@aztec/validator-ha-signer 0.0.1-commit.d1f2d6c → 0.0.1-commit.d20b825a7

package/dest/factory.js

@@ -1,7 +1,12 @@
 /**
  * Factory functions for creating validator HA signers
- */ import { Pool } from 'pg';
+ */ import { DateProvider } from '@aztec/foundation/timer';
+import { createStore } from '@aztec/kv-store/lmdb-v2';
+import { getTelemetryClient } from '@aztec/telemetry-client';
+import { Pool } from 'pg';
+import { LmdbSlashingProtectionDatabase } from './db/lmdb.js';
 import { PostgresSlashingProtectionDatabase } from './db/postgres.js';
+import { HASignerMetrics } from './metrics.js';
 import { ValidatorHASigner } from './validator_ha_signer.js';
 /**
  * Create a validator HA signer with PostgreSQL backend
@@ -18,7 +23,6 @@ import { ValidatorHASigner } from './validator_ha_signer.js';
  * ```typescript
  * const { signer, db } = await createHASigner({
  *   databaseUrl: process.env.DATABASE_URL,
- *   haSigningEnabled: true,
  *   nodeId: 'validator-node-1',
  *   pollingIntervalMs: 100,
  *   signingTimeoutMs: 3000,
@@ -38,14 +42,17 @@ import { ValidatorHASigner } from './validator_ha_signer.js';
  * @returns An object containing the signer and database instances
  */ export async function createHASigner(config, deps) {
     const { databaseUrl, poolMaxCount, poolMinCount, poolIdleTimeoutMs, poolConnectionTimeoutMs, ...signerConfig } = config;
-    if (!databaseUrl) {
+    const databaseUrlValue = databaseUrl?.getValue();
+    if (!databaseUrlValue) {
         throw new Error('databaseUrl is required for createHASigner');
     }
+    const telemetryClient = deps?.telemetryClient ?? getTelemetryClient();
+    const dateProvider = deps?.dateProvider ?? new DateProvider();
     // Create connection pool (or use provided pool)
     let pool;
     if (!deps?.pool) {
         pool = new Pool({
-            connectionString: databaseUrl,
+            connectionString: databaseUrlValue,
             max: poolMaxCount ?? 10,
             min: poolMinCount ?? 0,
             idleTimeoutMillis: poolIdleTimeoutMs ?? 10_000,
@@ -58,10 +65,74 @@ import { ValidatorHASigner } from './validator_ha_signer.js';
     const db = new PostgresSlashingProtectionDatabase(pool);
     // Verify database schema is initialized and version matches
     await db.initialize();
+    // Create metrics
+    const metrics = new HASignerMetrics(telemetryClient, signerConfig.nodeId);
     // Create signer
-    const signer = new ValidatorHASigner(db, {
-        ...signerConfig,
-        databaseUrl
+    const signer = new ValidatorHASigner(db, signerConfig, {
+        metrics,
+        dateProvider
+    });
+    return {
+        signer,
+        db
+    };
+}
+/**
+ * Create a local (single-node) signing protection signer backed by LMDB.
+ *
+ * This provides double-signing protection for nodes that are NOT running in a
+ * high-availability (multi-node) setup. It prevents a proposer from sending two
+ * proposals for the same slot if the node crashes and restarts mid-proposal.
+ *
+ * When `config.dataDirectory` is set, the protection database is persisted to disk
+ * and survives crashes/restarts. When unset, an ephemeral in-memory store is
+ * used which protects within a single run but not across restarts.
+ *
+ * @param config - Local signer config
+ * @param deps - Optional dependencies (telemetry, date provider).
+ * @returns An object containing the signer and database instances.
+ */ export async function createLocalSignerWithProtection(config, deps) {
+    const telemetryClient = deps?.telemetryClient ?? getTelemetryClient();
+    const dateProvider = deps?.dateProvider ?? new DateProvider();
+    const kvStore = await createStore('signing-protection', LmdbSlashingProtectionDatabase.SCHEMA_VERSION, {
+        dataDirectory: config.dataDirectory,
+        dataStoreMapSizeKb: config.signingProtectionMapSizeKb ?? config.dataStoreMapSizeKb,
+        l1Contracts: config.l1Contracts
+    });
+    const db = new LmdbSlashingProtectionDatabase(kvStore, dateProvider);
+    const signerConfig = {
+        ...config,
+        nodeId: config.nodeId || 'local'
+    };
+    const metrics = new HASignerMetrics(telemetryClient, signerConfig.nodeId, 'LocalSigningProtectionMetrics');
+    const signer = new ValidatorHASigner(db, signerConfig, {
+        metrics,
+        dateProvider
+    });
+    return {
+        signer,
+        db
+    };
+}
+/**
+ * Create an in-memory LMDB-backed SlashingProtectionDatabase that can be shared across
+ * multiple validator nodes in the same process. Used for testing HA setups.
+ */ export async function createSharedSlashingProtectionDb(dateProvider = new DateProvider()) {
+    const kvStore = await createStore('shared-signing-protection', LmdbSlashingProtectionDatabase.SCHEMA_VERSION, {
+        dataStoreMapSizeKb: 1024 * 1024
+    });
+    return new LmdbSlashingProtectionDatabase(kvStore, dateProvider);
+}
+/**
+ * Create a ValidatorHASigner backed by a pre-existing SlashingProtectionDatabase.
+ * Used for testing HA setups where multiple nodes share the same protection database.
+ */ export function createSignerFromSharedDb(db, config, deps) {
+    const telemetryClient = deps?.telemetryClient ?? getTelemetryClient();
+    const dateProvider = deps?.dateProvider ?? new DateProvider();
+    const metrics = new HASignerMetrics(telemetryClient, config.nodeId, 'SharedSigningProtectionMetrics');
+    const signer = new ValidatorHASigner(db, config, {
+        metrics,
+        dateProvider
     });
     return {
         signer,

package/dest/metrics.d.ts

@@ -0,0 +1,51 @@
+import { type TelemetryClient } from '@aztec/telemetry-client';
+export type HACleanupType = 'stuck' | 'old' | 'outdated_rollup';
+/**
+ * Metrics for HA signer tracking signing operations, lock acquisition, and cleanup.
+ */
+export declare class HASignerMetrics {
+    private nodeId;
+    private signingDuration;
+    private signingSuccessCount;
+    private dutyAlreadySignedCount;
+    private slashingProtectionCount;
+    private signingErrorCount;
+    private lockAcquiredCount;
+    private cleanupStuckDutiesCount;
+    private cleanupOldDutiesCount;
+    private cleanupOutdatedRollupDutiesCount;
+    constructor(client: TelemetryClient, nodeId: string, name?: string);
+    /**
+     * Record a successful signing operation.
+     * @param dutyType - The type of duty signed
+     * @param durationMs - Duration from start of signWithProtection to completion
+     */
+    recordSigningSuccess(dutyType: string, durationMs: number): void;
+    /**
+     * Record a DutyAlreadySignedError (expected in HA; another node signed first).
+     * @param dutyType - The type of duty
+     */
+    recordDutyAlreadySigned(dutyType: string): void;
+    /**
+     * Record a SlashingProtectionError (attempted to sign different data for same duty).
+     * @param dutyType - The type of duty
+     */
+    recordSlashingProtection(dutyType: string): void;
+    /**
+     * Record a signing function failure (lock will be deleted for retry).
+     * @param dutyType - The type of duty
+     */
+    recordSigningError(dutyType: string): void;
+    /**
+     * Record lock acquisition.
+     * @param acquired - Whether a new lock was acquired (true) or existing record found (false)
+     */
+    recordLockAcquire(acquired: boolean): void;
+    /**
+     * Record cleanup metrics.
+     * @param type - Type of cleanup
+     * @param count - Number of duties cleaned up
+     */
+    recordCleanup(type: HACleanupType, count: number): void;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWV0cmljcy5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL21ldHJpY3MudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUlMLEtBQUssZUFBZSxFQUdyQixNQUFNLHlCQUF5QixDQUFDO0FBRWpDLE1BQU0sTUFBTSxhQUFhLEdBQUcsT0FBTyxHQUFHLEtBQUssR0FBRyxpQkFBaUIsQ0FBQztBQUVoRTs7R0FFRztBQUNILHFCQUFhLGVBQWU7SUFrQnhCLE9BQU8sQ0FBQyxNQUFNO0lBaEJoQixPQUFPLENBQUMsZUFBZSxDQUFZO0lBQ25DLE9BQU8sQ0FBQyxtQkFBbUIsQ0FBZ0I7SUFDM0MsT0FBTyxDQUFDLHNCQUFzQixDQUFnQjtJQUM5QyxPQUFPLENBQUMsdUJBQXVCLENBQWdCO0lBQy9DLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBZ0I7SUFHekMsT0FBTyxDQUFDLGlCQUFpQixDQUFnQjtJQUd6QyxPQUFPLENBQUMsdUJBQXVCLENBQWdCO0lBQy9DLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBZ0I7SUFDN0MsT0FBTyxDQUFDLGdDQUFnQyxDQUFnQjtJQUV4RCxZQUNFLE1BQU0sRUFBRSxlQUFlLEVBQ2YsTUFBTSxFQUFFLE1BQU0sRUFDdEIsSUFBSSxTQUFvQixFQXFCekI7SUFFRDs7OztPQUlHO0lBQ0ksb0JBQW9CLENBQUMsUUFBUSxFQUFFLE1BQU0sRUFBRSxVQUFVLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FPdEU7SUFFRDs7O09BR0c7SUFDSSx1QkFBdUIsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FNckQ7SUFFRDs7O09BR0c7SUFDSSx3QkFBd0IsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FNdEQ7SUFFRDs7O09BR0c7SUFDSSxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FNaEQ7SUFFRDs7O09BR0c7SUFDSSxpQkFBaUIsQ0FBQyxRQUFRLEVBQUUsT0FBTyxHQUFHLElBQUksQ0FPaEQ7SUFFRDs7OztPQUlHO0lBQ0ksYUFBYSxDQUFDLElBQUksRUFBRSxhQUFhLEVBQUUsS0FBSyxFQUFFLE1BQU0sR0FBRyxJQUFJLENBWTdEO0NBQ0YifQ==

package/dest/metrics.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metrics.d.ts","sourceRoot":"","sources":["../src/metrics.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,KAAK,eAAe,EAGrB,MAAM,yBAAyB,CAAC;AAEjC,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,KAAK,GAAG,iBAAiB,CAAC;AAEhE;;GAEG;AACH,qBAAa,eAAe;IAkBxB,OAAO,CAAC,MAAM;IAhBhB,OAAO,CAAC,eAAe,CAAY;IACnC,OAAO,CAAC,mBAAmB,CAAgB;IAC3C,OAAO,CAAC,sBAAsB,CAAgB;IAC9C,OAAO,CAAC,uBAAuB,CAAgB;IAC/C,OAAO,CAAC,iBAAiB,CAAgB;IAGzC,OAAO,CAAC,iBAAiB,CAAgB;IAGzC,OAAO,CAAC,uBAAuB,CAAgB;IAC/C,OAAO,CAAC,qBAAqB,CAAgB;IAC7C,OAAO,CAAC,gCAAgC,CAAgB;IAExD,YACE,MAAM,EAAE,eAAe,EACf,MAAM,EAAE,MAAM,EACtB,IAAI,SAAoB,EAqBzB;IAED;;;;OAIG;IACI,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,CAOtE;IAED;;;OAGG;IACI,uBAAuB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMrD;IAED;;;OAGG;IACI,wBAAwB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMtD;IAED;;;OAGG;IACI,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAMhD;IAED;;;OAGG;IACI,iBAAiB,CAAC,QAAQ,EAAE,OAAO,GAAG,IAAI,CAOhD;IAED;;;;OAIG;IACI,aAAa,CAAC,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAY7D;CACF"}

package/dest/metrics.js

@@ -0,0 +1,103 @@
+import { Attributes, Metrics, createUpDownCounterWithDefault } from '@aztec/telemetry-client';
+/**
+ * Metrics for HA signer tracking signing operations, lock acquisition, and cleanup.
+ */ export class HASignerMetrics {
+    nodeId;
+    // Signing lifecycle metrics
+    signingDuration;
+    signingSuccessCount;
+    dutyAlreadySignedCount;
+    slashingProtectionCount;
+    signingErrorCount;
+    // Lock acquisition metrics
+    lockAcquiredCount;
+    // Cleanup metrics
+    cleanupStuckDutiesCount;
+    cleanupOldDutiesCount;
+    cleanupOutdatedRollupDutiesCount;
+    constructor(client, nodeId, name = 'HASignerMetrics'){
+        this.nodeId = nodeId;
+        const meter = client.getMeter(name);
+        // Signing lifecycle
+        this.signingDuration = meter.createHistogram(Metrics.HA_SIGNER_SIGNING_DURATION);
+        this.signingSuccessCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_SIGNING_SUCCESS_COUNT);
+        this.dutyAlreadySignedCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_DUTY_ALREADY_SIGNED_COUNT);
+        this.slashingProtectionCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_SLASHING_PROTECTION_COUNT);
+        this.signingErrorCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_SIGNING_ERROR_COUNT);
+        // Lock acquisition
+        this.lockAcquiredCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_LOCK_ACQUIRED_COUNT);
+        // Cleanup
+        this.cleanupStuckDutiesCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_CLEANUP_STUCK_DUTIES_COUNT);
+        this.cleanupOldDutiesCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_CLEANUP_OLD_DUTIES_COUNT);
+        this.cleanupOutdatedRollupDutiesCount = createUpDownCounterWithDefault(meter, Metrics.HA_SIGNER_CLEANUP_OUTDATED_ROLLUP_DUTIES_COUNT);
+    }
+    /**
+   * Record a successful signing operation.
+   * @param dutyType - The type of duty signed
+   * @param durationMs - Duration from start of signWithProtection to completion
+   */ recordSigningSuccess(dutyType, durationMs) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.signingSuccessCount.add(1, attributes);
+        this.signingDuration.record(durationMs, attributes);
+    }
+    /**
+   * Record a DutyAlreadySignedError (expected in HA; another node signed first).
+   * @param dutyType - The type of duty
+   */ recordDutyAlreadySigned(dutyType) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.dutyAlreadySignedCount.add(1, attributes);
+    }
+    /**
+   * Record a SlashingProtectionError (attempted to sign different data for same duty).
+   * @param dutyType - The type of duty
+   */ recordSlashingProtection(dutyType) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.slashingProtectionCount.add(1, attributes);
+    }
+    /**
+   * Record a signing function failure (lock will be deleted for retry).
+   * @param dutyType - The type of duty
+   */ recordSigningError(dutyType) {
+        const attributes = {
+            [Attributes.HA_DUTY_TYPE]: dutyType,
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        this.signingErrorCount.add(1, attributes);
+    }
+    /**
+   * Record lock acquisition.
+   * @param acquired - Whether a new lock was acquired (true) or existing record found (false)
+   */ recordLockAcquire(acquired) {
+        if (acquired) {
+            const attributes = {
+                [Attributes.HA_NODE_ID]: this.nodeId
+            };
+            this.lockAcquiredCount.add(1, attributes);
+        }
+    }
+    /**
+   * Record cleanup metrics.
+   * @param type - Type of cleanup
+   * @param count - Number of duties cleaned up
+   */ recordCleanup(type, count) {
+        const attributes = {
+            [Attributes.HA_NODE_ID]: this.nodeId
+        };
+        if (type === 'stuck') {
+            this.cleanupStuckDutiesCount.add(count, attributes);
+        } else if (type === 'old') {
+            this.cleanupOldDutiesCount.add(count, attributes);
+        } else if (type === 'outdated_rollup') {
+            this.cleanupOutdatedRollupDutiesCount.add(count, attributes);
+        }
+    }
+}

package/dest/slashing_protection_service.d.ts

@@ -1,5 +1,12 @@
+import type { DateProvider } from '@aztec/foundation/timer';
+import type { BaseSignerConfig } from '@aztec/stdlib/ha-signing';
 import { type CheckAndRecordParams, type DeleteDutyParams, type RecordSuccessParams } from './db/types.js';
-import type { SlashingProtectionDatabase, ValidatorHASignerConfig } from './types.js';
+import type { HASignerMetrics } from './metrics.js';
+import type { SlashingProtectionDatabase } from './types.js';
+export interface SlashingProtectionServiceDeps {
+    metrics: HASignerMetrics;
+    dateProvider: DateProvider;
+}
 /**
  * Slashing Protection Service
  *
@@ -22,8 +29,11 @@ export declare class SlashingProtectionService {
     private readonly pollingIntervalMs;
     private readonly signingTimeoutMs;
     private readonly maxStuckDutiesAgeMs;
+    private readonly metrics;
+    private readonly dateProvider;
     private cleanupRunningPromise;
-    constructor(db: SlashingProtectionDatabase, config: ValidatorHASignerConfig);
+    private lastOldDutiesCleanupAtMs?;
+    constructor(db: SlashingProtectionDatabase, config: BaseSignerConfig, deps: SlashingProtectionServiceDeps);
     /**
      * Check if a duty can be performed and acquire the lock if so.
      *
@@ -33,7 +43,6 @@ export declare class SlashingProtectionService {
      * 2. If insert succeeds, we acquired the lock - return the lockToken
      * 3. If a record exists, handle based on status:
      *    - SIGNED: Throw appropriate error (already signed or slashing protection)
-     *    - FAILED: Delete the failed record
      *    - SIGNING: Wait and poll until status changes, then handle result
      *
      * @returns The lockToken that must be used for recordSuccess/deleteDuty
@@ -65,7 +74,11 @@ export declare class SlashingProtectionService {
      * Start running tasks.
      * Cleanup runs immediately on start to recover from any previous crashes.
      */
-    start(): void;
+    /**
+     * Start the background cleanup task.
+     * Also performs one-time cleanup of duties with outdated rollup addresses.
+     */
+    start(): Promise<void>;
     /**
      * Stop the background cleanup task.
      */
@@ -75,6 +88,6 @@ export declare class SlashingProtectionService {
      * Should be called after stop() during graceful shutdown.
      */
     close(): Promise<void>;
-    private cleanupStuckDuties;
+    private cleanup;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQVVBLE9BQU8sRUFDTCxLQUFLLG9CQUFvQixFQUN6QixLQUFLLGdCQUFnQixFQUVyQixLQUFLLG1CQUFtQixFQUV6QixNQUFNLGVBQWUsQ0FBQztBQUV2QixPQUFPLEtBQUssRUFBRSwwQkFBMEIsRUFBRSx1QkFBdUIsRUFBRSxNQUFNLFlBQVksQ0FBQztBQUV0Rjs7Ozs7Ozs7Ozs7Ozs7R0FjRztBQUNILHFCQUFhLHlCQUF5QjtJQVNsQyxPQUFPLENBQUMsUUFBUSxDQUFDLEVBQUU7SUFDbkIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNO0lBVHpCLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFTO0lBQzdCLE9BQU8sQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQVM7SUFDM0MsT0FBTyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBUztJQUMxQyxPQUFPLENBQUMsUUFBUSxDQUFDLG1CQUFtQixDQUFTO0lBRTdDLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBaUI7SUFFOUMsWUFDbUIsRUFBRSxFQUFFLDBCQUEwQixFQUM5QixNQUFNLEVBQUUsdUJBQXVCLEVBYWpEO0lBRUQ7Ozs7Ozs7Ozs7Ozs7OztPQWVHO0lBQ0csY0FBYyxDQUFDLE1BQU0sRUFBRSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLENBaUVsRTtJQUVEOzs7Ozs7T0FNRztJQUNHLGFBQWEsQ0FBQyxNQUFNLEVBQUUsbUJBQW1CLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQTBCakU7SUFFRDs7Ozs7O09BTUc7SUFDRyxVQUFVLENBQUMsTUFBTSxFQUFFLGdCQUFnQixHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FpQjNEO0lBRUQ7O09BRUc7SUFDSCxJQUFJLE1BQU0sSUFBSSxNQUFNLENBRW5CO0lBRUQ7OztPQUdHO0lBQ0gsS0FBSyxTQUdKO0lBRUQ7O09BRUc7SUFDRyxJQUFJLGtCQUdUO0lBRUQ7OztPQUdHO0lBQ0csS0FBSyxrQkFHVjtZQUthLGtCQUFrQjtDQVNqQyJ9
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc2xhc2hpbmdfcHJvdGVjdGlvbl9zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQVNBLE9BQU8sS0FBSyxFQUFFLFlBQVksRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzVELE9BQU8sS0FBSyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFFakUsT0FBTyxFQUNMLEtBQUssb0JBQW9CLEVBQ3pCLEtBQUssZ0JBQWdCLEVBRXJCLEtBQUssbUJBQW1CLEVBRXpCLE1BQU0sZUFBZSxDQUFDO0FBRXZCLE9BQU8sS0FBSyxFQUFFLGVBQWUsRUFBRSxNQUFNLGNBQWMsQ0FBQztBQUNwRCxPQUFPLEtBQUssRUFBRSwwQkFBMEIsRUFBRSxNQUFNLFlBQVksQ0FBQztBQUU3RCxNQUFNLFdBQVcsNkJBQTZCO0lBQzVDLE9BQU8sRUFBRSxlQUFlLENBQUM7SUFDekIsWUFBWSxFQUFFLFlBQVksQ0FBQztDQUM1QjtBQUVEOzs7Ozs7Ozs7Ozs7OztHQWNHO0FBQ0gscUJBQWEseUJBQXlCO0lBYWxDLE9BQU8sQ0FBQyxRQUFRLENBQUMsRUFBRTtJQUNuQixPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU07SUFiekIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQVM7SUFDN0IsT0FBTyxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsQ0FBUztJQUMzQyxPQUFPLENBQUMsUUFBUSxDQUFDLGdCQUFnQixDQUFTO0lBQzFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsbUJBQW1CLENBQVM7SUFFN0MsT0FBTyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQWtCO0lBQzFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsWUFBWSxDQUFlO0lBRTVDLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBaUI7SUFDOUMsT0FBTyxDQUFDLHdCQUF3QixDQUFDLENBQVM7SUFFMUMsWUFDbUIsRUFBRSxFQUFFLDBCQUEwQixFQUM5QixNQUFNLEVBQUUsZ0JBQWdCLEVBQ3pDLElBQUksRUFBRSw2QkFBNkIsRUFXcEM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7T0FjRztJQUNHLGNBQWMsQ0FBQyxNQUFNLEVBQUUsb0JBQW9CLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQXFFbEU7SUFFRDs7Ozs7O09BTUc7SUFDRyxhQUFhLENBQUMsTUFBTSxFQUFFLG1CQUFtQixHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0EyQmpFO0lBRUQ7Ozs7OztPQU1HO0lBQ0csVUFBVSxDQUFDLE1BQU0sRUFBRSxnQkFBZ0IsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLENBd0IzRDtJQUVEOztPQUVHO0lBQ0gsSUFBSSxNQUFNLElBQUksTUFBTSxDQUVuQjtJQUVEOzs7T0FHRztJQUNIOzs7T0FHRztJQUNHLEtBQUssa0JBWVY7SUFFRDs7T0FFRztJQUNHLElBQUksa0JBR1Q7SUFFRDs7O09BR0c7SUFDRyxLQUFLLGtCQUdWO1lBTWEsT0FBTztDQStCdEIifQ==

package/dest/slashing_protection_service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"slashing_protection_service.d.ts","sourceRoot":"","sources":["../src/slashing_protection_service.ts"],"names":[],"mappings":"AAUA,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EAErB,KAAK,mBAAmB,EAEzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAAE,0BAA0B,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAEtF;;;;;;;;;;;;;;GAcG;AACH,qBAAa,yBAAyB;IASlC,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM;IATzB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAS;IAE7C,OAAO,CAAC,qBAAqB,CAAiB;IAE9C,YACmB,EAAE,EAAE,0BAA0B,EAC9B,MAAM,EAAE,uBAAuB,EAajD;IAED;;;;;;;;;;;;;;;OAeG;IACG,cAAc,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,MAAM,CAAC,CAiElE;IAED;;;;;;OAMG;IACG,aAAa,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,CA0BjE;IAED;;;;;;OAMG;IACG,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC,CAiB3D;IAED;;OAEG;IACH,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED;;;OAGG;IACH,KAAK,SAGJ;IAED;;OAEG;IACG,IAAI,kBAGT;IAED;;;OAGG;IACG,KAAK,kBAGV;YAKa,kBAAkB;CASjC"}
+{"version":3,"file":"slashing_protection_service.d.ts","sourceRoot":"","sources":["../src/slashing_protection_service.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,gBAAgB,EAErB,KAAK,mBAAmB,EAEzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,YAAY,CAAC;AAE7D,MAAM,WAAW,6BAA6B;IAC5C,OAAO,EAAE,eAAe,CAAC;IACzB,YAAY,EAAE,YAAY,CAAC;CAC5B;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,yBAAyB;IAalC,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM;IAbzB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAS;IAE7C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAkB;IAC1C,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAE5C,OAAO,CAAC,qBAAqB,CAAiB;IAC9C,OAAO,CAAC,wBAAwB,CAAC,CAAS;IAE1C,YACmB,EAAE,EAAE,0BAA0B,EAC9B,MAAM,EAAE,gBAAgB,EACzC,IAAI,EAAE,6BAA6B,EAWpC;IAED;;;;;;;;;;;;;;OAcG;IACG,cAAc,CAAC,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,MAAM,CAAC,CAqElE;IAED;;;;;;OAMG;IACG,aAAa,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,CA2BjE;IAED;;;;;;OAMG;IACG,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC,CAwB3D;IAED;;OAEG;IACH,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED;;;OAGG;IACH;;;OAGG;IACG,KAAK,kBAYV;IAED;;OAEG;IACG,IAAI,kBAGT;IAED;;;OAGG;IACG,KAAK,kBAGV;YAMa,OAAO;CA+BtB"}

package/dest/slashing_protection_service.js

@@ -29,8 +29,11 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
     pollingIntervalMs;
     signingTimeoutMs;
     maxStuckDutiesAgeMs;
+    metrics;
+    dateProvider;
     cleanupRunningPromise;
-    constructor(db, config){
+    lastOldDutiesCleanupAtMs;
+    constructor(db, config, deps){
         this.db = db;
         this.config = config;
         this.log = createLogger('slashing-protection');
@@ -38,7 +41,9 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
         this.signingTimeoutMs = config.signingTimeoutMs;
         // Default to 144s (2x 72s Aztec slot duration) if not explicitly configured
         this.maxStuckDutiesAgeMs = config.maxStuckDutiesAgeMs ?? 144_000;
-        this.cleanupRunningPromise = new RunningPromise(this.cleanupStuckDuties.bind(this), this.log, this.maxStuckDutiesAgeMs);
+        this.cleanupRunningPromise = new RunningPromise(this.cleanup.bind(this), this.log, this.maxStuckDutiesAgeMs);
+        this.metrics = deps.metrics;
+        this.dateProvider = deps.dateProvider;
     }
     /**
    * Check if a duty can be performed and acquire the lock if so.
@@ -49,7 +54,6 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
    * 2. If insert succeeds, we acquired the lock - return the lockToken
    * 3. If a record exists, handle based on status:
    *    - SIGNED: Throw appropriate error (already signed or slashing protection)
-   *    - FAILED: Delete the failed record
    *    - SIGNING: Wait and poll until status changes, then handle result
    *
    * @returns The lockToken that must be used for recordSuccess/deleteDuty
@@ -57,7 +61,7 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
    * @throws SlashingProtectionError if attempting to sign different data for same slot/duty
    */ async checkAndRecord(params) {
         const { validatorAddress, slot, dutyType, messageHash, nodeId } = params;
-        const startTime = Date.now();
+        const startTime = this.dateProvider.now();
         this.log.debug(`Checking duty: ${dutyType} for slot ${slot}`, {
             validatorAddress: validatorAddress.toString(),
             nodeId
@@ -67,10 +71,11 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
             const { isNew, record } = await this.db.tryInsertOrGetExisting(params);
             if (isNew) {
                 // We successfully acquired the lock
-                this.log.info(`Acquired lock for duty ${dutyType} at slot ${slot}`, {
+                this.log.verbose(`Acquired lock for duty ${dutyType} at slot ${slot}`, {
                     validatorAddress: validatorAddress.toString(),
                     nodeId
                 });
+                this.metrics.recordLockAcquire(true);
                 return record.lockToken;
             }
             // Record already exists - handle based on status
@@ -84,17 +89,20 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
                         existingNodeId: record.nodeId,
                         attemptingNodeId: nodeId
                     });
+                    this.metrics.recordSlashingProtection(dutyType);
                     throw new SlashingProtectionError(slot, dutyType, record.blockIndexWithinCheckpoint, record.messageHash, messageHash, record.nodeId);
                 }
+                this.metrics.recordDutyAlreadySigned(dutyType);
                 throw new DutyAlreadySignedError(slot, dutyType, record.blockIndexWithinCheckpoint, record.nodeId);
             } else if (record.status === DutyStatus.SIGNING) {
                 // Another node is currently signing - check for timeout
-                if (Date.now() - startTime > this.signingTimeoutMs) {
+                if (this.dateProvider.now() - startTime > this.signingTimeoutMs) {
                     this.log.warn(`Timeout waiting for signing to complete for duty ${dutyType} at slot ${slot}`, {
                         validatorAddress: validatorAddress.toString(),
                         timeoutMs: this.signingTimeoutMs,
                         signingNodeId: record.nodeId
                     });
+                    this.metrics.recordDutyAlreadySigned(dutyType);
                     throw new DutyAlreadySignedError(slot, dutyType, record.blockIndexWithinCheckpoint, 'unknown (timeout)');
                 }
                 // Wait and poll
@@ -116,11 +124,11 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
    *
    * @returns true if the update succeeded, false if token didn't match
    */ async recordSuccess(params) {
-        const { validatorAddress, slot, dutyType, signature, nodeId, lockToken } = params;
+        const { rollupAddress, validatorAddress, slot, dutyType, signature, nodeId, lockToken } = params;
         const blockIndexWithinCheckpoint = getBlockIndexFromDutyIdentifier(params);
-        const success = await this.db.updateDutySigned(validatorAddress, slot, dutyType, signature.toString(), lockToken, blockIndexWithinCheckpoint);
+        const success = await this.db.updateDutySigned(rollupAddress, validatorAddress, slot, dutyType, signature.toString(), lockToken, blockIndexWithinCheckpoint);
         if (success) {
-            this.log.info(`Recorded successful signing for duty ${dutyType} at slot ${slot}`, {
+            this.log.verbose(`Recorded successful signing for duty ${dutyType} at slot ${slot}`, {
                 validatorAddress: validatorAddress.toString(),
                 nodeId
             });
@@ -139,9 +147,9 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
    *
    * @returns true if the delete succeeded, false if token didn't match
    */ async deleteDuty(params) {
-        const { validatorAddress, slot, dutyType, lockToken } = params;
+        const { rollupAddress, validatorAddress, slot, dutyType, lockToken } = params;
         const blockIndexWithinCheckpoint = getBlockIndexFromDutyIdentifier(params);
-        const success = await this.db.deleteDuty(validatorAddress, slot, dutyType, lockToken, blockIndexWithinCheckpoint);
+        const success = await this.db.deleteDuty(rollupAddress, validatorAddress, slot, dutyType, lockToken, blockIndexWithinCheckpoint);
         if (success) {
             this.log.info(`Deleted duty ${dutyType} at slot ${slot} to allow retry`, {
                 validatorAddress: validatorAddress.toString()
@@ -161,7 +169,18 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
     /**
    * Start running tasks.
    * Cleanup runs immediately on start to recover from any previous crashes.
-   */ start() {
+   */ /**
+   * Start the background cleanup task.
+   * Also performs one-time cleanup of duties with outdated rollup addresses.
+   */ async start() {
+        // One-time cleanup at startup: remove duties from previous rollup versions
+        const numOutdatedRollupDuties = await this.db.cleanupOutdatedRollupDuties(this.config.l1Contracts.rollupAddress);
+        if (numOutdatedRollupDuties > 0) {
+            this.log.info(`Cleaned up ${numOutdatedRollupDuties} duties with outdated rollup address at startup`, {
+                currentRollupAddress: this.config.l1Contracts.rollupAddress.toString()
+            });
+            this.metrics.recordCleanup('outdated_rollup', numOutdatedRollupDuties);
+        }
         this.cleanupRunningPromise.start();
         this.log.info('Slashing protection service started', {
             nodeId: this.config.nodeId
@@ -183,14 +202,35 @@ import { DutyAlreadySignedError, SlashingProtectionError } from './errors.js';
         this.log.info('Slashing protection database connection closed');
     }
     /**
-   * Cleanup own stuck duties
-   */ async cleanupStuckDuties() {
-        const numDuties = await this.db.cleanupOwnStuckDuties(this.config.nodeId, this.maxStuckDutiesAgeMs);
-        if (numDuties > 0) {
-            this.log.info(`Cleaned up ${numDuties} stuck duties`, {
+   * Periodic cleanup of stuck duties and optionally old signed duties.
+   * Runs in the background via RunningPromise.
+   */ async cleanup() {
+        // 1. Clean up stuck duties (our own node's duties that got stuck in 'signing' status)
+        const numStuckDuties = await this.db.cleanupOwnStuckDuties(this.config.nodeId, this.maxStuckDutiesAgeMs);
+        if (numStuckDuties > 0) {
+            this.log.verbose(`Cleaned up ${numStuckDuties} stuck duties`, {
                 nodeId: this.config.nodeId,
                 maxStuckDutiesAgeMs: this.maxStuckDutiesAgeMs
             });
+            this.metrics.recordCleanup('stuck', numStuckDuties);
+        }
+        // 2. Clean up old signed duties if configured
+        // we shouldn't run this as often as stuck duty cleanup.
+        if (this.config.cleanupOldDutiesAfterHours !== undefined) {
+            const maxAgeMs = this.config.cleanupOldDutiesAfterHours * 60 * 60 * 1000;
+            const nowMs = this.dateProvider.now();
+            const shouldRun = this.lastOldDutiesCleanupAtMs === undefined || nowMs - this.lastOldDutiesCleanupAtMs >= maxAgeMs;
+            if (shouldRun) {
+                const numOldDuties = await this.db.cleanupOldDuties(maxAgeMs);
+                this.lastOldDutiesCleanupAtMs = nowMs;
+                if (numOldDuties > 0) {
+                    this.log.verbose(`Cleaned up ${numOldDuties} old signed duties`, {
+                        cleanupOldDutiesAfterHours: this.config.cleanupOldDutiesAfterHours,
+                        maxAgeMs
+                    });
+                    this.metrics.recordCleanup('old', numOldDuties);
+                }
+            }
         }
     }
 }