feat(validator): add VALIDATOR_ env vars for independent block limits#21060
Merged
spalladino merged 1 commit intomerge-train/spartanfrom Mar 4, 2026
Merged
feat(validator): add VALIDATOR_ env vars for independent block limits#21060spalladino merged 1 commit intomerge-train/spartanfrom
spalladino merged 1 commit intomerge-train/spartanfrom
Conversation
spalladino
added
ci-no-fail-fast
spalladino
force-pushed
the
palla/validator-block-limits
branch
from
9e6ef0c to
012e809
Compare
Base automatically changed from
palla/max-txs-per-checkpoint
to
merge-train/spartan
March 3, 2026 20:31
Add VALIDATOR_MAX_L2_BLOCK_GAS, VALIDATOR_MAX_DA_BLOCK_GAS, VALIDATOR_MAX_TX_PER_BLOCK, and VALIDATOR_MAX_TX_PER_CHECKPOINT so operators can tune validation limits independently from the SEQ_ proposer limits. When unset, no per-block limit is enforced for that dimension (checkpoint-level protocol limits still apply). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
spalladino
force-pushed
the
palla/validator-block-limits
branch
from
012e809 to
14b4c50
Compare
PhilWindle
approved these changes
Mar 4, 2026
Collaborator
|
❌ Failed to cherry-pick to |
AztecBot
pushed a commit
that referenced
this pull request
Mar 4, 2026
…#21060) - Adds `VALIDATOR_MAX_L2_BLOCK_GAS`, `VALIDATOR_MAX_DA_BLOCK_GAS`, `VALIDATOR_MAX_TX_PER_BLOCK`, and `VALIDATOR_MAX_TX_PER_CHECKPOINT` env vars so operators can tune validation limits independently from `SEQ_` proposer limits - When a `VALIDATOR_` var is not set, no per-block limit is enforced for that dimension (checkpoint-level protocol limits still apply) - P2P gossip validation uses `VALIDATOR_MAX_TX_PER_BLOCK` when set, falling back to the sequencer's `maxTxsPerBlock` - [x] `yarn build` passes - [x] `yarn format` and `yarn lint` clean - [x] `yarn workspace @aztec/validator-client test` — 158 passed - [x] `yarn workspace @aztec/stdlib test src/checkpoint/validate.test.ts` — 20 passed 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
AztecBot
added a commit
that referenced
this pull request
Mar 4, 2026
AztecBot
added a commit
that referenced
this pull request
Mar 4, 2026
spalladino
pushed a commit
that referenced
this pull request
Mar 4, 2026
… (backport #21060) (#21132) ## Summary Backport of #21060 to v4. Redone from scratch on current v4 tip (after #21115 landed). - Adds `VALIDATOR_MAX_L2_BLOCK_GAS`, `VALIDATOR_MAX_DA_BLOCK_GAS`, `VALIDATOR_MAX_TX_PER_BLOCK`, and `VALIDATOR_MAX_TX_PER_CHECKPOINT` env vars so operators can tune validation limits independently from `SEQ_` proposer limits - When a `VALIDATOR_` var is not set, no per-block limit is enforced for that dimension (checkpoint-level protocol limits still apply) - P2P gossip validation uses `VALIDATOR_MAX_TX_PER_BLOCK` when set, falling back to the sequencer's `maxTxsPerBlock` - Validators can now pass per-block gas limits and tx limits to `buildBlock` during re-execution and `validateCheckpoint` for final validation ### Changes from previous attempt (#21109) The previous backport (#21109, now closed) was done before other PRs landed on v4 and became unmergeable. This is a clean redo on top of the current v4 tip where all prerequisites (`validateCheckpoint`, `computeDAGasUsed`, `maxTxsPerCheckpoint`) already exist. Build verified clean: http://ci.aztec-labs.com/80f4d462d5b81f2f ClaudeBox log: http://ci.aztec-labs.com/5215aa10b97d3ffe-1
github-merge-queue bot
pushed a commit
that referenced
this pull request
Mar 6, 2026
BEGIN_COMMIT_OVERRIDE test: update proving-real test to mbps (#20991) chore: epoch proving log analyzer (#21033) chore: update pause script to allow resume (#21032) feat: price bump for RPC transaction replacement (#20806) refactor: remove update checker, retain version checks (#20898) fix: (A-592) p2p client proposal tx collector test (#20998) refactor: use publishers-per-pod in deployments (#21039) chore: web3signer refreshes keystore (#21045) feat(sequencer): set block building limits from checkpoint limits (#20974) chore(e2e): fix e2e bot L1 tx nonce reuse (#21052) feat: Update L1 to L2 message APIs (#20913) fix: (A-589) epochs l1 reorgs test (#20999) feat(sequencer): add SEQ_MAX_TX_PER_CHECKPOINT config (#21016) fix: drop --pid=host from docker_isolate (#21081) feat: standby mode for prover broker (#21098) fix(p2p): remove default block handler in favor of block handler (#21105) feat(validator): add VALIDATOR_ env vars for independent block limits (#21060) refactor(p2p): decouple proposal validators from base class via composition (#21075) feat: additional validation in public setup allowlist (onlySelf + null msg sender) (#21122) fix: (A-591) aztecProofSubmissionEpochs incorrectly named as aztecProofSubmissionWindow (#21108) refactor(sequencer): rename SEQ_GAS_PER_BLOCK_ALLOCATION_MULTIPLIER to SEQ_PER_BLOCK_ALLOCATION_MULTIPLIER (#21125) fix: unbound variable in check_doc_references.sh with set -u (#21126) feat: calldata length validation of public setup function allowlist (#21139) fix: include mismatched values in tx metadata validation errors (#21147) feat: single-node implementation of slash-protection signer (#20894) feat: Remove non-protocol contracts from public setup allowlist (#21154) chore: More updated Alpha configuration (#21155) chore: tally slashing pruning improvements (#21161) fix: update dependencies (#20997) fix: omit bigint priceBumpPercentage from IPC config in testbench worker (#21169) refactor(p2p): (A-588) maintain sorted array in tx pool instead of sorting on read (#21079) fix(p2p): report most severe failure in runValidations (#21185) fix: use dedicated L1 account for bot bridge resume tests to avoid nonce race (#21148) fix: parse error.message in formatViemError (#21163) fix: bump lighthouse consensus client v7.1.0 -> v8.0.1 (#21170) chore: code decuplication + refactor (public setup allowlist) (#21200) END_COMMIT_OVERRIDE
spalladino
pushed a commit
that referenced
this pull request
Mar 9, 2026
## Summary
Transactions whose gas limits exceed the block or checkpoint mana limit
are currently silently dropped during block building, causing users'
`.wait()` calls to hang indefinitely. This PR adds early rejection at
the gossip, RPC, and pending pool entry points by validating both L2 and
DA gas limits against protocol limits and operator-configured validator
block gas limits.
## Changes
### Promote `rollupManaLimit` to `L1RollupConstants`
- Added `rollupManaLimit: number` to the `L1RollupConstants` type,
`EmptyL1RollupConstants` (defaults to `Number.MAX_SAFE_INTEGER`), and
the Zod schema
- Removed the ad-hoc `& { rollupManaLimit?: number }` extensions from
the archiver, sequencer, and block-builder types — they now get it from
the base type
- Updated `EpochCache.create()` and
`RollupContract.getRollupConstants()` to fetch and include
`rollupManaLimit` from L1
### Validate L2 and DA gas limits at tx entry points
- `GasLimitsValidator` now accepts `{ rollupManaLimit?, maxBlockL2Gas?,
maxBlockDAGas?, bindings? }`:
- Effective L2 limit = `min(MAX_PROCESSABLE_L2_GAS, rollupManaLimit,
maxBlockL2Gas)`
- Effective DA limit = `min(MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT,
maxBlockDAGas)`
- `rollupManaLimit` applies to L2 gas only (not DA)
- `GasTxValidator` forwards these options to its inner
`GasLimitsValidator`
- All factory functions
(`createFirstStageTxValidationsForGossipedTransactions`,
`createTxValidatorForAcceptingTxsOverRPC`,
`createTxValidatorForTransactionsEnteringPendingTxPool`) accept and pass
through the limits
### Use validator block gas limits for tx validation
The existing `VALIDATOR_MAX_L2_BLOCK_GAS` and
`VALIDATOR_MAX_DA_BLOCK_GAS` env vars (introduced in #21060 for block
proposal validation) are now also used for tx acceptance validation.
Derived block limits (from the sequencer timetable) are only used for
proposals — not for validation.
- **P2P config**: Added `validateMaxL2BlockGas` and
`validateMaxDABlockGas` fields reading the existing
`VALIDATOR_MAX_L2_BLOCK_GAS` / `VALIDATOR_MAX_DA_BLOCK_GAS` env vars
- **Gossip path** (`libp2p_service.ts`): Passes `rollupManaLimit` from
L1 constants and validator block gas limits from P2P config
- **RPC path** (`aztec-node/server.ts`): Passes `rollupManaLimit` from
L1 constants and validator block gas limits from node config
- **Pending pool migration** (`client/factory.ts`): Passes
`rollupManaLimit` and validator block gas limits from config
### Unit tests
Tests in `gas_validator.test.ts` covering:
- Rejection when exceeding `rollupManaLimit` (L2), `maxBlockL2Gas`, or
`maxBlockDAGas`
- Min-of-all-limits behavior (L2)
- Acceptance at exactly the effective L2 and DA limits
- Fallback to `MAX_PROCESSABLE_L2_GAS` /
`MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT` when no additional limits are
set
- Forwarding L2 and DA limits through `GasTxValidator`
## Notes
- When `VALIDATOR_MAX_L2_BLOCK_GAS` / `VALIDATOR_MAX_DA_BLOCK_GAS` are
not set, only the protocol-level limits (`MAX_PROCESSABLE_L2_GAS`,
`MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT`) and `rollupManaLimit` (L2 only)
are enforced
- No new env vars — reuses the existing `VALIDATOR_MAX_L2_BLOCK_GAS` and
`VALIDATOR_MAX_DA_BLOCK_GAS` from #21060
- ~20 test files updated to include `rollupManaLimit` in their
`L1RollupConstants` objects
Fixes A-68
Fixes A-639
AztecBot
pushed a commit
that referenced
this pull request
Mar 9, 2026
## Summary
Transactions whose gas limits exceed the block or checkpoint mana limit are currently silently dropped during block building, causing users' `.wait()` calls to hang indefinitely. This PR adds early rejection at the gossip, RPC, and pending pool entry points by validating both L2 and DA gas limits against protocol limits and operator-configured validator block gas limits.
## Changes
### Promote `rollupManaLimit` to `L1RollupConstants`
- Added `rollupManaLimit: number` to the `L1RollupConstants` type, `EmptyL1RollupConstants` (defaults to `Number.MAX_SAFE_INTEGER`), and the Zod schema
- Removed the ad-hoc `& { rollupManaLimit?: number }` extensions from the archiver, sequencer, and block-builder types — they now get it from the base type
- Updated `EpochCache.create()` and `RollupContract.getRollupConstants()` to fetch and include `rollupManaLimit` from L1
### Validate L2 and DA gas limits at tx entry points
- `GasLimitsValidator` now accepts `{ rollupManaLimit?, maxBlockL2Gas?, maxBlockDAGas?, bindings? }`:
- Effective L2 limit = `min(MAX_PROCESSABLE_L2_GAS, rollupManaLimit, maxBlockL2Gas)`
- Effective DA limit = `min(MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT, maxBlockDAGas)`
- `rollupManaLimit` applies to L2 gas only (not DA)
- `GasTxValidator` forwards these options to its inner `GasLimitsValidator`
- All factory functions (`createFirstStageTxValidationsForGossipedTransactions`, `createTxValidatorForAcceptingTxsOverRPC`, `createTxValidatorForTransactionsEnteringPendingTxPool`) accept and pass through the limits
### Use validator block gas limits for tx validation
The existing `VALIDATOR_MAX_L2_BLOCK_GAS` and `VALIDATOR_MAX_DA_BLOCK_GAS` env vars (introduced in #21060 for block proposal validation) are now also used for tx acceptance validation. Derived block limits (from the sequencer timetable) are only used for proposals — not for validation.
- **P2P config**: Added `validateMaxL2BlockGas` and `validateMaxDABlockGas` fields reading the existing `VALIDATOR_MAX_L2_BLOCK_GAS` / `VALIDATOR_MAX_DA_BLOCK_GAS` env vars
- **Gossip path** (`libp2p_service.ts`): Passes `rollupManaLimit` from L1 constants and validator block gas limits from P2P config
- **RPC path** (`aztec-node/server.ts`): Passes `rollupManaLimit` from L1 constants and validator block gas limits from node config
- **Pending pool migration** (`client/factory.ts`): Passes `rollupManaLimit` and validator block gas limits from config
### Unit tests
Tests in `gas_validator.test.ts` covering:
- Rejection when exceeding `rollupManaLimit` (L2), `maxBlockL2Gas`, or `maxBlockDAGas`
- Min-of-all-limits behavior (L2)
- Acceptance at exactly the effective L2 and DA limits
- Fallback to `MAX_PROCESSABLE_L2_GAS` / `MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT` when no additional limits are set
- Forwarding L2 and DA limits through `GasTxValidator`
## Notes
- When `VALIDATOR_MAX_L2_BLOCK_GAS` / `VALIDATOR_MAX_DA_BLOCK_GAS` are not set, only the protocol-level limits (`MAX_PROCESSABLE_L2_GAS`, `MAX_PROCESSABLE_DA_GAS_PER_CHECKPOINT`) and `rollupManaLimit` (L2 only) are enforced
- No new env vars — reuses the existing `VALIDATOR_MAX_L2_BLOCK_GAS` and `VALIDATOR_MAX_DA_BLOCK_GAS` from #21060
- ~20 test files updated to include `rollupManaLimit` in their `L1RollupConstants` objects
Fixes A-68
Fixes A-639
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
VALIDATOR_MAX_L2_BLOCK_GAS,VALIDATOR_MAX_DA_BLOCK_GAS,VALIDATOR_MAX_TX_PER_BLOCK, andVALIDATOR_MAX_TX_PER_CHECKPOINTenv vars so operators can tune validation limits independently fromSEQ_proposer limitsVALIDATOR_var is not set, no per-block limit is enforced for that dimension (checkpoint-level protocol limits still apply)VALIDATOR_MAX_TX_PER_BLOCKwhen set, falling back to the sequencer'smaxTxsPerBlockTest plan
yarn buildpassesyarn formatandyarn lintcleanyarn workspace @aztec/validator-client test— 158 passedyarn workspace @aztec/stdlib test src/checkpoint/validate.test.ts— 20 passed🤖 Generated with Claude Code