refactor!: clear IndexedDB store on data schema version change (#20007)

Applies a similar approach to database version management on IndexedDB
as the one we have in LMDB: if either database schema version or the
rollup contract address change, the DB will be cleared on startup.

This is probably a too aggressive solution and we should think of a
gentler data migration scheme so we can evolve the way we store data in
PXE without forcing a start from scratch scenario, but not having DB
version management detection at all is worse because it results in
tricky to diagnose bugs like the one in the screenshot.

Also, bumping PXE_DATABASE_SCHEMA so we have a clear baseline for
database schema control moving forward. We've been changing the shape of
the stores without paying attention to this, which we should do moving
forward.

Choosing to mark this as `refactor!` (with `!`) since this will cause
every PXE DB to be cleared on first use of this version. If that's a
problem please let me know.

@spalladino since this touches `kv-store` I'm asking for a review from
you as well.

<img width="417" height="948" alt="Screenshot 2026-01-26 at 10 12 37 AM"
src="https://github.com/user-attachments/assets/6727516b-f496-4a99-83e9-81b03fd569d4"
/>

Author: mverzilli

boxes/boxes/vanilla/scripts/deploy.ts

@@ -14,7 +14,7 @@ import { type AztecNode } from '@aztec/aztec.js/node';
 import { SPONSORED_FPC_SALT } from '@aztec/constants';
 import { createStore } from '@aztec/kv-store/lmdb';
 import { SponsoredFPCContractArtifact } from '@aztec/noir-contracts.js/SponsoredFPC';
-import { getPXEConfig } from '@aztec/pxe/server';
+import { getPXEConfig, PXE_DATA_SCHEMA_VERSION } from '@aztec/pxe/server';
 import { getDefaultInitializer } from '@aztec/stdlib/abi';
 import { TestWallet } from '@aztec/test-wallet/server';
 import fs from 'fs';
@@ -34,7 +34,7 @@ async function setupWallet(aztecNode: AztecNode) {
   const store = await createStore('pxe', {
     dataDirectory: PXE_STORE_DIR,
     dataStoreMapSizeKb: 1e6,
-  });
+  }, PXE_DATA_SCHEMA_VERSION);
 
   const config = getPXEConfig();
   config.dataDirectory = 'pxe';

playground/src/wallet/embedded_wallet.ts

@@ -85,6 +85,7 @@ export class EmbeddedWallet extends BaseWallet {
     const walletDBStore = await createStore(
       `wallet-${rollupAddress}`,
       { dataDirectory: 'wallet', dataStoreMapSizeKb: 2e10 },
+      undefined,
       walletLogger,
     );
     const db = WalletDB.init(walletDBStore, walletLogger.info);

yarn-project/kv-store/src/indexeddb/index.ts

@@ -1,12 +1,17 @@
 import { type Logger, createLogger } from '@aztec/foundation/log';
 
 import type { DataStoreConfig } from '../config.js';
-import { initStoreForRollup } from '../utils.js';
+import { initStoreForRollupAndSchemaVersion } from '../utils.js';
 import { AztecIndexedDBStore } from './store.js';
 
 export { AztecIndexedDBStore } from './store.js';
 
-export async function createStore(name: string, config: DataStoreConfig, log: Logger = createLogger('kv-store')) {
+export async function createStore(
+  name: string,
+  config: DataStoreConfig,
+  schemaVersion: number | undefined = undefined,
+  log: Logger = createLogger('kv-store'),
+) {
   let { dataDirectory } = config;
   if (typeof dataDirectory !== 'undefined') {
     dataDirectory = `${dataDirectory}/${name}`;
@@ -18,10 +23,7 @@ export async function createStore(name: string, config: DataStoreConfig, log: Lo
       : `Creating ${name} ephemeral data store with map size ${config.dataStoreMapSizeKb} KB`,
   );
   const store = await AztecIndexedDBStore.open(createLogger('kv-store:indexeddb'), dataDirectory ?? '', false);
-  if (config.l1Contracts?.rollupAddress) {
-    return initStoreForRollup(store, config.l1Contracts.rollupAddress, log);
-  }
-  return store;
+  return initStoreForRollupAndSchemaVersion(store, schemaVersion, config.l1Contracts?.rollupAddress, log);
 }
 
 export function openTmpStore(ephemeral: boolean = false): Promise<AztecIndexedDBStore> {

yarn-project/kv-store/src/indexeddb/version_management.test.ts

@@ -0,0 +1,152 @@
+import { EthAddress } from '@aztec/foundation/eth-address';
+import { DatabaseVersion } from '@aztec/stdlib/database-version/version';
+
+import { expect } from 'chai';
+
+import { mockLogger } from '../interfaces/utils.js';
+import { initStoreForRollupAndSchemaVersion } from '../utils.js';
+import { AztecIndexedDBStore } from './store.js';
+
+describe('IndexedDB Version Management', () => {
+  let store: AztecIndexedDBStore;
+  const schemaVersion = 42;
+  let rollupAddress: EthAddress;
+
+  beforeEach(async () => {
+    rollupAddress = EthAddress.random();
+    // Create a fresh ephemeral store for each test
+    store = await AztecIndexedDBStore.open(mockLogger, undefined, true);
+  });
+
+  afterEach(async () => {
+    await store.delete();
+  });
+
+  describe('initStoreForRollup', () => {
+    describe('fresh store (no existing data)', () => {
+      it('stores version on first run', async () => {
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        const versionSingleton = store.openSingleton<string>('dbVersion');
+        const stored = await versionSingleton.getAsync();
+
+        const storedVersion = DatabaseVersion.fromBuffer(Buffer.from(stored!, 'utf-8'));
+        expect(storedVersion.schemaVersion).to.equal(schemaVersion);
+        expect(storedVersion.rollupAddress.toString()).to.equal(rollupAddress.toString());
+      });
+    });
+
+    describe('store with matching version', () => {
+      it('does not clear store when version matches', async () => {
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        // Data should still exist
+        expect(await testMap.getAsync('key')).to.equal('value');
+      });
+    });
+
+    describe('store with different rollup address', () => {
+      it('clears store when rollup address changes', async () => {
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        const newRollupAddress = EthAddress.random();
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, newRollupAddress, mockLogger);
+
+        expect(await testMap.getAsync('key')).to.be.undefined;
+      });
+    });
+
+    describe('store with different schema version', () => {
+      it('clears store when schema version increases', async () => {
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion + 1, rollupAddress, mockLogger);
+
+        expect(await testMap.getAsync('key')).to.be.undefined;
+      });
+
+      it('clears store when schema version decreases', async () => {
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion - 1, rollupAddress, mockLogger);
+
+        expect(await testMap.getAsync('key')).to.be.undefined;
+      });
+    });
+
+    describe('store with malformed version data', () => {
+      it('clears store when version is malformed JSON', async () => {
+        const versionSingleton = store.openSingleton<string>('dbVersion');
+        await versionSingleton.set('not-valid-json');
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        expect(await testMap.getAsync('key')).to.be.undefined;
+      });
+
+      it('clears store when version has wrong structure', async () => {
+        const versionSingleton = store.openSingleton<string>('dbVersion');
+        await versionSingleton.set(JSON.stringify({ foo: 'bar' }));
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        expect(await testMap.getAsync('key')).to.be.undefined;
+      });
+    });
+
+    describe('migration from old store format (pre-version management)', () => {
+      it('clears store that has old rollupAddress format but no dbVersion', async () => {
+        // Simulate old store format: has rollupAddress singleton but no dbVersion
+        const oldRollupSingleton = store.openSingleton<string>('rollupAddress');
+        await oldRollupSingleton.set(rollupAddress.toString());
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        // Init with new version management should clear the old data
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        expect(await testMap.getAsync('key')).to.be.undefined;
+
+        const versionSingleton = store.openSingleton<string>('dbVersion');
+        const stored = await versionSingleton.getAsync();
+        const storedVersion = DatabaseVersion.fromBuffer(Buffer.from(stored!, 'utf-8'));
+        expect(storedVersion.schemaVersion).to.equal(schemaVersion);
+        expect(storedVersion.rollupAddress.toString()).to.equal(rollupAddress.toString());
+      });
+
+      it('clears store with old format even if rollup address matches', async () => {
+        // Old format with same rollup address
+        const oldRollupSingleton = store.openSingleton<string>('rollupAddress');
+        await oldRollupSingleton.set(rollupAddress.toString());
+
+        const testMap = store.openMap<string, string>('test');
+        await testMap.set('key', 'value');
+
+        await initStoreForRollupAndSchemaVersion(store, schemaVersion, rollupAddress, mockLogger);
+
+        expect(await testMap.getAsync('key')).to.be.undefined;
+      });
+    });
+  });
+});

yarn-project/kv-store/src/lmdb-v2/factory.ts

@@ -1,6 +1,6 @@
 import { EthAddress } from '@aztec/foundation/eth-address';
 import { type LoggerBindings, createLogger } from '@aztec/foundation/log';
-import { DatabaseVersionManager } from '@aztec/stdlib/database-version';
+import { DatabaseVersionManager } from '@aztec/stdlib/database-version/manager';
 
 import { mkdir, mkdtemp, rm } from 'fs/promises';
 import { tmpdir } from 'os';

yarn-project/kv-store/src/lmdb/index.ts

@@ -3,12 +3,17 @@ import { type Logger, createLogger } from '@aztec/foundation/log';
 import { join } from 'path';
 
 import type { DataStoreConfig } from '../config.js';
-import { initStoreForRollup } from '../utils.js';
+import { initStoreForRollupAndSchemaVersion } from '../utils.js';
 import { AztecLmdbStore } from './store.js';
 
 export { AztecLmdbStore } from './store.js';
 
-export function createStore(name: string, config: DataStoreConfig, log: Logger = createLogger('kv-store')) {
+export function createStore(
+  name: string,
+  config: DataStoreConfig,
+  schemaVersion: number | undefined = undefined,
+  log: Logger = createLogger('kv-store'),
+) {
   let { dataDirectory } = config;
   if (typeof dataDirectory !== 'undefined') {
     dataDirectory = join(dataDirectory, name);
@@ -22,7 +27,7 @@ export function createStore(name: string, config: DataStoreConfig, log: Logger =
 
   const store = AztecLmdbStore.open(dataDirectory, config.dataStoreMapSizeKb, false);
   if (config.l1Contracts?.rollupAddress) {
-    return initStoreForRollup(store, config.l1Contracts.rollupAddress, log);
+    return initStoreForRollupAndSchemaVersion(store, schemaVersion, config.l1Contracts.rollupAddress, log);
   }
   return store;
 }

yarn-project/kv-store/src/utils.ts

@@ -1,40 +1,88 @@
-import type { EthAddress } from '@aztec/foundation/eth-address';
+import { EthAddress } from '@aztec/foundation/eth-address';
 import type { Logger } from '@aztec/foundation/log';
+import { DatabaseVersion } from '@aztec/stdlib/database-version/version';
 
 import type { AztecAsyncSingleton, AztecSingleton } from './interfaces/singleton.js';
 import type { AztecAsyncKVStore, AztecKVStore } from './interfaces/store.js';
 import { isSyncStore } from './interfaces/utils.js';
 
 /**
- * Clears the store if the rollup address does not match the one stored in the database.
- * This is to prevent data from being accidentally shared between different rollup instances.
+ * Clears the store if the schema version or rollup address does not match the one stored in the database.
+ * Also clears if migrating from an older store format that didn't track schema version.
+ * This is to prevent data from being accidentally mixed up between different rollup instances or schema versions.
  * @param store - The store to check
+ * @param targetSchemaVersion - The current schema version
  * @param rollupAddress - The ETH address of the rollup contract
- * @returns A promise that resolves when the store is cleared, or rejects if the rollup address does not match
+ * @param log - Optional logger
+ * @returns The store (cleared if necessary)
  */
-export async function initStoreForRollup<T extends AztecKVStore | AztecAsyncKVStore>(
+export async function initStoreForRollupAndSchemaVersion<T extends AztecKVStore | AztecAsyncKVStore>(
   store: T,
-  rollupAddress: EthAddress,
+  schemaVersion: number | undefined,
+  rollupAddress: EthAddress | undefined,
   log?: Logger,
 ): Promise<T> {
-  if (!rollupAddress) {
-    throw new Error('Rollup address is required');
-  }
-  const rollupAddressValue = store.openSingleton<ReturnType<EthAddress['toString']>>('rollupAddress');
-  const rollupAddressString = rollupAddress.toString();
-  const storedRollupAddressString = isSyncStore(store)
-    ? (rollupAddressValue as AztecSingleton<ReturnType<EthAddress['toString']>>).get()
-    : await (rollupAddressValue as AztecAsyncSingleton<ReturnType<EthAddress['toString']>>).getAsync();
-
-  if (typeof storedRollupAddressString !== 'undefined' && storedRollupAddressString !== rollupAddressString) {
-    log?.warn(`Rollup address mismatch. Clearing entire database...`, {
-      expected: rollupAddressString,
-      found: storedRollupAddressString,
-    });
+  const targetSchemaVersion = schemaVersion ?? 0;
+  const targetRollupAddress = rollupAddress ?? EthAddress.ZERO;
+  const targetDatabaseVersion = new DatabaseVersion(targetSchemaVersion, targetRollupAddress);
+
+  // DB version: database schema version + rollup address combined)
+  const dbVersion = store.openSingleton<string>('dbVersion');
+
+  const storedDatabaseVersion = isSyncStore(store)
+    ? (dbVersion as AztecSingleton<string>).get()
+    : await (dbVersion as AztecAsyncSingleton<string>).getAsync();
 
+  if (
+    doesStoreNeedToBeCleared(
+      targetDatabaseVersion,
+      storedDatabaseVersion,
+      targetSchemaVersion,
+      targetRollupAddress,
+      log,
+    )
+  ) {
     await store.clear();
   }
 
-  await rollupAddressValue.set(rollupAddressString);
+  await dbVersion.set(targetDatabaseVersion.toBuffer().toString('utf-8'));
+
   return store;
 }
+
+function doesStoreNeedToBeCleared(
+  targetDatabaseVersion: DatabaseVersion,
+  storedDatabaseVersion: string | undefined,
+  targetSchemaVersion: number,
+  targetRollupAddress: EthAddress,
+  log?: Logger,
+) {
+  if (storedDatabaseVersion) {
+    try {
+      const storedVersion = DatabaseVersion.fromBuffer(Buffer.from(storedDatabaseVersion, 'utf-8'));
+      const cmp = storedVersion.cmp(targetDatabaseVersion);
+
+      if (cmp === undefined) {
+        log?.warn('Rollup address changed, clearing database', {
+          stored: storedVersion.rollupAddress.toString(),
+          current: targetRollupAddress.toString(),
+        });
+        return true;
+      }
+
+      if (cmp !== 0) {
+        log?.warn('Schema version changed, clearing database', {
+          stored: storedVersion.schemaVersion,
+          current: targetSchemaVersion,
+        });
+
+        return true;
+      }
+    } catch (err) {
+      log?.warn('Failed to parse stored version, clearing database', { err });
+      return true;
+    }
+  }
+
+  return false;
+}

yarn-project/node-lib/src/actions/snapshot-sync.ts

@@ -8,7 +8,7 @@ import type { Logger } from '@aztec/foundation/log';
 import type { DataStoreConfig } from '@aztec/kv-store/config';
 import { P2P_STORE_NAME } from '@aztec/p2p';
 import type { ChainConfig } from '@aztec/stdlib/config';
-import { DatabaseVersionManager } from '@aztec/stdlib/database-version';
+import { DatabaseVersionManager } from '@aztec/stdlib/database-version/manager';
 import { type ReadOnlyFileStore, createReadOnlyFileStore } from '@aztec/stdlib/file-store';
 import {
   type SnapshotMetadata,

yarn-project/pxe/src/entrypoints/client/bundle/utils.ts

@@ -8,6 +8,7 @@ import type { AztecNode } from '@aztec/stdlib/interfaces/client';
 
 import type { PXEConfig } from '../../../config/index.js';
 import { PXE } from '../../../pxe.js';
+import { PXE_DATA_SCHEMA_VERSION } from '../../../storage/metadata.js';
 import type { PXECreationOptions } from '../../pxe_creation_options.js';
 
 /**
@@ -36,7 +37,8 @@ export async function createPXE(
 
   const storeLogger = loggers.store ?? createLogger('pxe:data:idb', { actor });
 
-  const store = options.store ?? (await createStore('pxe_data', configWithContracts, storeLogger));
+  const store =
+    options.store ?? (await createStore('pxe_data', configWithContracts, PXE_DATA_SCHEMA_VERSION, storeLogger));
 
   const simulator = options.simulator ?? new WASMSimulator();
   const proverLogger = loggers.prover ?? createLogger('pxe:bb:wasm:bundle', { actor });