feat: execution verification

.golangci.yml

@@ -1,6 +1,10 @@
 version: "2"
 run:
   modules-download-mode: readonly
+  build-tags:
+    - evm
+    - e2e
+    - docker
 linters:
   enable:
     - errorlint

apps/testapp/go.mod

@@ -12,6 +12,7 @@ replace (
 require (
 	github.com/ipfs/go-datastore v0.8.2
 	github.com/rollkit/rollkit v0.0.0-00010101000000-000000000000
+	github.com/rollkit/rollkit/core v0.0.0-20250312114929-104787ba1a4c
 	github.com/rollkit/rollkit/da v0.0.0-00010101000000-000000000000
 	github.com/rollkit/rollkit/sequencers/single v0.0.0-00010101000000-000000000000
 	github.com/spf13/cobra v1.9.1
@@ -141,7 +142,6 @@ require (
 	github.com/quic-go/quic-go v0.50.1 // indirect
 	github.com/quic-go/webtransport-go v0.8.1-0.20241018022711-4ac2c9250e66 // indirect
 	github.com/raulk/go-watchdog v1.3.0 // indirect
-	github.com/rollkit/rollkit/core v0.0.0-20250312114929-104787ba1a4c // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect

apps/testapp/kv/kvexecutor.go

@@ -10,6 +10,7 @@ import (
 
 	ds "github.com/ipfs/go-datastore"
 	"github.com/ipfs/go-datastore/query"
+	"github.com/rollkit/rollkit/core/execution"
 	"github.com/rollkit/rollkit/pkg/store"
 )
 
@@ -243,6 +244,12 @@ func (k *KVExecutor) SetFinal(ctx context.Context, blockHeight uint64) error {
 	return k.db.Put(ctx, ds.NewKey("/finalizedHeight"), []byte(fmt.Sprintf("%d", blockHeight)))
 }
 
+// GetExecutionMode returns the execution mode for this executor.
+// KVExecutor uses delayed execution mode.
+func (k *KVExecutor) GetExecutionMode() execution.ExecutionMode {
+	return execution.ExecutionModeDelayed
+}
+
 // InjectTx adds a transaction to the mempool channel.
 // Uses a non-blocking send to avoid blocking the caller if the channel is full.
 func (k *KVExecutor) InjectTx(tx []byte) {

block/da_includer.go

@@ -4,6 +4,7 @@
 	"context"
 	"encoding/binary"
 	"fmt"
+	"strings"
 
 	coreda "github.com/rollkit/rollkit/core/da"
 	storepkg "github.com/rollkit/rollkit/pkg/store"
@@ -36,7 +37,7 @@
 				}
 				// Both header and data are DA-included, so we can advance the height
 				if err := m.incrementDAIncludedHeight(ctx); err != nil {
-					errCh <- fmt.Errorf("error while incrementing DA included height: %w", err)
+					errCh <- fmt.Errorf("while incrementing DA included height: %w", err)
 					return
 				}
 
@@ -57,6 +58,10 @@
 	m.logger.Debug("setting final height: ", newHeight)
 	err := m.exec.SetFinal(ctx, newHeight)
 	if err != nil {
+		if strings.Contains(err.Error(), "not yet indexed") {
+			m.logger.Debug("engine not ready yet, will retry later", "height", newHeight)
+			return nil
+		}
 		m.logger.Error("failed to set final height: ", newHeight, "error: ", err)
 		return err
 	}

block/manager.go

@@ -147,6 +147,8 @@
 	metrics *Metrics
 
 	exec coreexecutor.Executor
+	// executionMode caches the execution mode from the executor
+	executionMode coreexecutor.ExecutionMode
 
 	// daIncludedHeight is rollkit height at which all blocks have been included
 	// in the DA
@@ -351,6 +353,8 @@
 	daH := atomic.Uint64{}
 	daH.Store(s.DAHeight)
 
+	executionMode := exec.GetExecutionMode()
+
 	m := &Manager{
 		signer:            signer,
 		config:            config,
@@ -380,6 +384,7 @@
 		metrics:                  seqMetrics,
 		sequencer:                sequencer,
 		exec:                     exec,
+		executionMode:            executionMode,
 		da:                       da,
 		gasPrice:                 gasPrice,
 		gasMultiplier:            gasMultiplier,
@@ -800,22 +805,26 @@
 	}
 
 	// // Verify that the header's timestamp is strictly greater than the last block's time
-	// headerTime := header.Time()
-	// if header.Height() > 1 && lastState.LastBlockTime.After(headerTime) {
-	// 	return fmt.Errorf("block time must be strictly increasing: got %v, last block time was %v",
-	// 		headerTime.UnixNano(), lastState.LastBlockTime)
-	// }
-
-	// // Validate that the header's AppHash matches the lastState's AppHash
-	// // Note: Assumes deferred execution
-	// if !bytes.Equal(header.AppHash, lastState.AppHash) {
-	// 	return fmt.Errorf("app hash mismatch: expected %x, got %x", lastState.AppHash, header.AppHash)
-	// }
+	headerTime := header.Time()
+	if header.Height() > 1 && lastState.LastBlockTime.After(headerTime) {
+		return fmt.Errorf("block time must be strictly increasing: got %v, last block time was %v",
+			headerTime.UnixNano(), lastState.LastBlockTime)
+	}
+
+	// Validate AppHash based on execution mode
+	if m.executionMode == coreexecutor.ExecutionModeDelayed {
+		// In delayed mode, AppHash should match the last state's AppHash
+		if !bytes.Equal(header.AppHash, lastState.AppHash) {
+			return fmt.Errorf("appHash mismatch in delayed mode: expected %x, got %x", lastState.AppHash, header.AppHash)
+		}
+	}
+	// Note: For immediate mode, we can't validate AppHash against lastState because
+	// it represents the state after executing the current block's transactions
 
 	return nil
 }
 
-func (m *Manager) execCreateBlock(_ context.Context, height uint64, lastSignature *types.Signature, lastHeaderHash types.Hash, _ types.State, batchData *BatchData) (*types.SignedHeader, *types.Data, error) {
+func (m *Manager) execCreateBlock(ctx context.Context, height uint64, lastSignature *types.Signature, lastHeaderHash types.Hash, lastState types.State, batchData *BatchData) (*types.SignedHeader, *types.Data, error) {
 	// Use when batchData is set to data IDs from the DA layer
 	// batchDataIDs := convertBatchDataToBytes(batchData.Data)
 
@@ -840,21 +849,36 @@
 	// Determine if this is an empty block
 	isEmpty := batchData.Batch == nil || len(batchData.Transactions) == 0
 
+	// Determine AppHash based on execution mode
+	var appHash []byte
+	if m.executionMode == coreexecutor.ExecutionModeImmediate {
+
+		// Execute transactions
+		newStateRoot, _, err := m.exec.ExecuteTxs(ctx, batchData.Transactions, height, batchData.Time, lastState.AppHash)
+		if err != nil {
+			return nil, nil, fmt.Errorf("failed to execute transactions for immediate mode: %w", err)
+		}
+		appHash = newStateRoot
+	} else {
+		// For delayed execution, use the app hash from last state
+		appHash = lastState.AppHash
+	}
+
 	header := &types.SignedHeader{
 		Header: types.Header{
 			Version: types.Version{
-				Block: m.lastState.Version.Block,
-				App:   m.lastState.Version.App,
+				Block: lastState.Version.Block,
+				App:   lastState.Version.App,
 			},
 			BaseHeader: types.BaseHeader{
-				ChainID: m.lastState.ChainID,
+				ChainID: lastState.ChainID,
 				Height:  height,
 				Time:    uint64(batchData.UnixNano()), //nolint:gosec // why is time unix? (tac0turtle)
 			},
 			LastHeaderHash: lastHeaderHash,
-			// DataHash is set at the end of the function
+			// DataHash is set below
 			ConsensusHash:   make(types.Hash, 32),
-			AppHash:         m.lastState.AppHash,
+			AppHash:         appHash,
 			ProposerAddress: m.genesis.ProposerAddress,
 		},
 		Signature: *lastSignature,
@@ -869,7 +893,7 @@
 		Txs: make(types.Txs, 0), // Start with empty transaction list
 	}
 
-	// Only add transactions if this is not an empty block
+	// Set DataHash
 	if !isEmpty {
 		blockData.Txs = make(types.Txs, len(batchData.Transactions))
 		for i := range batchData.Transactions {
@@ -884,15 +908,61 @@
 }
 
 func (m *Manager) execApplyBlock(ctx context.Context, lastState types.State, header *types.SignedHeader, data *types.Data) (types.State, error) {
-	rawTxs := make([][]byte, len(data.Txs))
-	for i := range data.Txs {
-		rawTxs[i] = data.Txs[i]
-	}
+	var newStateRoot []byte
+
+	// Check if we need to execute transactions
+	if m.executionMode == coreexecutor.ExecutionModeImmediate {
+		// For immediate mode, the aggregator already executed during block creation
+		// But syncing nodes need to execute to verify the AppHash
+		// Check if we're the block creator by verifying we signed this block
+		isBlockCreator := false
+		if m.signer != nil {
+			myAddress, err := m.signer.GetAddress()
+			if err == nil && bytes.Equal(header.ProposerAddress, myAddress) {
+				// Also verify this is the current height we're producing
+				currentHeight, err := m.store.Height(ctx)
+				if err == nil && header.Height() == currentHeight+1 {
+					isBlockCreator = true
+				}
+			}
+		}
 
-	ctx = context.WithValue(ctx, types.SignedHeaderContextKey, header)
-	newStateRoot, _, err := m.exec.ExecuteTxs(ctx, rawTxs, header.Height(), header.Time(), lastState.AppHash)
-	if err != nil {
-		return types.State{}, fmt.Errorf("failed to execute transactions: %w", err)
+		if isBlockCreator {
+			// We created this block, so we already executed transactions in execCreateBlock
+			// Just use the AppHash from the header
+			newStateRoot = header.AppHash
+		} else {
+			// We're syncing this block, need to execute to verify AppHash
+			rawTxs := make([][]byte, len(data.Txs))
+			for i := range data.Txs {
+				rawTxs[i] = data.Txs[i]
+			}
+
+			ctx = context.WithValue(ctx, types.SignedHeaderContextKey, header)
+			computedStateRoot, _, err := m.exec.ExecuteTxs(ctx, rawTxs, header.Height(), header.Time(), lastState.AppHash)
+			if err != nil {
+				return types.State{}, fmt.Errorf("failed to execute transactions: %w", err)
+			}
+
+			// Verify the AppHash matches
+			if !bytes.Equal(header.AppHash, computedStateRoot) {
+				return types.State{}, fmt.Errorf("AppHash mismatch in immediate mode: expected %x, got %x", computedStateRoot, header.AppHash)
+			}
+			newStateRoot = computedStateRoot
+		}
+	} else {
+		// For delayed mode, always execute transactions
+		rawTxs := make([][]byte, len(data.Txs))
+		for i := range data.Txs {
+			rawTxs[i] = data.Txs[i]
+		}
+
+		ctx = context.WithValue(ctx, types.SignedHeaderContextKey, header)
+		var err error
+		newStateRoot, _, err = m.exec.ExecuteTxs(ctx, rawTxs, header.Height(), header.Time(), lastState.AppHash)
+		if err != nil {
+			return types.State{}, fmt.Errorf("failed to execute transactions: %w", err)
+		}
 	}
 
 	s, err := lastState.NextState(header, newStateRoot)

block/manager_test.go

@@ -575,28 +575,26 @@ func TestManager_execValidate(t *testing.T) {
 		require.NoError(err)
 	})
 
-	// TODO: https://github.com/rollkit/rollkit/issues/2250
-
-	// t.Run("non-monotonic block time with height > 1", func(t *testing.T) {
-	// 	state, header, data, privKey := makeValid()
-	// 	state.LastBlockTime = time.Now().Add(time.Minute)
-	// 	state.LastBlockHeight = 1
-	// 	header.BaseHeader.Height = state.LastBlockHeight + 1
-	// 	data.Metadata.Height = state.LastBlockHeight + 1
-	// 	signer, err := noopsigner.NewNoopSigner(privKey)
-	// 	require.NoError(err)
-	// 	header.Signature, err = types.GetSignature(header.Header, signer)
-	// 	require.NoError(err)
-	// 	err = m.execValidate(state, header, data)
-	// 	require.ErrorContains(err, "block time must be strictly increasing")
-	// })
-
-	// t.Run("app hash mismatch", func(t *testing.T) {
-	// 	state, header, data, _ := makeValid()
-	// 	state.AppHash = []byte("different")
-	// 	err := m.execValidate(state, header, data)
-	// 	require.ErrorContains(err, "app hash mismatch")
-	// })
+	t.Run("non-monotonic block time with height > 1", func(t *testing.T) {
+		state, header, data, privKey := makeValid()
+		state.LastBlockTime = time.Now().Add(time.Minute)
+		state.LastBlockHeight = 1
+		header.BaseHeader.Height = state.LastBlockHeight + 1
+		data.Metadata.Height = state.LastBlockHeight + 1
+		signer, err := noopsigner.NewNoopSigner(privKey)
+		require.NoError(err)
+		header.Signature, err = types.GetSignature(header.Header, signer)
+		require.NoError(err)
+		err = m.execValidate(state, header, data)
+		require.ErrorContains(err, "block time must be strictly increasing")
+	})
+
+	t.Run("app hash mismatch", func(t *testing.T) {
+		state, header, data, _ := makeValid()
+		state.AppHash = []byte("different")
+		err := m.execValidate(state, header, data)
+		require.ErrorContains(err, "appHash mismatch in delayed mode")
+	})
 }
 
 // TestGetterMethods tests simple getter methods for the Manager

block/publish_block_p2p_test.go

@@ -19,6 +19,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
+	coreexecution "github.com/rollkit/rollkit/core/execution"
 	coresequencer "github.com/rollkit/rollkit/core/sequencer"
 	"github.com/rollkit/rollkit/pkg/config"
 	genesispkg "github.com/rollkit/rollkit/pkg/genesis"
@@ -241,6 +242,10 @@ func (m mockExecutor) SetFinal(ctx context.Context, blockHeight uint64) error {
 	return nil
 }
 
+func (m mockExecutor) GetExecutionMode() coreexecution.ExecutionMode {
+	return coreexecution.ExecutionModeDelayed
+}
+
 var rnd = rand.New(rand.NewSource(1)) //nolint:gosec // test code only
 
 func bytesN(n int) []byte {

block/submitter.go

@@ -118,7 +118,7 @@ func submitToDA[T any](
 
 		switch res.Code {
 		case coreda.StatusSuccess:
-			m.logger.Info(fmt.Sprintf("successfully submitted %s to DA layer", itemType), "gasPrice", gasPrice, "count", res.SubmittedCount)
+			m.logger.Info(fmt.Sprintf("successfully submitted %s to DA layer,", itemType), "gasPrice ", gasPrice, "count", res.SubmittedCount)
 			if res.SubmittedCount == uint64(remLen) {
 				submittedAll = true
 			}

block/sync.go

@@ -173,7 +173,7 @@ func (m *Manager) handleEmptyDataHash(ctx context.Context, header *types.Header)
 		if headerHeight > 1 {
 			_, lastData, err := m.store.GetBlockData(ctx, headerHeight-1)
 			if err != nil {
-				m.logger.Debug("previous block not applied yet", "current height", headerHeight, "previous height", headerHeight-1, "error", err)
+				m.logger.Debug("previous block not applied yet, current height: ", headerHeight, "previous height: ", headerHeight-1, "error: ", err)
 			}
 			if lastData != nil {
 				lastDataHash = lastData.Hash()

core/execution/dummy.go

@@ -91,6 +91,12 @@
 	return fmt.Errorf("cannot set finalized block at height %d", blockHeight)
 }
 
+// GetExecutionMode returns the execution mode for this executor.
+// DummyExecutor uses delayed execution mode.
+func (e *DummyExecutor) GetExecutionMode() ExecutionMode {
+	return ExecutionModeDelayed
+}
+
 func (e *DummyExecutor) removeExecutedTxs(txs [][]byte) {
 	e.injectedTxs = slices.DeleteFunc(e.injectedTxs, func(tx []byte) bool {
 		return slices.ContainsFunc(txs, func(t []byte) bool { return bytes.Equal(tx, t) })