feat(node-api): Create proof endpoint for validator balance (#2840)

Signed-off-by: Cal Bera <[email protected]>
Co-authored-by: Cursor Agent <[email protected]>
Co-authored-by: Alberto Benegiamo <[email protected]>

Author: 3 people

node-api/handlers/proof/merkle/generalized_indexes.go

@@ -77,6 +77,23 @@ const (
 	// GIndices. To get the GIndex of the withdrawal credentials of validator at index n, the formula is:
 	// GIndex = ZeroValidatorCredentialsGIndexElectraBlock + (ValidatorGIndexOffset * n)
 	ZeroValidatorCredentialsGIndexElectraBlock = 6350779162034177
+
+	// ZeroValidatorBalanceGIndexElectraState is the generalized index of the 0-3
+	// validators' balances in the beacon state in the Electra forks. Balances are
+	// packed 4 per leaf (uint64 values, 32 bytes per leaf). To get the GIndex of
+	// the balance of validator at index n, the formula is:
+	// GIndex = ZeroValidatorBalanceGIndexElectraState + (n / 4)
+	ZeroValidatorBalanceGIndexElectraState = 23089744183296
+
+	// ZeroValidatorBalanceGIndexElectraBlock is the generalized index of the 0-3
+	// validators' balances in the beacon block in the Electra forks. This is
+	// calculated by concatenating the (ZeroValidatorBalanceGIndexElectraState, StateGIndexBlock)
+	// GIndices. To get the GIndex of the balance of validator at index n, the formula is:
+	// GIndex = ZeroValidatorBalanceGIndexElectraBlock + (n / 4)
+	ZeroValidatorBalanceGIndexElectraBlock = 199011604627456
+
+	// BalancesPerLeaf is the number of validator balances packed into a single leaf.
+	BalancesPerLeaf = 4
 )
 
 // GetZeroValidatorPubkeyGIndexState determines the generalized index of the 0
@@ -120,3 +137,23 @@ func GetZeroValidatorCredentialsGIndexBlock(forkVersion common.Version) (uint64,
 	}
 	return 0, fmt.Errorf("unsupported fork version: %s", forkVersion)
 }
+
+// GetZeroValidatorBalanceGIndexState determines the generalized
+// index of the 0-3 validators' balances in the beacon state
+// based on the fork version.
+func GetZeroValidatorBalanceGIndexState(forkVersion common.Version) (int, error) {
+	if version.EqualsOrIsAfter(forkVersion, version.Electra()) {
+		return ZeroValidatorBalanceGIndexElectraState, nil
+	}
+	return 0, fmt.Errorf("unsupported fork version: %s", forkVersion)
+}
+
+// GetZeroValidatorBalanceGIndexBlock determines the generalized
+// index of the 0-3 validators' balances in the beacon block
+// based on the fork version.
+func GetZeroValidatorBalanceGIndexBlock(forkVersion common.Version) (uint64, error) {
+	if version.EqualsOrIsAfter(forkVersion, version.Electra()) {
+		return ZeroValidatorBalanceGIndexElectraBlock, nil
+	}
+	return 0, fmt.Errorf("unsupported fork version: %s", forkVersion)
+}

node-api/handlers/proof/merkle/generalized_indexes_test.go

@@ -21,6 +21,7 @@
 package merkle_test
 
 import (
+	"fmt"
 	"testing"
 
 	"github.com/berachain/beacon-kit/node-api/handlers/proof/merkle"
@@ -310,3 +311,56 @@ func TestValidatorWithdrawalCredentialsGIndexElectra(t *testing.T) {
 		int(oneValidatorWithdrawalCredentialsGIndexState-zeroValidatorWithdrawalCredentialsGIndexState),
 	)
 }
+
+func TestValidatorBalanceGIndexElectra(t *testing.T) {
+	t.Parallel()
+
+	// GIndex of the 0 validator's balance in the state.
+	_, zeroValidatorBalanceGIndexState, _, err := mlib.ObjectPath(
+		"Balances/0",
+	).GetGeneralizedIndex(beaconStateSchemaElectra)
+	require.NoError(t, err)
+	require.Equal(t,
+		merkle.ZeroValidatorBalanceGIndexElectraState,
+		int(zeroValidatorBalanceGIndexState),
+	)
+
+	// GIndex of the 0 validator's balance in the block.
+	_, zeroValidatorBalanceGIndexBlock, _, err := mlib.ObjectPath(
+		"State/Balances/0",
+	).GetGeneralizedIndex(beaconHeaderSchemaElectra)
+	require.NoError(t, err)
+	require.Equal(t,
+		merkle.ZeroValidatorBalanceGIndexElectraBlock,
+		int(zeroValidatorBalanceGIndexBlock),
+	)
+
+	// Concatenation is consistent.
+	concatValidatorBalanceStateToBlock := mlib.GeneralizedIndices{
+		mlib.GeneralizedIndex(merkle.StateGIndexBlock),
+		mlib.GeneralizedIndex(zeroValidatorBalanceGIndexState),
+	}.Concat()
+	require.Equal(t,
+		zeroValidatorBalanceGIndexBlock,
+		uint64(concatValidatorBalanceStateToBlock),
+	)
+
+	// Verify that balances 0-3 share the same GIndex (packed in same leaf)
+	for i := range merkle.BalancesPerLeaf {
+		path := fmt.Sprintf("Balances/%d", i)
+		_, balanceGIndex, _, gIndexErr := mlib.ObjectPath(path).GetGeneralizedIndex(beaconStateSchemaElectra)
+		require.NoError(t, gIndexErr)
+		require.Equal(t, zeroValidatorBalanceGIndexState, balanceGIndex)
+	}
+
+	// GIndex offset of the next validator's balance.
+	// Balances are packed 4 per leaf (uint64 values, 32 bytes per leaf)
+	balance4Path := fmt.Sprintf("Balances/%d", merkle.BalancesPerLeaf)
+	_, balanceGIndex4, _, err := mlib.ObjectPath(balance4Path).GetGeneralizedIndex(beaconStateSchemaElectra)
+	require.NoError(t, err)
+	require.Equal(t, 1, int(balanceGIndex4-zeroValidatorBalanceGIndexState))
+	balance8Path := fmt.Sprintf("Balances/%d", merkle.BalancesPerLeaf*2)
+	_, balanceGIndex8, _, err := mlib.ObjectPath(balance8Path).GetGeneralizedIndex(beaconStateSchemaElectra)
+	require.NoError(t, err)
+	require.Equal(t, 1, int(balanceGIndex8-balanceGIndex4))
+}

node-api/handlers/proof/merkle/testdata/many_validators_validator_balance_proof.json

@@ -0,0 +1,49 @@
+[
+  "0x0000000000000000000000000000000000000000000000000000000000000000",
+  "0xf5a5fd42d16a20302798ef6ed309979b43003d2320d9f0e8ea9831a92759fb4b",
+  "0xdb56114e00fdd4c1f85c892bf35ac9a89289aaecb1ebd0a96cde606a748b5d71",
+  "0xc78009fdf07fc56a11f122370658a353aaa542ed63e44c4bc15ff4cd105ab33c",
+  "0x536d98837f2dd165a55d5eeae91485954472d56f246df256bf3cae19352a123c",
+  "0x9efde052aa15429fae05bad4d0b1d7c64da64d03d7a1854a588c2cb8430c0d30",
+  "0xd88ddfeed400a8755596b21942c1497e114c302e6118290f91e6772976041fa1",
+  "0x87eb0ddba57e35f6d286673802a4af5975e22506c7cf4c64bb6be5ee11527f2c",
+  "0x26846476fd5fc54a5d43385167c95144f2643f533cc85bb9d16b782f8d7db193",
+  "0x506d86582d252405b840018792cad2bf1259f1ef5aa5f887e13cb2f0094f51e1",
+  "0xffff0ad7e659772f9534c195c815efc4014ef1e1daed4404c06385d11192e92b",
+  "0x6cf04127db05441cd833107a52be852868890e4317e6a02ab47683aa75964220",
+  "0xb7d05f875f140027ef5118a2247bbb84ce8f2f0f1123623085daf7960c329f5f",
+  "0xdf6af5f5bbdb6be9ef8aa618e4bf8073960867171e29676f8b284dea6a08a85e",
+  "0xb58d900f5e182e3c50ef74969ea16c7726c549757cc23523c369587da7293784",
+  "0xd49a7502ffcfb0340b1d7885688500ca308161a7f96b62df9d083b71fcc8f2bb",
+  "0x8fe6b1689256c0d385f42f5bbe2027a22c1996e110ba97c171d3e5948de92beb",
+  "0x8d0d63c39ebade8509e0ae3c9c3876fb5fa112be18f905ecacfecb92057603ab",
+  "0x95eec8b2e541cad4e91de38385f2e046619f54496c2382cb6cacd5b98c26f5a4",
+  "0xf893e908917775b62bff23294dbbe3a1cd8e6cc1c35b4801887b646a6f81f17f",
+  "0xcddba7b592e3133393c16194fac7431abf2f5485ed711db282183c819e08ebaa",
+  "0x8a8d7fe3af8caa085a7639a832001457dfb9128a8061142ad0335629ff23ff9c",
+  "0xfeb3c337d7a51a6fbf00b9e34c52e1c9195c969bd4e7a0bfd51d5c5bed9c1167",
+  "0xe71f0aa83cc32edfbefa9f4d3e0174ca85182eec9f3a09f6a6c0df6377a510d7",
+  "0x31206fa80a50bb6abe29085058f16212212a60eec8f049fecb92d8c8e0a84bc0",
+  "0x21352bfecbeddde993839f614c3dac0a3ee37543f9b412b16199dc158e23b544",
+  "0x619e312724bb6d7c3153ed9de791d764a366b389af13c58bf8a8d90481a46765",
+  "0x7cdd2986268250628d0c10e385c58c6191e6fbe05191bcc04f133f2cea72c1c4",
+  "0x848930bd7ba8cac54661072113fb278869e07bb8587f91392933374d017bcbe1",
+  "0x8869ff2c22b28cc10510d9853292803328be4fb0e80495e8bb8d271f5b889636",
+  "0xb5fe28e79f1b850f8658246ce9b6a1e7b49fc06db7143e8fe0b4f2b0c5523a5c",
+  "0x985e929f70af28d0bdd1a90a808f977f597c7c778c489e98d3bd8910d31ac0f7",
+  "0xc6f67e02e6e4e1bdefb994c6098953f34636ba2b6ca20a4721d2b26a886722ff",
+  "0x1c9a7e5ff1cf48b4ad1582d3f4e4a1004f3b20d8c5a2b71387a4254ad933ebc5",
+  "0x2f075ae229646b6f6aed19a5e372cf295081401eb893ff599b3f9acc0c0d3e7d",
+  "0x328921deb59612076801e8cd61592107b5c67c79b846595cc6320c395b46362c",
+  "0xbfb909fdb236ad2411b4e4883810a074b840464689986c3f8a8091827e17c327",
+  "0x55d8fb3687ba3ba49f342c77f5a1f89bec83d811446e1a467139213d640b6a74",
+  "0x6400000000000000000000000000000000000000000000000000000000000000",
+  "0x6080a24df6cb76f31cacdf4419ac9bf0ac092087f40ec93f10c4608f967ca23a",
+  "0xdb4261da1f55277e8d739af87ee3f2757b11de49e3021abcafe2d73ae3dd5ad1",
+  "0x1b8afbf6f0034f939f0cfc6e3b03362631bdce35a43b65cbb8f732fa08373b69",
+  "0x70ccdae9a06cda39d93eba92e2692bec147a29ef7e31ad9f4bebb347792d9204",
+  "0x58f6c4a556e87b8de03a64800211685b11e4e6e05e001b65d5f0a588e4985be3",
+  "0x0102030405060000000000000000000000000000000000000000000000000000",
+  "0xe38c573641a369b49f1e77043562c3b6b3932c2cce7fcd4d71d494b4b8d08012",
+  "0xa3df0acb0b3d50f9b7f569ffb440f3a5891a2723a35bd825d6cf271298e616b6"
+]

node-api/handlers/proof/merkle/testdata/one_validator_validator_balance_proof.json

@@ -0,0 +1,49 @@
+[
+  "0x0000000000000000000000000000000000000000000000000000000000000000",
+  "0xf5a5fd42d16a20302798ef6ed309979b43003d2320d9f0e8ea9831a92759fb4b",
+  "0xdb56114e00fdd4c1f85c892bf35ac9a89289aaecb1ebd0a96cde606a748b5d71",
+  "0xc78009fdf07fc56a11f122370658a353aaa542ed63e44c4bc15ff4cd105ab33c",
+  "0x536d98837f2dd165a55d5eeae91485954472d56f246df256bf3cae19352a123c",
+  "0x9efde052aa15429fae05bad4d0b1d7c64da64d03d7a1854a588c2cb8430c0d30",
+  "0xd88ddfeed400a8755596b21942c1497e114c302e6118290f91e6772976041fa1",
+  "0x87eb0ddba57e35f6d286673802a4af5975e22506c7cf4c64bb6be5ee11527f2c",
+  "0x26846476fd5fc54a5d43385167c95144f2643f533cc85bb9d16b782f8d7db193",
+  "0x506d86582d252405b840018792cad2bf1259f1ef5aa5f887e13cb2f0094f51e1",
+  "0xffff0ad7e659772f9534c195c815efc4014ef1e1daed4404c06385d11192e92b",
+  "0x6cf04127db05441cd833107a52be852868890e4317e6a02ab47683aa75964220",
+  "0xb7d05f875f140027ef5118a2247bbb84ce8f2f0f1123623085daf7960c329f5f",
+  "0xdf6af5f5bbdb6be9ef8aa618e4bf8073960867171e29676f8b284dea6a08a85e",
+  "0xb58d900f5e182e3c50ef74969ea16c7726c549757cc23523c369587da7293784",
+  "0xd49a7502ffcfb0340b1d7885688500ca308161a7f96b62df9d083b71fcc8f2bb",
+  "0x8fe6b1689256c0d385f42f5bbe2027a22c1996e110ba97c171d3e5948de92beb",
+  "0x8d0d63c39ebade8509e0ae3c9c3876fb5fa112be18f905ecacfecb92057603ab",
+  "0x95eec8b2e541cad4e91de38385f2e046619f54496c2382cb6cacd5b98c26f5a4",
+  "0xf893e908917775b62bff23294dbbe3a1cd8e6cc1c35b4801887b646a6f81f17f",
+  "0xcddba7b592e3133393c16194fac7431abf2f5485ed711db282183c819e08ebaa",
+  "0x8a8d7fe3af8caa085a7639a832001457dfb9128a8061142ad0335629ff23ff9c",
+  "0xfeb3c337d7a51a6fbf00b9e34c52e1c9195c969bd4e7a0bfd51d5c5bed9c1167",
+  "0xe71f0aa83cc32edfbefa9f4d3e0174ca85182eec9f3a09f6a6c0df6377a510d7",
+  "0x31206fa80a50bb6abe29085058f16212212a60eec8f049fecb92d8c8e0a84bc0",
+  "0x21352bfecbeddde993839f614c3dac0a3ee37543f9b412b16199dc158e23b544",
+  "0x619e312724bb6d7c3153ed9de791d764a366b389af13c58bf8a8d90481a46765",
+  "0x7cdd2986268250628d0c10e385c58c6191e6fbe05191bcc04f133f2cea72c1c4",
+  "0x848930bd7ba8cac54661072113fb278869e07bb8587f91392933374d017bcbe1",
+  "0x8869ff2c22b28cc10510d9853292803328be4fb0e80495e8bb8d271f5b889636",
+  "0xb5fe28e79f1b850f8658246ce9b6a1e7b49fc06db7143e8fe0b4f2b0c5523a5c",
+  "0x985e929f70af28d0bdd1a90a808f977f597c7c778c489e98d3bd8910d31ac0f7",
+  "0xc6f67e02e6e4e1bdefb994c6098953f34636ba2b6ca20a4721d2b26a886722ff",
+  "0x1c9a7e5ff1cf48b4ad1582d3f4e4a1004f3b20d8c5a2b71387a4254ad933ebc5",
+  "0x2f075ae229646b6f6aed19a5e372cf295081401eb893ff599b3f9acc0c0d3e7d",
+  "0x328921deb59612076801e8cd61592107b5c67c79b846595cc6320c395b46362c",
+  "0xbfb909fdb236ad2411b4e4883810a074b840464689986c3f8a8091827e17c327",
+  "0x55d8fb3687ba3ba49f342c77f5a1f89bec83d811446e1a467139213d640b6a74",
+  "0x0100000000000000000000000000000000000000000000000000000000000000",
+  "0x6080a24df6cb76f31cacdf4419ac9bf0ac092087f40ec93f10c4608f967ca23a",
+  "0xd8fa0aadb22a3b0fbc808b72568e1ee6a4e189a09f5caf344277c96e6fa474fd",
+  "0x1b8afbf6f0034f939f0cfc6e3b03362631bdce35a43b65cbb8f732fa08373b69",
+  "0xda5a83fdae2974416e891f268f5d29d45f071bb414304bdff46aaaa07a7403cb",
+  "0x58f6c4a556e87b8de03a64800211685b11e4e6e05e001b65d5f0a588e4985be3",
+  "0x0102030000000000000000000000000000000000000000000000000000000000",
+  "0xd6e497b816c27a31acd5d9f3ed670639fef7842fee51f044dfbfb6319c760a5f",
+  "0x7b85fe2a9afab51dcca12b224e10bf25e6cb1cb99ac5d24be8a55fac862b6c90"
+]

node-api/handlers/proof/merkle/validator_balance.go

@@ -0,0 +1,186 @@
+// SPDX-License-Identifier: BUSL-1.1
+//
+// Copyright (C) 2025, Berachain Foundation. All rights reserved.
+// Use of this software is governed by the Business Source License included
+// in the LICENSE file of this repository and at www.mariadb.com/bsl11.
+//
+// ANY USE OF THE LICENSED WORK IN VIOLATION OF THIS LICENSE WILL AUTOMATICALLY
+// TERMINATE YOUR RIGHTS UNDER THIS LICENSE FOR THE CURRENT AND ALL OTHER
+// VERSIONS OF THE LICENSED WORK.
+//
+// THIS LICENSE DOES NOT GRANT YOU ANY RIGHT IN ANY TRADEMARK OR LOGO OF
+// LICENSOR OR ITS AFFILIATES (PROVIDED THAT YOU MAY USE A TRADEMARK OR LOGO OF
+// LICENSOR AS EXPRESSLY REQUIRED BY THIS LICENSE).
+//
+// TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
+// AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
+// EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
+// TITLE.
+
+package merkle
+
+import (
+	"fmt"
+
+	ctypes "github.com/berachain/beacon-kit/consensus-types/types"
+	"github.com/berachain/beacon-kit/node-api/handlers/proof/types"
+	"github.com/berachain/beacon-kit/primitives/common"
+	"github.com/berachain/beacon-kit/primitives/math"
+	"github.com/berachain/beacon-kit/primitives/merkle"
+	"github.com/pkg/errors"
+)
+
+// bytesPerBalance is the number of bytes in a single balance (uint64).
+const bytesPerBalance uint64 = 8
+
+// ProveBalanceInState generates a proof for a validator's balance in the beacon state.
+func ProveBalanceInState(
+	forkVersion common.Version,
+	bsm types.BeaconStateMarshallable,
+	validatorIndex math.U64,
+) ([]common.Root, common.Root, error) {
+	stateProofTree, err := bsm.GetTree()
+	if err != nil {
+		return nil, common.Root{}, err
+	}
+
+	// Determine the starting generalized index for the 0-th validator's
+	// balance for this fork.
+	zeroBalanceGIndexState, err := GetZeroValidatorBalanceGIndexState(forkVersion)
+	if err != nil {
+		return nil, common.Root{}, err
+	}
+
+	// Since balances are packed 4 per leaf, calculate the leaf offset
+	leafOffset := validatorIndex / BalancesPerLeaf
+
+	// Calculate the generalized index for the target validator's balance leaf.
+	// The offset multiplication is bounded by the number of validators, so
+	// converting to int is safe on 64-bit architectures.
+	gIndex := zeroBalanceGIndexState + int(leafOffset) // #nosec G115
+
+	balanceProof, err := stateProofTree.Prove(gIndex)
+	if err != nil {
+		return nil, common.Root{}, err
+	}
+
+	proof := make([]common.Root, len(balanceProof.Hashes))
+	for i, hash := range balanceProof.Hashes {
+		proof[i] = common.NewRootFromBytes(hash)
+	}
+
+	// The leaf contains 4 packed uint64 balances
+	return proof, common.NewRootFromBytes(balanceProof.Leaf), nil
+}
+
+// ProveBalanceInBlock generates a proof for a validator's balance in the beacon block.
+// Returns the proof, the leaf containing the packed balances, and the beacon block root.
+func ProveBalanceInBlock(
+	validatorIndex math.U64,
+	bbh *ctypes.BeaconBlockHeader,
+	bsm types.BeaconStateMarshallable,
+	allBalances []uint64,
+) ([]common.Root, common.Root, common.Root, error) {
+	forkVersion := bsm.GetForkVersion()
+
+	// 1. Proof inside the state.
+	balanceInStateProof, leaf, err := ProveBalanceInState(
+		forkVersion, bsm, validatorIndex,
+	)
+	if err != nil {
+		return nil, common.Root{}, common.Root{}, err
+	}
+
+	// 2. Build the balance leaf and assert that it matches the proof's leaf.
+	builtLeaf := buildBalanceLeaf(allBalances, validatorIndex)
+	if !leaf.Equals(builtLeaf) {
+		return nil, common.Root{}, common.Root{}, fmt.Errorf(
+			"balance leaf mismatch -- proof tree leaf: 0x%s, built leaf: 0x%s", leaf, builtLeaf,
+		)
+	}
+
+	// 3. Proof of the state inside the block.
+	stateInBlockProof, err := ProveBeaconStateInBlock(bbh, false)
+	if err != nil {
+		return nil, common.Root{}, common.Root{}, err
+	}
+
+	// 4. Combine proofs: state-level hashes come first, followed by block-level
+	// hashes (same order as ProveProposerPubkeyInBlock).
+	//
+	//nolint:gocritic // ok.
+	combinedProof := append(balanceInStateProof, stateInBlockProof...)
+
+	// 5. Verify the combined proof against the beacon block root.
+	// Since balances are packed 4 per leaf, calculate the leaf offset.
+	leafOffset := validatorIndex / BalancesPerLeaf
+	beaconRoot, err := verifyBalanceInBlock(
+		forkVersion, bbh, leafOffset.Unwrap(), combinedProof, leaf,
+	)
+	if err != nil {
+		return nil, common.Root{}, common.Root{}, err
+	}
+
+	return combinedProof, leaf, beaconRoot, nil
+}
+
+// buildBalanceLeaf constructs the 32-byte leaf containing the packed balances
+// for the group of validators that includes `validatorIndex`. Balances are
+// packed 4 per leaf (little-endian uint64s).
+func buildBalanceLeaf(allBalances []uint64, validatorIndex math.U64) common.Root {
+	var leafBytes common.Root
+
+	// Determine which leaf the validator belongs to and the starting index in
+	// the balances slice.
+	leafIndex := validatorIndex / BalancesPerLeaf
+	startIdx := leafIndex * BalancesPerLeaf
+
+	// Pack up to 4 balances (little-endian) into the 32-byte array.
+	for i := range uint64(BalancesPerLeaf) {
+		idx := startIdx.Unwrap() + i
+		if idx >= uint64(len(allBalances)) {
+			break
+		}
+		bal := allBalances[idx]
+		for j := range bytesPerBalance {
+			leafBytes[i*bytesPerBalance+j] = byte(bal >> (j * bytesPerBalance))
+		}
+	}
+
+	return leafBytes
+}
+
+// verifyBalanceInBlock verifies the provided Merkle proof of a
+// validator's balance inside the beacon block and returns the
+// beacon block root that the proof was verified against.
+//
+// NOTE: Proof verification is not strictly necessary for operation, but we do
+// it as a sanity check to avoid propagating malformed proofs downstream.
+func verifyBalanceInBlock(
+	forkVersion common.Version,
+	bbh *ctypes.BeaconBlockHeader,
+	balanceOffset uint64,
+	proof []common.Root,
+	leaf common.Root,
+) (common.Root, error) {
+	zeroBalanceGIndexBlock, err := GetZeroValidatorBalanceGIndexBlock(forkVersion)
+	if err != nil {
+		return common.Root{}, err
+	}
+
+	beaconRoot := bbh.HashTreeRoot()
+	if !merkle.VerifyProof(
+		beaconRoot,
+		leaf,
+		zeroBalanceGIndexBlock+balanceOffset,
+		proof,
+	) {
+		return common.Root{}, errors.Wrapf(
+			errors.New("balance proof failed to verify against beacon root"),
+			"beacon root: 0x%s", beaconRoot,
+		)
+	}
+
+	return beaconRoot, nil
+}