Skip to content
This repository was archived by the owner on Jan 16, 2026. It is now read-only.

providers-alloy: BeaconClient.filtered_beacon_blobs fetches and validates only necessary blobs, and does not fallback to sidecars endpoint#3211

Merged
theochap merged 23 commits intomainfrom
gk/3136
Jan 12, 2026
Merged

Conversation

@geoknee
Copy link
Contributor

@geoknee geoknee commented Dec 19, 2025

Closes #3136

TODO: allow for different kinds of errors to be returned, when we get a
response which fails validation

TODO: resintate fallback to sidecars endpoint?
Make blobs_mock mutable and clone required_query_param in the test. Add
a second mock that returns garbage blob data and assert that
filtered_beacon_blobs returns an error. Also fix the comment describing
the blob hash.
Drop unused ReqwestProvider and BeaconBlobBundle imports, remove
SIDECARS_METHOD_PREFIX_DEPRECATED, compress std imports, and delete the
unused `blob_indexes` local variable.
@geoknee geoknee changed the title providers-alloy/: BeaconClient.filtered_beacon_blobs fetches and validates only necessary blobs providers-alloy: BeaconClient.filtered_beacon_blobs fetches and validates only necessary blobs Dec 19, 2025
@wiz-b4c72f16a4
Copy link

wiz-b4c72f16a4 bot commented Dec 19, 2025

Wiz Scan Summary

Scanner Findings
Vulnerability Finding Vulnerabilities 1 Medium 4 Low
Data Finding Sensitive Data -
Secret Finding Secrets -
IaC Misconfiguration IaC Misconfigurations -
SAST Finding SAST Findings -
Software Supply Chain Finding Software Supply Chain Findings -
Total 1 Medium 4 Low

View scan details in Wiz

To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension.

@codecov
Copy link

codecov bot commented Dec 19, 2025

Codecov Report

❌ Patch coverage is 93.00000% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 77.1%. Comparing base (cdb9be2) to head (69588de).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
crates/providers/providers-alloy/src/metrics.rs 0.0% 4 Missing ⚠️
crates/providers/providers-alloy/src/blobs.rs 0.0% 2 Missing ⚠️
...tes/providers/providers-alloy/src/beacon_client.rs 98.9% 1 Missing ⚠️

❗ There is a different number of reports uploaded between BASE (cdb9be2) and HEAD (69588de). Click for more details.

HEAD has 22 uploads less than BASE
Flag BASE (cdb9be2) HEAD (69588de)
proof 11 0
e2e 10 0
unit 2 1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Member

@theochap theochap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Some small rust specific comments, but the logic looks good overall

Copy link
Member

@theochap theochap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

@theochap theochap marked this pull request as ready for review January 9, 2026 17:52
Copilot AI review requested due to automatic review settings January 9, 2026 17:52
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR refactors the BeaconClient.filtered_beacon_blobs method to fetch only the necessary blobs by using the beacon API's versioned_hashes query parameter, and validates the returned blobs against their computed versioned hashes using KZG commitments. This is a performance and correctness improvement over fetching all blobs for a slot.

Key changes:

  • Introduces blob validation using KZG commitment verification
  • Uses query parameter filtering to fetch only required blobs from the beacon API
  • Removes fallback to deprecated sidecars endpoint
  • Renames metrics from BLOB_SIDECAR_* to BLOB_* for clarity

Reviewed changes

Copilot reviewed 6 out of 7 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
crates/providers/providers-alloy/src/metrics.rs Renamed metric constants from BLOB_SIDECAR_FETCHES/ERRORS to BLOB_FETCHES/ERRORS
crates/providers/providers-alloy/src/lib.rs Exported BeaconClientError for public use
crates/providers/providers-alloy/src/blobs.rs Updated metric references to use renamed constants
crates/providers/providers-alloy/src/beacon_client.rs Implemented filtered blob fetching with KZG validation, added BeaconClientError type, removed deprecated sidecars endpoint fallback, added comprehensive tests
crates/providers/providers-alloy/Cargo.toml Added test dependencies for httpmock and serde_json
Cargo.toml Added httpmock to workspace dev-dependencies
Cargo.lock Updated with new dependencies for httpmock and related crates
Comments suppressed due to low confidence (1)

crates/providers/providers-alloy/src/beacon_client.rs:242

  • This implementation causes infinite recursion. The trait method filtered_beacon_blobs (line 234) calls self.filtered_beacon_blobs (line 242), which is the same method. This should either call the private method directly or be refactored to avoid the naming collision. The trait implementation should call the private implementation method, but they currently have the same name.
    async fn filtered_beacon_blobs(
        &self,
        slot: u64,
        blob_hashes: &[IndexedBlobHash],
    ) -> Result<Vec<BoxedBlobWithIndex>, BeaconClientError> {
        kona_macros::inc!(gauge, Metrics::BEACON_CLIENT_REQUESTS, "method" => "blobs");

        // Try to get the blobs from the blobs endpoint.
        let result = self.filtered_beacon_blobs(slot, blob_hashes).await;

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

geoknee and others added 2 commits January 12, 2026 09:17
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@geoknee geoknee changed the title providers-alloy: BeaconClient.filtered_beacon_blobs fetches and validates only necessary blobs providers-alloy: BeaconClient.filtered_beacon_blobs fetches and validates only necessary blobs, and does not fallback to sidecars endpoint Jan 12, 2026
@theochap theochap added this pull request to the merge queue Jan 12, 2026
Merged via the queue into main with commit 24e7e26 Jan 12, 2026
30 of 32 checks passed
@theochap theochap deleted the gk/3136 branch January 12, 2026 16:16
theochap added a commit to ethereum-optimism/optimism that referenced this pull request Jan 15, 2026
…idates only necessary blobs, and does not fallback to sidecars endpoint (op-rs/kona#3211)

Closes #3136

---------

Co-authored-by: theo <80177219+theochap@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

perf(node): fetch only necessary blobs and add test coverage for duplicates

3 participants