consensus/bor, miner: fix stale pending state for non-validator nodes

[cffls]

Description

Nodes whose signer is configured but not in the active validator set (e.g. after a validator rotation) returned "insufficient funds for transfer" on eth_estimateGas and other RPC calls against the "pending" block. The root cause was that Prepare() returned UnauthorizedSignerError when the signer was not in the validator set, which caused prepareWork() to fail on every block. Since commit() was never called, the pending snapshot was never refreshed, and its underlying pathdb trie layers were eventually garbage-collected — making all state reads return zero.

Fix Prepare() to not fail for unauthorized signers. Instead, default the succession number to 0 and let the block building pipeline continue normally. Seal() already independently rejects blocks from unauthorized signers, so no invalid blocks can be produced. This ensures the pending snapshot is refreshed on every chain head, keeping RPC queries functional regardless of whether the node is actively producing blocks.

Also remove a redundant second call to GetSignerSuccessionNumber in the Giugliano waitOnPrepare block, reusing the succession value already computed earlier in Prepare().

Changes

• Bugfix (non-breaking change that solves an issue)
• Hotfix (change that solves an urgent issue, and requires immediate attention)
• New feature (non-breaking change that adds functionality)
• Breaking change (change that is not backwards-compatible and/or changes current functionality)
• Changes only for a subset of nodes

Breaking changes

Please complete this section if any breaking changes have been made, otherwise delete it

Nodes audience

In case this PR includes changes that must be applied only to a subset of nodes, please specify how you handled it (e.g. by adding a flag with a default value...)

Checklist

• I have added at least 2 reviewer or the whole pos-v1 team
• I have added sufficient documentation in code
• I will be resolving comments - if any - by pushing each fix in a separate commit and linking the commit hash in the comment reply
• Created a task in Jira and informed the team for implementation in Erigon client (if applicable)
• Includes RPC methods changes, and the Notion documentation has been updated

Cross repository changes

• This PR requires changes to heimdall
  • In case link the PR here:
• This PR requires changes to matic-cli
  • In case link the PR here:

Testing

• I have added unit tests
• I have added tests to CI
• I have tested this code manually on local environment
• I have tested this code manually on remote devnet using express-cli
• I have tested this code manually on amoy
• I have created new e2e tests into express-cli

Manual tests

Please complete this section with the steps you performed if you ran manual tests for this functionality, otherwise delete it

Additional comments

Please post additional comments in this section if you have them, otherwise delete it

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[claude]

Code review

Found 2 issues while checking for bugs and CLAUDE.md compliance.
Issue 1: Indiscriminate error suppression in Prepare() (consensus/bor/bor.go:1106-1110)
GetSignerSuccessionNumber can return two distinct error types (see snapshot.go L183-206): UnauthorizedSignerError (signer not in validator set, the intended case) and UnauthorizedProposerError (snapshot proposer not found, indicates corruption). This catch-all err != nil silently swallows both. Consider narrowing to only catch UnauthorizedSignerError using errors.As. Per security-common.md and consensus-security.md: unexpected errors in consensus paths should be surfaced, not silently swallowed.
Issue 2: Spurious blank line (miner/worker.go:1224)
Extra blank line introduced in updateSnapshot() creates consecutive blank lines inside the function body.

[codecov]

Codecov Report

❌ Patch coverage is 45.45455% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 51.93%. Comparing base (438596d) to head (c2b1e26).

Files with missing lines	Patch %	Lines
consensus/bor/bor.go	20.00%	4 Missing ⚠️
miner/worker.go	66.66%	2 Missing ⚠️

❌ Your patch check has failed because the patch coverage (45.45%) is below the target coverage (90.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop    #2183   +/-   ##
========================================
  Coverage    51.93%   51.93%           
========================================
  Files          884      884           
  Lines       155446   155447    +1     
========================================
+ Hits         80731    80736    +5     
+ Misses       69509    69501    -8     
- Partials      5206     5210    +4     

Files with missing lines	Coverage Δ
miner/worker.go	72.75% <66.66%> (+0.13%)	⬆️
consensus/bor/bor.go	83.60% <20.00%> (-0.04%)	⬇️

... and 15 files with indirect coverage changes

Files with missing lines	Coverage Δ
miner/worker.go	72.75% <66.66%> (+0.13%)	⬆️
consensus/bor/bor.go	83.60% <20.00%> (-0.04%)	⬇️

... and 15 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.