Skip to content

feat(aztec-node): force sentinel for validators + offense collection#24202

Merged
PhilWindle merged 3 commits into
merge-train/spartan-v5from
spl/a-1242-force-creation-of-sentinel-for-sequencer-nodes
Jun 23, 2026
Merged

feat(aztec-node): force sentinel for validators + offense collection#24202
PhilWindle merged 3 commits into
merge-train/spartan-v5from
spl/a-1242-force-creation-of-sentinel-for-sequencer-nodes

Conversation

@spalladino

Copy link
Copy Markdown
Contributor

Motivation

The sentinel is required for the network to reach consensus on slashing offenses — it's a core duty of participating in consensus, not an optional add-on. Yet SENTINEL_ENABLED defaulted to false, so a validator could run without one and silently degrade the network's ability to enforce its own rules.

While fixing that, two adjacent issues surfaced:

  • Whether the node runs the sentinel and the slashing-detection watchers was gated on a prover-only flag (enableProverNode && disableValidator). That coupling is wrong: those subsystems should depend on validator status, not on whether the prover is enabled.
  • A non-validator (e.g. an RPC or full node) had no way to collect and inspect offenses, because the only component that persists them lives inside the slasher client, which was created only for validators.

Approach

  • Force the sentinel for validators. createSentinel now self-gates: if the node runs a validator it always creates the sentinel (ignoring SENTINEL_ENABLED); otherwise it respects SENTINEL_ENABLED (default false). It logs which case applies so operators understand why a SENTINEL_ENABLED=false is being overridden.
  • Decouple subsystem gating from the prover. Removed the proverOnly guard. The slashing-detection watchers and the slasher are now gated on collectOffenses = !disableValidator || enableOffenseCollection.
  • Opt-in offense collection for non-validators. A new OFFENSE_COLLECTION_ENABLED flag lets a non-validator run the watchers plus a read-only slasher client (it never writes to L1 — voting/execution flow through the sequencer publisher, which a non-validator lacks) to collect and serve offenses over the existing getSlashOffenses admin RPC. The spartan deploy enables it by default, mirroring SENTINEL_ENABLED.
  • Make the attested-invalid-proposal watcher work without a validator. Lifted the invalid-proposal / equivocation slot tracking out of ValidatorClient into ProposalHandler, which now implements InvalidProposalSlotSource. The handler populates this from its all-nodes proposal handlers, so any node that re-executes proposals (the default) can feed the watcher.

API changes

  • New node config enableOffenseCollection (env OFFENSE_COLLECTION_ENABLED, default false). Named distinctly from the existing L1-deploy AZTEC_SLASHER_ENABLED to avoid confusion.
  • Validator nodes now always run the sentinel regardless of SENTINEL_ENABLED.

Changes

  • aztec-node: createSentinel forces the sentinel for validators and logs the reason; server.ts removes proverOnly, gates watchers + a split-out read-only slasher on collectOffenses, and wires the attested-invalid-proposal watcher to the proposal handler.
  • aztec-node (config) / foundation: new enableOffenseCollection / OFFENSE_COLLECTION_ENABLED flag and env-var entry.
  • validator-client: ProposalHandler now owns the invalid-proposal / equivocation slot tracking and implements InvalidProposalSlotSource; ValidatorClient delegates to it, preserving validator behavior.
  • spartan: OFFENSE_COLLECTION_ENABLED wired through the chart value, pod template, network defaults, terraform variable, and deploy script, defaulting on (mirrors SENTINEL_ENABLED).

Fixes A-1242

…m gating from prover

A node running a validator now always creates the sentinel regardless of SENTINEL_ENABLED, since the sentinel is required to reach consensus on slashing offenses. Non-validators continue to respect SENTINEL_ENABLED (default false).

Subsystem gating (sentinel, slashing watchers, slasher) is no longer tied to prover-only mode but to validator status. Non-validators can opt into running the watchers plus a read-only slasher via the new OFFENSE_COLLECTION_ENABLED flag to collect and serve offenses over the admin RPC. The spartan deploy enables it by default, mirroring SENTINEL_ENABLED.

Fixes A-1242
…andler for non-validator offense collection

Lifts the slotsWithInvalidProposals / slotsWithProposalEquivocation tracking out of ValidatorClient and into ProposalHandler, which now implements InvalidProposalSlotSource (hasInvalidProposals / hasProposalEquivocation). The handler marks these slots from its all-nodes block and checkpoint proposal handlers, so any node that re-executes proposals (the default) populates them, not only validators.

The attested-invalid-proposal watcher is now wired to the proposal handler (validator-owned or standalone) instead of the validator client, so a non-validator offense collector (OFFENSE_COLLECTION_ENABLED) can detect attested-to-invalid-checkpoint-proposal offenses. ValidatorClient delegates its has/mark calls to the handler, preserving validator behavior.
Drop the now-redundant invalid-checkpoint slot mark in ValidatorClient: the all-nodes checkpoint handler already marks the slot before invoking the failure callback. The FifoSet add was idempotent so the double-mark was harmless, but the validator-side call is dead.

Guard non-validator invalid-block marking with the escape-hatch check, matching the validator path that intentionally disables invalid-block slashing while the escape hatch is open.

Mark proposal equivocation from the p2p duplicate-proposal callback in ProposalHandler.register. p2p detects duplicate proposals without routing them through the proposal handlers, so without this a non-validator offense collector could mark a slot invalid without the matching equivocation mark and false-positive slash attesters. Validators overwrite this callback with their own richer handler.
@PhilWindle PhilWindle merged commit 072c0da into merge-train/spartan-v5 Jun 23, 2026
12 checks passed
@PhilWindle PhilWindle deleted the spl/a-1242-force-creation-of-sentinel-for-sequencer-nodes branch June 23, 2026 08:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants