feat: publishers support multiple EOA accounts

Co-authored-by: Alex Gherghisan <[email protected]>
Co-authored-by: Santiago Palladino <[email protected]>

Author: 3 people

yarn-project/aztec-node/package.json

@@ -76,6 +76,7 @@
     "@aztec/kv-store": "workspace:^",
     "@aztec/l1-artifacts": "workspace:^",
     "@aztec/merkle-tree": "workspace:^",
+    "@aztec/node-keystore": "workspace:^",
     "@aztec/node-lib": "workspace:^",
     "@aztec/noir-protocol-circuits-types": "workspace:^",
     "@aztec/p2p": "workspace:^",

yarn-project/aztec-node/src/aztec-node/config.test.ts

@@ -0,0 +1,241 @@
+import { EthAddress } from '@aztec/foundation/eth-address';
+import type { AztecAddressHex, EthAddressHex, EthPrivateKey } from '@aztec/node-keystore';
+import type { SharedNodeConfig } from '@aztec/node-lib/config';
+import type { SequencerClientConfig, TxSenderConfig } from '@aztec/sequencer-client/config';
+import { AztecAddress } from '@aztec/stdlib/aztec-address';
+import type { ValidatorClientConfig } from '@aztec/validator-client/config';
+
+import { generatePrivateKey, privateKeyToAddress } from 'viem/accounts';
+
+import { createKeyStoreForValidator } from './config.js';
+
+describe('createKeyStoreForValidator', () => {
+  const mockValidatorKey1 = generatePrivateKey() as EthPrivateKey;
+  const mockValidatorKey2 = generatePrivateKey() as EthPrivateKey;
+  const mockPublisherKey1 = generatePrivateKey() as EthPrivateKey;
+  const mockPublisherKey2 = generatePrivateKey() as EthPrivateKey;
+  const mockCoinbase = EthAddress.random().toString() as EthAddressHex;
+  const web3SignerUrl = 'http://web3signer:1000';
+  const mockValidatorAddresses = [mockValidatorKey1, mockValidatorKey2].map(privateKeyToAddress);
+  const mockPublisherAddresses = [mockPublisherKey1, mockPublisherKey2].map(privateKeyToAddress);
+  let mockFeeRecipient: AztecAddressHex;
+
+  const createMockConfig = (
+    validatorKeys: string[] = [],
+    publisherKeys: string[] = [],
+    coinbase?: string,
+    feeRecipient?: string,
+    web3SignerUrl?: string,
+    validatorAddresses: string[] = [],
+    publisherAddresses: string[] = [],
+  ): TxSenderConfig & ValidatorClientConfig & SequencerClientConfig & SharedNodeConfig => {
+    const mockValidatorPrivateKeys =
+      validatorKeys.length > 0
+        ? {
+            getValue: () => validatorKeys,
+          }
+        : undefined;
+
+    const mockPublisherPrivateKeys =
+      publisherKeys.length > 0 ? publisherKeys.map(key => ({ getValue: () => key })) : undefined;
+
+    return {
+      validatorPrivateKeys: mockValidatorPrivateKeys,
+      publisherPrivateKeys: mockPublisherPrivateKeys,
+      coinbase: coinbase ? { toString: () => coinbase } : undefined,
+      feeRecipient: feeRecipient ? { toString: () => feeRecipient } : undefined,
+      web3SignerUrl,
+      validatorAddresses: validatorAddresses.map(addr => EthAddress.fromString(addr)),
+      publisherAddresses: publisherAddresses.map(addr => EthAddress.fromString(addr)),
+    } as TxSenderConfig & ValidatorClientConfig & SequencerClientConfig & SharedNodeConfig;
+  };
+
+  beforeAll(async () => {
+    mockFeeRecipient = (await AztecAddress.random()).toString() as AztecAddressHex;
+  });
+
+  it('should return undefined when no validator keys are provided', () => {
+    const config = createMockConfig([]);
+    const result = createKeyStoreForValidator(config);
+    expect(result).toBeUndefined();
+  });
+
+  it('should return undefined when validatorPrivateKeys is undefined', () => {
+    const config = {
+      validatorPrivateKeys: undefined,
+      publisherPrivateKeys: undefined,
+      coinbase: undefined,
+      feeRecipient: undefined,
+    } as unknown as TxSenderConfig & ValidatorClientConfig & SequencerClientConfig & SharedNodeConfig;
+    const result = createKeyStoreForValidator(config);
+    expect(result).toBeUndefined();
+  });
+
+  it('should create keystore with single validator key and default coinbase/feeRecipient', () => {
+    const config = createMockConfig([mockValidatorKey1]);
+    const result = createKeyStoreForValidator(config);
+
+    const expectedCoinbase = privateKeyToAddress(mockValidatorKey1);
+    const expectedFeeRecipient = AztecAddress.ZERO.toString();
+
+    expect(result).toEqual({
+      schemaVersion: 1,
+      slasher: undefined,
+      prover: undefined,
+      remoteSigner: undefined,
+      validators: [
+        {
+          attester: [mockValidatorKey1],
+          feeRecipient: expectedFeeRecipient,
+          coinbase: expectedCoinbase,
+          remoteSigner: undefined,
+          publisher: [],
+        },
+      ],
+    });
+  });
+
+  it('should create keystore with multiple validator keys', () => {
+    const config = createMockConfig([mockValidatorKey1, mockValidatorKey2]);
+    const result = createKeyStoreForValidator(config);
+
+    const expectedCoinbase = privateKeyToAddress(mockValidatorKey1);
+
+    expect(result).toEqual({
+      schemaVersion: 1,
+      slasher: undefined,
+      prover: undefined,
+      remoteSigner: undefined,
+      validators: [
+        {
+          attester: [mockValidatorKey1, mockValidatorKey2],
+          feeRecipient: AztecAddress.ZERO.toString(),
+          coinbase: expectedCoinbase,
+          remoteSigner: undefined,
+          publisher: [],
+        },
+      ],
+    });
+  });
+
+  it('should create keystore with custom coinbase and feeRecipient', () => {
+    const config = createMockConfig([mockValidatorKey1], [], mockCoinbase, mockFeeRecipient);
+    const result = createKeyStoreForValidator(config);
+
+    expect(result).toEqual({
+      schemaVersion: 1,
+      slasher: undefined,
+      prover: undefined,
+      remoteSigner: undefined,
+      validators: [
+        {
+          attester: [mockValidatorKey1],
+          feeRecipient: mockFeeRecipient,
+          coinbase: mockCoinbase,
+          remoteSigner: undefined,
+          publisher: [],
+        },
+      ],
+    });
+  });
+
+  it('should create keystore with publisher keys', () => {
+    const config = createMockConfig([mockValidatorKey1], [mockPublisherKey1, mockPublisherKey2]);
+    const result = createKeyStoreForValidator(config);
+
+    const expectedCoinbase = privateKeyToAddress(mockValidatorKey1);
+
+    expect(result).toEqual({
+      schemaVersion: 1,
+      slasher: undefined,
+      prover: undefined,
+      remoteSigner: undefined,
+      validators: [
+        {
+          attester: [mockValidatorKey1],
+          feeRecipient: AztecAddress.ZERO.toString(),
+          coinbase: expectedCoinbase,
+          remoteSigner: undefined,
+          publisher: [mockPublisherKey1, mockPublisherKey2],
+        },
+      ],
+    });
+  });
+
+  it('should create keystore with all fields populated', () => {
+    const config = createMockConfig(
+      [mockValidatorKey1, mockValidatorKey2],
+      [mockPublisherKey1],
+      mockCoinbase,
+      mockFeeRecipient,
+    );
+    const result = createKeyStoreForValidator(config);
+
+    expect(result).toEqual({
+      schemaVersion: 1,
+      slasher: undefined,
+      prover: undefined,
+      remoteSigner: undefined,
+      validators: [
+        {
+          attester: [mockValidatorKey1, mockValidatorKey2],
+          feeRecipient: mockFeeRecipient,
+          coinbase: mockCoinbase,
+          remoteSigner: undefined,
+          publisher: [mockPublisherKey1],
+        },
+      ],
+    });
+  });
+
+  it('should handle empty publisher keys array', () => {
+    const config = createMockConfig([mockValidatorKey1], []);
+    const result = createKeyStoreForValidator(config);
+
+    expect(result?.validators?.[0]?.publisher).toEqual([]);
+  });
+
+  it('should use first validator key for coinbase when no coinbase provided', () => {
+    const config = createMockConfig([mockValidatorKey1, mockValidatorKey2]);
+    const result = createKeyStoreForValidator(config);
+
+    const expectedCoinbase = privateKeyToAddress(mockValidatorKey1);
+    expect(result?.validators?.[0]?.coinbase).toBe(expectedCoinbase);
+  });
+
+  it('should use AztecAddress.ZERO for feeRecipient when not provided', () => {
+    const config = createMockConfig([mockValidatorKey1]);
+    const result = createKeyStoreForValidator(config);
+
+    expect(result?.validators?.[0]?.feeRecipient).toBe(AztecAddress.ZERO.toString());
+  });
+
+  it('should create keystore with remote signer details', () => {
+    const config = createMockConfig(
+      [],
+      [],
+      mockCoinbase,
+      mockFeeRecipient,
+      web3SignerUrl,
+      mockValidatorAddresses,
+      mockPublisherAddresses,
+    );
+    const result = createKeyStoreForValidator(config);
+
+    expect(result).toEqual({
+      schemaVersion: 1,
+      slasher: undefined,
+      prover: undefined,
+      remoteSigner: undefined,
+      validators: [
+        {
+          attester: mockValidatorAddresses,
+          feeRecipient: mockFeeRecipient,
+          coinbase: mockCoinbase,
+          remoteSigner: web3SignerUrl,
+          publisher: mockPublisherAddresses,
+        },
+      ],
+    });
+  });
+});

yarn-project/aztec-node/src/aztec-node/config.ts

@@ -7,16 +7,34 @@ import {
 } from '@aztec/ethereum';
 import { type ConfigMappingsType, booleanConfigHelper, getConfigFromMappings } from '@aztec/foundation/config';
 import { type DataStoreConfig, dataConfigMappings } from '@aztec/kv-store/config';
+import {
+  type AztecAddressHex,
+  type EthAddressHex,
+  type EthPrivateKey,
+  type EthRemoteSignerAccount,
+  type Hex,
+  type KeyStore,
+  type KeyStoreConfig,
+  type ValidatorKeyStore,
+  keyStoreConfigMappings,
+} from '@aztec/node-keystore';
 import { type SharedNodeConfig, sharedNodeConfigMappings } from '@aztec/node-lib/config';
 import { type P2PConfig, p2pConfigMappings } from '@aztec/p2p/config';
 import { type ProverClientUserConfig, proverClientConfigMappings } from '@aztec/prover-client/config';
-import { type SequencerClientConfig, sequencerClientConfigMappings } from '@aztec/sequencer-client/config';
+import {
+  type SequencerClientConfig,
+  type TxSenderConfig,
+  sequencerClientConfigMappings,
+} from '@aztec/sequencer-client/config';
 import { slasherConfigMappings } from '@aztec/slasher';
+import { AztecAddress } from '@aztec/stdlib/aztec-address';
 import { type NodeRPCConfig, nodeRpcConfigMappings } from '@aztec/stdlib/config';
 import type { SlasherConfig } from '@aztec/stdlib/interfaces/server';
 import { type ValidatorClientConfig, validatorClientConfigMappings } from '@aztec/validator-client/config';
 import { type WorldStateConfig, worldStateConfigMappings } from '@aztec/world-state/config';
 
+import { privateKeyToAddress } from 'viem/accounts';
+
 import { type SentinelConfig, sentinelConfigMappings } from '../sentinel/config.js';
 
 export { sequencerClientConfigMappings, type SequencerClientConfig };
@@ -32,6 +50,7 @@ export type AztecNodeConfig = ArchiverConfig &
   Pick<ProverClientUserConfig, 'bbBinaryPath' | 'bbWorkingDirectory' | 'realProofs'> &
   P2PConfig &
   DataStoreConfig &
+  KeyStoreConfig &
   SentinelConfig &
   SharedNodeConfig &
   GenesisStateConfig &
@@ -45,6 +64,7 @@ export type AztecNodeConfig = ArchiverConfig &
 
 export const aztecNodeConfigMappings: ConfigMappingsType<AztecNodeConfig> = {
   ...dataConfigMappings,
+  ...keyStoreConfigMappings,
   ...archiverConfigMappings,
   ...sequencerClientConfigMappings,
   ...validatorClientConfigMappings,
@@ -74,3 +94,90 @@ export const aztecNodeConfigMappings: ConfigMappingsType<AztecNodeConfig> = {
 export function getConfigEnvVars(): AztecNodeConfig {
   return getConfigFromMappings<AztecNodeConfig>(aztecNodeConfigMappings);
 }
+
+type ConfigRequiredToBuildKeyStore = TxSenderConfig & SequencerClientConfig & SharedNodeConfig & ValidatorClientConfig;
+
+function createKeyStoreFromWeb3Signer(config: ConfigRequiredToBuildKeyStore) {
+  const validatorKeyStores: ValidatorKeyStore[] = [];
+
+  if (
+    config.web3SignerUrl === undefined ||
+    config.web3SignerUrl.length === 0 ||
+    config.validatorAddresses === undefined ||
+    config.validatorAddresses.length === 0
+  ) {
+    return undefined;
+  }
+  const coinbase = config.coinbase ? config.coinbase.toString() : config.validatorAddresses[0].toString();
+  const feeRecipient = config.feeRecipient ? config.feeRecipient.toString() : AztecAddress.ZERO.toString();
+
+  const publisherAddresses =
+    config.publisherAddresses && config.publisherAddresses.length > 0
+      ? config.publisherAddresses.map(k => k.toChecksumString() as EthRemoteSignerAccount)
+      : [];
+
+  const attestors = config.validatorAddresses.map(k => k.toChecksumString() as EthRemoteSignerAccount);
+
+  validatorKeyStores.push({
+    attester: attestors,
+    feeRecipient: feeRecipient as AztecAddressHex,
+    coinbase: coinbase as EthAddressHex,
+    remoteSigner: config.web3SignerUrl,
+    publisher: publisherAddresses,
+  });
+
+  const keyStore: KeyStore = {
+    schemaVersion: 1,
+    slasher: undefined,
+    prover: undefined,
+    remoteSigner: undefined,
+    validators: validatorKeyStores,
+  };
+  return keyStore;
+}
+
+function createKeyStoreFromPrivateKeys(config: ConfigRequiredToBuildKeyStore) {
+  const validatorKeyStores: ValidatorKeyStore[] = [];
+  const ethPrivateKeys: EthPrivateKey[] = [];
+  const validatorKeys = config.validatorPrivateKeys ? config.validatorPrivateKeys.getValue() : [];
+  for (let i = 0; i < validatorKeys.length; i++) {
+    const key = validatorKeys[i];
+    const ethPrivateKey: EthPrivateKey = key as Hex<32>;
+    ethPrivateKeys.push(ethPrivateKey);
+  }
+
+  if (!ethPrivateKeys.length) {
+    return undefined;
+  }
+  const coinbase = config.coinbase ? config.coinbase.toString() : privateKeyToAddress(ethPrivateKeys[0]);
+  const feeRecipient = config.feeRecipient ? config.feeRecipient.toString() : AztecAddress.ZERO.toString();
+
+  const publisherKeys = config.publisherPrivateKeys
+    ? config.publisherPrivateKeys.map(k => k.getValue() as EthPrivateKey)
+    : [];
+
+  validatorKeyStores.push({
+    attester: ethPrivateKeys,
+    feeRecipient: feeRecipient as AztecAddressHex,
+    coinbase: coinbase as EthAddressHex,
+    remoteSigner: undefined,
+    publisher: publisherKeys,
+  });
+
+  const keyStore: KeyStore = {
+    schemaVersion: 1,
+    slasher: undefined,
+    prover: undefined,
+    remoteSigner: undefined,
+    validators: validatorKeyStores,
+  };
+  return keyStore;
+}
+
+export function createKeyStoreForValidator(config: TxSenderConfig & SequencerClientConfig & SharedNodeConfig) {
+  if (config.web3SignerUrl !== undefined && config.web3SignerUrl.length > 0) {
+    return createKeyStoreFromWeb3Signer(config);
+  }
+
+  return createKeyStoreFromPrivateKeys(config);
+}