@chainsafe/lodestar 1.35.0-dev.8cacf063da → 1.35.0-dev.91dadf81de

package/src/cmds/beacon/handler.ts

@@ -0,0 +1,267 @@
+import path from "node:path";
+import {getHeapStatistics} from "node:v8";
+import {SignableENR} from "@chainsafe/enr";
+import {hasher} from "@chainsafe/persistent-merkle-tree";
+import {BeaconDb, BeaconNode} from "@lodestar/beacon-node";
+import {ChainForkConfig, createBeaconConfig} from "@lodestar/config";
+import {LevelDbController} from "@lodestar/db/controller/level";
+import {LoggerNode, getNodeLogger} from "@lodestar/logger/node";
+import {ACTIVE_PRESET, PresetName} from "@lodestar/params";
+import {ErrorAborted, bytesToInt} from "@lodestar/utils";
+import {ProcessShutdownCallback} from "@lodestar/validator";
+import {BeaconNodeOptions, getBeaconConfigFromArgs} from "../../config/index.js";
+import {getNetworkBootnodes, getNetworkData, isKnownNetworkName, readBootnodes} from "../../networks/index.js";
+import {GlobalArgs, parseBeaconNodeArgs} from "../../options/index.js";
+import {LogArgs} from "../../options/logOptions.js";
+import {
+  cleanOldLogFiles,
+  mkdir,
+  onGracefulShutdown,
+  parseLoggerArgs,
+  pruneOldFilesInDir,
+  writeFile600Perm,
+} from "../../util/index.js";
+import {getVersionData} from "../../util/version.js";
+import {initBeaconState} from "./initBeaconState.js";
+import {initPrivateKeyAndEnr} from "./initPeerIdAndEnr.js";
+import {BeaconArgs} from "./options.js";
+import {getBeaconPaths} from "./paths.js";
+
+const DEFAULT_RETENTION_SSZ_OBJECTS_HOURS = 15 * 24;
+const HOURS_TO_MS = 3600 * 1000;
+const EIGHT_GB = 8 * 1024 * 1024 * 1024;
+
+/**
+ * Runs a beacon node.
+ */
+export async function beaconHandler(args: BeaconArgs & GlobalArgs): Promise<void> {
+  const {config, options, beaconPaths, network, version, commit, privateKey, logger} = await beaconHandlerInit(args);
+
+  if (hasher.name !== "hashtree") {
+    logger.warn(`hashtree is not supported, using hasher ${hasher.name}`);
+  }
+
+  const heapSizeLimit = getHeapStatistics().heap_size_limit;
+  if (heapSizeLimit < EIGHT_GB) {
+    logger.warn(
+      `Node.js heap size limit is too low, consider increasing it to at least ${EIGHT_GB}. See https://chainsafe.github.io/lodestar/faqs/#running-a-beacon-node for more details.`
+    );
+  }
+
+  // initialize directories
+  mkdir(beaconPaths.dataDir);
+  mkdir(beaconPaths.beaconDir);
+  mkdir(beaconPaths.dbDir);
+
+  const abortController = new AbortController();
+
+  logger.info("Lodestar", {network, version, commit});
+  // Callback for beacon to request forced exit, for e.g. in case of irrecoverable
+  // forkchoice errors
+  const processShutdownCallback: ProcessShutdownCallback = (err) => {
+    logger.error("Process shutdown requested", {}, err);
+    process.kill(process.pid, "SIGINT");
+  };
+
+  if (ACTIVE_PRESET === PresetName.minimal) logger.info("ACTIVE_PRESET == minimal preset");
+
+  const db = new BeaconDb(config, await LevelDbController.create(options.db, {metrics: null, logger}));
+  logger.info("Connected to LevelDB database", {path: options.db.name});
+
+  // BeaconNode setup
+  try {
+    const {anchorState, wsCheckpoint} = await initBeaconState(
+      options,
+      args,
+      config,
+      db,
+      logger,
+      abortController.signal
+    );
+    const beaconConfig = createBeaconConfig(config, anchorState.genesisValidatorsRoot);
+    const node = await BeaconNode.init({
+      opts: options,
+      config: beaconConfig,
+      db,
+      logger,
+      processShutdownCallback,
+      privateKey,
+      dataDir: beaconPaths.dataDir,
+      peerStoreDir: beaconPaths.peerStoreDir,
+      anchorState,
+      wsCheckpoint,
+    });
+
+    // dev debug option to have access to the BN instance
+    if (args.attachToGlobalThis) {
+      (globalThis as unknown as {bn: BeaconNode}).bn = node;
+    }
+
+    // Prune invalid SSZ objects every interval
+    const {persistInvalidSszObjectsDir, persistInvalidSszObjects} = options.chain;
+    const pruneInvalidSSZObjectsInterval =
+      persistInvalidSszObjectsDir && persistInvalidSszObjects
+        ? setInterval(() => {
+            try {
+              const deletedFileCount = pruneOldFilesInDir(
+                persistInvalidSszObjectsDir,
+                (args.persistInvalidSszObjectsRetentionHours ?? DEFAULT_RETENTION_SSZ_OBJECTS_HOURS) * HOURS_TO_MS
+              );
+              logger.info("Pruned invalid SSZ objects", {deletedFileCount});
+            } catch (e) {
+              logger.warn("Error pruning invalid SSZ objects", {persistInvalidSszObjectsDir}, e as Error);
+            }
+            // Run every ~1 hour
+          }, HOURS_TO_MS)
+        : null;
+
+    // Intercept SIGINT signal, to perform final ops before exiting
+    onGracefulShutdown(async () => {
+      if (args.persistNetworkIdentity) {
+        try {
+          const networkIdentity = await node.network.getNetworkIdentity();
+          const enrPath = path.join(beaconPaths.beaconDir, "enr");
+          writeFile600Perm(enrPath, networkIdentity.enr);
+        } catch (e) {
+          logger.warn("Unable to persist enr", {}, e as Error);
+        }
+      }
+      abortController.abort();
+
+      if (pruneInvalidSSZObjectsInterval !== null) {
+        clearInterval(pruneInvalidSSZObjectsInterval);
+      }
+    }, logger.info.bind(logger));
+
+    abortController.signal.addEventListener(
+      "abort",
+      async () => {
+        try {
+          await node.close();
+          logger.debug("Beacon node closed");
+          // Explicitly exit until active handles issue is resolved
+          // See https://github.com/ChainSafe/lodestar/issues/5642
+          process.exit(0);
+        } catch (e) {
+          logger.error("Error closing beacon node", {}, e as Error);
+          // Make sure db is always closed gracefully
+          await db.close();
+          // Must explicitly exit process due to potential active handles
+          process.exit(1);
+        }
+      },
+      {once: true}
+    );
+  } catch (e) {
+    await db.close();
+
+    if (e instanceof ErrorAborted) {
+      logger.info(e.message); // Let the user know the abort was received but don't print as error
+    } else {
+      throw e;
+    }
+  }
+}
+
+/** Separate function to simplify unit testing of options merging */
+export async function beaconHandlerInit(args: BeaconArgs & GlobalArgs) {
+  const {config, network} = getBeaconConfigFromArgs(args);
+
+  const beaconNodeOptions = new BeaconNodeOptions(parseBeaconNodeArgs(args));
+
+  const {version, commit} = getVersionData();
+  const beaconPaths = getBeaconPaths(args, network);
+  // TODO: Rename db.name to db.path or db.location
+  beaconNodeOptions.set({db: {name: beaconPaths.dbDir}});
+  beaconNodeOptions.set({
+    chain: {
+      validatorMonitorLogs: args.validatorMonitorLogs,
+      persistInvalidSszObjectsDir: beaconPaths.persistInvalidSszObjectsDir,
+      persistOrphanedBlocksDir: beaconPaths.persistOrphanedBlocksDir,
+    },
+  });
+  // Add metrics metadata to show versioning + network info in Prometheus + Grafana
+  beaconNodeOptions.set({metrics: {metadata: {version, commit, network}}});
+  // Add detailed version string for API node/version endpoint
+  beaconNodeOptions.set({api: {commit, version}});
+
+  if (args.supernode) {
+    beaconNodeOptions.set({chain: {supernode: true}, network: {supernode: true}});
+  }
+
+  // Set known depositContractDeployBlock
+  if (isKnownNetworkName(network)) {
+    const {depositContractDeployBlock} = getNetworkData(network);
+    beaconNodeOptions.set({eth1: {depositContractDeployBlock}});
+  }
+
+  const logger = initLogger(args, beaconPaths.dataDir, config);
+  const {privateKey, enr} = await initPrivateKeyAndEnr(args, beaconPaths.beaconDir, logger);
+
+  if (args.discv5 !== false) {
+    // Inject ENR to beacon options
+    beaconNodeOptions.set({network: {discv5: {enr: enr.encodeTxt(), config: {enrUpdate: !enr.ip && !enr.ip6}}}});
+
+    // Combine bootnodes from different sources
+    const bootnodes = (beaconNodeOptions.get().network?.discv5?.bootEnrs ?? []).concat(
+      args.bootnodesFile ? readBootnodes(args.bootnodesFile) : [],
+      isKnownNetworkName(network) ? await getNetworkBootnodes(network) : []
+    );
+    // Deduplicate and set combined bootnodes
+    beaconNodeOptions.set({network: {discv5: {bootEnrs: [...new Set(bootnodes)]}}});
+  }
+
+  beaconNodeOptions.set({chain: {initialCustodyGroupCount: getInitialCustodyGroupCount(args, config, enr)}});
+
+  if (args.disableLightClientServer) {
+    beaconNodeOptions.set({chain: {disableLightClientServer: true}});
+  }
+
+  if (args.private) {
+    beaconNodeOptions.set({network: {private: true}, api: {private: true}});
+  } else {
+    const versionStr = `Lodestar/${version}`;
+    const simpleVersionStr = version.split("/")[0];
+    // Add simple version string for libp2p agent version
+    beaconNodeOptions.set({network: {version: simpleVersionStr}});
+    // Add User-Agent header to all builder requests
+    beaconNodeOptions.set({executionBuilder: {userAgent: versionStr}});
+    // Set jwt version with version string
+    beaconNodeOptions.set({executionEngine: {jwtVersion: versionStr}, eth1: {jwtVersion: versionStr}});
+    // Set commit and version for ClientVersion
+    beaconNodeOptions.set({executionEngine: {commit, version}});
+  }
+
+  // Render final options
+  const options = beaconNodeOptions.getWithDefaults();
+
+  return {config, options, beaconPaths, network, version, commit, privateKey, logger};
+}
+
+export function initLogger(
+  args: LogArgs & Pick<GlobalArgs, "dataDir">,
+  dataDir: string,
+  config: ChainForkConfig,
+  fileName = "beacon.log"
+): LoggerNode {
+  const defaultLogFilepath = path.join(dataDir, fileName);
+  const logger = getNodeLogger(parseLoggerArgs(args, {defaultLogFilepath}, config));
+  try {
+    cleanOldLogFiles(args, {defaultLogFilepath});
+  } catch (e) {
+    logger.debug("Not able to delete log files", {}, e as Error);
+  }
+
+  return logger;
+}
+
+function getInitialCustodyGroupCount(args: BeaconArgs & GlobalArgs, config: ChainForkConfig, enr: SignableENR): number {
+  if (args.supernode) {
+    return config.NUMBER_OF_CUSTODY_GROUPS;
+  }
+
+  const enrCgcBytes = enr.kvs.get("cgc");
+  const enrCgc = enrCgcBytes != null ? bytesToInt(enrCgcBytes, "be") : 0;
+
+  return Math.max(enrCgc, config.CUSTODY_REQUIREMENT);
+}

package/src/cmds/beacon/index.ts

@@ -0,0 +1,18 @@
+import {CliCommand, CliCommandOptions} from "@lodestar/utils";
+import {GlobalArgs} from "../../options/index.js";
+import {beaconHandler} from "./handler.js";
+import {BeaconArgs, beaconOptions} from "./options.js";
+
+export const beacon: CliCommand<BeaconArgs, GlobalArgs> = {
+  command: "beacon",
+  describe: "Run a beacon chain node",
+  docsFolder: "run/beacon-management",
+  examples: [
+    {
+      command: "beacon --network hoodi",
+      description: "Run a beacon chain node and connect to the hoodi testnet",
+    },
+  ],
+  options: beaconOptions as CliCommandOptions<BeaconArgs>,
+  handler: beaconHandler,
+};

package/src/cmds/beacon/initBeaconState.ts

@@ -0,0 +1,275 @@
+import {
+  IBeaconDb,
+  IBeaconNodeOptions,
+  checkAndPersistAnchorState,
+  getStateTypeFromBytes,
+  initStateFromEth1,
+} from "@lodestar/beacon-node";
+import {BeaconConfig, ChainForkConfig, createBeaconConfig} from "@lodestar/config";
+import {
+  BeaconStateAllForks,
+  ensureWithinWeakSubjectivityPeriod,
+  isWithinWeakSubjectivityPeriod,
+  loadState,
+  loadStateAndValidators,
+} from "@lodestar/state-transition";
+import {ssz} from "@lodestar/types";
+import {Checkpoint} from "@lodestar/types/phase0";
+import {Logger, formatBytes, toRootHex} from "@lodestar/utils";
+import {
+  fetchWeakSubjectivityState,
+  getCheckpointFromArg,
+  getCheckpointFromState,
+  getGenesisFileUrl,
+  getGenesisStateRoot,
+} from "../../networks/index.js";
+import {GlobalArgs, defaultNetwork} from "../../options/globalOptions.js";
+import {downloadOrLoadFile, wrapFnError} from "../../util/index.js";
+import {BeaconArgs} from "./options.js";
+
+type StateWithBytes = {state: BeaconStateAllForks; stateBytes: Uint8Array};
+
+async function initAndVerifyWeakSubjectivityState(
+  config: BeaconConfig,
+  db: IBeaconDb,
+  logger: Logger,
+  dbStateBytes: StateWithBytes,
+  wsStateBytes: StateWithBytes,
+  wsCheckpoint: Checkpoint,
+  opts: {ignoreWeakSubjectivityCheck?: boolean} = {}
+): Promise<{anchorState: BeaconStateAllForks; wsCheckpoint: Checkpoint}> {
+  const dbState = dbStateBytes.state;
+  const wsState = wsStateBytes.state;
+  // Check if the store's state and wsState are compatible
+  if (
+    dbState.genesisTime !== wsState.genesisTime ||
+    !ssz.Root.equals(dbState.genesisValidatorsRoot, wsState.genesisValidatorsRoot)
+  ) {
+    throw new Error(
+      "Db state and checkpoint state are not compatible, either clear the db or verify your checkpoint source"
+    );
+  }
+
+  // Pick the state which is ahead as an anchor to initialize the beacon chain
+  let anchorState = wsStateBytes;
+  let anchorCheckpoint = wsCheckpoint;
+  let isCheckpointState = true;
+  if (dbState.slot > wsState.slot) {
+    anchorState = dbStateBytes;
+    anchorCheckpoint = getCheckpointFromState(dbState);
+    isCheckpointState = false;
+    logger.verbose(
+      "Db state is ahead of the provided checkpoint state, using the db state to initialize the beacon chain"
+    );
+  }
+
+  // Throw error unless user explicitly asked not to, in testnets can happen that wss period is too small
+  // that even some epochs of non finalization can cause finalized checkpoint to be out of valid range
+  const wssCheck = wrapFnError(() => ensureWithinWeakSubjectivityPeriod(config, anchorState.state, anchorCheckpoint));
+  const isWithinWeakSubjectivityPeriod = wssCheck.err === null;
+  if (!isWithinWeakSubjectivityPeriod && !opts.ignoreWeakSubjectivityCheck) {
+    throw wssCheck.err;
+  }
+
+  await checkAndPersistAnchorState(config, db, logger, anchorState.state, anchorState.stateBytes, {
+    isWithinWeakSubjectivityPeriod,
+    isCheckpointState,
+  });
+
+  // Return the latest anchorState but still return original wsCheckpoint to validate in backfill
+  return {anchorState: anchorState.state, wsCheckpoint};
+}
+
+/**
+ * Initialize a beacon state, picking the strategy based on the `IBeaconArgs`
+ *
+ * State is initialized in one of three ways:
+ * 1. restore from weak subjectivity state (possibly downloaded from a remote beacon node)
+ * 2. restore from db
+ * 3. restore from genesis state (possibly downloaded via URL)
+ * 4. create genesis state from eth1
+ */
+export async function initBeaconState(
+  options: IBeaconNodeOptions,
+  args: BeaconArgs & GlobalArgs,
+  chainForkConfig: ChainForkConfig,
+  db: IBeaconDb,
+  logger: Logger,
+  signal: AbortSignal
+): Promise<{anchorState: BeaconStateAllForks; wsCheckpoint?: Checkpoint}> {
+  if (args.forceCheckpointSync && !(args.checkpointState || args.checkpointSyncUrl)) {
+    throw new Error("Forced checkpoint sync without specifying a checkpointState or checkpointSyncUrl");
+  }
+  // fetch the latest state stored in the db which will be used in all cases, if it exists, either
+  //   i)  used directly as the anchor state
+  //   ii) used to load and verify a weak subjectivity state,
+  const lastDbSlot = await db.stateArchive.lastKey();
+  let stateBytes = lastDbSlot !== null ? await db.stateArchive.getBinary(lastDbSlot) : null;
+  // Convert to `Uint8Array` to avoid unexpected behavior such as `Buffer.prototype.slice` not copying memory
+  stateBytes = stateBytes ? new Uint8Array(stateBytes.buffer, stateBytes.byteOffset, stateBytes.byteLength) : null;
+  let lastDbState: BeaconStateAllForks | null = null;
+  let lastDbValidatorsBytes: Uint8Array | null = null;
+  let lastDbStateWithBytes: StateWithBytes | null = null;
+  if (stateBytes) {
+    logger.verbose("Found the last archived state", {slot: lastDbSlot, size: formatBytes(stateBytes.length)});
+    const {state, validatorsBytes} = loadStateAndValidators(chainForkConfig, stateBytes);
+    lastDbState = state;
+    lastDbValidatorsBytes = validatorsBytes;
+    lastDbStateWithBytes = {state, stateBytes: stateBytes};
+  }
+
+  if (lastDbState) {
+    const config = createBeaconConfig(chainForkConfig, lastDbState.genesisValidatorsRoot);
+    const wssCheck = isWithinWeakSubjectivityPeriod(config, lastDbState, getCheckpointFromState(lastDbState));
+
+    // Explicitly force syncing from checkpoint state
+    if (args.forceCheckpointSync) {
+      // Forcing to sync from checkpoint is only recommended if node is taking too long to sync from last db state.
+      // It is important to remind the user to remove this flag again unless it is absolutely necessary.
+      if (wssCheck) {
+        logger.warn(
+          `Forced syncing from checkpoint even though db state at slot ${lastDbState.slot} is within weak subjectivity period`
+        );
+        logger.warn("Please consider removing --forceCheckpointSync flag unless absolutely necessary");
+      }
+    } else {
+      // All cases when we want to directly use lastDbState as the anchor state:
+      //  - if no checkpoint sync args provided, or
+      //  - the lastDbState is within weak subjectivity period:
+      if ((!args.checkpointState && !args.checkpointSyncUrl) || wssCheck) {
+        if (stateBytes === null) {
+          // this never happens
+          throw Error(`There is no stateBytes for the lastDbState at slot ${lastDbState.slot}`);
+        }
+        await checkAndPersistAnchorState(config, db, logger, lastDbState, stateBytes, {
+          isWithinWeakSubjectivityPeriod: wssCheck,
+          isCheckpointState: false,
+        });
+        return {anchorState: lastDbState};
+      }
+    }
+  }
+
+  // See if we can sync state using checkpoint sync args or else start from genesis
+  if (args.checkpointState) {
+    return readWSState(
+      lastDbStateWithBytes,
+      lastDbValidatorsBytes,
+      {
+        checkpointState: args.checkpointState,
+        wssCheckpoint: args.wssCheckpoint,
+        ignoreWeakSubjectivityCheck: args.ignoreWeakSubjectivityCheck,
+      },
+      chainForkConfig,
+      db,
+      logger
+    );
+  }
+
+  if (args.checkpointSyncUrl) {
+    return fetchWSStateFromBeaconApi(
+      lastDbStateWithBytes,
+      lastDbValidatorsBytes,
+      {
+        checkpointSyncUrl: args.checkpointSyncUrl,
+        wssCheckpoint: args.wssCheckpoint,
+        ignoreWeakSubjectivityCheck: args.ignoreWeakSubjectivityCheck,
+      },
+      chainForkConfig,
+      db,
+      logger
+    );
+  }
+
+  const genesisStateFile = args.genesisStateFile || getGenesisFileUrl(args.network || defaultNetwork);
+  if (genesisStateFile && !args.forceGenesis) {
+    let stateBytes = await downloadOrLoadFile(genesisStateFile);
+    // Convert to `Uint8Array` to avoid unexpected behavior such as `Buffer.prototype.slice` not copying memory
+    stateBytes = new Uint8Array(stateBytes.buffer, stateBytes.byteOffset, stateBytes.byteLength);
+    const anchorState = getStateTypeFromBytes(chainForkConfig, stateBytes).deserializeToViewDU(stateBytes);
+    // Validate genesis state root
+    const stateRoot = toRootHex(anchorState.hashTreeRoot());
+    const expectedRoot = getGenesisStateRoot(args.network);
+    if (expectedRoot !== null && stateRoot !== expectedRoot) {
+      throw Error(`Genesis state root mismatch expected=${expectedRoot} received=${stateRoot}`);
+    }
+    const config = createBeaconConfig(chainForkConfig, anchorState.genesisValidatorsRoot);
+    const wssCheck = isWithinWeakSubjectivityPeriod(config, anchorState, getCheckpointFromState(anchorState));
+    await checkAndPersistAnchorState(config, db, logger, anchorState, stateBytes, {
+      isWithinWeakSubjectivityPeriod: wssCheck,
+      isCheckpointState: true,
+    });
+    return {anchorState};
+  }
+
+  // Only place we will not bother checking isWithinWeakSubjectivityPeriod as forceGenesis passed by user
+  const anchorState = await initStateFromEth1({config: chainForkConfig, db, logger, opts: options.eth1, signal});
+  return {anchorState};
+}
+
+async function readWSState(
+  lastDbStateBytes: StateWithBytes | null,
+  lastDbValidatorsBytes: Uint8Array | null,
+  wssOpts: {checkpointState: string; wssCheckpoint?: string; ignoreWeakSubjectivityCheck?: boolean},
+  chainForkConfig: ChainForkConfig,
+  db: IBeaconDb,
+  logger: Logger
+): Promise<{anchorState: BeaconStateAllForks; wsCheckpoint?: Checkpoint}> {
+  // weak subjectivity sync from a provided state file:
+  // if a weak subjectivity checkpoint has been provided, it is used for additional verification
+  // otherwise, the state itself is used for verification (not bad, because the trusted state has been explicitly provided)
+  const {checkpointState, wssCheckpoint, ignoreWeakSubjectivityCheck} = wssOpts;
+  const lastDbState = lastDbStateBytes?.state ?? null;
+
+  const stateBytes = await downloadOrLoadFile(checkpointState);
+  let wsState: BeaconStateAllForks;
+  if (lastDbState && lastDbValidatorsBytes) {
+    // use lastDbState to load wsState if possible to share the same state tree
+    wsState = loadState(chainForkConfig, lastDbState, stateBytes, lastDbValidatorsBytes).state;
+  } else {
+    wsState = getStateTypeFromBytes(chainForkConfig, stateBytes).deserializeToViewDU(stateBytes);
+  }
+  const config = createBeaconConfig(chainForkConfig, wsState.genesisValidatorsRoot);
+  const wsStateBytes = {state: wsState, stateBytes};
+  const store = lastDbStateBytes ?? wsStateBytes;
+  const checkpoint = wssCheckpoint ? getCheckpointFromArg(wssCheckpoint) : getCheckpointFromState(wsState);
+  return initAndVerifyWeakSubjectivityState(config, db, logger, store, wsStateBytes, checkpoint, {
+    ignoreWeakSubjectivityCheck,
+  });
+}
+
+async function fetchWSStateFromBeaconApi(
+  lastDbStateBytes: StateWithBytes | null,
+  lastDbValidatorsBytes: Uint8Array | null,
+  wssOpts: {checkpointSyncUrl: string; wssCheckpoint?: string; ignoreWeakSubjectivityCheck?: boolean},
+  chainForkConfig: ChainForkConfig,
+  db: IBeaconDb,
+  logger: Logger
+): Promise<{anchorState: BeaconStateAllForks; wsCheckpoint?: Checkpoint}> {
+  // weak subjectivity sync from a state that needs to be fetched:
+  // if a weak subjectivity checkpoint has been provided, it is used to inform which state to download and used for additional verification
+  // otherwise, the 'finalized' state is downloaded and the state itself is used for verification (all trust delegated to the remote beacon node)
+  try {
+    // Validate the weakSubjectivityServerUrl and only log the origin to mask the
+    // username password credentials
+    const checkpointSyncUrl = new URL(wssOpts.checkpointSyncUrl);
+    logger.info("Fetching checkpoint state", {
+      checkpointSyncUrl: checkpointSyncUrl.origin,
+    });
+  } catch (e) {
+    logger.error("Invalid", {checkpointSyncUrl: wssOpts.checkpointSyncUrl}, e as Error);
+    throw e;
+  }
+
+  const {wsState, wsStateBytes, wsCheckpoint} = await fetchWeakSubjectivityState(chainForkConfig, logger, wssOpts, {
+    lastDbState: lastDbStateBytes?.state ?? null,
+    lastDbValidatorsBytes,
+  });
+
+  const config = createBeaconConfig(chainForkConfig, wsState.genesisValidatorsRoot);
+  const wsStateWithBytes = {state: wsState, stateBytes: wsStateBytes};
+  const store = lastDbStateBytes ?? wsStateWithBytes;
+  return initAndVerifyWeakSubjectivityState(config, db, logger, store, wsStateWithBytes, wsCheckpoint, {
+    ignoreWeakSubjectivityCheck: wssOpts.ignoreWeakSubjectivityCheck,
+  });
+}