@aztec/validator-ha-signer 0.0.1-commit.aada20e3 → 0.0.1-commit.b33fc05d0

package/dest/db/types.js

@@ -1,16 +1,6 @@
-/**
- * Type of validator duty being performed
- */ export var DutyType = /*#__PURE__*/ function(DutyType) {
-    DutyType["BLOCK_PROPOSAL"] = "BLOCK_PROPOSAL";
-    DutyType["CHECKPOINT_PROPOSAL"] = "CHECKPOINT_PROPOSAL";
-    DutyType["ATTESTATION"] = "ATTESTATION";
-    DutyType["ATTESTATIONS_AND_SIGNERS"] = "ATTESTATIONS_AND_SIGNERS";
-    DutyType["GOVERNANCE_VOTE"] = "GOVERNANCE_VOTE";
-    DutyType["SLASHING_VOTE"] = "SLASHING_VOTE";
-    DutyType["AUTH_REQUEST"] = "AUTH_REQUEST";
-    DutyType["TXS"] = "TXS";
-    return DutyType;
-}({});
+import { BlockNumber, SlotNumber } from '@aztec/foundation/branded-types';
+import { EthAddress } from '@aztec/foundation/eth-address';
+import { DutyType } from '@aztec/stdlib/ha-signing';
 /**
  * Status of a duty in the database
  */ export var DutyStatus = /*#__PURE__*/ function(DutyStatus) {
@@ -18,6 +8,31 @@
     DutyStatus["SIGNED"] = "signed";
     return DutyStatus;
 }({});
+// Re-export DutyType from stdlib
+export { DutyType };
+/**
+ * Convert a {@link StoredDutyRecord} (plain-primitive wire format) to a
+ * {@link ValidatorDutyRecord} (rich domain type).
+ *
+ * Shared by LMDB and any future non-Postgres backend implementations.
+ */ export function recordFromFields(stored) {
+    return {
+        rollupAddress: EthAddress.fromString(stored.rollupAddress),
+        validatorAddress: EthAddress.fromString(stored.validatorAddress),
+        slot: SlotNumber.fromString(stored.slot),
+        blockNumber: BlockNumber.fromString(stored.blockNumber),
+        blockIndexWithinCheckpoint: stored.blockIndexWithinCheckpoint,
+        dutyType: stored.dutyType,
+        status: stored.status,
+        messageHash: stored.messageHash,
+        signature: stored.signature,
+        nodeId: stored.nodeId,
+        lockToken: stored.lockToken,
+        startedAt: new Date(stored.startedAtMs),
+        completedAt: stored.completedAtMs !== undefined ? new Date(stored.completedAtMs) : undefined,
+        errorMessage: stored.errorMessage
+    };
+}
 /**
  * Validates and normalizes the block index for a duty.
  * - BLOCK_PROPOSAL: validates blockIndexWithinCheckpoint is provided and >= 0
@@ -25,7 +40,7 @@
  *
  * @throws Error if BLOCK_PROPOSAL is missing blockIndexWithinCheckpoint or has invalid value
  */ export function normalizeBlockIndex(dutyType, blockIndexWithinCheckpoint) {
-    if (dutyType === "BLOCK_PROPOSAL") {
+    if (dutyType === DutyType.BLOCK_PROPOSAL) {
         if (blockIndexWithinCheckpoint === undefined) {
             throw new Error('BLOCK_PROPOSAL duties require blockIndexWithinCheckpoint to be specified');
         }
@@ -42,7 +57,7 @@
  * - BLOCK_PROPOSAL: returns the blockIndexWithinCheckpoint
  * - Other duty types: returns -1
  */ export function getBlockIndexFromDutyIdentifier(duty) {
-    if (duty.dutyType === "BLOCK_PROPOSAL") {
+    if (duty.dutyType === DutyType.BLOCK_PROPOSAL) {
         return duty.blockIndexWithinCheckpoint;
     }
     return -1;

package/dest/factory.d.ts

@@ -1,5 +1,5 @@
-import type { ValidatorHASignerConfig } from './config.js';
-import type { CreateHASignerDeps, SlashingProtectionDatabase } from './types.js';
+import type { LocalSignerConfig, ValidatorHASignerConfig } from '@aztec/stdlib/ha-signing';
+import type { CreateHASignerDeps, CreateLocalSignerWithProtectionDeps, SlashingProtectionDatabase } from './types.js';
 import { ValidatorHASigner } from './validator_ha_signer.js';
 /**
  * Create a validator HA signer with PostgreSQL backend
@@ -16,7 +16,6 @@ import { ValidatorHASigner } from './validator_ha_signer.js';
  * ```typescript
  * const { signer, db } = await createHASigner({
  *   databaseUrl: process.env.DATABASE_URL,
- *   haSigningEnabled: true,
  *   nodeId: 'validator-node-1',
  *   pollingIntervalMs: 100,
  *   signingTimeoutMs: 3000,
@@ -39,4 +38,23 @@ export declare function createHASigner(config: ValidatorHASignerConfig, deps?: C
     signer: ValidatorHASigner;
     db: SlashingProtectionDatabase;
 }>;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZmFjdG9yeS5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2ZhY3RvcnkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBS0EsT0FBTyxLQUFLLEVBQUUsdUJBQXVCLEVBQUUsTUFBTSxhQUFhLENBQUM7QUFFM0QsT0FBTyxLQUFLLEVBQUUsa0JBQWtCLEVBQUUsMEJBQTBCLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFDakYsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFFN0Q7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQWlDRztBQUNILHdCQUFzQixjQUFjLENBQ2xDLE1BQU0sRUFBRSx1QkFBdUIsRUFDL0IsSUFBSSxDQUFDLEVBQUUsa0JBQWtCLEdBQ3hCLE9BQU8sQ0FBQztJQUNULE1BQU0sRUFBRSxpQkFBaUIsQ0FBQztJQUMxQixFQUFFLEVBQUUsMEJBQTBCLENBQUM7Q0FDaEMsQ0FBQyxDQStCRCJ9
+/**
+ * Create a local (single-node) signing protection signer backed by LMDB.
+ *
+ * This provides double-signing protection for nodes that are NOT running in a
+ * high-availability (multi-node) setup. It prevents a proposer from sending two
+ * proposals for the same slot if the node crashes and restarts mid-proposal.
+ *
+ * When `config.dataDirectory` is set, the protection database is persisted to disk
+ * and survives crashes/restarts. When unset, an ephemeral in-memory store is
+ * used which protects within a single run but not across restarts.
+ *
+ * @param config - Local signer config
+ * @param deps - Optional dependencies (telemetry, date provider).
+ * @returns An object containing the signer and database instances.
+ */
+export declare function createLocalSignerWithProtection(config: LocalSignerConfig, deps?: CreateLocalSignerWithProtectionDeps): Promise<{
+    signer: ValidatorHASigner;
+    db: SlashingProtectionDatabase;
+}>;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZmFjdG9yeS5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2ZhY3RvcnkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBS0EsT0FBTyxLQUFLLEVBQUUsaUJBQWlCLEVBQUUsdUJBQXVCLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQVEzRixPQUFPLEtBQUssRUFBRSxrQkFBa0IsRUFBRSxtQ0FBbUMsRUFBRSwwQkFBMEIsRUFBRSxNQUFNLFlBQVksQ0FBQztBQUN0SCxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUU3RDs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0FnQ0c7QUFDSCx3QkFBc0IsY0FBYyxDQUNsQyxNQUFNLEVBQUUsdUJBQXVCLEVBQy9CLElBQUksQ0FBQyxFQUFFLGtCQUFrQixHQUN4QixPQUFPLENBQUM7SUFDVCxNQUFNLEVBQUUsaUJBQWlCLENBQUM7SUFDMUIsRUFBRSxFQUFFLDBCQUEwQixDQUFDO0NBQ2hDLENBQUMsQ0FzQ0Q7QUFFRDs7Ozs7Ozs7Ozs7Ozs7R0FjRztBQUNILHdCQUFzQiwrQkFBK0IsQ0FDbkQsTUFBTSxFQUFFLGlCQUFpQixFQUN6QixJQUFJLENBQUMsRUFBRSxtQ0FBbUMsR0FDekMsT0FBTyxDQUFDO0lBQ1QsTUFBTSxFQUFFLGlCQUFpQixDQUFDO0lBQzFCLEVBQUUsRUFBRSwwQkFBMEIsQ0FBQztDQUNoQyxDQUFDLENBc0JEIn0=

package/dest/factory.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"factory.d.ts","sourceRoot":"","sources":["../src/factory.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAE3D,OAAO,KAAK,EAAE,kBAAkB,EAAE,0BAA0B,EAAE,MAAM,YAAY,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAE7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,wBAAsB,cAAc,CAClC,MAAM,EAAE,uBAAuB,EAC/B,IAAI,CAAC,EAAE,kBAAkB,GACxB,OAAO,CAAC;IACT,MAAM,EAAE,iBAAiB,CAAC;IAC1B,EAAE,EAAE,0BAA0B,CAAC;CAChC,CAAC,CA+BD"}
+{"version":3,"file":"factory.d.ts","sourceRoot":"","sources":["../src/factory.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AAQ3F,OAAO,KAAK,EAAE,kBAAkB,EAAE,mCAAmC,EAAE,0BAA0B,EAAE,MAAM,YAAY,CAAC;AACtH,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAE7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,wBAAsB,cAAc,CAClC,MAAM,EAAE,uBAAuB,EAC/B,IAAI,CAAC,EAAE,kBAAkB,GACxB,OAAO,CAAC;IACT,MAAM,EAAE,iBAAiB,CAAC;IAC1B,EAAE,EAAE,0BAA0B,CAAC;CAChC,CAAC,CAsCD;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,+BAA+B,CACnD,MAAM,EAAE,iBAAiB,EACzB,IAAI,CAAC,EAAE,mCAAmC,GACzC,OAAO,CAAC;IACT,MAAM,EAAE,iBAAiB,CAAC;IAC1B,EAAE,EAAE,0BAA0B,CAAC;CAChC,CAAC,CAsBD"}

package/dest/factory.js

@@ -1,7 +1,12 @@
 /**
  * Factory functions for creating validator HA signers
- */ import { Pool } from 'pg';
+ */ import { DateProvider } from '@aztec/foundation/timer';
+import { createStore } from '@aztec/kv-store/lmdb-v2';
+import { getTelemetryClient } from '@aztec/telemetry-client';
+import { Pool } from 'pg';
+import { LmdbSlashingProtectionDatabase } from './db/lmdb.js';
 import { PostgresSlashingProtectionDatabase } from './db/postgres.js';
+import { HASignerMetrics } from './metrics.js';
 import { ValidatorHASigner } from './validator_ha_signer.js';
 /**
  * Create a validator HA signer with PostgreSQL backend
@@ -18,7 +23,6 @@ import { ValidatorHASigner } from './validator_ha_signer.js';
  * ```typescript
  * const { signer, db } = await createHASigner({
  *   databaseUrl: process.env.DATABASE_URL,
- *   haSigningEnabled: true,
  *   nodeId: 'validator-node-1',
  *   pollingIntervalMs: 100,
  *   signingTimeoutMs: 3000,
@@ -41,6 +45,8 @@ import { ValidatorHASigner } from './validator_ha_signer.js';
     if (!databaseUrl) {
         throw new Error('databaseUrl is required for createHASigner');
     }
+    const telemetryClient = deps?.telemetryClient ?? getTelemetryClient();
+    const dateProvider = deps?.dateProvider ?? new DateProvider();
     // Create connection pool (or use provided pool)
     let pool;
     if (!deps?.pool) {
@@ -58,10 +64,49 @@ import { ValidatorHASigner } from './validator_ha_signer.js';
     const db = new PostgresSlashingProtectionDatabase(pool);
     // Verify database schema is initialized and version matches
     await db.initialize();
+    // Create metrics
+    const metrics = new HASignerMetrics(telemetryClient, signerConfig.nodeId);
     // Create signer
-    const signer = new ValidatorHASigner(db, {
-        ...signerConfig,
-        databaseUrl
+    const signer = new ValidatorHASigner(db, signerConfig, {
+        metrics,
+        dateProvider
+    });
+    return {
+        signer,
+        db
+    };
+}
+/**
+ * Create a local (single-node) signing protection signer backed by LMDB.
+ *
+ * This provides double-signing protection for nodes that are NOT running in a
+ * high-availability (multi-node) setup. It prevents a proposer from sending two
+ * proposals for the same slot if the node crashes and restarts mid-proposal.
+ *
+ * When `config.dataDirectory` is set, the protection database is persisted to disk
+ * and survives crashes/restarts. When unset, an ephemeral in-memory store is
+ * used which protects within a single run but not across restarts.
+ *
+ * @param config - Local signer config
+ * @param deps - Optional dependencies (telemetry, date provider).
+ * @returns An object containing the signer and database instances.
+ */ export async function createLocalSignerWithProtection(config, deps) {
+    const telemetryClient = deps?.telemetryClient ?? getTelemetryClient();
+    const dateProvider = deps?.dateProvider ?? new DateProvider();
+    const kvStore = await createStore('signing-protection', LmdbSlashingProtectionDatabase.SCHEMA_VERSION, {
+        dataDirectory: config.dataDirectory,
+        dataStoreMapSizeKb: config.signingProtectionMapSizeKb ?? config.dataStoreMapSizeKb,
+        l1Contracts: config.l1Contracts
+    });
+    const db = new LmdbSlashingProtectionDatabase(kvStore, dateProvider);
+    const signerConfig = {
+        ...config,
+        nodeId: config.nodeId || 'local'
+    };
+    const metrics = new HASignerMetrics(telemetryClient, signerConfig.nodeId, 'LocalSigningProtectionMetrics');
+    const signer = new ValidatorHASigner(db, signerConfig, {
+        metrics,
+        dateProvider
     });
     return {
         signer,

package/dest/metrics.d.ts

@@ -0,0 +1,51 @@
+import { type TelemetryClient } from '@aztec/telemetry-client';
+export type HACleanupType = 'stuck' | 'old' | 'outdated_rollup';
+/**
+ * Metrics for HA signer tracking signing operations, lock acquisition, and cleanup.
+ */
+export declare class HASignerMetrics {
+    private nodeId;
+    private signingDuration;
+    private signingSuccessCount;
+    private dutyAlreadySignedCount;
+    private slashingProtectionCount;
+    private signingErrorCount;
+    private lockAcquiredCount;
+    private cleanupStuckDutiesCount;
+    private cleanupOldDutiesCount;
+    private cleanupOutdatedRollupDutiesCount;
+    constructor(client: TelemetryClient, nodeId: string, name?: string);
+    /**
+     * Record a successful signing operation.
+     * @param dutyType - The type of duty signed
+     * @param durationMs - Duration from start of signWithProtection to completion
+     */
+    recordSigningSuccess(dutyType: string, durationMs: number): void;
+    /**
+     * Record a DutyAlreadySignedError (expected in HA; another node signed first).
+     * @param dutyType - The type of duty
+     */
+    recordDutyAlreadySigned(dutyType: string): void;
+    /**
+     * Record a SlashingProtectionError (attempted to sign different data for same duty).
+     * @param dutyType - The type of duty
+     */
+    recordSlashingProtection(dutyType: string): void;
+    /**
+     * Record a signing function failure (lock will be deleted for retry).
+     * @param dutyType - The type of duty
+     */
+    recordSigningError(dutyType: string): void;
+    /**
+     * Record lock acquisition.
+     * @param acquired - Whether a new lock was acquired (true) or existing record found (false)
+     */
+    recordLockAcquire(acquired: boolean): void;
+    /**
+     * Record cleanup metrics.
+     * @param type - Type of cleanup
+     * @param count - Number of duties cleaned up
+     */
+    recordCleanup(type: HACleanupType, count: number): void;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWV0cmljcy5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL21ldHJpY3MudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUlMLEtBQUssZUFBZSxFQUdyQixNQUFNLHlCQUF5QixDQUFDO0FBRWpDLE1BQU0sTUFBTSxhQUFhLEdBQUcsT0FBTyxHQUFHLEtBQUssR0FBRyxpQkFBaUIsQ0FBQztBQUVoRTs7R0FFRztBQUNILHFCQUFhLGVBQWU7SUFrQnhCLE9BQU8sQ0FBQyxNQUFNO0lBaEJoQixPQUFPLENBQUMsZUFBZSxDQUFZO0lBQ25DLE9BQU8sQ0FBQyxtQkFBbUIsQ0FBZ0I7SUFDM0MsT0FBTyxDQUFDLHNCQUFzQixDQUFnQjtJQUM5QyxPQUFPLENBQUMsdUJBQXVCLENBQWdCO0lBQy9DLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBZ0I7SUFHekMsT0FBTyxDQUFDLGlCQUFpQixDQUFnQjtJQUd6QyxPQUFPLENBQUMsdUJBQXVCLENBQWdCO0lBQy9DLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBZ0I7SUFDN0MsT0FBTyxDQUFDLGdDQUFnQyxDQUFnQjtJQUV4RCxZQUNFLE1BQU0sRUFBRSxlQUFlLEVBQ2YsTUFBTSxFQUFFLE1BQU0sRUFDdEIsSUFBSSxTQUFvQixFQXFCekI7SUFFRDs7OztPQUlHO0lBQ0ksb0JBQW9CLENBQUMsUUFBUSxFQUFFLE1BQU0sRUFBRSxVQUFVLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FPdEU7SUFFRDs7O09BR0c7SUFDSSx1QkFBdUIsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FNckQ7SUFFRDs7O09BR0c7SUFDSSx3QkFBd0IsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FNdEQ7SUFFRDs7O09BR0c7SUFDSSxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FNaEQ7SUFFRDs7O09BR0c7SUFDSSxpQkFBaUIsQ0FBQyxRQUFRLEVBQUUsT0FBTyxHQUFHLElBQUksQ0FPaEQ7SUFFRDs7OztPQUlHO0lBQ0ksYUFBYSxDQUFDLElBQUksRUFBRSxhQUFhLEVBQUUsS0FBSyxFQUFFLE1BQU0sR0FBRyxJQUFJLENBWTdEO0NBQ0YifQ==

package/dest/metrics.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metrics.d.ts","sourceRoot":"","sources":["../src/metrics.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,KAAK,eAAe,EAGrB,MAAM,yBAAyB,CAAC;AAEjC,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,KAAK,GAAG,iBAAiB,CAAC;AAEhE;;GAEG;AACH,qBAAa,eAAe;IAkBxB,OAAO,CAAC,MAAM;IAhBhB,OAAO,CAAC,eAAe,CAAY;IACnC,OAAO,CAAC,mBAAmB,CAAgB;IAC3C,OAAO,CAAC,sBAAsB,CAAgB;IAC9C,OAAO,CAAC,uBAAuB,CAAgB;IAC/C,OAAO,CAAC,iBAAiB,CAAgB;IAGzC,OAAO,CAAC,iBAAiB,CAAgB;IAGzC,OAAO,CAAC,uBAAuB,CAAgB;IAC/C,OAAO,CAAC,qBAAqB,CAAgB;IAC7C,OAAO,CAAC,gCAAgC,CAAgB;IAExD,YACE,MAAM,EAAE,eAAe,EACf,MAAM,EAAE,MAAM,EACtB,IAAI,SAAoB,EAqBzB;IAED;;;;OAIG;IACI,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,CAOtE;IAED;;;OAGG;IACI,uBAAuB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMrD;IAED;;;OAGG;IACI,wBAAwB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMtD;IAED;;;OAGG;IACI,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMhD;IAED;;;OAGG;IACI,iBAAiB,CAAC,QAAQ,EAAE,OAAO,GAAG,IAAI,CAOhD;IAED;;;;OAIG;IACI,aAAa,CAAC,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAY7D;CACF"}

package/dest/metrics.js

@@ -0,0 +1,103 @@
+import { Attributes, Metrics, createUpDownCounterWithDefault } from '@aztec/telemetry-client';
+/**
+ * Metrics for HA signer tracking signing operations, lock acquisition, and cleanup.
+ */ export class HASignerMetrics {
+    nodeId;
+    // Signing lifecycle metrics
+    signingDuration;
+    signingSuccessCount;
+    dutyAlreadySignedCount;
+    slashingProtectionCount;
+    signingErrorCount;
+    // Lock acquisition metrics
+    lockAcquiredCount;
+    // Cleanup metrics
+    cleanupStuckDutiesCount;
+    cleanupOldDutiesCount;
+    cleanupOutdatedRollupDutiesCount;
+    constructor(client, nodeId, name = 'HASignerMetrics'){
+        this.nodeId = nodeId;
+        const meter = client.getMeter(name);
+        // Signing lifecycle
+        this.signingDuration = meter.createHistogram(Metrics.HA_SIGNER_SIGNING_DURATION);
+        this.signingSuccessCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_SIGNING_SUCCESS_COUNT);
+        this.dutyAlreadySignedCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_DUTY_ALREADY_SIGNED_COUNT);
+        this.slashingProtectionCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_SLASHING_PROTECTION_COUNT);
+        this.signingErrorCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_SIGNING_ERROR_COUNT);
+        // Lock acquisition
+        this.lockAcquiredCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_LOCK_ACQUIRED_COUNT);
+        // Cleanup
+        this.cleanupStuckDutiesCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_CLEANUP_STUCK_DUTIES_COUNT);
+        this.cleanupOldDutiesCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_CLEANUP_OLD_DUTIES_COUNT);
+        this.cleanupOutdatedRollupDutiesCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_CLEANUP_OUTDATED_ROLLUP_DUTIES_COUNT);
+    }
+    /**
+   * Record a successful signing operation.
+   * @param dutyType - The type of duty signed
+   * @param durationMs - Duration from start of signWithProtection to completion
+   */ recordSigningSuccess(dutyType, durationMs) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.signingSuccessCount.add(1, attributes);
+        this.signingDuration.record(durationMs, attributes);
+    }
+    /**
+   * Record a DutyAlreadySignedError (expected in HA; another node signed first).
+   * @param dutyType - The type of duty
+   */ recordDutyAlreadySigned(dutyType) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.dutyAlreadySignedCount.add(1, attributes);
+    }
+    /**
+   * Record a SlashingProtectionError (attempted to sign different data for same duty).
+   * @param dutyType - The type of duty
+   */ recordSlashingProtection(dutyType) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.slashingProtectionCount.add(1, attributes);
+    }
+    /**
+   * Record a signing function failure (lock will be deleted for retry).
+   * @param dutyType - The type of duty
+   */ recordSigningError(dutyType) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.signingErrorCount.add(1, attributes);
+    }
+    /**
+   * Record lock acquisition.
+   * @param acquired - Whether a new lock was acquired (true) or existing record found (false)
+   */ recordLockAcquire(acquired) {
+        if (acquired) {
+            const attributes = {
+                [Attributes.HA_NODE_ID]: this.nodeId
+            };
+            this.lockAcquiredCount.add(1, attributes);
+        }
+    }
+    /**
+   * Record cleanup metrics.
+   * @param type - Type of cleanup
+   * @param count - Number of duties cleaned up
+   */ recordCleanup(type, count) {
+        const attributes = {
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        if (type === 'stuck') {
+            this.cleanupStuckDutiesCount.add(count, attributes);
+        } else if (type === 'old') {
+            this.cleanupOldDutiesCount.add(count, attributes);
+        } else if (type === 'outdated_rollup') {
+            this.cleanupOutdatedRollupDutiesCount.add(count, attributes);
+        }
+    }
+}

package/dest/slashing_protection_service.d.ts

@@ -1,5 +1,12 @@
+import type { DateProvider } from '@aztec/foundation/timer';
+import type { BaseSignerConfig } from '@aztec/stdlib/ha-signing';
 import { type CheckAndRecordParams, type DeleteDutyParams, type RecordSuccessParams } from './db/types.js';
-import type { SlashingProtectionDatabase, ValidatorHASignerConfig } from './types.js';
+import type { HASignerMetrics } from './metrics.js';
+import type { SlashingProtectionDatabase } from './types.js';
+export interface SlashingProtectionServiceDeps {
+    metrics: HASignerMetrics;
+    dateProvider: DateProvider;
+}
 /**
  * Slashing Protection Service
  *
@@ -22,9 +29,11 @@ export declare class SlashingProtectionService {
     private readonly pollingIntervalMs;
     private readonly signingTimeoutMs;
     private readonly maxStuckDutiesAgeMs;
+    private readonly metrics;
+    private readonly dateProvider;
     private cleanupRunningPromise;
     private lastOldDutiesCleanupAtMs?;
-    constructor(db: SlashingProtectionDatabase, config: ValidatorHASignerConfig);
+    constructor(db: SlashingProtectionDatabase, config: BaseSignerConfig, deps: SlashingProtectionServiceDeps);
     /**
      * Check if a duty can be performed and acquire the lock if so.
      *
@@ -81,4 +90,4 @@ export declare class SlashingProtectionService {
     close(): Promise<void>;
     private cleanup;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQVVBLE9BQU8sRUFDTCxLQUFLLG9CQUFvQixFQUN6QixLQUFLLGdCQUFnQixFQUVyQixLQUFLLG1CQUFtQixFQUV6QixNQUFNLGVBQWUsQ0FBQztBQUV2QixPQUFPLEtBQUssRUFBRSwwQkFBMEIsRUFBRSx1QkFBdUIsRUFBRSxNQUFNLFlBQVksQ0FBQztBQUV0Rjs7Ozs7Ozs7Ozs7Ozs7R0FjRztBQUNILHFCQUFhLHlCQUF5QjtJQVVsQyxPQUFPLENBQUMsUUFBUSxDQUFDLEVBQUU7SUFDbkIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNO0lBVnpCLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFTO0lBQzdCLE9BQU8sQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQVM7SUFDM0MsT0FBTyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBUztJQUMxQyxPQUFPLENBQUMsUUFBUSxDQUFDLG1CQUFtQixDQUFTO0lBRTdDLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBaUI7SUFDOUMsT0FBTyxDQUFDLHdCQUF3QixDQUFDLENBQVM7SUFFMUMsWUFDbUIsRUFBRSxFQUFFLDBCQUEwQixFQUM5QixNQUFNLEVBQUUsdUJBQXVCLEVBU2pEO0lBRUQ7Ozs7Ozs7Ozs7Ozs7O09BY0c7SUFDRyxjQUFjLENBQUMsTUFBTSxFQUFFLG9CQUFvQixHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FpRWxFO0lBRUQ7Ozs7OztPQU1HO0lBQ0csYUFBYSxDQUFDLE1BQU0sRUFBRSxtQkFBbUIsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLENBMkJqRTtJQUVEOzs7Ozs7T0FNRztJQUNHLFVBQVUsQ0FBQyxNQUFNLEVBQUUsZ0JBQWdCLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQXdCM0Q7SUFFRDs7T0FFRztJQUNILElBQUksTUFBTSxJQUFJLE1BQU0sQ0FFbkI7SUFFRDs7O09BR0c7SUFDSDs7O09BR0c7SUFDRyxLQUFLLGtCQVdWO0lBRUQ7O09BRUc7SUFDRyxJQUFJLGtCQUdUO0lBRUQ7OztPQUdHO0lBQ0csS0FBSyxrQkFHVjtZQU1hLE9BQU87Q0E2QnRCIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQVNBLE9BQU8sS0FBSyxFQUFFLFlBQVksRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzVELE9BQU8sS0FBSyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFFakUsT0FBTyxFQUNMLEtBQUssb0JBQW9CLEVBQ3pCLEtBQUssZ0JBQWdCLEVBRXJCLEtBQUssbUJBQW1CLEVBRXpCLE1BQU0sZUFBZSxDQUFDO0FBRXZCLE9BQU8sS0FBSyxFQUFFLGVBQWUsRUFBRSxNQUFNLGNBQWMsQ0FBQztBQUNwRCxPQUFPLEtBQUssRUFBRSwwQkFBMEIsRUFBRSxNQUFNLFlBQVksQ0FBQztBQUU3RCxNQUFNLFdBQVcsNkJBQTZCO0lBQzVDLE9BQU8sRUFBRSxlQUFlLENBQUM7SUFDekIsWUFBWSxFQUFFLFlBQVksQ0FBQztDQUM1QjtBQUVEOzs7Ozs7Ozs7Ozs7OztHQWNHO0FBQ0gscUJBQWEseUJBQXlCO0lBYWxDLE9BQU8sQ0FBQyxRQUFRLENBQUMsRUFBRTtJQUNuQixPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU07SUFiekIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQVM7SUFDN0IsT0FBTyxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsQ0FBUztJQUMzQyxPQUFPLENBQUMsUUFBUSxDQUFDLGdCQUFnQixDQUFTO0lBQzFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsbUJBQW1CLENBQVM7SUFFN0MsT0FBTyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQWtCO0lBQzFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsWUFBWSxDQUFlO0lBRTVDLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBaUI7SUFDOUMsT0FBTyxDQUFDLHdCQUF3QixDQUFDLENBQVM7SUFFMUMsWUFDbUIsRUFBRSxFQUFFLDBCQUEwQixFQUM5QixNQUFNLEVBQUUsZ0JBQWdCLEVBQ3pDLElBQUksRUFBRSw2QkFBNkIsRUFXcEM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7T0FjRztJQUNHLGNBQWMsQ0FBQyxNQUFNLEVBQUUsb0JBQW9CLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQXFFbEU7SUFFRDs7Ozs7O09BTUc7SUFDRyxhQUFhLENBQUMsTUFBTSxFQUFFLG1CQUFtQixHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0EyQmpFO0lBRUQ7Ozs7OztPQU1HO0lBQ0csVUFBVSxDQUFDLE1BQU0sRUFBRSxnQkFBZ0IsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLENBd0IzRDtJQUVEOztPQUVHO0lBQ0gsSUFBSSxNQUFNLElBQUksTUFBTSxDQUVuQjtJQUVEOzs7T0FHRztJQUNIOzs7T0FHRztJQUNHLEtBQUssa0JBWVY7SUFFRDs7T0FFRztJQUNHLElBQUksa0JBR1Q7SUFFRDs7O09BR0c7SUFDRyxLQUFLLGtCQUdWO1lBTWEsT0FBTztDQStCdEIifQ==

package/dest/slashing_protection_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"slashing_protection_service.d.ts","sourceRoot":"","sources":["../src/slashing_protection_service.ts"],"names":[],"mappings":"AAUA,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EAErB,KAAK,mBAAmB,EAEzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAAE,0BAA0B,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAEtF;;;;;;;;;;;;;;GAcG;AACH,qBAAa,yBAAyB;IAUlC,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM;IAVzB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAS;IAE7C,OAAO,CAAC,qBAAqB,CAAiB;IAC9C,OAAO,CAAC,wBAAwB,CAAC,CAAS;IAE1C,YACmB,EAAE,EAAE,0BAA0B,EAC9B,MAAM,EAAE,uBAAuB,EASjD;IAED;;;;;;;;;;;;;;OAcG;IACG,cAAc,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,MAAM,CAAC,CAiElE;IAED;;;;;;OAMG;IACG,aAAa,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,CA2BjE;IAED;;;;;;OAMG;IACG,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC,CAwB3D;IAED;;OAEG;IACH,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED;;;OAGG;IACH;;;OAGG;IACG,KAAK,kBAWV;IAED;;OAEG;IACG,IAAI,kBAGT;IAED;;;OAGG;IACG,KAAK,kBAGV;YAMa,OAAO;CA6BtB"}
+{"version":3,"file":"slashing_protection_service.d.ts","sourceRoot":"","sources":["../src/slashing_protection_service.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EAErB,KAAK,mBAAmB,EAEzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,YAAY,CAAC;AAE7D,MAAM,WAAW,6BAA6B;IAC5C,OAAO,EAAE,eAAe,CAAC;IACzB,YAAY,EAAE,YAAY,CAAC;CAC5B;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,yBAAyB;IAalC,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM;IAbzB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAS;IAE7C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAkB;IAC1C,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAE5C,OAAO,CAAC,qBAAqB,CAAiB;IAC9C,OAAO,CAAC,wBAAwB,CAAC,CAAS;IAE1C,YACmB,EAAE,EAAE,0BAA0B,EAC9B,MAAM,EAAE,gBAAgB,EACzC,IAAI,EAAE,6BAA6B,EAWpC;IAED;;;;;;;;;;;;;;OAcG;IACG,cAAc,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,MAAM,CAAC,CAqElE;IAED;;;;;;OAMG;IACG,aAAa,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,CA2BjE;IAED;;;;;;OAMG;IACG,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC,CAwB3D;IAED;;OAEG;IACH,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED;;;OAGG;IACH;;;OAGG;IACG,KAAK,kBAYV;IAED;;OAEG;IACG,IAAI,kBAGT;IAED;;;OAGG;IACG,KAAK,kBAGV;YAMa,OAAO;CA+BtB"}

package/dest/slashing_protection_service.js

@@ -29,9 +29,11 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
     pollingIntervalMs;
     signingTimeoutMs;
     maxStuckDutiesAgeMs;
+    metrics;
+    dateProvider;
     cleanupRunningPromise;
     lastOldDutiesCleanupAtMs;
-    constructor(db, config){
+    constructor(db, config, deps){
         this.db = db;
         this.config = config;
         this.log = createLogger('slashing-protection');
@@ -40,6 +42,8 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
         // Default to 144s (2x 72s Aztec slot duration) if not explicitly configured
         this.maxStuckDutiesAgeMs = config.maxStuckDutiesAgeMs ?? 144_000;
         this.cleanupRunningPromise = new RunningPromise(this.cleanup.bind(this), this.log, this.maxStuckDutiesAgeMs);
+        this.metrics = deps.metrics;
+        this.dateProvider = deps.dateProvider;
     }
     /**
    * Check if a duty can be performed and acquire the lock if so.
@@ -57,7 +61,7 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
    * @throws SlashingProtectionError if attempting to sign different data for same slot/duty
    */ async checkAndRecord(params) {
         const { validatorAddress, slot, dutyType, messageHash, nodeId } = params;
-        const startTime = Date.now();
+        const startTime = this.dateProvider.now();
         this.log.debug(`Checking duty: ${dutyType} for slot ${slot}`, {
             validatorAddress: validatorAddress.toString(),
             nodeId
@@ -67,10 +71,11 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
             const { isNew, record } = await this.db.tryInsertOrGetExisting(params);
             if (isNew) {
                 // We successfully acquired the lock
-                this.log.info(`Acquired lock for duty ${dutyType} at slot ${slot}`, {
+                this.log.verbose(`Acquired lock for duty ${dutyType} at slot ${slot}`, {
                     validatorAddress: validatorAddress.toString(),
                     nodeId
                 });
+                this.metrics.recordLockAcquire(true);
                 return record.lockToken;
             }
             // Record already exists - handle based on status
@@ -84,17 +89,20 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
                         existingNodeId: record.nodeId,
                         attemptingNodeId: nodeId
                     });
+                    this.metrics.recordSlashingProtection(dutyType);
                     throw new SlashingProtectionError(slot, dutyType, record.blockIndexWithinCheckpoint, record.messageHash, messageHash, record.nodeId);
                 }
+                this.metrics.recordDutyAlreadySigned(dutyType);
                 throw new DutyAlreadySignedError(slot, dutyType, record.blockIndexWithinCheckpoint, record.nodeId);
             } else if (record.status === DutyStatus.SIGNING) {
                 // Another node is currently signing - check for timeout
-                if (Date.now() - startTime > this.signingTimeoutMs) {
+                if (this.dateProvider.now() - startTime > this.signingTimeoutMs) {
                     this.log.warn(`Timeout waiting for signing to complete for duty ${dutyType} at slot ${slot}`, {
                         validatorAddress: validatorAddress.toString(),
                         timeoutMs: this.signingTimeoutMs,
                         signingNodeId: record.nodeId
                     });
+                    this.metrics.recordDutyAlreadySigned(dutyType);
                     throw new DutyAlreadySignedError(slot, dutyType, record.blockIndexWithinCheckpoint, 'unknown (timeout)');
                 }
                 // Wait and poll
@@ -120,7 +128,7 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
         const blockIndexWithinCheckpoint = getBlockIndexFromDutyIdentifier(params);
         const success = await this.db.updateDutySigned(rollupAddress, validatorAddress, slot, dutyType, signature.toString(), lockToken, blockIndexWithinCheckpoint);
         if (success) {
-            this.log.info(`Recorded successful signing for duty ${dutyType} at slot ${slot}`, {
+            this.log.verbose(`Recorded successful signing for duty ${dutyType} at slot ${slot}`, {
                 validatorAddress: validatorAddress.toString(),
                 nodeId
             });
@@ -171,6 +179,7 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
             this.log.info(`Cleaned up ${numOutdatedRollupDuties} duties with outdated rollup address at startup`, {
                 currentRollupAddress: this.config.l1Contracts.rollupAddress.toString()
             });
+            this.metrics.recordCleanup('outdated_rollup', numOutdatedRollupDuties);
         }
         this.cleanupRunningPromise.start();
         this.log.info('Slashing protection service started', {
@@ -203,12 +212,13 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
                 nodeId: this.config.nodeId,
                 maxStuckDutiesAgeMs: this.maxStuckDutiesAgeMs
             });
+            this.metrics.recordCleanup('stuck', numStuckDuties);
         }
         // 2. Clean up old signed duties if configured
         // we shouldn't run this as often as stuck duty cleanup.
         if (this.config.cleanupOldDutiesAfterHours !== undefined) {
             const maxAgeMs = this.config.cleanupOldDutiesAfterHours * 60 * 60 * 1000;
-            const nowMs = Date.now();
+            const nowMs = this.dateProvider.now();
             const shouldRun = this.lastOldDutiesCleanupAtMs === undefined || nowMs - this.lastOldDutiesCleanupAtMs >= maxAgeMs;
             if (shouldRun) {
                 const numOldDuties = await this.db.cleanupOldDuties(maxAgeMs);
@@ -218,6 +228,7 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
                         cleanupOldDutiesAfterHours: this.config.cleanupOldDutiesAfterHours,
                         maxAgeMs
                     });
+                    this.metrics.recordCleanup('old', numOldDuties);
                 }
             }
         }

package/dest/types.d.ts

@@ -1,10 +1,14 @@
-import { BlockNumber, type CheckpointNumber, type IndexWithinCheckpoint, type SlotNumber } from '@aztec/foundation/branded-types';
+import { SlotNumber } from '@aztec/foundation/branded-types';
 import type { EthAddress } from '@aztec/foundation/eth-address';
+import { DateProvider } from '@aztec/foundation/timer';
+import { DutyType, type HAProtectedSigningContext, type SigningContext, type ValidatorHASignerConfig, getBlockNumberFromSigningContext as getBlockNumberFromSigningContextFromStdlib, isHAProtectedContext } from '@aztec/stdlib/ha-signing';
+import type { TelemetryClient } from '@aztec/telemetry-client';
 import type { Pool } from 'pg';
-import type { ValidatorHASignerConfig } from './config.js';
-import { type BlockProposalDutyIdentifier, type CheckAndRecordParams, type DeleteDutyParams, type DutyIdentifier, type DutyRow, DutyType, type OtherDutyIdentifier, type RecordSuccessParams, type ValidatorDutyRecord } from './db/types.js';
-export type { BlockProposalDutyIdentifier, CheckAndRecordParams, DeleteDutyParams, DutyIdentifier, DutyRow, OtherDutyIdentifier, RecordSuccessParams, ValidatorDutyRecord, ValidatorHASignerConfig, };
+import type { BlockProposalDutyIdentifier, CheckAndRecordParams, DeleteDutyParams, DutyIdentifier, DutyRow, OtherDutyIdentifier, RecordSuccessParams, ValidatorDutyRecord } from './db/types.js';
+export type { BlockProposalDutyIdentifier, CheckAndRecordParams, DeleteDutyParams, DutyIdentifier, DutyRow, HAProtectedSigningContext, OtherDutyIdentifier, RecordSuccessParams, SigningContext, ValidatorDutyRecord, ValidatorHASignerConfig, };
 export { DutyStatus, DutyType, getBlockIndexFromDutyIdentifier, normalizeBlockIndex } from './db/types.js';
+export { isHAProtectedContext };
+export { getBlockNumberFromSigningContextFromStdlib as getBlockNumberFromSigningContext };
 /**
  * Result of tryInsertOrGetExisting operation
  */
@@ -23,76 +27,19 @@ export interface CreateHASignerDeps {
      * If provided, databaseUrl and poolConfig are ignored
      */
     pool?: Pool;
-}
-/**
- * Base context for signing operations
- */
-interface BaseSigningContext {
-    /** Slot number for this duty */
-    slot: SlotNumber;
     /**
-     * Block or checkpoint number for this duty.
-     * For block proposals, this is the block number.
-     * For checkpoint proposals, this is the checkpoint number.
+     * Optional telemetry client for metrics
      */
-    blockNumber: BlockNumber | CheckpointNumber;
-}
-/**
- * Signing context for block proposals.
- * blockIndexWithinCheckpoint is REQUIRED and must be >= 0.
- */
-export interface BlockProposalSigningContext extends BaseSigningContext {
-    /** Block index within checkpoint (0, 1, 2...). Required for block proposals. */
-    blockIndexWithinCheckpoint: IndexWithinCheckpoint;
-    dutyType: DutyType.BLOCK_PROPOSAL;
-}
-/**
- * Signing context for non-block-proposal duties that require HA protection.
- * blockIndexWithinCheckpoint is not applicable (internally always -1).
- */
-export interface OtherSigningContext extends BaseSigningContext {
-    dutyType: DutyType.CHECKPOINT_PROPOSAL | DutyType.ATTESTATION | DutyType.ATTESTATIONS_AND_SIGNERS;
-}
-/**
- * Signing context for governance/slashing votes which only need slot for HA protection.
- * blockNumber is not applicable (internally always 0).
- */
-export interface VoteSigningContext {
-    slot: SlotNumber;
-    dutyType: DutyType.GOVERNANCE_VOTE | DutyType.SLASHING_VOTE;
-}
-/**
- * Signing context for duties which don't require slot/blockNumber
- * as they don't need HA protection (AUTH_REQUEST, TXS).
- */
-export interface NoHAProtectionSigningContext {
-    dutyType: DutyType.AUTH_REQUEST | DutyType.TXS;
+    telemetryClient?: TelemetryClient;
+    /**
+     * Optional date provider for timestamps
+     */
+    dateProvider?: DateProvider;
 }
 /**
- * Signing contexts that require HA protection (excludes AUTH_REQUEST).
- * Used by the HA signer's signWithProtection method.
- */
-export type HAProtectedSigningContext = BlockProposalSigningContext | OtherSigningContext | VoteSigningContext;
-/**
- * Type guard to check if a SigningContext requires HA protection.
- * Returns true for contexts that need HA protection, false for AUTH_REQUEST and TXS.
- */
-export declare function isHAProtectedContext(context: SigningContext): context is HAProtectedSigningContext;
-/**
- * Gets the block number from a signing context.
- * - Vote duties (GOVERNANCE_VOTE, SLASHING_VOTE): returns BlockNumber(0)
- * - Other duties: returns the blockNumber from the context
- */
-export declare function getBlockNumberFromSigningContext(context: HAProtectedSigningContext): BlockNumber | CheckpointNumber;
-/**
- * Context required for slashing protection during signing operations.
- * Uses discriminated union to enforce type safety:
- * - BLOCK_PROPOSAL duties MUST have blockIndexWithinCheckpoint >= 0
- * - Other duty types do NOT have blockIndexWithinCheckpoint (internally -1)
- * - Vote duties only need slot (blockNumber is internally 0)
- * - AUTH_REQUEST and TXS duties don't need slot/blockNumber (no HA protection needed)
+ * deps for creating a local signing protection signer
  */
-export type SigningContext = HAProtectedSigningContext | NoHAProtectionSigningContext;
+export type CreateLocalSignerWithProtectionDeps = Omit<CreateHASignerDeps, 'pool'>;
 /**
  * Database interface for slashing protection operations
  * This abstraction allows for different database implementations (PostgreSQL, SQLite, etc.)
@@ -149,4 +96,4 @@ export interface SlashingProtectionDatabase {
      */
     close(): Promise<void>;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy90eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQ0wsV0FBVyxFQUNYLEtBQUssZ0JBQWdCLEVBQ3JCLEtBQUsscUJBQXFCLEVBQzFCLEtBQUssVUFBVSxFQUNoQixNQUFNLGlDQUFpQyxDQUFDO0FBQ3pDLE9BQU8sS0FBSyxFQUFFLFVBQVUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBRWhFLE9BQU8sS0FBSyxFQUFFLElBQUksRUFBRSxNQUFNLElBQUksQ0FBQztBQUUvQixPQUFPLEtBQUssRUFBRSx1QkFBdUIsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQUMzRCxPQUFPLEVBQ0wsS0FBSywyQkFBMkIsRUFDaEMsS0FBSyxvQkFBb0IsRUFDekIsS0FBSyxnQkFBZ0IsRUFDckIsS0FBSyxjQUFjLEVBQ25CLEtBQUssT0FBTyxFQUNaLFFBQVEsRUFDUixLQUFLLG1CQUFtQixFQUN4QixLQUFLLG1CQUFtQixFQUN4QixLQUFLLG1CQUFtQixFQUN6QixNQUFNLGVBQWUsQ0FBQztBQUV2QixZQUFZLEVBQ1YsMkJBQTJCLEVBQzNCLG9CQUFvQixFQUNwQixnQkFBZ0IsRUFDaEIsY0FBYyxFQUNkLE9BQU8sRUFDUCxtQkFBbUIsRUFDbkIsbUJBQW1CLEVBQ25CLG1CQUFtQixFQUNuQix1QkFBdUIsR0FDeEIsQ0FBQztBQUNGLE9BQU8sRUFBRSxVQUFVLEVBQUUsUUFBUSxFQUFFLCtCQUErQixFQUFFLG1CQUFtQixFQUFFLE1BQU0sZUFBZSxDQUFDO0FBRTNHOztHQUVHO0FBQ0gsTUFBTSxXQUFXLG9CQUFvQjtJQUNuQywyRUFBMkU7SUFDM0UsS0FBSyxFQUFFLE9BQU8sQ0FBQztJQUNmLHFEQUFxRDtJQUNyRCxNQUFNLEVBQUUsbUJBQW1CLENBQUM7Q0FDN0I7QUFFRDs7R0FFRztBQUNILE1BQU0sV0FBVyxrQkFBa0I7SUFDakM7OztPQUdHO0lBQ0gsSUFBSSxDQUFDLEVBQUUsSUFBSSxDQUFDO0NBQ2I7QUFFRDs7R0FFRztBQUNILFVBQVUsa0JBQWtCO0lBQzFCLGdDQUFnQztJQUNoQyxJQUFJLEVBQUUsVUFBVSxDQUFDO0lBQ2pCOzs7O09BSUc7SUFDSCxXQUFXLEVBQUUsV0FBVyxHQUFHLGdCQUFnQixDQUFDO0NBQzdDO0FBRUQ7OztHQUdHO0FBQ0gsTUFBTSxXQUFXLDJCQUE0QixTQUFRLGtCQUFrQjtJQUNyRSxnRkFBZ0Y7SUFDaEYsMEJBQTBCLEVBQUUscUJBQXFCLENBQUM7SUFDbEQsUUFBUSxFQUFFLFFBQVEsQ0FBQyxjQUFjLENBQUM7Q0FDbkM7QUFFRDs7O0dBR0c7QUFDSCxNQUFNLFdBQVcsbUJBQW9CLFNBQVEsa0JBQWtCO0lBQzdELFFBQVEsRUFBRSxRQUFRLENBQUMsbUJBQW1CLEdBQUcsUUFBUSxDQUFDLFdBQVcsR0FBRyxRQUFRLENBQUMsd0JBQXdCLENBQUM7Q0FDbkc7QUFFRDs7O0dBR0c7QUFDSCxNQUFNLFdBQVcsa0JBQWtCO0lBQ2pDLElBQUksRUFBRSxVQUFVLENBQUM7SUFDakIsUUFBUSxFQUFFLFFBQVEsQ0FBQyxlQUFlLEdBQUcsUUFBUSxDQUFDLGFBQWEsQ0FBQztDQUM3RDtBQUVEOzs7R0FHRztBQUNILE1BQU0sV0FBVyw0QkFBNEI7SUFDM0MsUUFBUSxFQUFFLFFBQVEsQ0FBQyxZQUFZLEdBQUcsUUFBUSxDQUFDLEdBQUcsQ0FBQztDQUNoRDtBQUVEOzs7R0FHRztBQUNILE1BQU0sTUFBTSx5QkFBeUIsR0FBRywyQkFBMkIsR0FBRyxtQkFBbUIsR0FBRyxrQkFBa0IsQ0FBQztBQUUvRzs7O0dBR0c7QUFDSCx3QkFBZ0Isb0JBQW9CLENBQUMsT0FBTyxFQUFFLGNBQWMsR0FBRyxPQUFPLElBQUkseUJBQXlCLENBRWxHO0FBRUQ7Ozs7R0FJRztBQUNILHdCQUFnQixnQ0FBZ0MsQ0FBQyxPQUFPLEVBQUUseUJBQXlCLEdBQUcsV0FBVyxHQUFHLGdCQUFnQixDQVluSDtBQUVEOzs7Ozs7O0dBT0c7QUFDSCxNQUFNLE1BQU0sY0FBYyxHQUFHLHlCQUF5QixHQUFHLDRCQUE0QixDQUFDO0FBRXRGOzs7Ozs7OztHQVFHO0FBQ0gsTUFBTSxXQUFXLDBCQUEwQjtJQUN6Qzs7Ozs7T0FLRztJQUNILHNCQUFzQixDQUFDLE1BQU0sRUFBRSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUVwRjs7Ozs7T0FLRztJQUNILGdCQUFnQixDQUNkLGFBQWEsRUFBRSxVQUFVLEVBQ3pCLGdCQUFnQixFQUFFLFVBQVUsRUFDNUIsSUFBSSxFQUFFLFVBQVUsRUFDaEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsU0FBUyxFQUFFLE1BQU0sRUFDakIsU0FBUyxFQUFFLE1BQU0sRUFDakIsMEJBQTBCLEVBQUUsTUFBTSxHQUNqQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUM7SUFFcEI7Ozs7OztPQU1HO0lBQ0gsVUFBVSxDQUNSLGFBQWEsRUFBRSxVQUFVLEVBQ3pCLGdCQUFnQixFQUFFLFVBQVUsRUFDNUIsSUFBSSxFQUFFLFVBQVUsRUFDaEIsUUFBUSxFQUFFLFFBQVEsRUFDbEIsU0FBUyxFQUFFLE1BQU0sRUFDakIsMEJBQTBCLEVBQUUsTUFBTSxHQUNqQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUM7SUFFcEI7OztPQUdHO0lBQ0gscUJBQXFCLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxRQUFRLEVBQUUsTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUV6RTs7Ozs7T0FLRztJQUNILDJCQUEyQixDQUFDLG9CQUFvQixFQUFFLFVBQVUsR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7SUFFL0U7Ozs7T0FJRztJQUNILGdCQUFnQixDQUFDLFFBQVEsRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBRXBEOzs7T0FHRztJQUNILEtBQUssSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUM7Q0FDeEIifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy90eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDN0QsT0FBTyxLQUFLLEVBQUUsVUFBVSxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFDaEUsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQ3ZELE9BQU8sRUFDTCxRQUFRLEVBQ1IsS0FBSyx5QkFBeUIsRUFDOUIsS0FBSyxjQUFjLEVBQ25CLEtBQUssdUJBQXVCLEVBQzVCLGdDQUFnQyxJQUFJLDBDQUEwQyxFQUM5RSxvQkFBb0IsRUFDckIsTUFBTSwwQkFBMEIsQ0FBQztBQUNsQyxPQUFPLEtBQUssRUFBRSxlQUFlLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUUvRCxPQUFPLEtBQUssRUFBRSxJQUFJLEVBQUUsTUFBTSxJQUFJLENBQUM7QUFFL0IsT0FBTyxLQUFLLEVBQ1YsMkJBQTJCLEVBQzNCLG9CQUFvQixFQUNwQixnQkFBZ0IsRUFDaEIsY0FBYyxFQUNkLE9BQU8sRUFDUCxtQkFBbUIsRUFDbkIsbUJBQW1CLEVBQ25CLG1CQUFtQixFQUNwQixNQUFNLGVBQWUsQ0FBQztBQUV2QixZQUFZLEVBQ1YsMkJBQTJCLEVBQzNCLG9CQUFvQixFQUNwQixnQkFBZ0IsRUFDaEIsY0FBYyxFQUNkLE9BQU8sRUFDUCx5QkFBeUIsRUFDekIsbUJBQW1CLEVBQ25CLG1CQUFtQixFQUNuQixjQUFjLEVBQ2QsbUJBQW1CLEVBQ25CLHVCQUF1QixHQUN4QixDQUFDO0FBQ0YsT0FBTyxFQUFFLFVBQVUsRUFBRSxRQUFRLEVBQUUsK0JBQStCLEVBQUUsbUJBQW1CLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDM0csT0FBTyxFQUFFLG9CQUFvQixFQUFFLENBQUM7QUFDaEMsT0FBTyxFQUFFLDBDQUEwQyxJQUFJLGdDQUFnQyxFQUFFLENBQUM7QUFFMUY7O0dBRUc7QUFDSCxNQUFNLFdBQVcsb0JBQW9CO0lBQ25DLDJFQUEyRTtJQUMzRSxLQUFLLEVBQUUsT0FBTyxDQUFDO0lBQ2YscURBQXFEO0lBQ3JELE1BQU0sRUFBRSxtQkFBbUIsQ0FBQztDQUM3QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxXQUFXLGtCQUFrQjtJQUNqQzs7O09BR0c7SUFDSCxJQUFJLENBQUMsRUFBRSxJQUFJLENBQUM7SUFDWjs7T0FFRztJQUNILGVBQWUsQ0FBQyxFQUFFLGVBQWUsQ0FBQztJQUNsQzs7T0FFRztJQUNILFlBQVksQ0FBQyxFQUFFLFlBQVksQ0FBQztDQUM3QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxNQUFNLG1DQUFtQyxHQUFHLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxNQUFNLENBQUMsQ0FBQztBQUVuRjs7Ozs7Ozs7R0FRRztBQUNILE1BQU0sV0FBVywwQkFBMEI7SUFDekM7Ozs7O09BS0c7SUFDSCxzQkFBc0IsQ0FBQyxNQUFNLEVBQUUsb0JBQW9CLEdBQUcsT0FBTyxDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFFcEY7Ozs7O09BS0c7SUFDSCxnQkFBZ0IsQ0FDZCxhQUFhLEVBQUUsVUFBVSxFQUN6QixnQkFBZ0IsRUFBRSxVQUFVLEVBQzVCLElBQUksRUFBRSxVQUFVLEVBQ2hCLFFBQVEsRUFBRSxRQUFRLEVBQ2xCLFNBQVMsRUFBRSxNQUFNLEVBQ2pCLFNBQVMsRUFBRSxNQUFNLEVBQ2pCLDBCQUEwQixFQUFFLE1BQU0sR0FDakMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBRXBCOzs7Ozs7T0FNRztJQUNILFVBQVUsQ0FDUixhQUFhLEVBQUUsVUFBVSxFQUN6QixnQkFBZ0IsRUFBRSxVQUFVLEVBQzVCLElBQUksRUFBRSxVQUFVLEVBQ2hCLFFBQVEsRUFBRSxRQUFRLEVBQ2xCLFNBQVMsRUFBRSxNQUFNLEVBQ2pCLDBCQUEwQixFQUFFLE1BQU0sR0FDakMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBRXBCOzs7T0FHRztJQUNILHFCQUFxQixDQUFDLE1BQU0sRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLE1BQU0sR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7SUFFekU7Ozs7O09BS0c7SUFDSCwyQkFBMkIsQ0FBQyxvQkFBb0IsRUFBRSxVQUFVLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBRS9FOzs7O09BSUc7SUFDSCxnQkFBZ0IsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUVwRDs7O09BR0c7SUFDSCxLQUFLLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO0NBQ3hCIn0=