {
+        return Promise.resolve(0);
+    }
+    /**
+   * Cleanup old signed duties older than maxAgeMs.
+   */ cleanupOldDuties(maxAgeMs) {
+        const cutoffMs = this.dateProvider.now() - maxAgeMs;
+        return this.store.transactionAsync(async ()=>{
+            const keysToDelete = [];
+            for await (const [key, record] of this.duties.entriesAsync()){
+                if (record.status === DutyStatus.SIGNED && record.completedAtMs !== undefined && record.completedAtMs < cutoffMs) {
+                    keysToDelete.push(key);
+                }
+            }
+            for (const key of keysToDelete){
+                await this.duties.delete(key);
+            }
+            return keysToDelete.length;
+        });
+    }
+    /**
+   * Close the underlying LMDB store.
+   */ async close() {
+        await this.store.close();
+        this.log.debug('LMDB slashing protection database closed');
+    }
+}

package/dest/db/postgres.d.ts

@@ -44,7 +44,7 @@ export declare class PostgresSlashingProtectionDatabase implements SlashingProte
      *
      * @returns true if the update succeeded, false if token didn't match or duty not found
      */
-    updateDutySigned(validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, signature: string, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
+    updateDutySigned(rollupAddress: EthAddress, validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, signature: string, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
     /**
      * Delete a duty record.
      * Only succeeds if the lockToken matches (caller must be the one who created the duty).
@@ -52,9 +52,11 @@ export declare class PostgresSlashingProtectionDatabase implements SlashingProte
      *
      * @returns true if the delete succeeded, false if token didn't match or duty not found
      */
-    deleteDuty(validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
+    deleteDuty(rollupAddress: EthAddress, validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
     /**
-     * Convert a database row to a ValidatorDutyRecord
+     * Convert a database row to a ValidatorDutyRecord.
+     * Maps snake_case column names to StoredDutyRecord (camelCase, ms timestamps),
+     * then delegates to the shared recordFromFields() converter.
      */
     private rowToRecord;
     /**
@@ -66,5 +68,19 @@ export declare class PostgresSlashingProtectionDatabase implements SlashingProte
      * @returns the number of duties cleaned up
      */
     cleanupOwnStuckDuties(nodeId: string, maxAgeMs: number): Promise<number>;
+    /**
+     * Cleanup duties with outdated rollup address.
+     * Removes all duties where the rollup address doesn't match the current one.
+     * Used after a rollup upgrade to clean up duties for the old rollup.
+     * @returns the number of duties cleaned up
+     */
+    cleanupOutdatedRollupDuties(currentRollupAddress: EthAddress): Promise<number>;
+    /**
+     * Cleanup old signed duties.
+     * Removes only signed duties older than the specified age.
+     * Does not remove 'signing' duties as they may be in progress.
+     * @returns the number of duties cleaned up
+     */
+    cleanupOldDuties(maxAgeMs: number): Promise<number>;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicG9zdGdyZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9kYi9wb3N0Z3Jlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUNILE9BQU8sRUFBZSxVQUFVLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUUxRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFJM0QsT0FBTyxLQUFLLEVBQUUsV0FBVyxFQUFFLGNBQWMsRUFBRSxNQUFNLElBQUksQ0FBQztBQUV0RCxPQUFPLEtBQUssRUFBRSwwQkFBMEIsRUFBRSxvQkFBb0IsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQVFwRixPQUFPLEtBQUssRUFBRSxvQkFBb0IsRUFBVyxRQUFRLEVBQXVDLE1BQU0sWUFBWSxDQUFDO0FBRy9HOzs7R0FHRztBQUNILE1BQU0sV0FBVyxhQUFhO0lBQzVCLEtBQUssQ0FBQyxDQUFDLFNBQVMsY0FBYyxHQUFHLEdBQUcsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLE1BQU0sQ0FBQyxFQUFFLEdBQUcsRUFBRSxHQUFHLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUM3RixHQUFHLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO0NBQ3RCO0FBRUQ7O0dBRUc7QUFDSCxxQkFBYSxrQ0FBbUMsWUFBVywwQkFBMEI7SUFHdkUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJO0lBRmpDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFTO0lBRTdCLFlBQTZCLElBQUksRUFBRSxhQUFhLEVBRS9DO0lBRUQ7Ozs7O09BS0c7SUFDRyxVQUFVLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQWdDaEM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNHLHNCQUFzQixDQUFDLE1BQU0sRUFBRSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsb0JBQW9CLENBQUMsQ0FtRHhGO0lBRUQ7Ozs7O09BS0c7SUFDRyxnQkFBZ0IsQ0FDcEIsZ0JBQWdCLEVBQUUsVUFBVSxFQUM1QixJQUFJLEVBQUUsVUFBVSxFQUNoQixRQUFRLEVBQUUsUUFBUSxFQUNsQixTQUFTLEVBQUUsTUFBTSxFQUNqQixTQUFTLEVBQUUsTUFBTSxFQUNqQiwwQkFBMEIsRUFBRSxNQUFNLEdBQ2pDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FvQmxCO0lBRUQ7Ozs7OztPQU1HO0lBQ0csVUFBVSxDQUNkLGdCQUFnQixFQUFFLFVBQVUsRUFDNUIsSUFBSSxFQUFFLFVBQVUsRUFDaEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsU0FBUyxFQUFFLE1BQU0sRUFDakIsMEJBQTBCLEVBQUUsTUFBTSxHQUNqQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBbUJsQjtJQUVEOztPQUVHO0lBQ0gsT0FBTyxDQUFDLFdBQVc7SUFrQm5COztPQUVHO0lBQ0csS0FBSyxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FHM0I7SUFFRDs7O09BR0c7SUFDRyxxQkFBcUIsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLFFBQVEsRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUk3RTtDQUNGIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicG9zdGdyZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9kYi9wb3N0Z3Jlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUNILE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUU3RCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFJM0QsT0FBTyxLQUFLLEVBQUUsV0FBVyxFQUFFLGNBQWMsRUFBRSxNQUFNLElBQUksQ0FBQztBQUV0RCxPQUFPLEtBQUssRUFBRSwwQkFBMEIsRUFBRSxvQkFBb0IsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQVVwRixPQUFPLEtBQUssRUFBRSxvQkFBb0IsRUFBVyxRQUFRLEVBQXVDLE1BQU0sWUFBWSxDQUFDO0FBRy9HOzs7R0FHRztBQUNILE1BQU0sV0FBVyxhQUFhO0lBQzVCLEtBQUssQ0FBQyxDQUFDLFNBQVMsY0FBYyxHQUFHLEdBQUcsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLE1BQU0sQ0FBQyxFQUFFLEdBQUcsRUFBRSxHQUFHLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUM3RixHQUFHLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO0NBQ3RCO0FBRUQ7O0dBRUc7QUFDSCxxQkFBYSxrQ0FBbUMsWUFBVywwQkFBMEI7SUFHdkUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJO0lBRmpDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFTO0lBRTdCLFlBQTZCLElBQUksRUFBRSxhQUFhLEVBRS9DO0lBRUQ7Ozs7O09BS0c7SUFDRyxVQUFVLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQWdDaEM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNHLHNCQUFzQixDQUFDLE1BQU0sRUFBRSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsb0JBQW9CLENBQUMsQ0FvRHhGO0lBRUQ7Ozs7O09BS0c7SUFDRyxnQkFBZ0IsQ0FDcEIsYUFBYSxFQUFFLFVBQVUsRUFDekIsZ0JBQWdCLEVBQUUsVUFBVSxFQUM1QixJQUFJLEVBQUUsVUFBVSxFQUNoQixRQUFRLEVBQUUsUUFBUSxFQUNsQixTQUFTLEVBQUUsTUFBTSxFQUNqQixTQUFTLEVBQUUsTUFBTSxFQUNqQiwwQkFBMEIsRUFBRSxNQUFNLEdBQ2pDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FzQmxCO0lBRUQ7Ozs7OztPQU1HO0lBQ0csVUFBVSxDQUNkLGFBQWEsRUFBRSxVQUFVLEVBQ3pCLGdCQUFnQixFQUFFLFVBQVUsRUFDNUIsSUFBSSxFQUFFLFVBQVUsRUFDaEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsU0FBUyxFQUFFLE1BQU0sRUFDakIsMEJBQTBCLEVBQUUsTUFBTSxHQUNqQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBcUJsQjtJQUVEOzs7O09BSUc7SUFDSCxPQUFPLENBQUMsV0FBVztJQW1CbkI7O09BRUc7SUFDRyxLQUFLLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQUczQjtJQUVEOzs7T0FHRztJQUNHLHFCQUFxQixDQUFDLE1BQU0sRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLE1BQU0sR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLENBRzdFO0lBRUQ7Ozs7O09BS0c7SUFDRywyQkFBMkIsQ0FBQyxvQkFBb0IsRUFBRSxVQUFVLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUduRjtJQUVEOzs7OztPQUtHO0lBQ0csZ0JBQWdCLENBQUMsUUFBUSxFQUFFLE1BQU0sR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLENBR3hEO0NBQ0YifQ==

package/dest/db/postgres.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"postgres.d.ts","sourceRoot":"","sources":["../../src/db/postgres.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAe,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAE1E,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAI3D,OAAO,KAAK,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,IAAI,CAAC;AAEtD,OAAO,KAAK,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAQpF,OAAO,KAAK,EAAE,oBAAoB,EAAW,QAAQ,EAAuC,MAAM,YAAY,CAAC;AAG/G;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,KAAK,CAAC,CAAC,SAAS,cAAc,GAAG,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7F,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACtB;AAED;;GAEG;AACH,qBAAa,kCAAmC,YAAW,0BAA0B;IAGvE,OAAO,CAAC,QAAQ,CAAC,IAAI;IAFjC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B,YAA6B,IAAI,EAAE,aAAa,EAE/C;IAED;;;;;OAKG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAgChC;IAED;;;;;;;;OAQG;IACG,sBAAsB,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAmDxF;IAED;;;;;OAKG;IACG,gBAAgB,CACpB,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CAoBlB;IAED;;;;;;OAMG;IACG,UAAU,CACd,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CAmBlB;IAED;;OAEG;IACH,OAAO,CAAC,WAAW;IAkBnB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAG3B;IAED;;;OAGG;IACG,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAI7E;CACF"}
+{"version":3,"file":"postgres.d.ts","sourceRoot":"","sources":["../../src/db/postgres.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAE7D,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAI3D,OAAO,KAAK,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,IAAI,CAAC;AAEtD,OAAO,KAAK,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAUpF,OAAO,KAAK,EAAE,oBAAoB,EAAW,QAAQ,EAAuC,MAAM,YAAY,CAAC;AAG/G;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,KAAK,CAAC,CAAC,SAAS,cAAc,GAAG,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7F,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACtB;AAED;;GAEG;AACH,qBAAa,kCAAmC,YAAW,0BAA0B;IAGvE,OAAO,CAAC,QAAQ,CAAC,IAAI;IAFjC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B,YAA6B,IAAI,EAAE,aAAa,EAE/C;IAED;;;;;OAKG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAgChC;IAED;;;;;;;;OAQG;IACG,sBAAsB,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAoDxF;IAED;;;;;OAKG;IACG,gBAAgB,CACpB,aAAa,EAAE,UAAU,EACzB,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CAsBlB;IAED;;;;;;OAMG;IACG,UAAU,CACd,aAAa,EAAE,UAAU,EACzB,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CAqBlB;IAED;;;;OAIG;IACH,OAAO,CAAC,WAAW;IAmBnB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAG3B;IAED;;;OAGG;IACG,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAG7E;IAED;;;;;OAKG;IACG,2BAA2B,CAAC,oBAAoB,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAGnF;IAED;;;;;OAKG;IACG,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAGxD;CACF"}

package/dest/db/postgres.js

@@ -1,12 +1,10 @@
 /**
  * PostgreSQL implementation of SlashingProtectionDatabase
- */ import { BlockNumber, SlotNumber } from '@aztec/foundation/branded-types';
-import { randomBytes } from '@aztec/foundation/crypto/random';
-import { EthAddress } from '@aztec/foundation/eth-address';
+ */ import { randomBytes } from '@aztec/foundation/crypto/random';
 import { createLogger } from '@aztec/foundation/log';
 import { makeBackoff, retry } from '@aztec/foundation/retry';
-import { CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSION, UPDATE_DUTY_SIGNED } from './schema.js';
-import { getBlockIndexFromDutyIdentifier } from './types.js';
+import { CLEANUP_OLD_DUTIES, CLEANUP_OUTDATED_ROLLUP_DUTIES, CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSION, UPDATE_DUTY_SIGNED } from './schema.js';
+import { getBlockIndexFromDutyIdentifier, recordFromFields } from './types.js';
 /**
  * PostgreSQL implementation of the slashing protection database
  */ export class PostgresSlashingProtectionDatabase {
@@ -63,6 +61,7 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
         const blockIndexWithinCheckpoint = getBlockIndexFromDutyIdentifier(params);
         const result = await retry(async ()=>{
             const queryResult = await this.pool.query(INSERT_OR_GET_DUTY, [
+                params.rollupAddress.toString(),
                 params.validatorAddress.toString(),
                 params.slot.toString(),
                 params.blockNumber.toString(),
@@ -97,9 +96,10 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
    * Only succeeds if the lockToken matches (caller must be the one who created the duty).
    *
    * @returns true if the update succeeded, false if token didn't match or duty not found
-   */ async updateDutySigned(validatorAddress, slot, dutyType, signature, lockToken, blockIndexWithinCheckpoint) {
+   */ async updateDutySigned(rollupAddress, validatorAddress, slot, dutyType, signature, lockToken, blockIndexWithinCheckpoint) {
         const result = await this.pool.query(UPDATE_DUTY_SIGNED, [
             signature,
+            rollupAddress.toString(),
             validatorAddress.toString(),
             slot.toString(),
             dutyType,
@@ -108,6 +108,7 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
         ]);
         if (result.rowCount === 0) {
             this.log.warn('Failed to update duty to signed status: invalid token or duty not found', {
+                rollupAddress: rollupAddress.toString(),
                 validatorAddress: validatorAddress.toString(),
                 slot: slot.toString(),
                 dutyType,
@@ -123,8 +124,9 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
    * Used when signing fails to allow another node/attempt to retry.
    *
    * @returns true if the delete succeeded, false if token didn't match or duty not found
-   */ async deleteDuty(validatorAddress, slot, dutyType, lockToken, blockIndexWithinCheckpoint) {
+   */ async deleteDuty(rollupAddress, validatorAddress, slot, dutyType, lockToken, blockIndexWithinCheckpoint) {
         const result = await this.pool.query(DELETE_DUTY, [
+            rollupAddress.toString(),
             validatorAddress.toString(),
             slot.toString(),
             dutyType,
@@ -133,6 +135,7 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
         ]);
         if (result.rowCount === 0) {
             this.log.warn('Failed to delete duty: invalid token or duty not found', {
+                rollupAddress: rollupAddress.toString(),
                 validatorAddress: validatorAddress.toString(),
                 slot: slot.toString(),
                 dutyType,
@@ -143,12 +146,15 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
         return true;
     }
     /**
-   * Convert a database row to a ValidatorDutyRecord
+   * Convert a database row to a ValidatorDutyRecord.
+   * Maps snake_case column names to StoredDutyRecord (camelCase, ms timestamps),
+   * then delegates to the shared recordFromFields() converter.
    */ rowToRecord(row) {
-        return {
-            validatorAddress: EthAddress.fromString(row.validator_address),
-            slot: SlotNumber.fromString(row.slot),
-            blockNumber: BlockNumber.fromString(row.block_number),
+        return recordFromFields({
+            rollupAddress: row.rollup_address,
+            validatorAddress: row.validator_address,
+            slot: row.slot,
+            blockNumber: row.block_number,
             blockIndexWithinCheckpoint: row.block_index_within_checkpoint,
             dutyType: row.duty_type,
             status: row.status,
@@ -156,10 +162,10 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
             signature: row.signature ?? undefined,
             nodeId: row.node_id,
             lockToken: row.lock_token,
-            startedAt: row.started_at,
-            completedAt: row.completed_at ?? undefined,
+            startedAtMs: row.started_at.getTime(),
+            completedAtMs: row.completed_at?.getTime(),
             errorMessage: row.error_message ?? undefined
-        };
+        });
     }
     /**
    * Close the database connection pool
@@ -171,10 +177,31 @@ import { getBlockIndexFromDutyIdentifier } from './types.js';
    * Cleanup own stuck duties
    * @returns the number of duties cleaned up
    */ async cleanupOwnStuckDuties(nodeId, maxAgeMs) {
-        const cutoff = new Date(Date.now() - maxAgeMs);
         const result = await this.pool.query(CLEANUP_OWN_STUCK_DUTIES, [
             nodeId,
-            cutoff
+            maxAgeMs
+        ]);
+        return result.rowCount ?? 0;
+    }
+    /**
+   * Cleanup duties with outdated rollup address.
+   * Removes all duties where the rollup address doesn't match the current one.
+   * Used after a rollup upgrade to clean up duties for the old rollup.
+   * @returns the number of duties cleaned up
+   */ async cleanupOutdatedRollupDuties(currentRollupAddress) {
+        const result = await this.pool.query(CLEANUP_OUTDATED_ROLLUP_DUTIES, [
+            currentRollupAddress.toString()
+        ]);
+        return result.rowCount ?? 0;
+    }
+    /**
+   * Cleanup old signed duties.
+   * Removes only signed duties older than the specified age.
+   * Does not remove 'signing' duties as they may be in progress.
+   * @returns the number of duties cleaned up
+   */ async cleanupOldDuties(maxAgeMs) {
+        const result = await this.pool.query(CLEANUP_OLD_DUTIES, [
+            maxAgeMs
         ]);
         return result.rowCount ?? 0;
     }

package/dest/db/schema.d.ts

@@ -12,7 +12,7 @@ export declare const SCHEMA_VERSION = 1;
 /**
  * SQL to create the validator_duties table
  */
-export declare const CREATE_VALIDATOR_DUTIES_TABLE = "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  block_index_within_checkpoint INTEGER NOT NULL DEFAULT 0,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'CHECKPOINT_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS', 'GOVERNANCE_VOTE', 'SLASHING_VOTE')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed', 'failed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (validator_address, slot, duty_type, block_index_within_checkpoint),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n";
+export declare const CREATE_VALIDATOR_DUTIES_TABLE = "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  rollup_address VARCHAR(42) NOT NULL,\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  block_index_within_checkpoint INTEGER NOT NULL DEFAULT 0,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'CHECKPOINT_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS', 'GOVERNANCE_VOTE', 'SLASHING_VOTE')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (rollup_address, validator_address, slot, duty_type, block_index_within_checkpoint),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n";
 /**
  * SQL to create index on status and started_at for cleanup queries
  */
@@ -32,7 +32,7 @@ export declare const INSERT_SCHEMA_VERSION = "\nINSERT INTO schema_version (vers
 /**
  * Complete schema setup - all statements in order
  */
-export declare const SCHEMA_SETUP: readonly ["\nCREATE TABLE IF NOT EXISTS schema_version (\n  version INTEGER PRIMARY KEY,\n  applied_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP\n);\n", "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  block_index_within_checkpoint INTEGER NOT NULL DEFAULT 0,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'CHECKPOINT_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS', 'GOVERNANCE_VOTE', 'SLASHING_VOTE')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed', 'failed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (validator_address, slot, duty_type, block_index_within_checkpoint),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_status\nON validator_duties(status, started_at);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_node\nON validator_duties(node_id, started_at);\n"];
+export declare const SCHEMA_SETUP: readonly ["\nCREATE TABLE IF NOT EXISTS schema_version (\n  version INTEGER PRIMARY KEY,\n  applied_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP\n);\n", "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  rollup_address VARCHAR(42) NOT NULL,\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  block_index_within_checkpoint INTEGER NOT NULL DEFAULT 0,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'CHECKPOINT_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS', 'GOVERNANCE_VOTE', 'SLASHING_VOTE')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (rollup_address, validator_address, slot, duty_type, block_index_within_checkpoint),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_status\nON validator_duties(status, started_at);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_node\nON validator_duties(node_id, started_at);\n"];
 /**
  * Query to get current schema version
  */
@@ -48,16 +48,16 @@ export declare const GET_SCHEMA_VERSION = "\nSELECT version FROM schema_version
  * just committed the row, there's a small window where the SELECT might not see it yet.
  * The application layer should retry if no rows are returned.
  */
-export declare const INSERT_OR_GET_DUTY = "\nWITH inserted AS (\n  INSERT INTO validator_duties (\n    validator_address,\n    slot,\n    block_number,\n    block_index_within_checkpoint,\n    duty_type,\n    status,\n    message_hash,\n    node_id,\n    lock_token,\n    started_at\n  ) VALUES ($1, $2, $3, $4, $5, 'signing', $6, $7, $8, CURRENT_TIMESTAMP)\n  ON CONFLICT (validator_address, slot, duty_type, block_index_within_checkpoint) DO NOTHING\n  RETURNING\n    validator_address,\n    slot,\n    block_number,\n    block_index_within_checkpoint,\n    duty_type,\n    status,\n    message_hash,\n    signature,\n    node_id,\n    lock_token,\n    started_at,\n    completed_at,\n    error_message,\n    TRUE as is_new\n)\nSELECT * FROM inserted\nUNION ALL\nSELECT\n  validator_address,\n  slot,\n  block_number,\n  block_index_within_checkpoint,\n  duty_type,\n  status,\n  message_hash,\n  signature,\n  node_id,\n  '' as lock_token,\n  started_at,\n  completed_at,\n  error_message,\n  FALSE as is_new\nFROM validator_duties\nWHERE validator_address = $1\n  AND slot = $2\n  AND duty_type = $5\n  AND block_index_within_checkpoint = $4\n  AND NOT EXISTS (SELECT 1 FROM inserted);\n";
+export declare const INSERT_OR_GET_DUTY = "\nWITH inserted AS (\n  INSERT INTO validator_duties (\n    rollup_address,\n    validator_address,\n    slot,\n    block_number,\n    block_index_within_checkpoint,\n    duty_type,\n    status,\n    message_hash,\n    node_id,\n    lock_token,\n    started_at\n  ) VALUES ($1, $2, $3, $4, $5, $6, 'signing', $7, $8, $9, CURRENT_TIMESTAMP)\n  ON CONFLICT (rollup_address, validator_address, slot, duty_type, block_index_within_checkpoint) DO NOTHING\n  RETURNING\n    rollup_address,\n    validator_address,\n    slot,\n    block_number,\n    block_index_within_checkpoint,\n    duty_type,\n    status,\n    message_hash,\n    signature,\n    node_id,\n    lock_token,\n    started_at,\n    completed_at,\n    error_message,\n    TRUE as is_new\n)\nSELECT * FROM inserted\nUNION ALL\nSELECT\n  rollup_address,\n  validator_address,\n  slot,\n  block_number,\n  block_index_within_checkpoint,\n  duty_type,\n  status,\n  message_hash,\n  signature,\n  node_id,\n  '' as lock_token,\n  started_at,\n  completed_at,\n  error_message,\n  FALSE as is_new\nFROM validator_duties\nWHERE rollup_address = $1\n  AND validator_address = $2\n  AND slot = $3\n  AND duty_type = $6\n  AND block_index_within_checkpoint = $5\n  AND NOT EXISTS (SELECT 1 FROM inserted);\n";
 /**
  * Query to update a duty to 'signed' status
  */
-export declare const UPDATE_DUTY_SIGNED = "\nUPDATE validator_duties\nSET status = 'signed',\n    signature = $1,\n    completed_at = CURRENT_TIMESTAMP\nWHERE validator_address = $2\n  AND slot = $3\n  AND duty_type = $4\n  AND block_index_within_checkpoint = $5\n  AND status = 'signing'\n  AND lock_token = $6;\n";
+export declare const UPDATE_DUTY_SIGNED = "\nUPDATE validator_duties\nSET status = 'signed',\n    signature = $1,\n    completed_at = CURRENT_TIMESTAMP\nWHERE rollup_address = $2\n  AND validator_address = $3\n  AND slot = $4\n  AND duty_type = $5\n  AND block_index_within_checkpoint = $6\n  AND status = 'signing'\n  AND lock_token = $7;\n";
 /**
  * Query to delete a duty
  * Only deletes if the lockToken matches
  */
-export declare const DELETE_DUTY = "\nDELETE FROM validator_duties\nWHERE validator_address = $1\n  AND slot = $2\n  AND duty_type = $3\n  AND block_index_within_checkpoint = $4\n  AND status = 'signing'\n  AND lock_token = $5;\n";
+export declare const DELETE_DUTY = "\nDELETE FROM validator_duties\nWHERE rollup_address = $1\n  AND validator_address = $2\n  AND slot = $3\n  AND duty_type = $4\n  AND block_index_within_checkpoint = $5\n  AND status = 'signing'\n  AND lock_token = $6;\n";
 /**
  * Query to clean up old signed duties (for maintenance)
  * Removes signed duties older than a specified timestamp
@@ -65,14 +65,21 @@ export declare const DELETE_DUTY = "\nDELETE FROM validator_duties\nWHERE valida
 export declare const CLEANUP_OLD_SIGNED_DUTIES = "\nDELETE FROM validator_duties\nWHERE status = 'signed'\n  AND completed_at < $1;\n";
 /**
  * Query to clean up old duties (for maintenance)
- * Removes duties older than a specified timestamp
+ * Removes SIGNED duties older than a specified age (in milliseconds)
  */
-export declare const CLEANUP_OLD_DUTIES = "\nDELETE FROM validator_duties\nWHERE status IN ('signing', 'signed', 'failed')\n  AND started_at < $1;\n";
+export declare const CLEANUP_OLD_DUTIES = "\nDELETE FROM validator_duties\nWHERE status = 'signed'\n  AND started_at < CURRENT_TIMESTAMP - ($1 || ' milliseconds')::INTERVAL;\n";
 /**
  * Query to cleanup own stuck duties
  * Removes duties in 'signing' status for a specific node that are older than maxAgeMs
+ * Uses DB's CURRENT_TIMESTAMP to avoid clock skew issues between nodes
  */
-export declare const CLEANUP_OWN_STUCK_DUTIES = "\nDELETE FROM validator_duties\nWHERE node_id = $1\n  AND status = 'signing'\n  AND started_at < $2;\n";
+export declare const CLEANUP_OWN_STUCK_DUTIES = "\nDELETE FROM validator_duties\nWHERE node_id = $1\n  AND status = 'signing'\n  AND started_at < CURRENT_TIMESTAMP - ($2 || ' milliseconds')::INTERVAL;\n";
+/**
+ * Query to cleanup duties with outdated rollup address
+ * Removes all duties where the rollup address doesn't match the current one
+ * Used after a rollup upgrade to clean up duties for the old rollup
+ */
+export declare const CLEANUP_OUTDATED_ROLLUP_DUTIES = "\nDELETE FROM validator_duties\nWHERE rollup_address != $1;\n";
 /**
  * SQL to drop the validator_duties table
  */
@@ -85,5 +92,5 @@ export declare const DROP_SCHEMA_VERSION_TABLE = "DROP TABLE IF EXISTS schema_ve
  * Query to get stuck duties (for monitoring/alerting)
  * Returns duties in 'signing' status that have been stuck for too long
  */
-export declare const GET_STUCK_DUTIES = "\nSELECT\n  validator_address,\n  slot,\n  block_number,\n  block_index_within_checkpoint,\n  duty_type,\n  status,\n  message_hash,\n  node_id,\n  started_at,\n  EXTRACT(EPOCH FROM (CURRENT_TIMESTAMP - started_at)) as age_seconds\nFROM validator_duties\nWHERE status = 'signing'\n  AND started_at < $1\nORDER BY started_at ASC;\n";
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NoZW1hLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZGIvc2NoZW1hLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7Ozs7R0FNRztBQUVIOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGNBQWMsSUFBSSxDQUFDO0FBRWhDOztHQUVHO0FBQ0gsZUFBTyxNQUFNLDZCQUE2Qix3MkJBbUJ6QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sbUJBQW1CLHlHQUcvQixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0saUJBQWlCLHdHQUc3QixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sMkJBQTJCLG1KQUt2QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0scUJBQXFCLDZGQUlqQyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sWUFBWSxtdENBS2YsQ0FBQztBQUVYOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGtCQUFrQiwwRUFFOUIsQ0FBQztBQUVGOzs7Ozs7Ozs7O0dBVUc7QUFDSCxlQUFPLE1BQU0sa0JBQWtCLGlvQ0FzRDlCLENBQUM7QUFFRjs7R0FFRztBQUNILGVBQU8sTUFBTSxrQkFBa0Isb1JBVzlCLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sV0FBVyxzTUFRdkIsQ0FBQztBQUVGOzs7R0FHRztBQUNILGVBQU8sTUFBTSx5QkFBeUIsd0ZBSXJDLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sa0JBQWtCLDhHQUk5QixDQUFDO0FBRUY7OztHQUdHO0FBQ0gsZUFBTyxNQUFNLHdCQUF3QiwyR0FLcEMsQ0FBQztBQUVGOztHQUVHO0FBQ0gsZUFBTyxNQUFNLDJCQUEyQiwyQ0FBMkMsQ0FBQztBQUVwRjs7R0FFRztBQUNILGVBQU8sTUFBTSx5QkFBeUIseUNBQXlDLENBQUM7QUFFaEY7OztHQUdHO0FBQ0gsZUFBTyxNQUFNLGdCQUFnQiwrVUFnQjVCLENBQUMifQ==
+export declare const GET_STUCK_DUTIES = "\nSELECT\n  rollup_address,\n  validator_address,\n  slot,\n  block_number,\n  block_index_within_checkpoint,\n  duty_type,\n  status,\n  message_hash,\n  node_id,\n  started_at,\n  EXTRACT(EPOCH FROM (CURRENT_TIMESTAMP - started_at)) as age_seconds\nFROM validator_duties\nWHERE status = 'signing'\n  AND started_at < $1\nORDER BY started_at ASC;\n";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NoZW1hLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZGIvc2NoZW1hLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7Ozs7R0FNRztBQUVIOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGNBQWMsSUFBSSxDQUFDO0FBRWhDOztHQUVHO0FBQ0gsZUFBTyxNQUFNLDZCQUE2QixzNUJBb0J6QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sbUJBQW1CLHlHQUcvQixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0saUJBQWlCLHdHQUc3QixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sMkJBQTJCLG1KQUt2QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0scUJBQXFCLDZGQUlqQyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sWUFBWSxpd0NBS2YsQ0FBQztBQUVYOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGtCQUFrQiwwRUFFOUIsQ0FBQztBQUVGOzs7Ozs7Ozs7O0dBVUc7QUFDSCxlQUFPLE1BQU0sa0JBQWtCLDZ1Q0EwRDlCLENBQUM7QUFFRjs7R0FFRztBQUNILGVBQU8sTUFBTSxrQkFBa0IsK1NBWTlCLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sV0FBVyxpT0FTdkIsQ0FBQztBQUVGOzs7R0FHRztBQUNILGVBQU8sTUFBTSx5QkFBeUIsd0ZBSXJDLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sa0JBQWtCLHlJQUk5QixDQUFDO0FBRUY7Ozs7R0FJRztBQUNILGVBQU8sTUFBTSx3QkFBd0IsOEpBS3BDLENBQUM7QUFFRjs7OztHQUlHO0FBQ0gsZUFBTyxNQUFNLDhCQUE4QixrRUFHMUMsQ0FBQztBQUVGOztHQUVHO0FBQ0gsZUFBTyxNQUFNLDJCQUEyQiwyQ0FBMkMsQ0FBQztBQUVwRjs7R0FFRztBQUNILGVBQU8sTUFBTSx5QkFBeUIseUNBQXlDLENBQUM7QUFFaEY7OztHQUdHO0FBQ0gsZUFBTyxNQUFNLGdCQUFnQixrV0FpQjVCLENBQUMifQ==

package/dest/db/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/db/schema.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;GAEG;AACH,eAAO,MAAM,cAAc,IAAI,CAAC;AAEhC;;GAEG;AACH,eAAO,MAAM,6BAA6B,w2BAmBzC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,mBAAmB,yGAG/B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,wGAG7B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,mJAKvC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,qBAAqB,6FAIjC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,mtCAKf,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,kBAAkB,0EAE9B,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,kBAAkB,ioCAsD9B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,kBAAkB,oRAW9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,WAAW,sMAQvB,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,yBAAyB,wFAIrC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,8GAI9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,wBAAwB,2GAKpC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,2CAA2C,CAAC;AAEpF;;GAEG;AACH,eAAO,MAAM,yBAAyB,yCAAyC,CAAC;AAEhF;;;GAGG;AACH,eAAO,MAAM,gBAAgB,+UAgB5B,CAAC"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/db/schema.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;GAEG;AACH,eAAO,MAAM,cAAc,IAAI,CAAC;AAEhC;;GAEG;AACH,eAAO,MAAM,6BAA6B,s5BAoBzC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,mBAAmB,yGAG/B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,wGAG7B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,mJAKvC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,qBAAqB,6FAIjC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,iwCAKf,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,kBAAkB,0EAE9B,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,kBAAkB,6uCA0D9B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,kBAAkB,+SAY9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,WAAW,iOASvB,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,yBAAyB,wFAIrC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,yIAI9B,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,wBAAwB,8JAKpC,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,8BAA8B,kEAG1C,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,2CAA2C,CAAC;AAEpF;;GAEG;AACH,eAAO,MAAM,yBAAyB,yCAAyC,CAAC;AAEhF;;;GAGG;AACH,eAAO,MAAM,gBAAgB,kWAiB5B,CAAC"}