@lodestar/beacon-node 1.43.0-dev.ca1fc40294 → 1.43.0-dev.d166e3b6f7

package/package.json

@@ -11,7 +11,7 @@
   "bugs": {
     "url": "https://github.com/ChainSafe/lodestar/issues"
   },
-  "version": "1.43.0-dev.ca1fc40294",
+  "version": "1.43.0-dev.d166e3b6f7",
   "type": "module",
   "exports": {
     ".": {
@@ -135,18 +135,18 @@
     "@libp2p/peer-id": "^6.0.4",
     "@libp2p/prometheus-metrics": "^5.0.14",
     "@libp2p/tcp": "^11.0.13",
-    "@lodestar/api": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/config": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/db": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/fork-choice": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/light-client": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/logger": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/params": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/reqresp": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/state-transition": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/types": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/utils": "^1.43.0-dev.ca1fc40294",
-    "@lodestar/validator": "^1.43.0-dev.ca1fc40294",
+    "@lodestar/api": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/config": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/db": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/fork-choice": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/light-client": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/logger": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/params": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/reqresp": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/state-transition": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/types": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/utils": "^1.43.0-dev.d166e3b6f7",
+    "@lodestar/validator": "^1.43.0-dev.d166e3b6f7",
     "@multiformats/multiaddr": "^13.0.1",
     "datastore-core": "^11.0.2",
     "datastore-fs": "^11.0.2",
@@ -169,10 +169,11 @@
     "@libp2p/interface-internal": "^3.0.13",
     "@libp2p/logger": "^6.2.2",
     "@libp2p/utils": "^7.0.13",
-    "@lodestar/spec-test-util": "^1.43.0-dev.ca1fc40294",
+    "@lodestar/spec-test-util": "^1.43.0-dev.d166e3b6f7",
     "@types/js-yaml": "^4.0.5",
     "@types/qs": "^6.9.7",
     "@types/tmp": "^0.2.3",
+    "dotenv": "^16.4.5",
     "js-yaml": "^4.1.0",
     "rewiremock": "^3.14.5",
     "rimraf": "^4.4.1",
@@ -186,5 +187,5 @@
     "beacon",
     "blockchain"
   ],
-  "gitHead": "b9b4b6a67243378ab112c8d86a5681931be9bcc9"
+  "gitHead": "d66d8c5f6a57c9b358cf85a6fb113ca519705b29"
 }

package/src/chain/blocks/importExecutionPayload.ts

@@ -1,14 +1,17 @@
 import {routes} from "@lodestar/api";
 import {ExecutionStatus, PayloadExecutionStatus} from "@lodestar/fork-choice";
-import {SLOTS_PER_EPOCH} from "@lodestar/params";
-import {getExecutionPayloadEnvelopeSignatureSet, isStatePostGloas} from "@lodestar/state-transition";
-import {fromHex, toRootHex} from "@lodestar/utils";
+import {isStatePostGloas} from "@lodestar/state-transition";
+import {fromHex} from "@lodestar/utils";
 import {ExecutionPayloadStatus} from "../../execution/index.js";
 import {isQueueErrorAborted} from "../../util/queue/index.js";
 import {BeaconChain} from "../chain.js";
 import {RegenCaller} from "../regen/interface.js";
 import {PayloadEnvelopeInput} from "../seenCache/seenPayloadEnvelopeInput.js";
 import {ImportPayloadOpts} from "./types.js";
+import {
+  verifyExecutionPayloadEnvelope,
+  verifyExecutionPayloadEnvelopeSignature,
+} from "./verifyExecutionPayloadEnvelope.js";
 import {verifyPayloadsDataAvailability} from "./verifyPayloadsDataAvailability.js";
 
 const EVENTSTREAM_EMIT_RECENT_EXECUTION_PAYLOAD_SLOTS = 64;
@@ -17,7 +20,7 @@ export enum PayloadErrorCode {
   EXECUTION_ENGINE_INVALID = "PAYLOAD_ERROR_EXECUTION_ENGINE_INVALID",
   EXECUTION_ENGINE_ERROR = "PAYLOAD_ERROR_EXECUTION_ENGINE_ERROR",
   BLOCK_NOT_IN_FORK_CHOICE = "PAYLOAD_ERROR_BLOCK_NOT_IN_FORK_CHOICE",
-  STATE_TRANSITION_ERROR = "PAYLOAD_ERROR_STATE_TRANSITION_ERROR",
+  ENVELOPE_VERIFICATION_ERROR = "PAYLOAD_ERROR_ENVELOPE_VERIFICATION_ERROR",
   INVALID_SIGNATURE = "PAYLOAD_ERROR_INVALID_SIGNATURE",
 }
 
@@ -37,7 +40,7 @@ export type PayloadErrorType =
       blockRootHex: string;
     }
   | {
-      code: PayloadErrorCode.STATE_TRANSITION_ERROR;
+      code: PayloadErrorCode.ENVELOPE_VERIFICATION_ERROR;
       message: string;
     }
   | {
@@ -69,18 +72,19 @@ function toForkChoiceExecutionStatus(status: ExecutionPayloadStatus): PayloadExe
 /**
  * Import an execution payload envelope after all data is available.
  *
- * This function:
- * 1. Emits `execution_payload_available` if payload is for current slot
- * 2. Gets the ProtoBlock from fork choice
- * 3. Applies write-queue backpressure (waitForSpace) early, before verification
- * 4. Regenerates the block state
- * 5. Runs EL verification (notifyNewPayload) in parallel with signature verification and processExecutionPayloadEnvelope
- * 6. Persists verified payload envelope to hot DB
- * 7. Updates fork choice
- * 8. Caches the post-execution payload state
- * 9. Records metrics for column sources
- * 10. Emits `execution_payload` for recent enough payloads after successful import
+ * The envelope is only verified here, no state mutation. State effects from the payload
+ * are applied on the next block via processParentExecutionPayload.
  *
+ * Steps:
+ * 1. Emit `execution_payload_available` event for payload attestation
+ * 2. Get the ProtoBlock from fork choice
+ * 3. Wait for data columns to be available
+ * 4. Regenerate state for envelope verification
+ * 5. Verify envelope (fields against state, signature, and EL in parallel where possible)
+ * 6. Persist verified payload envelope to hot DB (waits for write-queue space for backpressure)
+ * 7. Update fork choice (transitions the block's PENDING variant to FULL)
+ * 8. Record metrics for payload envelope and column sources
+ * 9. Emit `execution_payload` event
  */
 export async function importExecutionPayload(
   this: BeaconChain,
@@ -90,17 +94,18 @@ export async function importExecutionPayload(
 ): Promise<void> {
   const signedEnvelope = payloadInput.getPayloadEnvelope();
   const envelope = signedEnvelope.message;
+  const slot = envelope.payload.slotNumber;
   const blockRootHex = payloadInput.blockRootHex;
   const blockHashHex = payloadInput.getBlockHashHex();
-  const fork = this.config.getForkName(envelope.payload.slotNumber);
+  const fork = this.config.getForkName(slot);
 
-  // 1. Emit `execution_payload_available` event at the start of import. At this point the payload input
-  // is already complete, so the payload and required data are available for payload attestation.
-  // This event is only about availability, not validity of the execution payload, hence we can emit
-  // it before getting a response from the execution client on whether the payload is valid or not.
-  if (this.clock.currentSlot - envelope.payload.slotNumber < EVENTSTREAM_EMIT_RECENT_EXECUTION_PAYLOAD_SLOTS) {
+  // 1. Emit `execution_payload_available` event at the start of import. At this point the
+  // payload input is already complete, so the payload and required data are available for
+  // payload attestation. This event only signals availability (not validity), so we can emit
+  // it before getting a response from the EL on whether the payload is valid or not.
+  if (this.clock.currentSlot - slot < EVENTSTREAM_EMIT_RECENT_EXECUTION_PAYLOAD_SLOTS) {
     this.emitter.emit(routes.events.EventType.executionPayloadAvailable, {
-      slot: envelope.payload.slotNumber,
+      slot,
       blockRoot: blockRootHex,
     });
   }
@@ -114,16 +119,11 @@ export async function importExecutionPayload(
     });
   }
 
-  // 3. Wait for data columns to be available before claiming a write-queue slot.
+  // 3. Wait for data columns to be available.
   // The helper is shared with future gloas sync services; take the single-item batch form here.
   await verifyPayloadsDataAvailability([payloadInput], signal);
 
-  // 4. Apply backpressure from the write queue, before doing verification work.
-  // The actual DB write is deferred until after verification succeeds.
-  await this.unfinalizedPayloadEnvelopeWrites.waitForSpace();
-
-  // 5. Get pre-state for processExecutionPayloadEnvelope
-  // We need the block state (post-block, pre-payload) to process the envelope
+  // 4. Regenerate state for envelope verification
   const blockState = await this.regen.getBlockSlotState(
     protoBlock,
     protoBlock.slot,
@@ -132,13 +132,30 @@ export async function importExecutionPayload(
   );
   if (!isStatePostGloas(blockState)) {
     throw new PayloadError({
-      code: PayloadErrorCode.STATE_TRANSITION_ERROR,
-      message: `Expected gloas+ block state for payload import, got fork=${blockState.forkName}`,
+      code: PayloadErrorCode.ENVELOPE_VERIFICATION_ERROR,
+      message: `Expected gloas+ state for payload import, got fork=${blockState.forkName}`,
+    });
+  }
+
+  // 5. Verify envelope fields against state first to fail fast before the EL + BLS work.
+  // When validSignature is true, gossip/API has already verified both the signature and the
+  // executionRequestsRoot, so we skip those checks here.
+  try {
+    verifyExecutionPayloadEnvelope(this.config, blockState, envelope, {
+      verifyExecutionRequestsRoot: !opts.validSignature,
     });
+  } catch (e) {
+    throw new PayloadError(
+      {
+        code: PayloadErrorCode.ENVELOPE_VERIFICATION_ERROR,
+        message: (e as Error).message,
+      },
+      `Envelope verification error: ${(e as Error).message}`
+    );
   }
 
-  // 6. Run verification steps in parallel
-  const [execResult, signatureValid, postPayloadResult] = await Promise.all([
+  // 5a. Run EL and signature verification in parallel
+  const [execResult, signatureValid] = await Promise.all([
     this.executionEngine.notifyNewPayload(
       fork,
       envelope.payload,
@@ -149,45 +166,22 @@ export async function importExecutionPayload(
 
     opts.validSignature === true
       ? Promise.resolve(true)
-      : (async () => {
-          const signatureSet = getExecutionPayloadEnvelopeSignatureSet(
-            this.config,
-            this.pubkeyCache,
-            blockState,
-            signedEnvelope,
-            payloadInput.proposerIndex
-          );
-          return this.bls.verifySignatureSets([signatureSet]);
-        })(),
-
-    // Signature verified separately above.
-    // State root check is done separately below with better error typing (matching block pipeline pattern).
-    (async () => {
-      try {
-        return {
-          postPayloadState: blockState.processExecutionPayloadEnvelope(signedEnvelope, {
-            verifySignature: false,
-            verifyStateRoot: false,
-          }),
-        };
-      } catch (e) {
-        throw new PayloadError(
-          {
-            code: PayloadErrorCode.STATE_TRANSITION_ERROR,
-            message: (e as Error).message,
-          },
-          `State transition error: ${(e as Error).message}`
-        );
-      }
-    })(),
+      : verifyExecutionPayloadEnvelopeSignature(
+          this.config,
+          blockState,
+          this.pubkeyCache,
+          signedEnvelope,
+          payloadInput.proposerIndex,
+          this.bls
+        ),
   ]);
 
-  // 5a. Check signature verification result
+  // 5b. Check signature verification result
   if (!signatureValid) {
     throw new PayloadError({code: PayloadErrorCode.INVALID_SIGNATURE});
   }
 
-  // 5b. Handle EL response
+  // 5c. Handle EL response
   switch (execResult.status) {
     case ExecutionPayloadStatus.VALID:
       break;
@@ -213,47 +207,33 @@ export async function importExecutionPayload(
       });
   }
 
-  // 5c. Compute post-payload state root
-  const postPayloadState = postPayloadResult.postPayloadState;
-  const postPayloadStateRoot = postPayloadState.hashTreeRoot();
-
-  // 6. Persist payload envelope to hot DB (performed asynchronously to avoid blocking)
+  // 6. Persist payload envelope to hot DB. Wait for write-queue space here to apply backpressure
+  // on the import pipeline during sync, then perform the write asynchronously to avoid blocking.
+  await this.unfinalizedPayloadEnvelopeWrites.waitForSpace();
   this.unfinalizedPayloadEnvelopeWrites.push(payloadInput).catch((e) => {
     if (!isQueueErrorAborted(e)) {
       this.logger.error(
         "Error pushing payload envelope to unfinalized write queue",
-        {slot: envelope.payload.slotNumber, blockRoot: blockRootHex},
+        {slot, blockRoot: blockRootHex},
         e as Error
       );
     }
   });
 
-  // 7. Update fork choice
-  this.forkChoice.onExecutionPayload(
-    blockRootHex,
-    blockHashHex,
-    envelope.payload.blockNumber,
-    toRootHex(postPayloadStateRoot),
-    toForkChoiceExecutionStatus(execResult.status)
-  );
-
-  // 8. Cache payload state
-  this.regen.processState(blockRootHex, postPayloadState);
-  if (postPayloadState.slot % SLOTS_PER_EPOCH === 0) {
-    const {checkpoint} = postPayloadState.computeAnchorCheckpoint();
-    this.regen.addCheckpointState(checkpoint, postPayloadState);
-  }
+  // 7. Update fork choice, transitions the block's PENDING variant to FULL
+  const execStatus = toForkChoiceExecutionStatus(execResult.status);
+  this.forkChoice.onExecutionPayload(blockRootHex, blockHashHex, envelope.payload.blockNumber, execStatus);
 
-  // 9. Record metrics for payload envelope and column sources
+  // 8. Record metrics for payload envelope and column sources
   this.metrics?.importPayload.bySource.inc({source: payloadInput.getPayloadEnvelopeSource().source});
   for (const {source} of payloadInput.getSampledColumnsWithSource()) {
     this.metrics?.importPayload.columnsBySource.inc({source});
   }
 
-  // 10. Emit event after payload is fully verified and imported to fork choice, only for recent enough payloads
-  if (this.clock.currentSlot - envelope.payload.slotNumber < EVENTSTREAM_EMIT_RECENT_EXECUTION_PAYLOAD_SLOTS) {
+  // 9. Emit event after payload is fully verified and imported to fork choice, only for recent enough payloads
+  if (this.clock.currentSlot - slot < EVENTSTREAM_EMIT_RECENT_EXECUTION_PAYLOAD_SLOTS) {
     this.emitter.emit(routes.events.EventType.executionPayload, {
-      slot: envelope.payload.slotNumber,
+      slot,
       builderIndex: envelope.builderIndex,
       blockHash: blockHashHex,
       blockRoot: blockRootHex,
@@ -263,7 +243,7 @@ export async function importExecutionPayload(
   }
 
   this.logger.verbose("Execution payload imported", {
-    slot: envelope.payload.slotNumber,
+    slot,
     builderIndex: envelope.builderIndex,
     blockRoot: blockRootHex,
     blockHash: blockHashHex,

package/src/chain/blocks/index.ts

@@ -89,7 +89,6 @@ export async function processBlocks(
       (block, i): FullyVerifiedBlock => ({
         blockInput: block,
         postState: postStates[i],
-        postPayloadState: null,
         parentBlockSlot: parentSlots[i],
         executionStatus: executionStatuses[i],
         // start supporting optimistic syncing/processing

package/src/chain/blocks/types.ts

@@ -1,5 +1,5 @@
 import type {ChainForkConfig} from "@lodestar/config";
-import {BlockExecutionStatus, PayloadExecutionStatus} from "@lodestar/fork-choice";
+import {BlockExecutionStatus} from "@lodestar/fork-choice";
 import {ForkSeq} from "@lodestar/params";
 import {DataAvailabilityStatus, IBeaconStateView, computeEpochAtSlot} from "@lodestar/state-transition";
 import type {IndexedAttestation, Slot, fulu} from "@lodestar/types";
@@ -43,8 +43,9 @@ export enum BlobSidecarValidation {
 
 export type ImportPayloadOpts = {
   /**
-   * Set to true if envelope signature was already verified (e.g., during gossip/API validation).
-   * When false/undefined, signature will be verified during import.
+   * Set to true when the envelope was already validated upstream (e.g., gossip/API validation):
+   * signature is trusted and execution_requests_root was already verified against the bid.
+   * When false/undefined, both are verified during import.
    */
   validSignature?: boolean;
 };
@@ -88,7 +89,14 @@ export type ImportBlockOpts = {
   seenTimestampSec?: number;
 };
 
-type FullyVerifiedBlockBase = {
+/**
+ * A wrapper around a `SignedBeaconBlock` that indicates that this block is fully verified and ready to import.
+ *
+ * `executionStatus` reflects the outcome of execution payload verification at block-import time:
+ * - pre-gloas: Valid | Syncing | PreMerge (from EL notifyNewPayload against the in-block payload)
+ * - post-gloas: PayloadSeparated (payload arrives separately as an envelope and is imported later)
+ */
+export type FullyVerifiedBlock = {
   blockInput: IBlockInput;
   postState: IBeaconStateView;
   parentBlockSlot: Slot;
@@ -98,25 +106,6 @@ type FullyVerifiedBlockBase = {
   indexedAttestations: IndexedAttestation[];
   /** Seen timestamp seconds */
   seenTimestampSec: number;
+  /** If the execution payload couldn't be verified because of EL syncing status, used in optimistic sync */
+  executionStatus: BlockExecutionStatus;
 };
-
-/**
- * A wrapper around a `SignedBeaconBlock` that indicates that this block is fully verified and ready to import.
- *
- * Discriminated union on `postPayloadState`:
- * - `null`  → block has no pre-verified envelope; `executionStatus` is any `BlockExecutionStatus`
- * - non-null → envelope was pre-verified during state transition; `executionStatus` is narrowed to
- *              `Valid | Syncing` (matching what `forkChoice.onExecutionPayload` expects)
- */
-export type FullyVerifiedBlock = FullyVerifiedBlockBase &
-  (
-    | {
-        postPayloadState: null;
-        /** If the execution payload couldn't be verified because of EL syncing status, used in optimistic sync or for merge block */
-        executionStatus: BlockExecutionStatus;
-      }
-    | {
-        postPayloadState: IBeaconStateView;
-        executionStatus: PayloadExecutionStatus;
-      }
-  );

package/src/chain/blocks/verifyExecutionPayloadEnvelope.ts

@@ -0,0 +1,129 @@
+import {BeaconConfig} from "@lodestar/config";
+import {
+  type IBeaconStateViewGloas,
+  type PubkeyCache,
+  computeTimeAtSlot,
+  getExecutionPayloadEnvelopeSignatureSet,
+} from "@lodestar/state-transition";
+import {gloas, ssz} from "@lodestar/types";
+import {byteArrayEquals, toHex, toRootHex} from "@lodestar/utils";
+import {IBlsVerifier} from "../bls/index.js";
+
+export type VerifyExecutionPayloadEnvelopeOpts = {
+  verifyExecutionRequestsRoot?: boolean;
+};
+
+/**
+ * Verify execution payload envelope fields against the post-block state.
+ *
+ * Signature verification and the execution engine call (`verify_and_notify_new_payload`) are
+ * performed outside this function, see `verifyExecutionPayloadEnvelopeSignature` and
+ * `importExecutionPayload` which run both in parallel with this check.
+ *
+ * Spec: https://github.com/ethereum/consensus-specs/blob/v1.7.0-alpha.5/specs/gloas/fork-choice.md#new-verify_execution_payload_envelope
+ */
+export function verifyExecutionPayloadEnvelope(
+  config: BeaconConfig,
+  state: IBeaconStateViewGloas,
+  envelope: gloas.ExecutionPayloadEnvelope,
+  opts?: VerifyExecutionPayloadEnvelopeOpts
+): void {
+  const {verifyExecutionRequestsRoot = true} = opts ?? {};
+  const payload = envelope.payload;
+
+  // Verify consistency with the beacon block.
+  // Compute header root on a copy of latestBlockHeader to avoid mutating state.
+  const headerValue = {...state.latestBlockHeader};
+  if (byteArrayEquals(headerValue.stateRoot, ssz.Root.defaultValue())) {
+    headerValue.stateRoot = state.hashTreeRoot();
+  }
+  const headerRoot = ssz.phase0.BeaconBlockHeader.hashTreeRoot(headerValue);
+  if (!byteArrayEquals(envelope.beaconBlockRoot, headerRoot)) {
+    throw new Error(
+      `Envelope's block is not the latest block header envelope=${toRootHex(envelope.beaconBlockRoot)} latestBlockHeader=${toRootHex(headerRoot)}`
+    );
+  }
+
+  // Verify consistency with the committed bid
+  const bid = state.latestExecutionPayloadBid;
+  if (envelope.builderIndex !== bid.builderIndex) {
+    throw new Error(
+      `Builder index mismatch between envelope and committed bid envelope=${envelope.builderIndex} bid=${bid.builderIndex}`
+    );
+  }
+  if (!byteArrayEquals(bid.prevRandao, payload.prevRandao)) {
+    throw new Error(
+      `Prev randao mismatch between bid and payload bid=${toHex(bid.prevRandao)} payload=${toHex(payload.prevRandao)}`
+    );
+  }
+  if (Number(bid.gasLimit) !== payload.gasLimit) {
+    throw new Error(
+      `Gas limit mismatch between payload and bid payload=${payload.gasLimit} bid=${Number(bid.gasLimit)}`
+    );
+  }
+  if (!byteArrayEquals(bid.blockHash, payload.blockHash)) {
+    throw new Error(
+      `Block hash mismatch between payload and bid payload=${toRootHex(payload.blockHash)} bid=${toRootHex(bid.blockHash)}`
+    );
+  }
+  // Verify execution_requests_root matches bid commitment.
+  // Can be skipped if already verified during gossip validation.
+  if (verifyExecutionRequestsRoot) {
+    const requestsRoot = ssz.electra.ExecutionRequests.hashTreeRoot(envelope.executionRequests);
+    if (!byteArrayEquals(requestsRoot, bid.executionRequestsRoot)) {
+      throw new Error(
+        `Execution requests root mismatch envelope=${toRootHex(requestsRoot)} bid=${toRootHex(bid.executionRequestsRoot)}`
+      );
+    }
+  }
+
+  // Verify the execution payload is valid
+  if (payload.slotNumber !== state.slot) {
+    throw new Error(`Slot mismatch between payload and state payload=${payload.slotNumber} state=${state.slot}`);
+  }
+  if (!byteArrayEquals(payload.parentHash, state.latestBlockHash)) {
+    throw new Error(
+      `Parent hash mismatch between payload and state payload=${toRootHex(payload.parentHash)} state=${toRootHex(state.latestBlockHash)}`
+    );
+  }
+  const expectedTimestamp = computeTimeAtSlot(config, state.slot, state.genesisTime);
+  if (payload.timestamp !== expectedTimestamp) {
+    throw new Error(
+      `Timestamp mismatch between payload and state payload=${payload.timestamp} state=${expectedTimestamp}`
+    );
+  }
+
+  // Verify consistency with expected withdrawals
+  const payloadWithdrawalsRoot = ssz.capella.Withdrawals.hashTreeRoot(payload.withdrawals);
+  const expectedWithdrawalsRoot = ssz.capella.Withdrawals.hashTreeRoot(state.payloadExpectedWithdrawals);
+  if (!byteArrayEquals(payloadWithdrawalsRoot, expectedWithdrawalsRoot)) {
+    throw new Error(
+      `Withdrawals mismatch between payload and expected payload=${toRootHex(payloadWithdrawalsRoot)} expected=${toRootHex(expectedWithdrawalsRoot)}`
+    );
+  }
+
+  // Execution engine verification (verify_and_notify_new_payload) is done externally by the caller
+}
+
+/**
+ * Verify the BLS signature of an execution payload envelope.
+ *
+ * Spec: https://github.com/ethereum/consensus-specs/blob/v1.7.0-alpha.5/specs/gloas/fork-choice.md#new-verify_execution_payload_envelope_signature
+ */
+export async function verifyExecutionPayloadEnvelopeSignature(
+  config: BeaconConfig,
+  state: IBeaconStateViewGloas,
+  pubkeyCache: PubkeyCache,
+  signedEnvelope: gloas.SignedExecutionPayloadEnvelope,
+  proposerIndex: number,
+  bls: IBlsVerifier
+): Promise<boolean> {
+  const signatureSet = getExecutionPayloadEnvelopeSignatureSet(
+    config,
+    pubkeyCache,
+    state,
+    signedEnvelope,
+    proposerIndex
+  );
+  return bls.verifySignatureSets([signatureSet]);
+}

package/src/chain/blocks/writePayloadEnvelopeInputToDb.ts

@@ -5,7 +5,7 @@ import {writeDataColumnsToDb} from "./writeBlockInputToDb.js";
 /**
  * Persists payload envelope data to DB. This operation must be eventually completed if a payload is imported.
  *
- * TODO GLOAS: Persist envelope metadata (stateRoot, executionRequests, builderIndex, etc.) without the full
+ * TODO GLOAS: Persist envelope metadata (executionRequests, builderIndex, etc.) without the full
  * execution payload body — only keep the blockHash reference. The EL already stores the payload.
  * See https://github.com/ChainSafe/lodestar/issues/5671
  */
@@ -33,23 +33,14 @@ export async function persistPayloadEnvelopeInput(
   this: BeaconChain,
   payloadInput: PayloadEnvelopeInput
 ): Promise<void> {
-  await writePayloadEnvelopeInputToDb
-    .call(this, payloadInput)
-    .catch((e) => {
-      this.logger.error(
-        "Error persisting payload envelope in hot db",
-        {
-          slot: payloadInput.slot,
-          root: payloadInput.blockRootHex,
-        },
-        e
-      );
-    })
-    .finally(() => {
-      this.seenPayloadEnvelopeInputCache.prune(payloadInput.blockRootHex);
-      this.logger.debug("Pruned payload envelope input", {
+  await writePayloadEnvelopeInputToDb.call(this, payloadInput).catch((e) => {
+    this.logger.error(
+      "Error persisting payload envelope in hot db",
+      {
         slot: payloadInput.slot,
         root: payloadInput.blockRootHex,
-      });
-    });
+      },
+      e
+    );
+  });
 }

package/src/chain/chain.ts

@@ -39,6 +39,7 @@ import {
   ValidatorIndex,
   Wei,
   deneb,
+  electra,
   gloas,
   isBlindedBeaconBlock,
   phase0,
@@ -886,6 +887,17 @@ export class BeaconChain implements IBeaconChain {
     );
   }
 
+  async getParentExecutionRequests(
+    parentBlockSlot: Slot,
+    parentBlockRootHex: RootHex
+  ): Promise<electra.ExecutionRequests> {
+    const envelope = await this.getExecutionPayloadEnvelope(parentBlockSlot, parentBlockRootHex);
+    if (envelope === null) {
+      throw Error(`Parent execution payload envelope not found slot=${parentBlockSlot}, root=${parentBlockRootHex}`);
+    }
+    return envelope.message.executionRequests;
+  }
+
   async getDataColumnSidecars(blockSlot: Slot, blockRootHex: string): Promise<DataColumnSidecar[]> {
     const fork = this.config.getForkName(blockSlot);
 

package/src/chain/errors/executionPayloadBid.ts

@@ -7,6 +7,7 @@ export enum ExecutionPayloadBidErrorCode {
   BID_ALREADY_KNOWN = "EXECUTION_PAYLOAD_BID_ERROR_BID_ALREADY_KNOWN",
   BID_TOO_LOW = "EXECUTION_PAYLOAD_BID_ERROR_BID_TOO_LOW",
   BID_TOO_HIGH = "EXECUTION_PAYLOAD_BID_ERROR_BID_TOO_HIGH",
+  TOO_MANY_KZG_COMMITMENTS = "EXECUTION_PAYLOAD_BID_ERROR_TOO_MANY_KZG_COMMITMENTS",
   UNKNOWN_BLOCK_ROOT = "EXECUTION_PAYLOAD_BID_ERROR_UNKNOWN_BLOCK_ROOT",
   INVALID_SLOT = "EXECUTION_PAYLOAD_BID_ERROR_INVALID_SLOT",
   INVALID_SIGNATURE = "EXECUTION_PAYLOAD_BID_ERROR_INVALID_SIGNATURE",
@@ -28,6 +29,11 @@ export type ExecutionPayloadBidErrorType =
     }
   | {code: ExecutionPayloadBidErrorCode.BID_TOO_LOW; bidValue: number; currentHighestBid: number}
   | {code: ExecutionPayloadBidErrorCode.BID_TOO_HIGH; bidValue: number; builderBalance: number}
+  | {
+      code: ExecutionPayloadBidErrorCode.TOO_MANY_KZG_COMMITMENTS;
+      blobKzgCommitmentsLen: number;
+      commitmentLimit: number;
+    }
   | {code: ExecutionPayloadBidErrorCode.UNKNOWN_BLOCK_ROOT; parentBlockRoot: RootHex}
   | {code: ExecutionPayloadBidErrorCode.INVALID_SLOT; builderIndex: BuilderIndex; slot: Slot}
   | {code: ExecutionPayloadBidErrorCode.INVALID_SIGNATURE; builderIndex: BuilderIndex; slot: Slot};

package/src/chain/errors/executionPayloadEnvelope.ts

@@ -11,6 +11,7 @@ export enum ExecutionPayloadEnvelopeErrorCode {
   SLOT_MISMATCH = "EXECUTION_PAYLOAD_ENVELOPE_ERROR_SLOT_MISMATCH",
   BUILDER_INDEX_MISMATCH = "EXECUTION_PAYLOAD_ENVELOPE_ERROR_BUILDER_INDEX_MISMATCH",
   BLOCK_HASH_MISMATCH = "EXECUTION_PAYLOAD_ENVELOPE_ERROR_BLOCK_HASH_MISMATCH",
+  EXECUTION_REQUESTS_ROOT_MISMATCH = "EXECUTION_PAYLOAD_ENVELOPE_ERROR_EXECUTION_REQUESTS_ROOT_MISMATCH",
   INVALID_SIGNATURE = "EXECUTION_PAYLOAD_ENVELOPE_ERROR_INVALID_SIGNATURE",
   PAYLOAD_ENVELOPE_INPUT_MISSING = "EXECUTION_PAYLOAD_ENVELOPE_ERROR_PAYLOAD_ENVELOPE_INPUT_MISSING",
 }
@@ -36,6 +37,11 @@ export type ExecutionPayloadEnvelopeErrorType =
       envelopeBlockHash: RootHex;
       bidBlockHash: RootHex | null;
     }
+  | {
+      code: ExecutionPayloadEnvelopeErrorCode.EXECUTION_REQUESTS_ROOT_MISMATCH;
+      envelopeRequestsRoot: RootHex;
+      bidRequestsRoot: RootHex;
+    }
   | {code: ExecutionPayloadEnvelopeErrorCode.INVALID_SIGNATURE}
   | {code: ExecutionPayloadEnvelopeErrorCode.PAYLOAD_ENVELOPE_INPUT_MISSING; blockRoot: RootHex};
 

package/src/chain/forkChoice/index.ts

@@ -148,7 +148,7 @@ export function initializeForkChoiceFromFinalizedState(
           : {executionPayloadBlockHash: null, executionStatus: ExecutionStatus.PreMerge}),
 
         dataAvailabilityStatus: DataAvailabilityStatus.PreData,
-        payloadStatus: isForkPostGloas ? PayloadStatus.PENDING : PayloadStatus.FULL, // TODO GLOAS: Post-gloas how do we know if the checkpoint payload is FULL or EMPTY?
+        payloadStatus: isForkPostGloas ? PayloadStatus.PENDING : PayloadStatus.FULL,
         parentBlockHash: isStatePostGloas(state) ? toRootHex(state.latestBlockHash) : null,
       },
       currentSlot
@@ -240,7 +240,7 @@ export function initializeForkChoiceFromUnfinalizedState(
       : {executionPayloadBlockHash: null, executionStatus: ExecutionStatus.PreMerge}),
 
     dataAvailabilityStatus: DataAvailabilityStatus.PreData,
-    payloadStatus: isForkPostGloas ? PayloadStatus.PENDING : PayloadStatus.FULL, // TODO GLOAS: Post-gloas how do we know if the checkpoint payload is FULL or EMPTY?
+    payloadStatus: isForkPostGloas ? PayloadStatus.PENDING : PayloadStatus.FULL,
     parentBlockHash: isStatePostGloas(unfinalizedState) ? toRootHex(unfinalizedState.latestBlockHash) : null,
   };