@aztec/validator-ha-signer 0.0.1-commit.96bb3f7 → 0.0.1-commit.e61ad554

package/README.md

@@ -9,39 +9,21 @@ Distributed locking and slashing protection for Aztec validators running in high
 - **Automatic Retry**: Failed signing attempts are cleared, allowing other nodes to retry
 - **PostgreSQL Backend**: Shared database for coordination across nodes
 
-## Quick Start
+## Integration with Validator Client
 
-### Option 1: Automatic Migrations (Simplest)
+The HA signer is automatically integrated into the validator client when `VALIDATOR_HA_SIGNING_ENABLED=true` is set. The validator client will:
 
-```typescript
-import { createHASigner } from '@aztec/validator-ha-signer/factory';
+1. Create the HA signer using `createHASigner()` from the factory
+2. Wrap the base keystore with `HAKeyStore` to provide HA-protected signing
+3. Automatically start/stop the signer lifecycle
 
-// Migrations run automatically on startup
-const { signer, db } = await createHASigner({
-  databaseUrl: process.env.DATABASE_URL,
-  enabled: true,
-  nodeId: 'validator-node-1',
-  pollingIntervalMs: 100,
-  signingTimeoutMs: 3000,
-});
+No manual integration is required when using the validator client.
 
-// Start background cleanup tasks
-signer.start();
+## Manual Usage
 
-// Sign with protection
-const signature = await signer.signWithProtection(
-  validatorAddress,
-  messageHash,
-  { slot: 100n, blockNumber: 50n, dutyType: 'BLOCK_PROPOSAL' },
-  async root => localSigner.signMessage(root),
-);
+For advanced use cases or testing, you can use the HA signer directly. **Note**: Database migrations must be run separately before creating the signer (see [Database Migrations](#database-migrations) below).
 
-// Cleanup on shutdown
-await signer.stop();
-await db.close();
-```
-
-### Option 2: Manual Migrations (Recommended for Production)
+### Basic Usage
 
 ```bash
 # 1. Run migrations separately (once per deployment)
@@ -54,7 +36,7 @@ import { createHASigner } from '@aztec/validator-ha-signer/factory';
 
 const { signer, db } = await createHASigner({
   databaseUrl: process.env.DATABASE_URL,
-  enabled: true,
+  haSigningEnabled: true,
   nodeId: 'validator-node-1',
   pollingIntervalMs: 100,
   signingTimeoutMs: 3000,
@@ -63,6 +45,14 @@ const { signer, db } = await createHASigner({
 // Start background cleanup tasks
 signer.start();
 
+// Sign with protection
+const signature = await signer.signWithProtection(
+  validatorAddress,
+  messageHash,
+  { slot: 100n, blockNumber: 50n, blockIndexWithinCheckpoint: 0, dutyType: 'BLOCK_PROPOSAL' },
+  async root => localSigner.signMessage(root),
+);
+
 // On shutdown
 await signer.stop();
 await db.close();
@@ -73,7 +63,7 @@ await db.close();
 If you need custom pool configuration (e.g., max connections, idle timeout) or want to share a connection pool across multiple components:
 
 > **Note**: You still need to run migrations separately before using this approach.
-> See [Option 2](#option-2-manual-migrations-recommended-for-production) above.
+> See [Database Migrations](#database-migrations) below.
 
 ```typescript
 import { PostgresSlashingProtectionDatabase } from '@aztec/validator-ha-signer/db';
@@ -91,11 +81,11 @@ const db = new PostgresSlashingProtectionDatabase(pool);
 await db.initialize();
 
 const signer = new ValidatorHASigner(db, {
-  enabled: true,
+  haSigningEnabled: true,
   nodeId: 'validator-node-1',
   pollingIntervalMs: 100,
   signingTimeoutMs: 3000,
-  maxStuckDutiesAgeMs: 72000,
+  maxStuckDutiesAgeMs: 144000,
 });
 
 // Start background cleanup tasks
@@ -111,11 +101,15 @@ await pool.end(); // You manage the pool lifecycle
 Set via environment variables or config object:
 
 - `VALIDATOR_HA_DATABASE_URL`: PostgreSQL connection string (e.g., `postgresql://user:pass@host:port/db`)
-- `SLASHING_PROTECTION_ENABLED`: Whether slashing protection is enabled (default: true)
-- `SLASHING_PROTECTION_NODE_ID`: Unique identifier for this validator node
-- `SLASHING_PROTECTION_POLLING_INTERVAL_MS`: How often to check duty status (default: 100)
-- `SLASHING_PROTECTION_SIGNING_TIMEOUT_MS`: Max wait for in-progress signing (default: 3000)
-- `SLASHING_PROTECTION_MAX_STUCK_DUTIES_AGE_MS`: Max age of stuck duties before cleanup (default: 72000)
+- `VALIDATOR_HA_SIGNING_ENABLED`: Whether HA signing / slashing protection is enabled (default: false)
+- `VALIDATOR_HA_NODE_ID`: Unique identifier for this validator node (required when enabled)
+- `VALIDATOR_HA_POLLING_INTERVAL_MS`: How often to check duty status (default: 100)
+- `VALIDATOR_HA_SIGNING_TIMEOUT_MS`: Max wait for in-progress signing (default: 3000)
+- `VALIDATOR_HA_MAX_STUCK_DUTIES_AGE_MS`: Max age of stuck duties before cleanup (default: 2 \* aztecSlotDuration)
+- `VALIDATOR_HA_POOL_MAX`: Maximum number of connections in the pool (default: 10)
+- `VALIDATOR_HA_POOL_MIN`: Minimum number of connections in the pool (default: 0)
+- `VALIDATOR_HA_POOL_IDLE_TIMEOUT_MS`: Idle timeout for pool connections (default: 10000)
+- `VALIDATOR_HA_POOL_CONNECTION_TIMEOUT_MS`: Connection timeout (default: 0, no timeout)
 
 ## Database Migrations
 
@@ -170,9 +164,20 @@ When multiple validator nodes attempt to sign:
 
 1. First node acquires lock and signs
 2. Other nodes receive `DutyAlreadySignedError` (expected)
-3. If different data detected: `SlashingProtectionError` (likely for block builder signing)
+3. If different data detected: `SlashingProtectionError` (prevents slashing)
 4. Failed attempts are auto-cleaned, allowing retry
 
+### Signing Context
+
+All signing operations require a `SigningContext` that includes:
+
+- `slot`: The slot number
+- `blockNumber`: The block number within the checkpoint
+- `blockIndexWithinCheckpoint`: The index of the block within the checkpoint (use `-1` for N/A contexts)
+- `dutyType`: The type of duty (e.g., `BLOCK_PROPOSAL`, `CHECKPOINT_ATTESTATION`, `AUTH_REQUEST`)
+
+Note: `AUTH_REQUEST` duties bypass HA protection since signing multiple times is safe for authentication requests.
+
 ## Development
 
 ```bash

package/dest/config.d.ts

@@ -1,30 +1,27 @@
 import { type ConfigMappingsType } from '@aztec/foundation/config';
+import { z } from 'zod';
 /**
- * Configuration for the slashing protection service
+ * Configuration for the Validator HA Signer
+ *
+ * This config is used for distributed locking and slashing protection
+ * when running multiple validator nodes in a high-availability setup.
  */
-export interface SlashingProtectionConfig {
-    /** Whether slashing protection is enabled */
-    enabled: boolean;
+export interface ValidatorHASignerConfig {
+    /** Whether HA signing / slashing protection is enabled */
+    haSigningEnabled: boolean;
     /** Unique identifier for this node */
     nodeId: string;
     /** How long to wait between polls when a duty is being signed (ms) */
     pollingIntervalMs: number;
     /** Maximum time to wait for a duty being signed to complete (ms) */
     signingTimeoutMs: number;
-    /** Maximum age of a stuck duty in ms */
-    maxStuckDutiesAgeMs: number;
-}
-export declare const slashingProtectionConfigMappings: ConfigMappingsType<SlashingProtectionConfig>;
-export declare const defaultSlashingProtectionConfig: SlashingProtectionConfig;
-/**
- * Configuration for creating an HA signer with PostgreSQL backend
- */
-export interface CreateHASignerConfig extends SlashingProtectionConfig {
+    /** Maximum age of a stuck duty in ms (defaults to 2x hardcoded Aztec slot duration if not set) */
+    maxStuckDutiesAgeMs?: number;
     /**
      * PostgreSQL connection string
      * Format: postgresql://user:password@host:port/database
      */
-    databaseUrl: string;
+    databaseUrl?: string;
     /**
      * PostgreSQL connection pool configuration
      */
@@ -37,11 +34,46 @@ export interface CreateHASignerConfig extends SlashingProtectionConfig {
     /** Connection timeout in milliseconds (default: 0, no timeout) */
     poolConnectionTimeoutMs?: number;
 }
-export declare const createHASignerConfigMappings: ConfigMappingsType<CreateHASignerConfig>;
+export declare const validatorHASignerConfigMappings: ConfigMappingsType<ValidatorHASignerConfig>;
+export declare const defaultValidatorHASignerConfig: ValidatorHASignerConfig;
 /**
  * Returns the validator HA signer configuration from environment variables.
  * Note: If an environment variable is not set, the default value is used.
  * @returns The validator HA signer configuration.
  */
-export declare function getConfigEnvVars(): CreateHASignerConfig;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvY29uZmlnLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFDTCxLQUFLLGtCQUFrQixFQUt4QixNQUFNLDBCQUEwQixDQUFDO0FBRWxDOztHQUVHO0FBQ0gsTUFBTSxXQUFXLHdCQUF3QjtJQUN2Qyw2Q0FBNkM7SUFDN0MsT0FBTyxFQUFFLE9BQU8sQ0FBQztJQUNqQixzQ0FBc0M7SUFDdEMsTUFBTSxFQUFFLE1BQU0sQ0FBQztJQUNmLHNFQUFzRTtJQUN0RSxpQkFBaUIsRUFBRSxNQUFNLENBQUM7SUFDMUIsb0VBQW9FO0lBQ3BFLGdCQUFnQixFQUFFLE1BQU0sQ0FBQztJQUN6Qix3Q0FBd0M7SUFDeEMsbUJBQW1CLEVBQUUsTUFBTSxDQUFDO0NBQzdCO0FBRUQsZUFBTyxNQUFNLGdDQUFnQyxFQUFFLGtCQUFrQixDQUFDLHdCQUF3QixDQTJCekYsQ0FBQztBQUVGLGVBQU8sTUFBTSwrQkFBK0IsRUFBRSx3QkFFN0MsQ0FBQztBQUVGOztHQUVHO0FBQ0gsTUFBTSxXQUFXLG9CQUFxQixTQUFRLHdCQUF3QjtJQUNwRTs7O09BR0c7SUFDSCxXQUFXLEVBQUUsTUFBTSxDQUFDO0lBQ3BCOztPQUVHO0lBQ0gsMERBQTBEO0lBQzFELFlBQVksQ0FBQyxFQUFFLE1BQU0sQ0FBQztJQUN0Qix5REFBeUQ7SUFDekQsWUFBWSxDQUFDLEVBQUUsTUFBTSxDQUFDO0lBQ3RCLG9EQUFvRDtJQUNwRCxpQkFBaUIsQ0FBQyxFQUFFLE1BQU0sQ0FBQztJQUMzQixrRUFBa0U7SUFDbEUsdUJBQXVCLENBQUMsRUFBRSxNQUFNLENBQUM7Q0FDbEM7QUFFRCxlQUFPLE1BQU0sNEJBQTRCLEVBQUUsa0JBQWtCLENBQUMsb0JBQW9CLENBMkJqRixDQUFDO0FBRUY7Ozs7R0FJRztBQUNILHdCQUFnQixnQkFBZ0IsSUFBSSxvQkFBb0IsQ0FFdkQifQ==
+export declare function getConfigEnvVars(): ValidatorHASignerConfig;
+export declare const ValidatorHASignerConfigSchema: z.ZodObject<{
+    haSigningEnabled: z.ZodBoolean;
+    nodeId: z.ZodString;
+    pollingIntervalMs: z.ZodNumber;
+    signingTimeoutMs: z.ZodNumber;
+    maxStuckDutiesAgeMs: z.ZodOptional<z.ZodNumber>;
+    databaseUrl: z.ZodOptional<z.ZodString>;
+    poolMaxCount: z.ZodOptional<z.ZodNumber>;
+    poolMinCount: z.ZodOptional<z.ZodNumber>;
+    poolIdleTimeoutMs: z.ZodOptional<z.ZodNumber>;
+    poolConnectionTimeoutMs: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    haSigningEnabled: boolean;
+    nodeId: string;
+    pollingIntervalMs: number;
+    signingTimeoutMs: number;
+    maxStuckDutiesAgeMs?: number | undefined;
+    databaseUrl?: string | undefined;
+    poolMaxCount?: number | undefined;
+    poolMinCount?: number | undefined;
+    poolIdleTimeoutMs?: number | undefined;
+    poolConnectionTimeoutMs?: number | undefined;
+}, {
+    haSigningEnabled: boolean;
+    nodeId: string;
+    pollingIntervalMs: number;
+    signingTimeoutMs: number;
+    maxStuckDutiesAgeMs?: number | undefined;
+    databaseUrl?: string | undefined;
+    poolMaxCount?: number | undefined;
+    poolMinCount?: number | undefined;
+    poolIdleTimeoutMs?: number | undefined;
+    poolConnectionTimeoutMs?: number | undefined;
+}>;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvY29uZmlnLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFDTCxLQUFLLGtCQUFrQixFQU14QixNQUFNLDBCQUEwQixDQUFDO0FBR2xDLE9BQU8sRUFBRSxDQUFDLEVBQUUsTUFBTSxLQUFLLENBQUM7QUFFeEI7Ozs7O0dBS0c7QUFDSCxNQUFNLFdBQVcsdUJBQXVCO0lBQ3RDLDBEQUEwRDtJQUMxRCxnQkFBZ0IsRUFBRSxPQUFPLENBQUM7SUFDMUIsc0NBQXNDO0lBQ3RDLE1BQU0sRUFBRSxNQUFNLENBQUM7SUFDZixzRUFBc0U7SUFDdEUsaUJBQWlCLEVBQUUsTUFBTSxDQUFDO0lBQzFCLG9FQUFvRTtJQUNwRSxnQkFBZ0IsRUFBRSxNQUFNLENBQUM7SUFDekIsa0dBQWtHO0lBQ2xHLG1CQUFtQixDQUFDLEVBQUUsTUFBTSxDQUFDO0lBQzdCOzs7T0FHRztJQUNILFdBQVcsQ0FBQyxFQUFFLE1BQU0sQ0FBQztJQUNyQjs7T0FFRztJQUNILDBEQUEwRDtJQUMxRCxZQUFZLENBQUMsRUFBRSxNQUFNLENBQUM7SUFDdEIseURBQXlEO0lBQ3pELFlBQVksQ0FBQyxFQUFFLE1BQU0sQ0FBQztJQUN0QixvREFBb0Q7SUFDcEQsaUJBQWlCLENBQUMsRUFBRSxNQUFNLENBQUM7SUFDM0Isa0VBQWtFO0lBQ2xFLHVCQUF1QixDQUFDLEVBQUUsTUFBTSxDQUFDO0NBQ2xDO0FBRUQsZUFBTyxNQUFNLCtCQUErQixFQUFFLGtCQUFrQixDQUFDLHVCQUF1QixDQW1EdkYsQ0FBQztBQUVGLGVBQU8sTUFBTSw4QkFBOEIsRUFBRSx1QkFFNUMsQ0FBQztBQUVGOzs7O0dBSUc7QUFDSCx3QkFBZ0IsZ0JBQWdCLElBQUksdUJBQXVCLENBRTFEO0FBRUQsZUFBTyxNQUFNLDZCQUE2Qjs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0VBV0UsQ0FBQyJ9

package/dest/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,kBAAkB,EAKxB,MAAM,0BAA0B,CAAC;AAElC;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,6CAA6C;IAC7C,OAAO,EAAE,OAAO,CAAC;IACjB,sCAAsC;IACtC,MAAM,EAAE,MAAM,CAAC;IACf,sEAAsE;IACtE,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oEAAoE;IACpE,gBAAgB,EAAE,MAAM,CAAC;IACzB,wCAAwC;IACxC,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED,eAAO,MAAM,gCAAgC,EAAE,kBAAkB,CAAC,wBAAwB,CA2BzF,CAAC;AAEF,eAAO,MAAM,+BAA+B,EAAE,wBAE7C,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,oBAAqB,SAAQ,wBAAwB;IACpE;;;OAGG;IACH,WAAW,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,yDAAyD;IACzD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oDAAoD;IACpD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kEAAkE;IAClE,uBAAuB,CAAC,EAAE,MAAM,CAAC;CAClC;AAED,eAAO,MAAM,4BAA4B,EAAE,kBAAkB,CAAC,oBAAoB,CA2BjF,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,oBAAoB,CAEvD"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,kBAAkB,EAMxB,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;;;;GAKG;AACH,MAAM,WAAW,uBAAuB;IACtC,0DAA0D;IAC1D,gBAAgB,EAAE,OAAO,CAAC;IAC1B,sCAAsC;IACtC,MAAM,EAAE,MAAM,CAAC;IACf,sEAAsE;IACtE,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oEAAoE;IACpE,gBAAgB,EAAE,MAAM,CAAC;IACzB,kGAAkG;IAClG,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,yDAAyD;IACzD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oDAAoD;IACpD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kEAAkE;IAClE,uBAAuB,CAAC,EAAE,MAAM,CAAC;CAClC;AAED,eAAO,MAAM,+BAA+B,EAAE,kBAAkB,CAAC,uBAAuB,CAmDvF,CAAC;AAEF,eAAO,MAAM,8BAA8B,EAAE,uBAE5C,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,uBAAuB,CAE1D;AAED,eAAO,MAAM,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWE,CAAC"}

package/dest/config.js

@@ -1,35 +1,31 @@
-import { booleanConfigHelper, getConfigFromMappings, getDefaultConfig, numberConfigHelper } from '@aztec/foundation/config';
-export const slashingProtectionConfigMappings = {
-    enabled: {
-        env: 'SLASHING_PROTECTION_ENABLED',
-        description: 'Whether slashing protection is enabled',
-        ...booleanConfigHelper(true)
+import { booleanConfigHelper, getConfigFromMappings, getDefaultConfig, numberConfigHelper, optionalNumberConfigHelper } from '@aztec/foundation/config';
+import { z } from 'zod';
+export const validatorHASignerConfigMappings = {
+    haSigningEnabled: {
+        env: 'VALIDATOR_HA_SIGNING_ENABLED',
+        description: 'Whether HA signing / slashing protection is enabled',
+        ...booleanConfigHelper(false)
     },
     nodeId: {
-        env: 'SLASHING_PROTECTION_NODE_ID',
+        env: 'VALIDATOR_HA_NODE_ID',
         description: 'The unique identifier for this node',
         defaultValue: ''
     },
     pollingIntervalMs: {
-        env: 'SLASHING_PROTECTION_POLLING_INTERVAL_MS',
+        env: 'VALIDATOR_HA_POLLING_INTERVAL_MS',
         description: 'The number of ms to wait between polls when a duty is being signed',
         ...numberConfigHelper(100)
     },
     signingTimeoutMs: {
-        env: 'SLASHING_PROTECTION_SIGNING_TIMEOUT_MS',
+        env: 'VALIDATOR_HA_SIGNING_TIMEOUT_MS',
         description: 'The maximum time to wait for a duty being signed to complete',
         ...numberConfigHelper(3_000)
     },
     maxStuckDutiesAgeMs: {
-        env: 'SLASHING_PROTECTION_MAX_STUCK_DUTIES_AGE_MS',
-        description: 'The maximum age of a stuck duty in ms',
-        // hard-coding at current 2 slot duration. This should be set by the validator on init
-        ...numberConfigHelper(72_000)
-    }
-};
-export const defaultSlashingProtectionConfig = getDefaultConfig(slashingProtectionConfigMappings);
-export const createHASignerConfigMappings = {
-    ...slashingProtectionConfigMappings,
+        env: 'VALIDATOR_HA_MAX_STUCK_DUTIES_AGE_MS',
+        description: 'The maximum age of a stuck duty in ms (defaults to 2x Aztec slot duration)',
+        ...optionalNumberConfigHelper()
+    },
     databaseUrl: {
         env: 'VALIDATOR_HA_DATABASE_URL',
         description: 'PostgreSQL connection string for validator HA signer (format: postgresql://user:password@host:port/database)'
@@ -55,10 +51,23 @@ export const createHASignerConfigMappings = {
         ...numberConfigHelper(0)
     }
 };
+export const defaultValidatorHASignerConfig = getDefaultConfig(validatorHASignerConfigMappings);
 /**
  * Returns the validator HA signer configuration from environment variables.
  * Note: If an environment variable is not set, the default value is used.
  * @returns The validator HA signer configuration.
  */ export function getConfigEnvVars() {
-    return getConfigFromMappings(createHASignerConfigMappings);
+    return getConfigFromMappings(validatorHASignerConfigMappings);
 }
+export const ValidatorHASignerConfigSchema = z.object({
+    haSigningEnabled: z.boolean(),
+    nodeId: z.string(),
+    pollingIntervalMs: z.number().min(0),
+    signingTimeoutMs: z.number().min(0),
+    maxStuckDutiesAgeMs: z.number().min(0).optional(),
+    databaseUrl: z.string().optional(),
+    poolMaxCount: z.number().min(0).optional(),
+    poolMinCount: z.number().min(0).optional(),
+    poolIdleTimeoutMs: z.number().min(0).optional(),
+    poolConnectionTimeoutMs: z.number().min(0).optional()
+});

package/dest/db/postgres.d.ts

@@ -1,14 +1,26 @@
+/**
+ * PostgreSQL implementation of SlashingProtectionDatabase
+ */
+import { SlotNumber } from '@aztec/foundation/branded-types';
 import { EthAddress } from '@aztec/foundation/eth-address';
-import type { Pool } from 'pg';
+import type { QueryResult, QueryResultRow } from 'pg';
 import type { SlashingProtectionDatabase, TryInsertOrGetResult } from '../types.js';
 import type { CheckAndRecordParams, DutyType } from './types.js';
+/**
+ * Minimal pool interface for database operations.
+ * Both pg.Pool and test adapters (e.g., PGlite) satisfy this interface.
+ */
+export interface QueryablePool {
+    query<R extends QueryResultRow = any>(text: string, values?: any[]): Promise<QueryResult<R>>;
+    end(): Promise<void>;
+}
 /**
  * PostgreSQL implementation of the slashing protection database
  */
 export declare class PostgresSlashingProtectionDatabase implements SlashingProtectionDatabase {
     private readonly pool;
     private readonly log;
-    constructor(pool: Pool);
+    constructor(pool: QueryablePool);
     /**
      * Verify that database migrations have been run and schema version matches.
      * Should be called once at startup.
@@ -21,6 +33,9 @@ export declare class PostgresSlashingProtectionDatabase implements SlashingProte
      *
      * @returns { isNew: true, record } if we successfully inserted and acquired the lock
      * @returns { isNew: false, record } if a record already exists. lock_token is empty if the record already exists.
+     *
+     * Retries if no rows are returned, which can happen under high concurrency
+     * when another transaction just committed the row but it's not yet visible.
      */
     tryInsertOrGetExisting(params: CheckAndRecordParams): Promise<TryInsertOrGetResult>;
     /**
@@ -29,7 +44,7 @@ export declare class PostgresSlashingProtectionDatabase implements SlashingProte
      *
      * @returns true if the update succeeded, false if token didn't match or duty not found
      */
-    updateDutySigned(validatorAddress: EthAddress, slot: bigint, dutyType: DutyType, signature: string, lockToken: string): Promise<boolean>;
+    updateDutySigned(validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, signature: string, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
     /**
      * Delete a duty record.
      * Only succeeds if the lockToken matches (caller must be the one who created the duty).
@@ -37,7 +52,7 @@ export declare class PostgresSlashingProtectionDatabase implements SlashingProte
      *
      * @returns true if the delete succeeded, false if token didn't match or duty not found
      */
-    deleteDuty(validatorAddress: EthAddress, slot: bigint, dutyType: DutyType, lockToken: string): Promise<boolean>;
+    deleteDuty(validatorAddress: EthAddress, slot: SlotNumber, dutyType: DutyType, lockToken: string, blockIndexWithinCheckpoint: number): Promise<boolean>;
     /**
      * Convert a database row to a ValidatorDutyRecord
      */
@@ -52,4 +67,4 @@ export declare class PostgresSlashingProtectionDatabase implements SlashingProte
      */
     cleanupOwnStuckDuties(nodeId: string, maxAgeMs: number): Promise<number>;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicG9zdGdyZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9kYi9wb3N0Z3Jlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFJQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFHM0QsT0FBTyxLQUFLLEVBQUUsSUFBSSxFQUFlLE1BQU0sSUFBSSxDQUFDO0FBRTVDLE9BQU8sS0FBSyxFQUFFLDBCQUEwQixFQUFFLG9CQUFvQixFQUFFLE1BQU0sYUFBYSxDQUFDO0FBUXBGLE9BQU8sS0FBSyxFQUFFLG9CQUFvQixFQUFXLFFBQVEsRUFBdUMsTUFBTSxZQUFZLENBQUM7QUFFL0c7O0dBRUc7QUFDSCxxQkFBYSxrQ0FBbUMsWUFBVywwQkFBMEI7SUFHdkUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJO0lBRmpDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFTO0lBRTdCLFlBQTZCLElBQUksRUFBRSxJQUFJLEVBRXRDO0lBRUQ7Ozs7O09BS0c7SUFDRyxVQUFVLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQWdDaEM7SUFFRDs7Ozs7T0FLRztJQUNHLHNCQUFzQixDQUFDLE1BQU0sRUFBRSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsb0JBQW9CLENBQUMsQ0F3QnhGO0lBRUQ7Ozs7O09BS0c7SUFDRyxnQkFBZ0IsQ0FDcEIsZ0JBQWdCLEVBQUUsVUFBVSxFQUM1QixJQUFJLEVBQUUsTUFBTSxFQUNaLFFBQVEsRUFBRSxRQUFRLEVBQ2xCLFNBQVMsRUFBRSxNQUFNLEVBQ2pCLFNBQVMsRUFBRSxNQUFNLEdBQ2hCLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FrQmxCO0lBRUQ7Ozs7OztPQU1HO0lBQ0csVUFBVSxDQUNkLGdCQUFnQixFQUFFLFVBQVUsRUFDNUIsSUFBSSxFQUFFLE1BQU0sRUFDWixRQUFRLEVBQUUsUUFBUSxFQUNsQixTQUFTLEVBQUUsTUFBTSxHQUNoQixPQUFPLENBQUMsT0FBTyxDQUFDLENBaUJsQjtJQUVEOztPQUVHO0lBQ0gsT0FBTyxDQUFDLFdBQVc7SUFpQm5COztPQUVHO0lBQ0csS0FBSyxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FHM0I7SUFFRDs7O09BR0c7SUFDRyxxQkFBcUIsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLFFBQVEsRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUk3RTtDQUNGIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicG9zdGdyZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9kYi9wb3N0Z3Jlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUNILE9BQU8sRUFBZSxVQUFVLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUUxRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFJM0QsT0FBTyxLQUFLLEVBQUUsV0FBVyxFQUFFLGNBQWMsRUFBRSxNQUFNLElBQUksQ0FBQztBQUV0RCxPQUFPLEtBQUssRUFBRSwwQkFBMEIsRUFBRSxvQkFBb0IsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQVFwRixPQUFPLEtBQUssRUFBRSxvQkFBb0IsRUFBVyxRQUFRLEVBQXVDLE1BQU0sWUFBWSxDQUFDO0FBRy9HOzs7R0FHRztBQUNILE1BQU0sV0FBVyxhQUFhO0lBQzVCLEtBQUssQ0FBQyxDQUFDLFNBQVMsY0FBYyxHQUFHLEdBQUcsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLE1BQU0sQ0FBQyxFQUFFLEdBQUcsRUFBRSxHQUFHLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUM3RixHQUFHLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO0NBQ3RCO0FBRUQ7O0dBRUc7QUFDSCxxQkFBYSxrQ0FBbUMsWUFBVywwQkFBMEI7SUFHdkUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJO0lBRmpDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFTO0lBRTdCLFlBQTZCLElBQUksRUFBRSxhQUFhLEVBRS9DO0lBRUQ7Ozs7O09BS0c7SUFDRyxVQUFVLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQWdDaEM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNHLHNCQUFzQixDQUFDLE1BQU0sRUFBRSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsb0JBQW9CLENBQUMsQ0FtRHhGO0lBRUQ7Ozs7O09BS0c7SUFDRyxnQkFBZ0IsQ0FDcEIsZ0JBQWdCLEVBQUUsVUFBVSxFQUM1QixJQUFJLEVBQUUsVUFBVSxFQUNoQixRQUFRLEVBQUUsUUFBUSxFQUNsQixTQUFTLEVBQUUsTUFBTSxFQUNqQixTQUFTLEVBQUUsTUFBTSxFQUNqQiwwQkFBMEIsRUFBRSxNQUFNLEdBQ2pDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FvQmxCO0lBRUQ7Ozs7OztPQU1HO0lBQ0csVUFBVSxDQUNkLGdCQUFnQixFQUFFLFVBQVUsRUFDNUIsSUFBSSxFQUFFLFVBQVUsRUFDaEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsU0FBUyxFQUFFLE1BQU0sRUFDakIsMEJBQTBCLEVBQUUsTUFBTSxHQUNqQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBbUJsQjtJQUVEOztPQUVHO0lBQ0gsT0FBTyxDQUFDLFdBQVc7SUFrQm5COztPQUVHO0lBQ0csS0FBSyxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FHM0I7SUFFRDs7O09BR0c7SUFDRyxxQkFBcUIsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLFFBQVEsRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUk3RTtDQUNGIn0=

package/dest/db/postgres.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"postgres.d.ts","sourceRoot":"","sources":["../../src/db/postgres.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAG3D,OAAO,KAAK,EAAE,IAAI,EAAe,MAAM,IAAI,CAAC;AAE5C,OAAO,KAAK,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAQpF,OAAO,KAAK,EAAE,oBAAoB,EAAW,QAAQ,EAAuC,MAAM,YAAY,CAAC;AAE/G;;GAEG;AACH,qBAAa,kCAAmC,YAAW,0BAA0B;IAGvE,OAAO,CAAC,QAAQ,CAAC,IAAI;IAFjC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B,YAA6B,IAAI,EAAE,IAAI,EAEtC;IAED;;;;;OAKG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAgChC;IAED;;;;;OAKG;IACG,sBAAsB,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAwBxF;IAED;;;;;OAKG;IACG,gBAAgB,CACpB,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,OAAO,CAAC,CAkBlB;IAED;;;;;;OAMG;IACG,UAAU,CACd,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,OAAO,CAAC,CAiBlB;IAED;;OAEG;IACH,OAAO,CAAC,WAAW;IAiBnB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAG3B;IAED;;;OAGG;IACG,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAI7E;CACF"}
+{"version":3,"file":"postgres.d.ts","sourceRoot":"","sources":["../../src/db/postgres.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAe,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAE1E,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAI3D,OAAO,KAAK,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,IAAI,CAAC;AAEtD,OAAO,KAAK,EAAE,0BAA0B,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAQpF,OAAO,KAAK,EAAE,oBAAoB,EAAW,QAAQ,EAAuC,MAAM,YAAY,CAAC;AAG/G;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,KAAK,CAAC,CAAC,SAAS,cAAc,GAAG,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7F,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACtB;AAED;;GAEG;AACH,qBAAa,kCAAmC,YAAW,0BAA0B;IAGvE,OAAO,CAAC,QAAQ,CAAC,IAAI;IAFjC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B,YAA6B,IAAI,EAAE,aAAa,EAE/C;IAED;;;;;OAKG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAgChC;IAED;;;;;;;;OAQG;IACG,sBAAsB,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAmDxF;IAED;;;;;OAKG;IACG,gBAAgB,CACpB,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CAoBlB;IAED;;;;;;OAMG;IACG,UAAU,CACd,gBAAgB,EAAE,UAAU,EAC5B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,MAAM,GACjC,OAAO,CAAC,OAAO,CAAC,CAmBlB;IAED;;OAEG;IACH,OAAO,CAAC,WAAW;IAkBnB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAG3B;IAED;;;OAGG;IACG,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAI7E;CACF"}

package/dest/db/postgres.js

@@ -1,9 +1,12 @@
 /**
  * PostgreSQL implementation of SlashingProtectionDatabase
- */ import { randomBytes } from '@aztec/foundation/crypto/random';
+ */ import { BlockNumber, SlotNumber } from '@aztec/foundation/branded-types';
+import { randomBytes } from '@aztec/foundation/crypto/random';
 import { EthAddress } from '@aztec/foundation/eth-address';
 import { createLogger } from '@aztec/foundation/log';
+import { makeBackoff, retry } from '@aztec/foundation/retry';
 import { CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSION, UPDATE_DUTY_SIGNED } from './schema.js';
+import { getBlockIndexFromDutyIdentifier } from './types.js';
 /**
  * PostgreSQL implementation of the slashing protection database
  */ export class PostgresSlashingProtectionDatabase {
@@ -27,10 +30,10 @@ import { CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSI
             }
             dbVersion = result.rows[0].version;
         } catch  {
-            throw new Error('Database schema not initialized. Please run migrations first: aztec migrate up --database-url <url>');
+            throw new Error('Database schema not initialized. Please run migrations first: aztec migrate-ha-db up --database-url <url>');
         }
         if (dbVersion < SCHEMA_VERSION) {
-            throw new Error(`Database schema version ${dbVersion} is outdated (expected ${SCHEMA_VERSION}). Please run migrations: aztec migrate up --database-url <url>`);
+            throw new Error(`Database schema version ${dbVersion} is outdated (expected ${SCHEMA_VERSION}). Please run migrations: aztec migrate-ha-db up --database-url <url>`);
         }
         if (dbVersion > SCHEMA_VERSION) {
             throw new Error(`Database schema version ${dbVersion} is newer than expected (${SCHEMA_VERSION}). Please update your application.`);
@@ -44,21 +47,44 @@ import { CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSI
    *
    * @returns { isNew: true, record } if we successfully inserted and acquired the lock
    * @returns { isNew: false, record } if a record already exists. lock_token is empty if the record already exists.
+   *
+   * Retries if no rows are returned, which can happen under high concurrency
+   * when another transaction just committed the row but it's not yet visible.
    */ async tryInsertOrGetExisting(params) {
         // create a token for ownership verification
         const lockToken = randomBytes(16).toString('hex');
-        const result = await this.pool.query(INSERT_OR_GET_DUTY, [
-            params.validatorAddress.toString(),
-            params.slot.toString(),
-            params.blockNumber.toString(),
-            params.dutyType,
-            params.messageHash,
-            params.nodeId,
-            lockToken
+        // Use fast retries with custom backoff: 10ms, 20ms, 30ms (then stop)
+        const fastBackoff = makeBackoff([
+            0.01,
+            0.02,
+            0.03
         ]);
+        // Get the normalized block index using type-safe helper
+        const blockIndexWithinCheckpoint = getBlockIndexFromDutyIdentifier(params);
+        const result = await retry(async ()=>{
+            const queryResult = await this.pool.query(INSERT_OR_GET_DUTY, [
+                params.validatorAddress.toString(),
+                params.slot.toString(),
+                params.blockNumber.toString(),
+                blockIndexWithinCheckpoint,
+                params.dutyType,
+                params.messageHash,
+                params.nodeId,
+                lockToken
+            ]);
+            // Throw error if no rows to trigger retry
+            if (queryResult.rows.length === 0) {
+                throw new Error('INSERT_OR_GET_DUTY returned no rows');
+            }
+            return queryResult;
+        }, `INSERT_OR_GET_DUTY for node ${params.nodeId}`, fastBackoff, this.log, true);
         if (result.rows.length === 0) {
-            // This shouldn't happen - the query always returns either the inserted or existing row
-            throw new Error('INSERT_OR_GET_DUTY returned no rows');
+            // this should never happen as the retry function should throw if it still fails after retries
+            throw new Error('INSERT_OR_GET_DUTY returned no rows after retries');
+        }
+        if (result.rows.length > 1) {
+            // this should never happen if database constraints are correct (PRIMARY KEY should prevent duplicates)
+            throw new Error(`INSERT_OR_GET_DUTY returned ${result.rows.length} rows (expected exactly 1).`);
         }
         const row = result.rows[0];
         return {
@@ -71,19 +97,21 @@ import { CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSI
    * Only succeeds if the lockToken matches (caller must be the one who created the duty).
    *
    * @returns true if the update succeeded, false if token didn't match or duty not found
-   */ async updateDutySigned(validatorAddress, slot, dutyType, signature, lockToken) {
+   */ async updateDutySigned(validatorAddress, slot, dutyType, signature, lockToken, blockIndexWithinCheckpoint) {
         const result = await this.pool.query(UPDATE_DUTY_SIGNED, [
             signature,
             validatorAddress.toString(),
             slot.toString(),
             dutyType,
+            blockIndexWithinCheckpoint,
             lockToken
         ]);
         if (result.rowCount === 0) {
             this.log.warn('Failed to update duty to signed status: invalid token or duty not found', {
                 validatorAddress: validatorAddress.toString(),
                 slot: slot.toString(),
-                dutyType
+                dutyType,
+                blockIndexWithinCheckpoint
             });
             return false;
         }
@@ -95,18 +123,20 @@ import { CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSI
    * Used when signing fails to allow another node/attempt to retry.
    *
    * @returns true if the delete succeeded, false if token didn't match or duty not found
-   */ async deleteDuty(validatorAddress, slot, dutyType, lockToken) {
+   */ async deleteDuty(validatorAddress, slot, dutyType, lockToken, blockIndexWithinCheckpoint) {
         const result = await this.pool.query(DELETE_DUTY, [
             validatorAddress.toString(),
             slot.toString(),
             dutyType,
+            blockIndexWithinCheckpoint,
             lockToken
         ]);
         if (result.rowCount === 0) {
             this.log.warn('Failed to delete duty: invalid token or duty not found', {
                 validatorAddress: validatorAddress.toString(),
                 slot: slot.toString(),
-                dutyType
+                dutyType,
+                blockIndexWithinCheckpoint
             });
             return false;
         }
@@ -117,8 +147,9 @@ import { CLEANUP_OWN_STUCK_DUTIES, DELETE_DUTY, INSERT_OR_GET_DUTY, SCHEMA_VERSI
    */ rowToRecord(row) {
         return {
             validatorAddress: EthAddress.fromString(row.validator_address),
-            slot: BigInt(row.slot),
-            blockNumber: BigInt(row.block_number),
+            slot: SlotNumber.fromString(row.slot),
+            blockNumber: BlockNumber.fromString(row.block_number),
+            blockIndexWithinCheckpoint: row.block_index_within_checkpoint,
             dutyType: row.duty_type,
             status: row.status,
             messageHash: row.message_hash,

package/dest/db/schema.d.ts

@@ -12,7 +12,7 @@ export declare const SCHEMA_VERSION = 1;
 /**
  * SQL to create the validator_duties table
  */
-export declare const CREATE_VALIDATOR_DUTIES_TABLE = "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed', 'failed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (validator_address, slot, duty_type),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n";
+export declare const CREATE_VALIDATOR_DUTIES_TABLE = "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  block_index_within_checkpoint INTEGER NOT NULL DEFAULT 0,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'CHECKPOINT_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS', 'GOVERNANCE_VOTE', 'SLASHING_VOTE')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed', 'failed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (validator_address, slot, duty_type, block_index_within_checkpoint),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n";
 /**
  * SQL to create index on status and started_at for cleanup queries
  */
@@ -32,7 +32,7 @@ export declare const INSERT_SCHEMA_VERSION = "\nINSERT INTO schema_version (vers
 /**
  * Complete schema setup - all statements in order
  */
-export declare const SCHEMA_SETUP: readonly ["\nCREATE TABLE IF NOT EXISTS schema_version (\n  version INTEGER PRIMARY KEY,\n  applied_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP\n);\n", "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed', 'failed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (validator_address, slot, duty_type),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_status\nON validator_duties(status, started_at);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_node\nON validator_duties(node_id, started_at);\n"];
+export declare const SCHEMA_SETUP: readonly ["\nCREATE TABLE IF NOT EXISTS schema_version (\n  version INTEGER PRIMARY KEY,\n  applied_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP\n);\n", "\nCREATE TABLE IF NOT EXISTS validator_duties (\n  validator_address VARCHAR(42) NOT NULL,\n  slot BIGINT NOT NULL,\n  block_number BIGINT NOT NULL,\n  block_index_within_checkpoint INTEGER NOT NULL DEFAULT 0,\n  duty_type VARCHAR(30) NOT NULL CHECK (duty_type IN ('BLOCK_PROPOSAL', 'CHECKPOINT_PROPOSAL', 'ATTESTATION', 'ATTESTATIONS_AND_SIGNERS', 'GOVERNANCE_VOTE', 'SLASHING_VOTE')),\n  status VARCHAR(20) NOT NULL CHECK (status IN ('signing', 'signed', 'failed')),\n  message_hash VARCHAR(66) NOT NULL,\n  signature VARCHAR(132),\n  node_id VARCHAR(255) NOT NULL,\n  lock_token VARCHAR(64) NOT NULL,\n  started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n  completed_at TIMESTAMP,\n  error_message TEXT,\n\n  PRIMARY KEY (validator_address, slot, duty_type, block_index_within_checkpoint),\n  CHECK (completed_at IS NULL OR completed_at >= started_at)\n);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_status\nON validator_duties(status, started_at);\n", "\nCREATE INDEX IF NOT EXISTS idx_validator_duties_node\nON validator_duties(node_id, started_at);\n"];
 /**
  * Query to get current schema version
  */
@@ -43,17 +43,21 @@ export declare const GET_SCHEMA_VERSION = "\nSELECT version FROM schema_version
  * returns the existing record instead.
  *
  * Returns the record with an `is_new` flag indicating whether we inserted or got existing.
+ *
+ * Note: In high concurrency scenarios, if the INSERT conflicts and another transaction
+ * just committed the row, there's a small window where the SELECT might not see it yet.
+ * The application layer should retry if no rows are returned.
  */
-export declare const INSERT_OR_GET_DUTY = "\nWITH inserted AS (\n  INSERT INTO validator_duties (\n    validator_address,\n    slot,\n    block_number,\n    duty_type,\n    status,\n    message_hash,\n    node_id,\n    lock_token,\n    started_at\n  ) VALUES ($1, $2, $3, $4, 'signing', $5, $6, $7, CURRENT_TIMESTAMP)\n  ON CONFLICT (validator_address, slot, duty_type) DO NOTHING\n  RETURNING\n    validator_address,\n    slot,\n    block_number,\n    duty_type,\n    status,\n    message_hash,\n    signature,\n    node_id,\n    lock_token,\n    started_at,\n    completed_at,\n    error_message,\n    TRUE as is_new\n)\nSELECT * FROM inserted\nUNION ALL\nSELECT\n  validator_address,\n  slot,\n  block_number,\n  duty_type,\n  status,\n  message_hash,\n  signature,\n  node_id,\n  '' as lock_token,\n  started_at,\n  completed_at,\n  error_message,\n  FALSE as is_new\nFROM validator_duties\nWHERE validator_address = $1\n  AND slot = $2\n  AND duty_type = $4\n  AND NOT EXISTS (SELECT 1 FROM inserted);\n";
+export declare const INSERT_OR_GET_DUTY = "\nWITH inserted AS (\n  INSERT INTO validator_duties (\n    validator_address,\n    slot,\n    block_number,\n    block_index_within_checkpoint,\n    duty_type,\n    status,\n    message_hash,\n    node_id,\n    lock_token,\n    started_at\n  ) VALUES ($1, $2, $3, $4, $5, 'signing', $6, $7, $8, CURRENT_TIMESTAMP)\n  ON CONFLICT (validator_address, slot, duty_type, block_index_within_checkpoint) DO NOTHING\n  RETURNING\n    validator_address,\n    slot,\n    block_number,\n    block_index_within_checkpoint,\n    duty_type,\n    status,\n    message_hash,\n    signature,\n    node_id,\n    lock_token,\n    started_at,\n    completed_at,\n    error_message,\n    TRUE as is_new\n)\nSELECT * FROM inserted\nUNION ALL\nSELECT\n  validator_address,\n  slot,\n  block_number,\n  block_index_within_checkpoint,\n  duty_type,\n  status,\n  message_hash,\n  signature,\n  node_id,\n  '' as lock_token,\n  started_at,\n  completed_at,\n  error_message,\n  FALSE as is_new\nFROM validator_duties\nWHERE validator_address = $1\n  AND slot = $2\n  AND duty_type = $5\n  AND block_index_within_checkpoint = $4\n  AND NOT EXISTS (SELECT 1 FROM inserted);\n";
 /**
  * Query to update a duty to 'signed' status
  */
-export declare const UPDATE_DUTY_SIGNED = "\nUPDATE validator_duties\nSET status = 'signed',\n    signature = $1,\n    completed_at = CURRENT_TIMESTAMP\nWHERE validator_address = $2\n  AND slot = $3\n  AND duty_type = $4\n  AND status = 'signing'\n  AND lock_token = $5;\n";
+export declare const UPDATE_DUTY_SIGNED = "\nUPDATE validator_duties\nSET status = 'signed',\n    signature = $1,\n    completed_at = CURRENT_TIMESTAMP\nWHERE validator_address = $2\n  AND slot = $3\n  AND duty_type = $4\n  AND block_index_within_checkpoint = $5\n  AND status = 'signing'\n  AND lock_token = $6;\n";
 /**
  * Query to delete a duty
  * Only deletes if the lockToken matches
  */
-export declare const DELETE_DUTY = "\nDELETE FROM validator_duties\nWHERE validator_address = $1\n  AND slot = $2\n  AND duty_type = $3\n  AND status = 'signing'\n  AND lock_token = $4;\n";
+export declare const DELETE_DUTY = "\nDELETE FROM validator_duties\nWHERE validator_address = $1\n  AND slot = $2\n  AND duty_type = $3\n  AND block_index_within_checkpoint = $4\n  AND status = 'signing'\n  AND lock_token = $5;\n";
 /**
  * Query to clean up old signed duties (for maintenance)
  * Removes signed duties older than a specified timestamp
@@ -81,5 +85,5 @@ export declare const DROP_SCHEMA_VERSION_TABLE = "DROP TABLE IF EXISTS schema_ve
  * Query to get stuck duties (for monitoring/alerting)
  * Returns duties in 'signing' status that have been stuck for too long
  */
-export declare const GET_STUCK_DUTIES = "\nSELECT\n  validator_address,\n  slot,\n  block_number,\n  duty_type,\n  status,\n  message_hash,\n  node_id,\n  started_at,\n  EXTRACT(EPOCH FROM (CURRENT_TIMESTAMP - started_at)) as age_seconds\nFROM validator_duties\nWHERE status = 'signing'\n  AND started_at < $1\nORDER BY started_at ASC;\n";
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NoZW1hLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZGIvc2NoZW1hLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7Ozs7R0FNRztBQUVIOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGNBQWMsSUFBSSxDQUFDO0FBRWhDOztHQUVHO0FBQ0gsZUFBTyxNQUFNLDZCQUE2QixpdEJBa0J6QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sbUJBQW1CLHlHQUcvQixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0saUJBQWlCLHdHQUc3QixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sMkJBQTJCLG1KQUt2QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0scUJBQXFCLDZGQUlqQyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sWUFBWSw0akNBS2YsQ0FBQztBQUVYOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGtCQUFrQiwwRUFFOUIsQ0FBQztBQUVGOzs7Ozs7R0FNRztBQUNILGVBQU8sTUFBTSxrQkFBa0IsMDhCQWtEOUIsQ0FBQztBQUVGOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGtCQUFrQiwwT0FVOUIsQ0FBQztBQUVGOzs7R0FHRztBQUNILGVBQU8sTUFBTSxXQUFXLDRKQU92QixDQUFDO0FBRUY7OztHQUdHO0FBQ0gsZUFBTyxNQUFNLHlCQUF5Qix3RkFJckMsQ0FBQztBQUVGOzs7R0FHRztBQUNILGVBQU8sTUFBTSxrQkFBa0IsOEdBSTlCLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sd0JBQXdCLDJHQUtwQyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sMkJBQTJCLDJDQUEyQyxDQUFDO0FBRXBGOztHQUVHO0FBQ0gsZUFBTyxNQUFNLHlCQUF5Qix5Q0FBeUMsQ0FBQztBQUVoRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sZ0JBQWdCLDZTQWU1QixDQUFDIn0=
+export declare const GET_STUCK_DUTIES = "\nSELECT\n  validator_address,\n  slot,\n  block_number,\n  block_index_within_checkpoint,\n  duty_type,\n  status,\n  message_hash,\n  node_id,\n  started_at,\n  EXTRACT(EPOCH FROM (CURRENT_TIMESTAMP - started_at)) as age_seconds\nFROM validator_duties\nWHERE status = 'signing'\n  AND started_at < $1\nORDER BY started_at ASC;\n";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NoZW1hLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZGIvc2NoZW1hLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7Ozs7R0FNRztBQUVIOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGNBQWMsSUFBSSxDQUFDO0FBRWhDOztHQUVHO0FBQ0gsZUFBTyxNQUFNLDZCQUE2Qix3MkJBbUJ6QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sbUJBQW1CLHlHQUcvQixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0saUJBQWlCLHdHQUc3QixDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sMkJBQTJCLG1KQUt2QyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0scUJBQXFCLDZGQUlqQyxDQUFDO0FBRUY7O0dBRUc7QUFDSCxlQUFPLE1BQU0sWUFBWSxtdENBS2YsQ0FBQztBQUVYOztHQUVHO0FBQ0gsZUFBTyxNQUFNLGtCQUFrQiwwRUFFOUIsQ0FBQztBQUVGOzs7Ozs7Ozs7O0dBVUc7QUFDSCxlQUFPLE1BQU0sa0JBQWtCLGlvQ0FzRDlCLENBQUM7QUFFRjs7R0FFRztBQUNILGVBQU8sTUFBTSxrQkFBa0Isb1JBVzlCLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sV0FBVyxzTUFRdkIsQ0FBQztBQUVGOzs7R0FHRztBQUNILGVBQU8sTUFBTSx5QkFBeUIsd0ZBSXJDLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxlQUFPLE1BQU0sa0JBQWtCLDhHQUk5QixDQUFDO0FBRUY7OztHQUdHO0FBQ0gsZUFBTyxNQUFNLHdCQUF3QiwyR0FLcEMsQ0FBQztBQUVGOztHQUVHO0FBQ0gsZUFBTyxNQUFNLDJCQUEyQiwyQ0FBMkMsQ0FBQztBQUVwRjs7R0FFRztBQUNILGVBQU8sTUFBTSx5QkFBeUIseUNBQXlDLENBQUM7QUFFaEY7OztHQUdHO0FBQ0gsZUFBTyxNQUFNLGdCQUFnQiwrVUFnQjVCLENBQUMifQ==

package/dest/db/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/db/schema.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;GAEG;AACH,eAAO,MAAM,cAAc,IAAI,CAAC;AAEhC;;GAEG;AACH,eAAO,MAAM,6BAA6B,itBAkBzC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,mBAAmB,yGAG/B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,wGAG7B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,mJAKvC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,qBAAqB,6FAIjC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,4jCAKf,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,kBAAkB,0EAE9B,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB,08BAkD9B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,kBAAkB,0OAU9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,WAAW,4JAOvB,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,yBAAyB,wFAIrC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,8GAI9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,wBAAwB,2GAKpC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,2CAA2C,CAAC;AAEpF;;GAEG;AACH,eAAO,MAAM,yBAAyB,yCAAyC,CAAC;AAEhF;;;GAGG;AACH,eAAO,MAAM,gBAAgB,6SAe5B,CAAC"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/db/schema.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;GAEG;AACH,eAAO,MAAM,cAAc,IAAI,CAAC;AAEhC;;GAEG;AACH,eAAO,MAAM,6BAA6B,w2BAmBzC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,mBAAmB,yGAG/B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,wGAG7B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,mJAKvC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,qBAAqB,6FAIjC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,mtCAKf,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,kBAAkB,0EAE9B,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,kBAAkB,ioCAsD9B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,kBAAkB,oRAW9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,WAAW,sMAQvB,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,yBAAyB,wFAIrC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,8GAI9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,wBAAwB,2GAKpC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,2CAA2C,CAAC;AAEpF;;GAEG;AACH,eAAO,MAAM,yBAAyB,yCAAyC,CAAC;AAEhF;;;GAGG;AACH,eAAO,MAAM,gBAAgB,+UAgB5B,CAAC"}