fix(validator): include proposed checkpoint out-hashes when validating checkpoint proposals#23119
Merged
Merged
Conversation
spalladino
force-pushed
the
spl/diagnostics-out-hash-helper
branch
2 times, most recently
from
b507d54 to
3ee9452
Compare
spalladino
changed the title
Base automatically changed from
spl/override-full-checkpoint-data-on-l1
to
merge-train/spartan
May 11, 2026 14:15
PhilWindle
approved these changes
May 11, 2026
spalladino
force-pushed
the
spl/diagnostics-out-hash-helper
branch
from
3ee9452 to
a64dc55
Compare
…in validators The proposer-side fix from #23110 (parent checkpointOutHash splice under pipelining) was inlined as a private method on `CheckpointProposalJob`. The validator's block re-execution and checkpoint-proposal validation paths in `proposal_handler.ts` compute the same `previousCheckpointOutHashes` list through the same archiver-driven query, so they have the same off-by-one window: if the parent cp lands on L1 between when the validator pulls and when it re-derives, only the proposer would carry the spliced parent and attestations would mismatch. Extract the proposer's logic into a shared `getPreviousCheckpointOutHashes` helper in `stdlib/src/checkpoint/`. The helper accepts the proposer's already-loaded `proposedCheckpointData` directly, and falls back on `L2BlockSource.getProposedCheckpointData(...)` for callers that don't have it on hand (validator). Wire the helper into the proposer (replacing the private method) and into both validator sites. Add a few diagnostics that helped pinpoint this class of bug: - `prover-node-publisher.ts`: when the L1-recomputed `RootRollupPublicInputs` vector mismatches the prover's, decode the differing indices into labels (`previousArchiveRoot`, `endArchiveRoot`, `outHash`, `checkpointHeaderHashes[i]`, `fees[i].recipient/value`, `constants.*`, `blobPublicInputs[*]`), fetch the L1 `CheckpointLog` for any mismatching `checkpointHeaderHashes[i]`, and emit a structured error log alongside the throw — much easier to triage than the previous opaque dump. - `BlockRollupPublicInputs.toInspect()` and `CheckpointRollupPublicInputs.toInspect()` to keep per-stage orchestrator debug logs short. - Per-stage debug logs in the orchestrator (block-root, block-merge, checkpoint-root) consume the new `toInspect()` outputs. - Lightweight checkpoint builder logs `headerHash` and the size of `previousCheckpointOutHashes` at debug. - Epoch proving job's per-checkpoint start log trimmed to the fields that are actually useful for cross-comparison.
Mirrors the pipelining toggles applied to the rest of the p2p e2e suite (`enableProposerPipelining: true`, `inboxLag: 2`, `minTxsPerBlock: 0`) plus the test-side adjustments needed to keep cross-chain assertions deterministic (`waitForL1ToL2MessageReady` instead of the older `waitForL1ToL2MessageSeen`, longer per-test jest timeout). Intentionally does NOT add the `EpochTestSettler` cheat-code workaround that previously masked the `Root rollup public inputs mismatch`; the helper-based fix earlier in this PR is what unblocks add_rollup under pipelining.
spalladino
force-pushed
the
spl/diagnostics-out-hash-helper
branch
from
a64dc55 to
879378c
Compare
This was referenced May 11, 2026
rangozd
pushed a commit
to rangozd/aztec-packages
that referenced
this pull request
May 16, 2026
BEGIN_COMMIT_OVERRIDE fix(test): warp L1 forward when proposer scan hits EpochNotStable (AztecProtocol#22967) test(e2e): fail epochs tests on proposer-rollup-check-failed (AztecProtocol#22965) fix: grafana switch to aztec_status="proposed" (AztecProtocol#22978) chore: update benchmark scraper (AztecProtocol#22984) test(e2e): migrate simple epoch tests to pipelining (AztecProtocol#22973) chore: remove top-level yarn.lock (AztecProtocol#22987) refactor(archiver)!: unify L2BlockSource checkpoint lookups via query objects (AztecProtocol#22933) fix(sequencer): bounded sweep instead of event scan for governance proposal check (AztecProtocol#22989) fix(docs): allow webapp-tutorial yarn install to populate empty lockfile in CI (AztecProtocol#23000) test(e2e): enable pipelining in l1-reorgs and mbps redistribution tests (AztecProtocol#23009) fix(archiver): restore pending block height metric under pipelining (AztecProtocol#22994) chore(p2p): remove skipped validation result option (AztecProtocol#23034) refactor(p2p)!: remove slow tx collection flow (AztecProtocol#22878) chore(spartan): add next-net-clone environment config (AztecProtocol#22995) chore(sequencer): add context to proposer-rollup-check-failed logs (AztecProtocol#23071) test(e2e): wait for archiver sync before asserting pipelining (AztecProtocol#22997) refactor(node-rpc)!: remove deprecated AztecNode methods and L2BlockSource tip helpers (AztecProtocol#22934) feat(p2p): detect and track announce IP changes at runtime (AztecProtocol#22405) test: mark tx_stats_bench 10 TPS as flake-retryable on merge-train/spartan (AztecProtocol#23083) fix(sequencer): bind vote-only multicalls to target slot under pipelining (AztecProtocol#23090) feat(sequencer): build optimistically across pruning epoch boundary (AztecProtocol#23056) fix(sequencer): use chainTipsOverride.pending for log context (AztecProtocol#23098) test(e2e): relax post-boundary slot assertion in epochs_proof_at_boundary (AztecProtocol#23108) fix(bb-prover): pool long-lived bb verifier processes instead of spawning per-call (AztecProtocol#23093) fix(sequencer): anchor fee asset price modifier to predicted parent (AztecProtocol#23113) chore: error log when L1 head timestamp drifts (AztecProtocol#22947) fix(sequencer): override full parent checkpoint cell in pipelined simulation (AztecProtocol#23073) test(e2e): enable pipelining on missed l1 slot test (AztecProtocol#23068) fix: more robust metrics reporting in IRM monitor (AztecProtocol#23038) fix: preserve LMDB slashing protection (AztecProtocol#23145) test(e2e): enable pipelining on p2p tests (AztecProtocol#23070) fix(archiver): move L2 tips cache refresh out of write transactions (AztecProtocol#23110) test(e2e): fix data_withholding_slash flake by freezing L1 across restart (AztecProtocol#23162) fix(validator): include proposed checkpoint out-hashes when validating checkpoint proposals (AztecProtocol#23119) refactor(config): drop nested config option, flatten l1Contracts (AztecProtocol#23143) test(e2e): bump bash TIMEOUT for e2e_p2p/add_rollup to match jest 20m (AztecProtocol#23177) fix(p2p): chunk archive of mined txs on block finalization (A-969) (AztecProtocol#23085) fix(p2p): stream tx pool hydration to bound startup memory (A-968) (AztecProtocol#23086) chore: remove orphan --archiver flag usages from start invocations (AztecProtocol#23186) feat(ci): daily merge-train/spartan stale-PR notifier (AztecProtocol#23189) fix: preserve contract artifact permissions (AztecProtocol#23174) fix(ci3): accept slashes in /list/<path:key> for merge-train history (AztecProtocol#23160) feat(ci): route merge-train/spartan flake notifications to #team-alpha-ci (AztecProtocol#23219) fix(cheat-codes): wait for post-warp L2 block in warpL2TimeAtLeastTo (AztecProtocol#23213) feat: slash attesters signing over bad checkpoints (AztecProtocol#23180) refactor(prover-client): split orchestrator into sub-tree + top-tree pair (AztecProtocol#22996) fix(srs): retry transient CRS HTTP downloads with exponential backoff (AztecProtocol#23244) refactor(p2p): remove old reqresp mode (AztecProtocol#23158) docs(sequencer-client): rewrite top-level and timing READMEs (AztecProtocol#23149) fix(aztec-node): include upcoming checkpoint's L1 to L2 messages in simulatePublicCalls (AztecProtocol#23163) END_COMMIT_OVERRIDE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Extract the fix for
outHashes added in #23073 in the proposer so that it can be reused in validators as well. Enables pipelining onadd_rollupe2e p2p test, which was failing because of this bug. Also adds a bunch of logging, which was needed to track down the issue.Builds on top of #23073