evstack
diff --git a/‎docs/adr/adr-019-forced-inclusion-mechanism.md‎
Lines changed: 54 additions & 0 deletions b/‎docs/adr/adr-019-forced-inclusion-mechanism.md‎
Lines changed: 54 additions & 0 deletions
@@ -5,6 +5,7 @@
 - 2025-03-24: Initial draft
 - 2025-04-23: Renumbered from ADR-018 to ADR-019 to maintain chronological order.
 - 2025-11-10: Updated to reflect actual implementation
+- 2026-02-23: Added sequencer catch-up mode documentation
 
 ## Context
 
@@ -445,6 +446,58 @@ if errors.Is(err, coreda.ErrHeightFromFuture) {
 }
 ```
 
+#### Sequencer Catch-Up Mode
+
+When a single sequencer comes back online after downtime spanning multiple DA epochs, it enters **catch-up mode** to ensure consistency with base sequencing behavior.
+
+**Problem**: If the sequencer was offline for several DA epochs, it missed mempool transactions that were submitted during that time. However, forced inclusion transactions were still being posted to DA and processed by full nodes running in base sequencing mode. When the sequencer restarts, it must produce blocks that match what base sequencing would have produced during the downtime.
+
+**Solution**: The sequencer detects if it has fallen more than one epoch behind the DA head and enters catch-up mode:
+
+1. **Detection**: On the first epoch fetch after startup, query `GetLatestDAHeight()` to determine the gap
+2. **Catch-Up Mode**: If more than one epoch behind, enter catch-up mode:
+   - Only produce blocks with forced inclusion transactions (no mempool)
+   - Use DA epoch end timestamps for block timestamps (to match base sequencing)
+3. **Exit**: When `ErrHeightFromFuture` is encountered (reached DA head), exit catch-up mode and resume normal operation
+
+**Key Behaviors During Catch-Up**:
+
+- **No Mempool Transactions**: Only forced inclusion transactions are included in blocks
+- **Matching Timestamps**: Block timestamps are derived from DA epoch end times to match base sequencing
+- **Checkpoint Persistence**: Progress is tracked via checkpoint to handle crashes during catch-up
+- **Single Check**: The `GetLatestDAHeight()` query is performed only once per sequencer lifecycle
+
+**Example**:
+
+```
+Sequencer offline during epochs 100-150 (5 epochs of 10 blocks each)
+Full nodes (base sequencing) produced blocks with forced txs only
+
+Sequencer restarts at epoch 160:
+1. Checkpoint DA height: 100
+2. Latest DA height: 160
+3. Missed epochs: 6 (more than 1)
+4. Enter catch-up mode
+
+Catch-up process:
+- Epoch 101-110: Produce blocks with forced txs only, use epoch timestamps
+- Epoch 111-120: Continue catch-up...
+- ...
+- Epoch 151-160: Still catching up
+- Epoch 161: ErrHeightFromFuture -> exit catch-up mode
+
+Normal operation resumes:
+- Include both forced txs and mempool txs
+- Use current timestamps
+```
+
+**Benefits**:
+
+- Ensures sequencer produces identical blocks to what base sequencing would have produced
+- Maintains consistency across the network regardless of sequencer downtime
+- Automatic detection and recovery without operator intervention
+- Safe restart after crashes (checkpoint tracks progress)
+
 #### Grace Period for Forced Inclusion
 
 The grace period mechanism provides tolerance for chain congestion while maintaining censorship resistance:
@@ -760,6 +813,7 @@ Accepted and Implemented
 9. **Transaction Preservation**: All valid transactions are preserved in queues, nothing is lost
 10. **Strict MaxBytes Compliance**: Batches never exceed limits, preventing DA submission failures
 11. **DA Fault Tolerance**: Grace period prevents false positives during temporary chain congestion
+12. **Automatic Recovery**: Sequencer catch-up mode ensures consistency after downtime without operator intervention
 
 ### Negative