chore: update get sample seed

Author: LHerskind

l1-contracts/src/core/RollupCore.sol

@@ -526,8 +526,8 @@ contract RollupCore is EIP712("Aztec Rollup", "1"), Ownable, IStakingCore, IVali
    *      `ExtRollupLib.propose(...)` -> `ProposeLib.propose(...)` -> `ValidatorSelectionLib.setupEpoch(...)`).
    *
    *      If there are missed proposals then setupEpoch does not get called automatically. Since the next committee
-   *      selection is computed based on the latest stored seed and the epoch number, we would only fail to get a
-   *      fresh seed if:
+   *      selection is computed based on the stored randao and the epoch number, failing to update the randao stored
+   *      will keep the committee predictable longer into the future. We would only fail to get a fresh randao if:
    *      1. All the proposals in the epoch were missed
    *      2. Nobody called setupEpoch on the Rollup contract
    *
@@ -540,13 +540,13 @@ contract RollupCore is EIP712("Aztec Rollup", "1"), Ownable, IStakingCore, IVali
   }
 
   /**
-   * @notice Captures the seed for validator selection in the next epoch
-   * @dev Can be called by anyone. Takes a snapshot of the current state to ensure
-   *      unpredictable but deterministic validator selection. Automatically called
-   *      from setupEpoch.
+   * @notice Captures the randao for future validator selection
+   * @dev Can be called by anyone. Takes a snapshot of the current randao to ensure unpredictable but deterministic
+   *      validator selection. Automatically called from setupEpoch. Can be used as a cheaper alternative to
+   *      `setupEpoch` to update the randao checkpoints.
    */
-  function setupSeedSnapshotForNextEpoch() public override(IValidatorSelectionCore) {
-    ExtRollupLib2.setupSeedSnapshotForNextEpoch();
+  function checkpointRandao() public override(IValidatorSelectionCore) {
+    ExtRollupLib2.checkpointRandao();
   }
 
   /**

l1-contracts/src/core/interfaces/IValidatorSelection.sol

@@ -9,14 +9,14 @@ import {Checkpoints} from "@oz/utils/structs/Checkpoints.sol";
 struct ValidatorSelectionStorage {
   // A mapping to snapshots of the validator set
   mapping(Epoch => bytes32 committeeCommitment) committeeCommitments;
-  // Checkpointed map of epoch -> sample seed
-  Checkpoints.Trace224 seeds;
+  // Checkpointed map of epoch -> randao value
+  Checkpoints.Trace224 randaos;
   uint256 targetCommitteeSize;
 }
 
 interface IValidatorSelectionCore {
   function setupEpoch() external;
-  function setupSeedSnapshotForNextEpoch() external;
+  function checkpointRandao() external;
 }
 
 interface IValidatorSelection is IValidatorSelectionCore, IEmperor {

l1-contracts/src/core/libraries/rollup/ExtRollupLib2.sol

@@ -71,9 +71,9 @@ library ExtRollupLib2 {
     ValidatorSelectionLib.setupEpoch(currentEpoch);
   }
 
-  function setupSeedSnapshotForNextEpoch() external {
+  function checkpointRandao() external {
     Epoch currentEpoch = Timestamp.wrap(block.timestamp).epochFromTimestamp();
-    ValidatorSelectionLib.setSampleSeedForNextEpoch(currentEpoch);
+    ValidatorSelectionLib.checkpointRandao(currentEpoch);
   }
 
   function updateStakingQueueConfig(StakingQueueConfig memory _config) external {

l1-contracts/src/core/libraries/rollup/ValidatorSelectionLib.sol

@@ -60,8 +60,8 @@ import {TransientSlot} from "@oz/utils/TransientSlot.sol";
  *      4. Seed Management:
  *         - Sample seeds determine committee and proposer selection for each epoch
  *         - Seeds use prevrandao from L1 blocks combined with epoch number for unpredictability
- *         - Seeds are set 2 epochs in advance to prevent last-minute manipulation and provide L1-reorg resistance
- *         - First two epochs use maximum seed values (type(uint224).max) for bootstrap (this results in the committee
+ *         - Prevrandao are set 2 epochs in advance to prevent last-minute manipulation and provide L1-reorg resistance
+ *         - First two epochs use randao values (type(uint224).max) for bootstrap (this results in the committee
  *           being predictable in the first 2 epochs which is considered acceptable when bootstrapping the network)
  *
  *      5. Caching and Optimization:
@@ -134,9 +134,8 @@ library ValidatorSelectionLib {
     ValidatorSelectionStorage storage store = getStorage();
     store.targetCommitteeSize = _targetCommitteeSize;
 
-    // Set the sample seed for the first 2 epochs to max
-    store.seeds.push(0, type(uint224).max);
-    store.seeds.push(1, type(uint224).max);
+    // Set the initial randao
+    store.randaos.push(0, uint224(block.prevrandao));
   }
 
   /**
@@ -155,11 +154,11 @@ library ValidatorSelectionLib {
 
     //################ Seeds ################
     // Get the sample seed for this current epoch.
-    uint224 sampleSeed = getSampleSeed(_epochNumber);
+    uint256 sampleSeed = getSampleSeed(_epochNumber);
 
-    // Set the sample seed for the next epoch if required
+    // Checkpoint randao for future sampling if required
     // function handles the case where it is already set
-    setSampleSeedForNextEpoch(_epochNumber);
+    checkpointRandao(_epochNumber);
 
     //################ Committee ################
     // If the committee is not set for this epoch, we need to sample it
@@ -228,7 +227,7 @@ library ValidatorSelectionLib {
       }
 
       // Get the proposer from the committee based on the epoch, slot, and sample seed
-      uint224 sampleSeed = getSampleSeed(_epochNumber);
+      uint256 sampleSeed = getSampleSeed(_epochNumber);
       proposerIndex = computeProposerIndex(_epochNumber, _slot, sampleSeed, committeeSize);
       proposer = committee[proposerIndex];
 
@@ -384,7 +383,7 @@ library ValidatorSelectionLib {
 
     Epoch epochNumber = _slot.epochFromSlot();
 
-    uint224 sampleSeed = getSampleSeed(epochNumber);
+    uint256 sampleSeed = getSampleSeed(epochNumber);
     (uint32 ts, uint256[] memory indices) = sampleValidatorsIndices(epochNumber, sampleSeed);
     uint256 committeeSize = indices.length;
     if (committeeSize == 0) {
@@ -402,7 +401,7 @@ library ValidatorSelectionLib {
    * @param _seed The cryptographic seed for sampling randomness
    * @return The array of validator addresses selected for the committee
    */
-  function sampleValidators(Epoch _epoch, uint224 _seed) internal returns (address[] memory) {
+  function sampleValidators(Epoch _epoch, uint256 _seed) internal returns (address[] memory) {
     (uint32 ts, uint256[] memory indices) = sampleValidatorsIndices(_epoch, _seed);
     return StakingLib.getAttestersFromIndicesAtTime(Timestamp.wrap(ts), indices);
   }
@@ -415,7 +414,7 @@ library ValidatorSelectionLib {
    * @return The array of committee member addresses for the epoch
    */
   function getCommitteeAt(Epoch _epochNumber) internal returns (address[] memory) {
-    uint224 seed = getSampleSeed(_epochNumber);
+    uint256 seed = getSampleSeed(_epochNumber);
     return sampleValidators(_epochNumber, seed);
   }
 
@@ -444,41 +443,34 @@ library ValidatorSelectionLib {
   }
 
   /**
-   * @notice Sets the sample seed for the epoch two epochs in the future
-   * @dev Calls setSampleSeedForEpoch with _epoch + 2 to maintain the two-epoch advance requirement.
-   *      This ensures randomness seeds are set well in advance to prevent manipulation.
-   * @param _epoch The current epoch (seed will be set for _epoch + 2)
+   * @notice Checkpoints randao value for future usage
+   * @dev Checks if already stored before computing and storing the randao value.
+   *      Offset the epoch by 2 to maintain the two-epoch advance requirement.
+   *      This ensures randomness are set well in advance to prevent manipulation.
+   * @param _epoch The current epoch (randao will be set for _epoch + 2)
+   *       Passed to reduce recomputation
    */
-  function setSampleSeedForNextEpoch(Epoch _epoch) internal {
-    setSampleSeedForEpoch(_epoch + Epoch.wrap(2));
-  }
-
-  /**
-   * @notice Sets the sample seed for a specific epoch if not already set
-   * @dev Checks if the seed is already stored before computing and storing a new one.
-   *      Uses computeNextSeed() to generate cryptographically secure randomness.
-   * @param _epoch The epoch to set the sample seed for
-   */
-  function setSampleSeedForEpoch(Epoch _epoch) internal {
+  function checkpointRandao(Epoch _epoch) internal {
     ValidatorSelectionStorage storage store = getStorage();
-    uint32 epoch = Epoch.unwrap(_epoch).toUint32();
+
+    // Compute the offset
+    uint32 epoch = Epoch.unwrap(_epoch).toUint32() + 2;
 
     // Check if the latest checkpoint is for the next epoch
-    // It should be impossible that zero epoch snapshots exist, as in the genesis state we push the first sample seed
+    // It should be impossible that zero epoch snapshots exist, as in the genesis state we push the first values
     // into the store
-    (, uint32 mostRecentSeedEpoch,) = store.seeds.latestCheckpoint();
+    (, uint32 mostRecentEpoch,) = store.randaos.latestCheckpoint();
 
-    // If the sample seed for the next epoch is already set, we can skip the computation
-    if (mostRecentSeedEpoch == epoch) {
+    // If the randao for the next epoch is already set, we can skip the computation
+    if (mostRecentEpoch == epoch) {
       return;
     }
 
-    // If the most recently stored seed is less than the epoch we are querying, then we need to compute its seed for
+    // If the most recently stored epoch is less than the epoch we are querying, then we need to store randao for
     // later use
-    if (mostRecentSeedEpoch < epoch) {
-      // Compute the sample seed for the next epoch
-      uint224 nextSeed = computeNextSeed(_epoch);
-      store.seeds.push(epoch, nextSeed);
+    if (mostRecentEpoch < epoch) {
+      // Truncate the randao to be used for future sampling.
+      store.randaos.push(epoch, uint224(block.prevrandao));
     }
   }
 
@@ -558,15 +550,14 @@ library ValidatorSelectionLib {
 
   /**
    * @notice Gets the cryptographic sample seed for an epoch
-   * @dev Retrieves the seed from the checkpointed seeds mapping using upperLookup.
-   *      The seed is computed as keccak256(epoch, block.prevrandao) during epoch setup.
-   *      Never called for epoch 0 or future epochs - only for current/past epochs.
+   * @dev Retrieves the randao from the checkpointed randaos mapping using upperLookup.
+   *      Then computes the sample seed using keccak256(epoch, randao)
    * @param _epoch The epoch to get the sample seed for
-   * @return The 224-bit sample seed used for validator selection randomness
+   * @return The sample seed used for validator selection randomness
    */
-  function getSampleSeed(Epoch _epoch) internal view returns (uint224) {
+  function getSampleSeed(Epoch _epoch) internal view returns (uint256) {
     ValidatorSelectionStorage storage store = getStorage();
-    return store.seeds.upperLookup(Epoch.unwrap(_epoch).toUint32());
+    return uint256(keccak256(abi.encode(_epoch, store.randaos.upperLookup(Epoch.unwrap(_epoch).toUint32()))));
   }
 
   /**
@@ -607,7 +598,7 @@ library ValidatorSelectionLib {
    * @return indices Array of validator indices selected for the committee
    * @custom:reverts Errors.ValidatorSelection__InsufficientCommitteeSize if not enough validators available
    */
-  function sampleValidatorsIndices(Epoch _epoch, uint224 _seed) private returns (uint32, uint256[] memory) {
+  function sampleValidatorsIndices(Epoch _epoch, uint256 _seed) private returns (uint32, uint256[] memory) {
     ValidatorSelectionStorage storage store = getStorage();
     uint32 ts = epochToSampleTime(_epoch);
     uint256 validatorSetSize = StakingLib.getAttesterCountAtTime(Timestamp.wrap(ts));
@@ -625,18 +616,6 @@ library ValidatorSelectionLib {
     return (ts, SampleLib.computeCommittee(targetCommitteeSize, validatorSetSize, _seed));
   }
 
-  /**
-   * @notice Computes the cryptographic seed for an epoch using L1 randomness
-   * @dev Combines epoch number with block.prevrandao to create unpredictable but deterministic seed.
-   *      Including epoch prevents foundry testing issues where prevrandao might be zero.
-   * @param _epoch The epoch to compute the seed for
-   * @return The computed 224-bit seed (truncated from 256-bit keccak output)
-   */
-  function computeNextSeed(Epoch _epoch) private view returns (uint224) {
-    // Allow for unsafe (lossy) downcast as we do not care if we loose bits
-    return uint224(uint256(keccak256(abi.encode(_epoch, block.prevrandao))));
-  }
-
   /**
    * @notice Computes the keccak256 commitment hash for a committee member array
    * @dev Creates a cryptographic commitment to the committee composition that can be verified later.

l1-contracts/test/validator-selection/ValidatorSelection.t.sol

@@ -136,9 +136,10 @@ contract ValidatorSelectionTest is ValidatorSelectionTestBase {
     assertEq(expectedProposer, actualProposer, "Invalid proposer");
   }
 
-  function testCommitteeForNonSetupEpoch(uint8 _epochsToJump) public setup(4, 4) progressEpochs(2) {
+  function testCommitteeForNonSetupEpoch() public setup(8, 4) progressEpochs(2) {
     Epoch pre = rollup.getCurrentEpoch();
-    vm.warp(block.timestamp + uint256(_epochsToJump) * rollup.getEpochDuration() * rollup.getSlotDuration());
+    // Jump 8 epochs into the future to ensure that it haven't been setup.
+    vm.warp(block.timestamp + 8 * rollup.getEpochDuration() * rollup.getSlotDuration());
 
     Epoch post = rollup.getCurrentEpoch();
 
@@ -151,8 +152,8 @@ contract ValidatorSelectionTest is ValidatorSelectionTestBase {
     assertEq(preCommittee.length, expectedSize, "Invalid committee size");
     assertEq(postCommittee.length, expectedSize, "Invalid committee size");
 
-    // Elements in the committee should be the same
-    assertEq(preCommittee, postCommittee, "Committee elements have changed");
+    // Elements in the committee should **not** be the same, as the epoch is mixed into the seed
+    assertNotEq(preCommittee, postCommittee, "Committee elements have not changed");
   }
 
   function testStableCommittee(uint8 _timeToJump) public setup(4, 4) progressEpochs(2) {