Validator: perform sync committee duties (#9411)

* Validator sync committee methods * Gazelle * Update visibility * Add setupWithKey * Refactor selection proofs * Fix build * Refactor compute and sign * Fix sign request * Fix test Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com>
2026-01-09 13:28:01 -05:00 · 2021-08-24 10:33:42 -07:00
parent cd4bb6a9c8
commit 45b6a80a30
5 changed files with 711 additions and 0 deletions
--- a/beacon-chain/core/altair/BUILD.bazel
+++ b/beacon-chain/core/altair/BUILD.bazel
@@ -18,6 +18,7 @@ go_library(
        "//beacon-chain:__subpackages__",
        "//shared/testutil:__pkg__",
        "//spectest:__subpackages__",
+        "//validator/client:__pkg__",
    ],
    deps = [
        "//beacon-chain/core/blocks:go_default_library",
--- a/validator/client/BUILD.bazel
+++ b/validator/client/BUILD.bazel
@@ -14,12 +14,14 @@ go_library(
        "propose_protect.go",
        "runner.go",
        "service.go",
+        "sync_committee.go",
        "validator.go",
        "wait_for_activation.go",
    ],
    importpath = "github.com/prysmaticlabs/prysm/validator/client",
    visibility = ["//validator:__subpackages__"],
    deps = [
+        "//beacon-chain/core/altair:go_default_library",
        "//beacon-chain/core/helpers:go_default_library",
        "//proto/prysm/v1alpha1:go_default_library",
        "//proto/prysm/v1alpha1/block:go_default_library",
@@ -51,6 +53,7 @@ go_library(
        "//validator/keymanager/remote:go_default_library",
        "//validator/slashing-protection/iface:go_default_library",
        "@com_github_dgraph_io_ristretto//:go_default_library",
+        "@com_github_ferranbt_fastssz//:go_default_library",
        "@com_github_grpc_ecosystem_go_grpc_middleware//:go_default_library",
        "@com_github_grpc_ecosystem_go_grpc_middleware//retry:go_default_library",
        "@com_github_grpc_ecosystem_go_grpc_middleware//tracing/opentracing:go_default_library",
@@ -62,6 +65,7 @@ go_library(
        "@com_github_prysmaticlabs_eth2_types//:go_default_library",
        "@com_github_prysmaticlabs_go_bitfield//:go_default_library",
        "@com_github_sirupsen_logrus//:go_default_library",
+        "@io_bazel_rules_go//proto/wkt:empty_go_proto",
        "@io_opencensus_go//plugin/ocgrpc:go_default_library",
        "@io_opencensus_go//trace:go_default_library",
        "@org_golang_google_grpc//:go_default_library",
@@ -89,6 +93,7 @@ go_test(
        "runner_test.go",
        "service_test.go",
        "slashing_protection_interchange_test.go",
+        "sync_committee_test.go",
        "validator_test.go",
        "wait_for_activation_test.go",
    ],
--- a/validator/client/propose_test.go
+++ b/validator/client/propose_test.go
@@ -57,6 +57,10 @@ func (m mockSignature) Copy() bls.Signature {
 func setup(t *testing.T) (*validator, *mocks, bls.SecretKey, func()) {
 	validatorKey, err := bls.RandKey()
 	require.NoError(t, err)
+	return setupWithKey(t, validatorKey)
+}
+
+func setupWithKey(t *testing.T, validatorKey bls.SecretKey) (*validator, *mocks, bls.SecretKey, func()) {
 	pubKey := [48]byte{}
 	copy(pubKey[:], validatorKey.PublicKey().Marshal())
 	valDB := testing2.SetupDB(t, [][48]byte{pubKey})
--- a/validator/client/sync_committee.go
+++ b/validator/client/sync_committee.go
@@ -0,0 +1,232 @@
+package client
+
+import (
+	"context"
+	"fmt"
+
+	fssz "github.com/ferranbt/fastssz"
+	emptypb "github.com/golang/protobuf/ptypes/empty"
+	types "github.com/prysmaticlabs/eth2-types"
+	"github.com/prysmaticlabs/prysm/beacon-chain/core/altair"
+	"github.com/prysmaticlabs/prysm/beacon-chain/core/helpers"
+	ethpb "github.com/prysmaticlabs/prysm/proto/prysm/v1alpha1"
+	validatorpb "github.com/prysmaticlabs/prysm/proto/prysm/v1alpha1/validator-client"
+	"github.com/prysmaticlabs/prysm/shared/bls"
+	"github.com/prysmaticlabs/prysm/shared/bytesutil"
+	"github.com/prysmaticlabs/prysm/shared/params"
+	"github.com/prysmaticlabs/prysm/shared/traceutil"
+	"github.com/sirupsen/logrus"
+	"go.opencensus.io/trace"
+)
+
+// SubmitSyncCommitteeMessage submits the sync committee message to the beacon chain.
+func (v *validator) SubmitSyncCommitteeMessage(ctx context.Context, slot types.Slot, pubKey [48]byte) {
+	ctx, span := trace.StartSpan(ctx, "validator.SubmitSyncCommitteeMessage")
+	defer span.End()
+	span.AddAttributes(trace.StringAttribute("validator", fmt.Sprintf("%#x", pubKey)))
+
+	v.waitOneThirdOrValidBlock(ctx, slot)
+
+	res, err := v.validatorClient.GetSyncMessageBlockRoot(ctx, &emptypb.Empty{})
+	if err != nil {
+		log.WithError(err).Error("Could not request sync message block root to sign")
+		traceutil.AnnotateError(span, err)
+		return
+	}
+
+	duty, err := v.duty(pubKey)
+	if err != nil {
+		log.WithError(err).Error("Could not fetch validator assignment")
+		return
+	}
+
+	d, err := v.domainData(ctx, helpers.SlotToEpoch(slot), params.BeaconConfig().DomainSyncCommittee[:])
+	if err != nil {
+		log.WithError(err).Error("Could not get sync committee domain data")
+		return
+	}
+	sszRoot := types.SSZBytes(res.Root)
+	r, err := helpers.ComputeSigningRoot(&sszRoot, d.SignatureDomain)
+	if err != nil {
+		log.WithError(err).Error("Could not get sync committee message signing root")
+		return
+	}
+	sig, err := v.keyManager.Sign(ctx, &validatorpb.SignRequest{
+		PublicKey:       pubKey[:],
+		SigningRoot:     r[:],
+		SignatureDomain: d.SignatureDomain,
+	})
+	if err != nil {
+		log.WithError(err).Error("Could not sign sync committee message")
+		return
+	}
+
+	msg := &ethpb.SyncCommitteeMessage{
+		Slot:           slot,
+		BlockRoot:      res.Root,
+		ValidatorIndex: duty.ValidatorIndex,
+		Signature:      sig.Marshal(),
+	}
+	if _, err := v.validatorClient.SubmitSyncMessage(ctx, msg); err != nil {
+		log.WithError(err).Error("Could not submit sync committee message")
+		return
+	}
+
+	log.WithFields(logrus.Fields{
+		"slot":           msg.Slot,
+		"blockRoot":      fmt.Sprintf("%#x", bytesutil.Trunc(msg.BlockRoot)),
+		"validatorIndex": msg.ValidatorIndex,
+	}).Info("Submitted new sync message")
+}
+
+// SubmitSignedContributionAndProof submits the signed sync committee contribution and proof to the beacon chain.
+func (v *validator) SubmitSignedContributionAndProof(ctx context.Context, slot types.Slot, pubKey [48]byte) {
+	ctx, span := trace.StartSpan(ctx, "validator.SubmitSignedContributionAndProof")
+	defer span.End()
+	span.AddAttributes(trace.StringAttribute("validator", fmt.Sprintf("%#x", pubKey)))
+
+	duty, err := v.duty(pubKey)
+	if err != nil {
+		log.Errorf("Could not fetch validator assignment: %v", err)
+		return
+	}
+
+	indexRes, err := v.validatorClient.GetSyncSubcommitteeIndex(ctx, &ethpb.SyncSubcommitteeIndexRequest{
+		PublicKey: pubKey[:],
+		Slot:      slot,
+	})
+	if err != nil {
+		log.Errorf("Could not get sync subcommittee index: %v", err)
+		return
+	}
+	if len(indexRes.Indices) == 0 {
+		log.Debug("Empty subcommittee index list, do nothing")
+		return
+	}
+
+	selectionProofs, err := v.selectionProofs(ctx, slot, pubKey, indexRes)
+	if err != nil {
+		log.Errorf("Could not get selection proofs: %v", err)
+		return
+	}
+
+	v.waitToSlotTwoThirds(ctx, slot)
+
+	for i, comIdx := range indexRes.Indices {
+		isAggregator, err := altair.IsSyncCommitteeAggregator(selectionProofs[i])
+		if err != nil {
+			log.Errorf("Could check in aggregator: %v", err)
+			return
+		}
+		if !isAggregator {
+			continue
+		}
+		subCommitteeSize := params.BeaconConfig().SyncCommitteeSize / params.BeaconConfig().SyncCommitteeSubnetCount
+		subnet := uint64(comIdx) / subCommitteeSize
+		contribution, err := v.validatorClient.GetSyncCommitteeContribution(ctx, &ethpb.SyncCommitteeContributionRequest{
+			Slot:      slot,
+			PublicKey: pubKey[:],
+			SubnetId:  subnet,
+		})
+		if err != nil {
+			log.Errorf("Could not get sync committee contribution: %v", err)
+			return
+		}
+		if contribution.AggregationBits.Count() == 0 {
+			log.WithFields(logrus.Fields{
+				"slot":   slot,
+				"pubkey": pubKey,
+				"subnet": subnet,
+			}).Warn("Sync contribution for validator has no bits set.")
+			continue
+		}
+
+		contributionAndProof := &ethpb.ContributionAndProof{
+			AggregatorIndex: duty.ValidatorIndex,
+			Contribution:    contribution,
+			SelectionProof:  selectionProofs[i],
+		}
+		sig, err := v.signContributionAndProof(ctx, pubKey, contributionAndProof)
+		if err != nil {
+			log.Errorf("Could not sign contribution and proof: %v", err)
+			return
+		}
+
+		if _, err := v.validatorClient.SubmitSignedContributionAndProof(ctx, &ethpb.SignedContributionAndProof{
+			Message:   contributionAndProof,
+			Signature: sig,
+		}); err != nil {
+			log.Errorf("Could not submit signed contribution and proof: %v", err)
+			return
+		}
+
+		log.WithFields(logrus.Fields{
+			"slot":              contributionAndProof.Contribution.Slot,
+			"blockRoot":         fmt.Sprintf("%#x", bytesutil.Trunc(contributionAndProof.Contribution.BlockRoot)),
+			"subcommitteeIndex": contributionAndProof.Contribution.SubcommitteeIndex,
+			"aggregatorIndex":   contributionAndProof.AggregatorIndex,
+			"bitsCount":         contributionAndProof.Contribution.AggregationBits.Count(),
+		}).Info("Submitted new sync contribution and proof")
+	}
+}
+
+// Signs and returns selection proofs per validator for slot and pub key.
+func (v *validator) selectionProofs(ctx context.Context, slot types.Slot, pubKey [48]byte, indexRes *ethpb.SyncSubcommitteeIndexResponse) ([][]byte, error) {
+	selectionProofs := make([][]byte, len(indexRes.Indices))
+	cfg := params.BeaconConfig()
+	size := cfg.SyncCommitteeSize
+	subCount := cfg.SyncCommitteeSubnetCount
+	for i, index := range indexRes.Indices {
+		subSize := size / subCount
+		subnet := uint64(index) / subSize
+		selectionProof, err := v.signSyncSelectionData(ctx, pubKey, subnet, slot)
+		if err != nil {
+			return nil, err
+		}
+		selectionProofs[i] = selectionProof
+	}
+	return selectionProofs, nil
+}
+
+// Signs input slot with domain sync committee selection proof. This is used to create the signature for sync committee selection.
+func (v *validator) signSyncSelectionData(ctx context.Context, pubKey [48]byte, index uint64, slot types.Slot) (signature []byte, err error) {
+	domain, err := v.domainData(ctx, helpers.SlotToEpoch(slot), params.BeaconConfig().DomainSyncCommitteeSelectionProof[:])
+	if err != nil {
+		return nil, err
+	}
+	data := &ethpb.SyncAggregatorSelectionData{
+		Slot:              slot,
+		SubcommitteeIndex: index,
+	}
+	sig, err := v.computeAndSign(ctx, data, pubKey, domain.SignatureDomain)
+	if err != nil {
+		return nil, err
+	}
+	return sig.Marshal(), nil
+}
+
+// This returns the signature of validator signing over sync committee contribution and proof object.
+func (v *validator) signContributionAndProof(ctx context.Context, pubKey [48]byte, c *ethpb.ContributionAndProof) ([]byte, error) {
+	d, err := v.domainData(ctx, helpers.SlotToEpoch(c.Contribution.Slot), params.BeaconConfig().DomainContributionAndProof[:])
+	if err != nil {
+		return nil, err
+	}
+	sig, err := v.computeAndSign(ctx, c, pubKey, d.SignatureDomain)
+	if err != nil {
+		return nil, err
+	}
+	return sig.Marshal(), nil
+}
+
+// This computes the signing root of hash tree root capable object `obj` and signs it using public key `pubKey` along with the signature domain `sigDomain`.
+func (v *validator) computeAndSign(ctx context.Context, obj fssz.HashRoot, pubKey [48]byte, sigDomain []byte) (bls.Signature, error) {
+	root, err := helpers.ComputeSigningRoot(obj, sigDomain)
+	if err != nil {
+		return nil, err
+	}
+	return v.keyManager.Sign(ctx, &validatorpb.SignRequest{
+		PublicKey:       pubKey[:],
+		SigningRoot:     root[:],
+		SignatureDomain: sigDomain,
+	})
+}
--- a/validator/client/sync_committee_test.go
+++ b/validator/client/sync_committee_test.go
@@ -0,0 +1,469 @@
+package client
+
+import (
+	"context"
+	"encoding/hex"
+	"testing"
+
+	"github.com/golang/mock/gomock"
+	"github.com/pkg/errors"
+	types "github.com/prysmaticlabs/eth2-types"
+	"github.com/prysmaticlabs/go-bitfield"
+	eth "github.com/prysmaticlabs/prysm/proto/prysm/v1alpha1"
+	ethpb "github.com/prysmaticlabs/prysm/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/shared/bls"
+	"github.com/prysmaticlabs/prysm/shared/bytesutil"
+	"github.com/prysmaticlabs/prysm/shared/testutil/assert"
+	"github.com/prysmaticlabs/prysm/shared/testutil/require"
+	logTest "github.com/sirupsen/logrus/hooks/test"
+	"google.golang.org/grpc"
+	"google.golang.org/protobuf/types/known/emptypb"
+)
+
+func TestSubmitSyncCommitteeMessage_ValidatorDutiesRequestFailure(t *testing.T) {
+	hook := logTest.NewGlobal()
+	validator, m, validatorKey, finish := setup(t)
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{}}
+	defer finish()
+
+	m.validatorClient.EXPECT().GetSyncMessageBlockRoot(
+		gomock.Any(), // ctx
+		&emptypb.Empty{},
+	).Return(&ethpb.SyncMessageBlockRootResponse{
+		Root: bytesutil.PadTo([]byte{}, 32),
+	}, nil)
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	validator.SubmitSyncCommitteeMessage(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Could not fetch validator assignment")
+}
+
+func TestSubmitSyncCommitteeMessage_BadDomainData(t *testing.T) {
+	validator, m, validatorKey, finish := setup(t)
+	defer finish()
+	hook := logTest.NewGlobal()
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+
+	r := []byte{'a'}
+	m.validatorClient.EXPECT().GetSyncMessageBlockRoot(
+		gomock.Any(), // ctx
+		&emptypb.Empty{},
+	).Return(&ethpb.SyncMessageBlockRootResponse{
+		Root: bytesutil.PadTo(r, 32),
+	}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), gomock.Any()).
+		Return(nil, errors.New("uh oh"))
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	validator.SubmitSyncCommitteeMessage(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Could not get sync committee domain data")
+}
+
+func TestSubmitSyncCommitteeMessage_CouldNotSubmit(t *testing.T) {
+	validator, m, validatorKey, finish := setup(t)
+	defer finish()
+	hook := logTest.NewGlobal()
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+
+	r := []byte{'a'}
+	m.validatorClient.EXPECT().GetSyncMessageBlockRoot(
+		gomock.Any(), // ctx
+		&emptypb.Empty{},
+	).Return(&ethpb.SyncMessageBlockRootResponse{
+		Root: bytesutil.PadTo(r, 32),
+	}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, nil)
+
+	m.validatorClient.EXPECT().SubmitSyncMessage(
+		gomock.Any(), // ctx
+		gomock.AssignableToTypeOf(&ethpb.SyncCommitteeMessage{}),
+	).Return(&emptypb.Empty{}, errors.New("uh oh") /* error */)
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	validator.SubmitSyncCommitteeMessage(context.Background(), 1, pubKey)
+
+	require.LogsContain(t, hook, "Could not submit sync committee message")
+}
+
+func TestSubmitSyncCommitteeMessage_OK(t *testing.T) {
+	validator, m, validatorKey, finish := setup(t)
+	defer finish()
+	hook := logTest.NewGlobal()
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+
+	r := []byte{'a'}
+	m.validatorClient.EXPECT().GetSyncMessageBlockRoot(
+		gomock.Any(), // ctx
+		&emptypb.Empty{},
+	).Return(&ethpb.SyncMessageBlockRootResponse{
+		Root: bytesutil.PadTo(r, 32),
+	}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, nil)
+
+	var generatedMsg *ethpb.SyncCommitteeMessage
+	m.validatorClient.EXPECT().SubmitSyncMessage(
+		gomock.Any(), // ctx
+		gomock.AssignableToTypeOf(&ethpb.SyncCommitteeMessage{}),
+	).Do(func(_ context.Context, msg *ethpb.SyncCommitteeMessage, opts ...grpc.CallOption) {
+		generatedMsg = msg
+	}).Return(&emptypb.Empty{}, nil /* error */)
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	validator.SubmitSyncCommitteeMessage(context.Background(), 1, pubKey)
+
+	require.LogsDoNotContain(t, hook, "Could not")
+	require.Equal(t, types.Slot(1), generatedMsg.Slot)
+	require.Equal(t, validatorIndex, generatedMsg.ValidatorIndex)
+	require.DeepEqual(t, bytesutil.PadTo(r, 32), generatedMsg.BlockRoot)
+}
+
+func TestSubmitSignedContributionAndProof_ValidatorDutiesRequestFailure(t *testing.T) {
+	hook := logTest.NewGlobal()
+	validator, _, validatorKey, finish := setup(t)
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{}}
+	defer finish()
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	validator.SubmitSignedContributionAndProof(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Could not fetch validator assignment")
+}
+
+func TestSubmitSignedContributionAndProof_GetSyncSubcommitteeIndexFailure(t *testing.T) {
+	hook := logTest.NewGlobal()
+	validator, m, validatorKey, finish := setup(t)
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+	defer finish()
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	m.validatorClient.EXPECT().GetSyncSubcommitteeIndex(
+		gomock.Any(), // ctx
+		&ethpb.SyncSubcommitteeIndexRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+		},
+	).Return(&ethpb.SyncSubcommitteeIndexResponse{}, errors.New("Bad index"))
+
+	validator.SubmitSignedContributionAndProof(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Could not get sync subcommittee index")
+}
+
+func TestSubmitSignedContributionAndProof_NothingToDo(t *testing.T) {
+	hook := logTest.NewGlobal()
+	validator, m, validatorKey, finish := setup(t)
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+	defer finish()
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	m.validatorClient.EXPECT().GetSyncSubcommitteeIndex(
+		gomock.Any(), // ctx
+		&ethpb.SyncSubcommitteeIndexRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+		},
+	).Return(&ethpb.SyncSubcommitteeIndexResponse{Indices: []types.CommitteeIndex{}}, nil)
+
+	validator.SubmitSignedContributionAndProof(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Empty subcommittee index list, do nothing")
+}
+
+func TestSubmitSignedContributionAndProof_BadDomain(t *testing.T) {
+	hook := logTest.NewGlobal()
+	validator, m, validatorKey, finish := setup(t)
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+	defer finish()
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	m.validatorClient.EXPECT().GetSyncSubcommitteeIndex(
+		gomock.Any(), // ctx
+		&ethpb.SyncSubcommitteeIndexRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+		},
+	).Return(&ethpb.SyncSubcommitteeIndexResponse{Indices: []types.CommitteeIndex{1}}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, errors.New("bad domain response"))
+
+	validator.SubmitSignedContributionAndProof(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Could not get selection proofs: bad domain response")
+}
+
+func TestSubmitSignedContributionAndProof_CouldNotGetContribution(t *testing.T) {
+	hook := logTest.NewGlobal()
+	// Hardcode secret key in order to have a valid aggregator signature.
+	rawKey, err := hex.DecodeString("659e875e1b062c03f2f2a57332974d475b97df6cfc581d322e79642d39aca8fd")
+	assert.NoError(t, err)
+	validatorKey, err := bls.SecretKeyFromBytes(rawKey)
+	assert.NoError(t, err)
+
+	validator, m, validatorKey, finish := setupWithKey(t, validatorKey)
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+	defer finish()
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	m.validatorClient.EXPECT().GetSyncSubcommitteeIndex(
+		gomock.Any(), // ctx
+		&ethpb.SyncSubcommitteeIndexRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+		},
+	).Return(&ethpb.SyncSubcommitteeIndexResponse{Indices: []types.CommitteeIndex{1}}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, nil)
+
+	m.validatorClient.EXPECT().GetSyncCommitteeContribution(
+		gomock.Any(), // ctx
+		&ethpb.SyncCommitteeContributionRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+			SubnetId:  0,
+		},
+	).Return(nil, errors.New("Bad contribution"))
+
+	validator.SubmitSignedContributionAndProof(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Could not get sync committee contribution")
+}
+
+func TestSubmitSignedContributionAndProof_CouldNotSubmitContribution(t *testing.T) {
+	hook := logTest.NewGlobal()
+	// Hardcode secret key in order to have a valid aggregator signature.
+	rawKey, err := hex.DecodeString("659e875e1b062c03f2f2a57332974d475b97df6cfc581d322e79642d39aca8fd")
+	assert.NoError(t, err)
+	validatorKey, err := bls.SecretKeyFromBytes(rawKey)
+	assert.NoError(t, err)
+
+	validator, m, validatorKey, finish := setupWithKey(t, validatorKey)
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+	defer finish()
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	m.validatorClient.EXPECT().GetSyncSubcommitteeIndex(
+		gomock.Any(), // ctx
+		&ethpb.SyncSubcommitteeIndexRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+		},
+	).Return(&ethpb.SyncSubcommitteeIndexResponse{Indices: []types.CommitteeIndex{1}}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, nil)
+
+	aggBits := bitfield.NewBitvector128()
+	aggBits.SetBitAt(0, true)
+	m.validatorClient.EXPECT().GetSyncCommitteeContribution(
+		gomock.Any(), // ctx
+		&ethpb.SyncCommitteeContributionRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+			SubnetId:  0,
+		},
+	).Return(&ethpb.SyncCommitteeContribution{
+		BlockRoot:       make([]byte, 32),
+		Signature:       make([]byte, 96),
+		AggregationBits: aggBits,
+	}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, nil)
+
+	m.validatorClient.EXPECT().SubmitSignedContributionAndProof(
+		gomock.Any(), // ctx
+		gomock.AssignableToTypeOf(&ethpb.SignedContributionAndProof{
+			Message: &ethpb.ContributionAndProof{
+				AggregatorIndex: 7,
+				Contribution: &ethpb.SyncCommitteeContribution{
+					BlockRoot:         make([]byte, 32),
+					Signature:         make([]byte, 96),
+					AggregationBits:   bitfield.NewBitvector128(),
+					Slot:              1,
+					SubcommitteeIndex: 1,
+				},
+			},
+		}),
+	).Return(&emptypb.Empty{}, errors.New("Could not submit contribution"))
+
+	validator.SubmitSignedContributionAndProof(context.Background(), 1, pubKey)
+	require.LogsContain(t, hook, "Could not submit signed contribution and proof")
+}
+
+func TestSubmitSignedContributionAndProof_Ok(t *testing.T) {
+	// Hardcode secret key in order to have a valid aggregator signature.
+	rawKey, err := hex.DecodeString("659e875e1b062c03f2f2a57332974d475b97df6cfc581d322e79642d39aca8fd")
+	assert.NoError(t, err)
+	validatorKey, err := bls.SecretKeyFromBytes(rawKey)
+	assert.NoError(t, err)
+
+	validator, m, validatorKey, finish := setupWithKey(t, validatorKey)
+	validatorIndex := types.ValidatorIndex(7)
+	committee := []types.ValidatorIndex{0, 3, 4, 2, validatorIndex, 6, 8, 9, 10}
+	validator.duties = &eth.DutiesResponse{Duties: []*eth.DutiesResponse_Duty{
+		{
+			PublicKey:      validatorKey.PublicKey().Marshal(),
+			Committee:      committee,
+			ValidatorIndex: validatorIndex,
+		},
+	}}
+	defer finish()
+
+	pubKey := [48]byte{}
+	copy(pubKey[:], validatorKey.PublicKey().Marshal())
+	m.validatorClient.EXPECT().GetSyncSubcommitteeIndex(
+		gomock.Any(), // ctx
+		&ethpb.SyncSubcommitteeIndexRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+		},
+	).Return(&ethpb.SyncSubcommitteeIndexResponse{Indices: []types.CommitteeIndex{1}}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, nil)
+
+	aggBits := bitfield.NewBitvector128()
+	aggBits.SetBitAt(0, true)
+	m.validatorClient.EXPECT().GetSyncCommitteeContribution(
+		gomock.Any(), // ctx
+		&ethpb.SyncCommitteeContributionRequest{
+			Slot:      1,
+			PublicKey: pubKey[:],
+			SubnetId:  0,
+		},
+	).Return(&ethpb.SyncCommitteeContribution{
+		BlockRoot:       make([]byte, 32),
+		Signature:       make([]byte, 96),
+		AggregationBits: aggBits,
+	}, nil)
+
+	m.validatorClient.EXPECT().
+		DomainData(gomock.Any(), // ctx
+			gomock.Any()). // epoch
+		Return(&eth.DomainResponse{
+			SignatureDomain: make([]byte, 32),
+		}, nil)
+
+	m.validatorClient.EXPECT().SubmitSignedContributionAndProof(
+		gomock.Any(), // ctx
+		gomock.AssignableToTypeOf(&ethpb.SignedContributionAndProof{
+			Message: &ethpb.ContributionAndProof{
+				AggregatorIndex: 7,
+				Contribution: &ethpb.SyncCommitteeContribution{
+					BlockRoot:         make([]byte, 32),
+					Signature:         make([]byte, 96),
+					AggregationBits:   bitfield.NewBitvector128(),
+					Slot:              1,
+					SubcommitteeIndex: 1,
+				},
+			},
+		}),
+	).Return(&emptypb.Empty{}, nil)
+
+	validator.SubmitSignedContributionAndProof(context.Background(), 1, pubKey)
+}