add for sync node

Author: julienrbrt

block/internal/executing/executor.go

@@ -336,7 +336,7 @@ func (e *Executor) produceBlock() error {
 
 	// fetch forced included txs
 	forcedIncludedTxsEvent, err := e.daRetriever.RetrieveForcedIncludedTxsFromDA(e.ctx, currentState.DAHeight)
-	if err != nil {
+	if err != nil && !errors.Is(err, syncing.ErrForceInclusionNotConfigured) {
 		e.logger.Error().Err(err).Msg("failed to retrieve forced included txs")
 	}
 

block/internal/syncing/da_retriever.go

@@ -91,11 +91,14 @@ func (r *DARetriever) RetrieveFromDA(ctx context.Context, daHeight uint64) ([]co
 	return r.processBlobs(ctx, blobsResp.Data, daHeight), nil
 }
 
+// ErrForceInclusionNotConfigured is returned when the forced inclusion namespace is not configured.
+var ErrForceInclusionNotConfigured = errors.New("forced inclusion namespace not configured")
+
 // RetrieveForcedIncludedTxsFromDA retrieves forced inclusion transactions from the DA layer.
 // It fetches from the daHeight for the da epoch range defined in the config.
 func (r *DARetriever) RetrieveForcedIncludedTxsFromDA(ctx context.Context, daHeight uint64) (*common.ForcedIncludedEvent, error) {
 	if !r.hasForcedInclusionNs {
-		return nil, fmt.Errorf("forced inclusion namespace not configured")
+		return nil, ErrForceInclusionNotConfigured
 	}
 
 	event := &common.ForcedIncludedEvent{

block/internal/syncing/syncer.go

@@ -5,11 +5,12 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	pubsub "github.com/libp2p/go-libp2p-pubsub"
 	"sync"
 	"sync/atomic"
 	"time"
 
+	pubsub "github.com/libp2p/go-libp2p-pubsub"
+
 	"github.com/rs/zerolog"
 	"golang.org/x/sync/errgroup"
 
@@ -472,6 +473,12 @@ func (s *Syncer) trySyncNextBlock(event *common.DAHeightEvent) error {
 		return err
 	}
 
+	// Verify forced inclusion transactions if configured
+	if err := s.verifyForcedInclusionTxs(currentState, data); err != nil {
+		s.logger.Error().Err(err).Uint64("height", nextHeight).Msg("forced inclusion verification failed")
+		// TODO(@julienrbrt): Eventually halt the syncer and request the node to be started using the based sequencer.
+	}
+
 	// Apply block
 	newState, err := s.applyBlock(header.Header, data, currentState)
 	if err != nil {
@@ -589,6 +596,62 @@ func (s *Syncer) validateBlock(currState types.State, data *types.Data, header *
 	return nil
 }
 
+// verifyForcedInclusionTxs verifies that all forced inclusion transactions from DA are included in the block
+func (s *Syncer) verifyForcedInclusionTxs(currentState types.State, data *types.Data) error {
+	if s.daRetriever == nil {
+		return nil
+	}
+
+	// Retrieve forced inclusion transactions from DA
+	forcedIncludedTxsEvent, err := s.daRetriever.RetrieveForcedIncludedTxsFromDA(s.ctx, currentState.DAHeight)
+	if err != nil {
+		if errors.Is(err, ErrForceInclusionNotConfigured) {
+			s.logger.Debug().Msg("forced inclusion namespace not configured, skipping verification")
+			return nil
+		}
+
+		return fmt.Errorf("failed to retrieve forced included txs from DA: %w", err)
+	}
+
+	// If no forced inclusion transactions found, nothing to verify
+	if len(forcedIncludedTxsEvent.Txs) == 0 {
+		s.logger.Debug().Uint64("da_height", currentState.DAHeight).Msg("no forced inclusion transactions to verify")
+		return nil
+	}
+
+	blockTxMap := make(map[string]bool)
+	for _, tx := range data.Txs {
+		blockTxMap[string(tx)] = true
+	}
+
+	// Check if all forced inclusion transactions are present in the block
+	var missingTxs [][]byte
+	for _, forcedTx := range forcedIncludedTxsEvent.Txs {
+		if !blockTxMap[string(forcedTx)] {
+			missingTxs = append(missingTxs, forcedTx)
+		}
+	}
+
+	if len(missingTxs) > 0 {
+		s.logger.Error().
+			Uint64("height", data.Height()).
+			Uint64("da_height", currentState.DAHeight).
+			Uint64("da_epoch_start", forcedIncludedTxsEvent.StartDaHeight).
+			Uint64("da_epoch_end", forcedIncludedTxsEvent.EndDaHeight).
+			Int("missing_count", len(missingTxs)).
+			Int("total_forced", len(forcedIncludedTxsEvent.Txs)).
+			Msg("SEQUENCER IS MALICIOUS: forced inclusion transactions missing from block")
+		return fmt.Errorf("sequencer is malicious: %d forced inclusion transactions not included in block", len(missingTxs))
+	}
+
+	s.logger.Debug().
+		Uint64("height", data.Height()).
+		Int("forced_txs", len(forcedIncludedTxsEvent.Txs)).
+		Msg("all forced inclusion transactions verified in block")
+
+	return nil
+}
+
 // sendCriticalError sends a critical error to the error channel without blocking
 func (s *Syncer) sendCriticalError(err error) {
 	if s.errorCh != nil {