@aztec/aztec 0.0.1-commit.3469e52 → 0.0.1-commit.381b1a9

package/dest/testing/anvil_test_watcher.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"anvil_test_watcher.d.ts","sourceRoot":"","sources":["../../src/testing/anvil_test_watcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAoB,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAExD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAKhE;;;;;;GAMG;AACH,qBAAa,gBAAgB;IAgBzB,OAAO,CAAC,UAAU;IAGlB,OAAO,CAAC,YAAY,CAAC;IAlBvB,OAAO,CAAC,cAAc,CAAkB;IAExC,OAAO,CAAC,MAAM,CAAsD;IACpE,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,cAAc,CAAU;IAEhC,OAAO,CAAC,oBAAoB,CAAC,CAAiB;IAC9C,OAAO,CAAC,uBAAuB,CAAC,CAAiB;IACjD,OAAO,CAAC,6BAA6B,CAAC,CAAiB;IAEvD,OAAO,CAAC,MAAM,CAAiD;IAE/D,OAAO,CAAC,iBAAiB,CAAQ;IAEjC,YACU,UAAU,EAAE,aAAa,EACjC,aAAa,EAAE,UAAU,EACzB,QAAQ,EAAE,UAAU,EACZ,YAAY,CAAC,8BAAkB,EAaxC;IAED,oBAAoB,CAAC,iBAAiB,EAAE,OAAO,QAG9C;IAED,iBAAiB,CAAC,cAAc,EAAE,OAAO,QAExC;IAEK,KAAK,kBAyBV;IAEK,IAAI,kBAIT;IAEK,OAAO,kBAIZ;IAEK,YAAY,kBAKjB;IAEK,4BAA4B,kBAejC;IAEK,gBAAgB,kBAwCrB;CACF"}
+{"version":3,"file":"anvil_test_watcher.d.ts","sourceRoot":"","sources":["../../src/testing/anvil_test_watcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAoB,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAExD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAKhE;;;;;;GAMG;AACH,qBAAa,gBAAgB;IAyBzB,OAAO,CAAC,UAAU;IAGlB,OAAO,CAAC,YAAY,CAAC;IA3BvB,OAAO,CAAC,cAAc,CAAkB;IAExC,OAAO,CAAC,MAAM,CAAsD;IACpE,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,cAAc,CAAU;IAEhC,OAAO,CAAC,oBAAoB,CAAC,CAAiB;IAC9C,OAAO,CAAC,uBAAuB,CAAC,CAAiB;IACjD,OAAO,CAAC,6BAA6B,CAAC,CAAiB;IAEvD,OAAO,CAAC,MAAM,CAAiD;IAE/D,OAAO,CAAC,iBAAiB,CAAQ;IAGjC,OAAO,CAAC,iBAAiB,CAAC,CAAwB;IAGlD,OAAO,CAAC,mBAAmB,CAAC,CAAgB;IAG5C,OAAO,CAAC,qBAAqB,CAAC,CAAqC;IAEnE,YACU,UAAU,EAAE,aAAa,EACjC,aAAa,EAAE,UAAU,EACzB,QAAQ,EAAE,UAAU,EACZ,YAAY,CAAC,8BAAkB,EAaxC;IAED,oBAAoB,CAAC,iBAAiB,EAAE,OAAO,QAG9C;IAED,iBAAiB,CAAC,cAAc,EAAE,OAAO,QAExC;IAED,yGAAyG;IACzG,oBAAoB,CAAC,EAAE,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,QAE7C;IAED,uGAAuG;IACvG,sBAAsB,CAAC,EAAE,EAAE,MAAM,OAAO,QAEvC;IAEK,KAAK,kBAyBV;IAEK,IAAI,kBAIT;IAEK,OAAO,kBAIZ;IAEK,YAAY,kBAKjB;IAEK,4BAA4B,kBAejC;IAEK,gBAAgB,kBAyDrB;YAEa,eAAe;CAO9B"}

package/dest/testing/anvil_test_watcher.js

@@ -22,6 +22,12 @@ import { getAddress, getContract } from 'viem';
     markingAsProvenRunningPromise;
     logger;
     isMarkingAsProven;
+    // Optional callback to check if there are pending txs in the mempool.
+    getPendingTxCount;
+    // Optional callback to check if the sequencer is actively building a block.
+    isSequencerBuilding;
+    // Tracks when we first observed the current unfilled slot with pending txs (real wall time).
+    unfilledSlotFirstSeen;
     constructor(cheatcodes, rollupAddress, l1Client, dateProvider){
         this.cheatcodes = cheatcodes;
         this.dateProvider = dateProvider;
@@ -45,6 +51,12 @@ import { getAddress, getContract } from 'viem';
     setisLocalNetwork(isLocalNetwork) {
         this.isLocalNetwork = isLocalNetwork;
     }
+    /** Sets a callback to check for pending txs, used to skip unfilled slots faster when txs are waiting. */ setGetPendingTxCount(fn) {
+        this.getPendingTxCount = fn;
+    }
+    /** Sets a callback to check if the sequencer is actively building, to avoid warping while it works. */ setIsSequencerBuilding(fn) {
+        this.isSequencerBuilding = fn;
+    }
     async start() {
         if (this.filledRunningPromise) {
             throw new Error('Watcher already watching for filled slot');
@@ -111,14 +123,8 @@ import { getAddress, getContract } from 'viem';
                 BigInt(nextSlot)
             ]));
             if (BigInt(currentSlot) === checkpointLog.slotNumber) {
-                // We should jump to the next slot
-                try {
-                    await this.cheatcodes.warp(nextSlotTimestamp, {
-                        resetBlockInterval: true
-                    });
-                } catch (e) {
-                    this.logger.error(`Failed to warp to timestamp ${nextSlotTimestamp}: ${e}`);
-                }
+                // The current slot has been filled, we should jump to the next slot.
+                await this.warpToTimestamp(nextSlotTimestamp);
                 this.logger.info(`Slot ${currentSlot} was filled, jumped to next slot`);
                 return;
             }
@@ -126,19 +132,50 @@ import { getAddress, getContract } from 'viem';
             if (!this.isLocalNetwork) {
                 return;
             }
+            // If there are pending txs and the sequencer missed them, warp quickly (after a 2s real-time debounce) so the
+            // sequencer can retry in the next slot. Without this, we'd have to wait a full real-time slot duration (~36s) for
+            // the dateProvider to catch up to the next slot timestamp. We skip the warp if the sequencer is actively building
+            // to avoid invalidating its in-progress work.
+            if (this.getPendingTxCount) {
+                const pendingTxs = await this.getPendingTxCount();
+                if (pendingTxs > 0) {
+                    if (this.isSequencerBuilding?.()) {
+                        this.unfilledSlotFirstSeen = undefined;
+                        return;
+                    }
+                    const realNow = Date.now();
+                    if (!this.unfilledSlotFirstSeen || this.unfilledSlotFirstSeen.slot !== currentSlot) {
+                        this.unfilledSlotFirstSeen = {
+                            slot: currentSlot,
+                            realTime: realNow
+                        };
+                        return;
+                    }
+                    if (realNow - this.unfilledSlotFirstSeen.realTime > 2000) {
+                        await this.warpToTimestamp(nextSlotTimestamp);
+                        this.unfilledSlotFirstSeen = undefined;
+                        this.logger.info(`Slot ${currentSlot} was missed with pending txs, jumped to next slot`);
+                    }
+                    return;
+                }
+            }
+            // Fallback: warp when the dateProvider time has passed the next slot timestamp.
             const currentTimestamp = this.dateProvider?.now() ?? Date.now();
             if (currentTimestamp > nextSlotTimestamp * 1000) {
-                try {
-                    await this.cheatcodes.warp(nextSlotTimestamp, {
-                        resetBlockInterval: true
-                    });
-                } catch (e) {
-                    this.logger.error(`Failed to warp to timestamp ${nextSlotTimestamp}: ${e}`);
-                }
+                await this.warpToTimestamp(nextSlotTimestamp);
                 this.logger.info(`Slot ${currentSlot} was missed, jumped to next slot`);
             }
         } catch  {
             this.logger.error('mineIfSlotFilled failed');
         }
     }
+    async warpToTimestamp(timestamp) {
+        try {
+            await this.cheatcodes.warp(timestamp, {
+                resetBlockInterval: true
+            });
+        } catch (e) {
+            this.logger.error(`Failed to warp to timestamp ${timestamp}: ${e}`);
+        }
+    }
 }

package/dest/testing/epoch_test_settler.d.ts

@@ -1,12 +1,14 @@
 import { type EthCheatCodes } from '@aztec/ethereum/test';
 import { type EpochNumber } from '@aztec/foundation/branded-types';
+import type { Logger } from '@aztec/foundation/log';
 import type { EthAddress, L2BlockSource } from '@aztec/stdlib/block';
 export declare class EpochTestSettler {
     private l2BlockSource;
+    private log;
     private options;
     private rollupCheatCodes;
     private epochMonitor?;
-    constructor(cheatcodes: EthCheatCodes, rollupAddress: EthAddress, l2BlockSource: L2BlockSource, options: {
+    constructor(cheatcodes: EthCheatCodes, rollupAddress: EthAddress, l2BlockSource: L2BlockSource, log: Logger, options: {
         pollingIntervalMs: number;
         provingDelayMs?: number;
     });
@@ -14,4 +16,4 @@ export declare class EpochTestSettler {
     stop(): Promise<void>;
     handleEpochReadyToProve(epoch: EpochNumber): Promise<boolean>;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXBvY2hfdGVzdF9zZXR0bGVyLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdGVzdGluZy9lcG9jaF90ZXN0X3NldHRsZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUFFLEtBQUssYUFBYSxFQUFvQixNQUFNLHNCQUFzQixDQUFDO0FBQzVFLE9BQU8sRUFBRSxLQUFLLFdBQVcsRUFBYyxNQUFNLGlDQUFpQyxDQUFDO0FBRS9FLE9BQU8sS0FBSyxFQUFFLFVBQVUsRUFBRSxhQUFhLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUdyRSxxQkFBYSxnQkFBZ0I7SUFPekIsT0FBTyxDQUFDLGFBQWE7SUFDckIsT0FBTyxDQUFDLE9BQU87SUFQakIsT0FBTyxDQUFDLGdCQUFnQixDQUFtQjtJQUMzQyxPQUFPLENBQUMsWUFBWSxDQUFDLENBQWU7SUFFcEMsWUFDRSxVQUFVLEVBQUUsYUFBYSxFQUN6QixhQUFhLEVBQUUsVUFBVSxFQUNqQixhQUFhLEVBQUUsYUFBYSxFQUM1QixPQUFPLEVBQUU7UUFBRSxpQkFBaUIsRUFBRSxNQUFNLENBQUM7UUFBQyxjQUFjLENBQUMsRUFBRSxNQUFNLENBQUE7S0FBRSxFQUd4RTtJQUVLLEtBQUssa0JBSVY7SUFFSyxJQUFJLGtCQUVUO0lBRUssdUJBQXVCLENBQUMsS0FBSyxFQUFFLFdBQVcsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLENBMkJsRTtDQUNGIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXBvY2hfdGVzdF9zZXR0bGVyLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdGVzdGluZy9lcG9jaF90ZXN0X3NldHRsZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUFFLEtBQUssYUFBYSxFQUFvQixNQUFNLHNCQUFzQixDQUFDO0FBQzVFLE9BQU8sRUFBRSxLQUFLLFdBQVcsRUFBYyxNQUFNLGlDQUFpQyxDQUFDO0FBQy9FLE9BQU8sS0FBSyxFQUFFLE1BQU0sRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBRXBELE9BQU8sS0FBSyxFQUFFLFVBQVUsRUFBRSxhQUFhLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUdyRSxxQkFBYSxnQkFBZ0I7SUFPekIsT0FBTyxDQUFDLGFBQWE7SUFDckIsT0FBTyxDQUFDLEdBQUc7SUFDWCxPQUFPLENBQUMsT0FBTztJQVJqQixPQUFPLENBQUMsZ0JBQWdCLENBQW1CO0lBQzNDLE9BQU8sQ0FBQyxZQUFZLENBQUMsQ0FBZTtJQUVwQyxZQUNFLFVBQVUsRUFBRSxhQUFhLEVBQ3pCLGFBQWEsRUFBRSxVQUFVLEVBQ2pCLGFBQWEsRUFBRSxhQUFhLEVBQzVCLEdBQUcsRUFBRSxNQUFNLEVBQ1gsT0FBTyxFQUFFO1FBQUUsaUJBQWlCLEVBQUUsTUFBTSxDQUFDO1FBQUMsY0FBYyxDQUFDLEVBQUUsTUFBTSxDQUFBO0tBQUUsRUFHeEU7SUFFSyxLQUFLLGtCQUlWO0lBRUssSUFBSSxrQkFFVDtJQUVLLHVCQUF1QixDQUFDLEtBQUssRUFBRSxXQUFXLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQW9DbEU7Q0FDRiJ9

package/dest/testing/epoch_test_settler.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"epoch_test_settler.d.ts","sourceRoot":"","sources":["../../src/testing/epoch_test_settler.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,aAAa,EAAoB,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EAAE,KAAK,WAAW,EAAc,MAAM,iCAAiC,CAAC;AAE/E,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAGrE,qBAAa,gBAAgB;IAOzB,OAAO,CAAC,aAAa;IACrB,OAAO,CAAC,OAAO;IAPjB,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,YAAY,CAAC,CAAe;IAEpC,YACE,UAAU,EAAE,aAAa,EACzB,aAAa,EAAE,UAAU,EACjB,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE;QAAE,iBAAiB,EAAE,MAAM,CAAC;QAAC,cAAc,CAAC,EAAE,MAAM,CAAA;KAAE,EAGxE;IAEK,KAAK,kBAIV;IAEK,IAAI,kBAET;IAEK,uBAAuB,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CA2BlE;CACF"}
+{"version":3,"file":"epoch_test_settler.d.ts","sourceRoot":"","sources":["../../src/testing/epoch_test_settler.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,aAAa,EAAoB,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EAAE,KAAK,WAAW,EAAc,MAAM,iCAAiC,CAAC;AAC/E,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAEpD,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAGrE,qBAAa,gBAAgB;IAOzB,OAAO,CAAC,aAAa;IACrB,OAAO,CAAC,GAAG;IACX,OAAO,CAAC,OAAO;IARjB,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,YAAY,CAAC,CAAe;IAEpC,YACE,UAAU,EAAE,aAAa,EACzB,aAAa,EAAE,UAAU,EACjB,aAAa,EAAE,aAAa,EAC5B,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;QAAE,iBAAiB,EAAE,MAAM,CAAC;QAAC,cAAc,CAAC,EAAE,MAAM,CAAA;KAAE,EAGxE;IAEK,KAAK,kBAIV;IAEK,IAAI,kBAET;IAEK,uBAAuB,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAoClE;CACF"}

package/dest/testing/epoch_test_settler.js

@@ -1,14 +1,16 @@
 import { RollupCheatCodes } from '@aztec/ethereum/test';
 import { SlotNumber } from '@aztec/foundation/branded-types';
 import { EpochMonitor } from '@aztec/prover-node';
-import { computeL2ToL1MembershipWitnessFromMessagesInEpoch } from '@aztec/stdlib/messaging';
+import { computeEpochOutHash } from '@aztec/stdlib/messaging';
 export class EpochTestSettler {
     l2BlockSource;
+    log;
     options;
     rollupCheatCodes;
     epochMonitor;
-    constructor(cheatcodes, rollupAddress, l2BlockSource, options){
+    constructor(cheatcodes, rollupAddress, l2BlockSource, log, options){
         this.l2BlockSource = l2BlockSource;
+        this.log = log;
         this.options = options;
         this.rollupCheatCodes = new RollupCheatCodes(cheatcodes, {
             rollupAddress
@@ -25,7 +27,11 @@ export class EpochTestSettler {
         await this.epochMonitor?.stop();
     }
     async handleEpochReadyToProve(epoch) {
-        const blocks = await this.l2BlockSource.getBlocksForEpoch(epoch);
+        const checkpointedBlocks = await this.l2BlockSource.getCheckpointedBlocksForEpoch(epoch);
+        const blocks = checkpointedBlocks.map((b)=>b.block);
+        this.log.info(`Settling epoch ${epoch} with blocks ${blocks[0]?.header.getBlockNumber()} to ${blocks.at(-1)?.header.getBlockNumber()}`, {
+            blocks: blocks.map((b)=>b.toBlockInfo())
+        });
         const messagesInEpoch = [];
         let previousSlotNumber = SlotNumber.ZERO;
         let checkpointIndex = -1;
@@ -38,14 +44,17 @@ export class EpochTestSettler {
             }
             messagesInEpoch[checkpointIndex].push(block.body.txEffects.map((txEffect)=>txEffect.l2ToL1Msgs));
         }
-        const [firstMessage] = messagesInEpoch.flat(3);
-        if (firstMessage) {
-            const { root: outHash } = computeL2ToL1MembershipWitnessFromMessagesInEpoch(messagesInEpoch, firstMessage);
+        const outHash = computeEpochOutHash(messagesInEpoch);
+        if (!outHash.isZero()) {
             await this.rollupCheatCodes.insertOutbox(epoch, outHash.toBigInt());
+        } else {
+            this.log.info(`No L2 to L1 messages in epoch ${epoch}`);
         }
-        // Mark the blocks as proven.
-        for (const block of blocks){
-            await this.rollupCheatCodes.markAsProven(block.number);
+        const lastCheckpoint = checkpointedBlocks.at(-1)?.checkpointNumber;
+        if (lastCheckpoint !== undefined) {
+            await this.rollupCheatCodes.markAsProven(lastCheckpoint);
+        } else {
+            this.log.warn(`No checkpoint found for epoch ${epoch}`);
         }
         return true;
     }

package/dest/testing/index.d.ts

@@ -2,4 +2,5 @@ export { AnvilTestWatcher } from './anvil_test_watcher.js';
 export { EthCheatCodes, RollupCheatCodes } from '@aztec/ethereum/test';
 export { CheatCodes } from './cheat_codes.js';
 export { EpochTestSettler } from './epoch_test_settler.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy90ZXN0aW5nL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELE9BQU8sRUFBRSxhQUFhLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUN2RSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sa0JBQWtCLENBQUM7QUFDOUMsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0seUJBQXlCLENBQUMifQ==
+export { getTokenAllowedSetupFunctions } from './token_allowed_setup.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy90ZXN0aW5nL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELE9BQU8sRUFBRSxhQUFhLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUN2RSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sa0JBQWtCLENBQUM7QUFDOUMsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFDM0QsT0FBTyxFQUFFLDZCQUE2QixFQUFFLE1BQU0sMEJBQTBCLENBQUMifQ==

package/dest/testing/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/testing/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/testing/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,6BAA6B,EAAE,MAAM,0BAA0B,CAAC"}

package/dest/testing/index.js

@@ -2,3 +2,4 @@ export { AnvilTestWatcher } from './anvil_test_watcher.js';
 export { EthCheatCodes, RollupCheatCodes } from '@aztec/ethereum/test';
 export { CheatCodes } from './cheat_codes.js';
 export { EpochTestSettler } from './epoch_test_settler.js';
+export { getTokenAllowedSetupFunctions } from './token_allowed_setup.js';

package/dest/testing/token_allowed_setup.d.ts

@@ -0,0 +1,7 @@
+import type { AllowedElement } from '@aztec/stdlib/interfaces/server';
+/**
+ * Returns Token-specific allowlist entries needed for FPC-based fee payments.
+ * These are test-only: FPC-based fee payment with custom tokens won't work on mainnet alpha.
+ */
+export declare function getTokenAllowedSetupFunctions(): Promise<AllowedElement[]>;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidG9rZW5fYWxsb3dlZF9zZXR1cC5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3Rlc3RpbmcvdG9rZW5fYWxsb3dlZF9zZXR1cC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFHQSxPQUFPLEtBQUssRUFBRSxjQUFjLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUV0RTs7O0dBR0c7QUFDSCx3QkFBc0IsNkJBQTZCLElBQUksT0FBTyxDQUFDLGNBQWMsRUFBRSxDQUFDLENBUy9FIn0=

package/dest/testing/token_allowed_setup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token_allowed_setup.d.ts","sourceRoot":"","sources":["../../src/testing/token_allowed_setup.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AAEtE;;;GAGG;AACH,wBAAsB,6BAA6B,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC,CAS/E"}

package/dest/testing/token_allowed_setup.js

@@ -0,0 +1,20 @@
+import { TokenContractArtifact } from '@aztec/noir-contracts.js/Token';
+import { buildAllowedElement } from '@aztec/p2p/msg_validators';
+import { getContractClassFromArtifact } from '@aztec/stdlib/contract';
+/**
+ * Returns Token-specific allowlist entries needed for FPC-based fee payments.
+ * These are test-only: FPC-based fee payment with custom tokens won't work on mainnet alpha.
+ */ export async function getTokenAllowedSetupFunctions() {
+    const tokenClassId = (await getContractClassFromArtifact(TokenContractArtifact)).id;
+    const target = {
+        classId: tokenClassId
+    };
+    return Promise.all([
+        // Token: needed for private transfers via FPC (transfer_to_public enqueues this)
+        buildAllowedElement(TokenContractArtifact, target, '_increase_public_balance', {
+            onlySelf: true
+        }),
+        // Token: needed for public transfers via FPC (fee_entrypoint_public enqueues this)
+        buildAllowedElement(TokenContractArtifact, target, 'transfer_in_public')
+    ]);
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/aztec",
-  "version": "0.0.1-commit.3469e52",
+  "version": "0.0.1-commit.381b1a9",
   "type": "module",
   "exports": {
     ".": "./dest/index.js",
@@ -28,39 +28,39 @@
     "../package.common.json"
   ],
   "dependencies": {
-    "@aztec/accounts": "0.0.1-commit.3469e52",
-    "@aztec/archiver": "0.0.1-commit.3469e52",
-    "@aztec/aztec-faucet": "0.0.1-commit.3469e52",
-    "@aztec/aztec-node": "0.0.1-commit.3469e52",
-    "@aztec/aztec.js": "0.0.1-commit.3469e52",
-    "@aztec/bb-prover": "0.0.1-commit.3469e52",
-    "@aztec/bb.js": "0.0.1-commit.3469e52",
-    "@aztec/blob-client": "0.0.1-commit.3469e52",
-    "@aztec/bot": "0.0.1-commit.3469e52",
-    "@aztec/builder": "0.0.1-commit.3469e52",
-    "@aztec/cli": "0.0.1-commit.3469e52",
-    "@aztec/constants": "0.0.1-commit.3469e52",
-    "@aztec/entrypoints": "0.0.1-commit.3469e52",
-    "@aztec/ethereum": "0.0.1-commit.3469e52",
-    "@aztec/foundation": "0.0.1-commit.3469e52",
-    "@aztec/kv-store": "0.0.1-commit.3469e52",
-    "@aztec/l1-artifacts": "0.0.1-commit.3469e52",
-    "@aztec/node-lib": "0.0.1-commit.3469e52",
-    "@aztec/noir-contracts.js": "0.0.1-commit.3469e52",
-    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.3469e52",
-    "@aztec/p2p": "0.0.1-commit.3469e52",
-    "@aztec/p2p-bootstrap": "0.0.1-commit.3469e52",
-    "@aztec/protocol-contracts": "0.0.1-commit.3469e52",
-    "@aztec/prover-client": "0.0.1-commit.3469e52",
-    "@aztec/prover-node": "0.0.1-commit.3469e52",
-    "@aztec/pxe": "0.0.1-commit.3469e52",
-    "@aztec/sequencer-client": "0.0.1-commit.3469e52",
-    "@aztec/stdlib": "0.0.1-commit.3469e52",
-    "@aztec/telemetry-client": "0.0.1-commit.3469e52",
-    "@aztec/test-wallet": "0.0.1-commit.3469e52",
-    "@aztec/txe": "0.0.1-commit.3469e52",
-    "@aztec/validator-ha-signer": "0.0.1-commit.3469e52",
-    "@aztec/world-state": "0.0.1-commit.3469e52",
+    "@aztec/accounts": "0.0.1-commit.381b1a9",
+    "@aztec/archiver": "0.0.1-commit.381b1a9",
+    "@aztec/aztec-faucet": "0.0.1-commit.381b1a9",
+    "@aztec/aztec-node": "0.0.1-commit.381b1a9",
+    "@aztec/aztec.js": "0.0.1-commit.381b1a9",
+    "@aztec/bb-prover": "0.0.1-commit.381b1a9",
+    "@aztec/bb.js": "0.0.1-commit.381b1a9",
+    "@aztec/blob-client": "0.0.1-commit.381b1a9",
+    "@aztec/bot": "0.0.1-commit.381b1a9",
+    "@aztec/builder": "0.0.1-commit.381b1a9",
+    "@aztec/cli": "0.0.1-commit.381b1a9",
+    "@aztec/constants": "0.0.1-commit.381b1a9",
+    "@aztec/entrypoints": "0.0.1-commit.381b1a9",
+    "@aztec/ethereum": "0.0.1-commit.381b1a9",
+    "@aztec/foundation": "0.0.1-commit.381b1a9",
+    "@aztec/kv-store": "0.0.1-commit.381b1a9",
+    "@aztec/l1-artifacts": "0.0.1-commit.381b1a9",
+    "@aztec/node-lib": "0.0.1-commit.381b1a9",
+    "@aztec/noir-contracts.js": "0.0.1-commit.381b1a9",
+    "@aztec/noir-protocol-circuits-types": "0.0.1-commit.381b1a9",
+    "@aztec/p2p": "0.0.1-commit.381b1a9",
+    "@aztec/p2p-bootstrap": "0.0.1-commit.381b1a9",
+    "@aztec/protocol-contracts": "0.0.1-commit.381b1a9",
+    "@aztec/prover-client": "0.0.1-commit.381b1a9",
+    "@aztec/prover-node": "0.0.1-commit.381b1a9",
+    "@aztec/pxe": "0.0.1-commit.381b1a9",
+    "@aztec/sequencer-client": "0.0.1-commit.381b1a9",
+    "@aztec/stdlib": "0.0.1-commit.381b1a9",
+    "@aztec/telemetry-client": "0.0.1-commit.381b1a9",
+    "@aztec/txe": "0.0.1-commit.381b1a9",
+    "@aztec/validator-ha-signer": "0.0.1-commit.381b1a9",
+    "@aztec/wallets": "0.0.1-commit.381b1a9",
+    "@aztec/world-state": "0.0.1-commit.381b1a9",
     "@types/chalk": "^2.2.0",
     "abitype": "^0.8.11",
     "chalk": "^5.3.0",

package/scripts/aztec.sh

@@ -21,13 +21,13 @@ function aztec {
 
 case $cmd in
   test)
-    export LOG_LEVEL="${LOG_LEVEL:-error}"
+    export LOG_LEVEL="${LOG_LEVEL:-"error;trace:contract_log"}"
     aztec start --txe --port 8081 &
     server_pid=$!
     trap 'kill $server_pid &>/dev/null || true' EXIT
     while ! nc -z 127.0.0.1 8081 &>/dev/null; do sleep 0.2; done
     export NARGO_FOREIGN_CALL_TIMEOUT=300000
-    nargo test --silence-warnings --pedantic-solving --oracle-resolver http://127.0.0.1:8081 "$@"
+    nargo test --silence-warnings --oracle-resolver http://127.0.0.1:8081 --test-threads 16 "$@"
     ;;
   start)
     if [ "${1:-}" == "--local-network" ]; then
@@ -54,9 +54,13 @@ case $cmd in
 
     aztec start "$@"
     ;;
-  compile|new|init|flamegraph)
+  new|init)
     $script_dir/${cmd}.sh "$@"
     ;;
+  flamegraph)
+    echo "Warning: 'aztec flamegraph' is deprecated. Use 'aztec profile flamegraph' instead." >&2
+    aztec profile flamegraph "$@"
+    ;;
   *)
     aztec $cmd "$@"
     ;;

package/src/bin/index.ts

@@ -11,12 +11,14 @@ import { injectCommands as injectMiscCommands } from '@aztec/cli/misc';
 import { injectCommands as injectValidatorKeysCommands } from '@aztec/cli/validator_keys';
 import { getActiveNetworkName } from '@aztec/foundation/config';
 import { createConsoleLogger, createLogger } from '@aztec/foundation/log';
+import { getPackageVersion } from '@aztec/stdlib/update-checker';
 
 import { Command } from 'commander';
 
+import { injectCompileCommand } from '../cli/cmds/compile.js';
 import { injectMigrateCommand } from '../cli/cmds/migrate_ha_db.js';
+import { injectProfileCommand } from '../cli/cmds/profile.js';
 import { injectAztecCommands } from '../cli/index.js';
-import { getCliVersion } from '../cli/release_version.js';
 
 const NETWORK_FLAG = 'network';
 
@@ -45,9 +47,9 @@ async function main() {
   await enrichEnvironmentWithNetworkConfig(networkName);
   enrichEnvironmentWithChainName(networkName);
 
-  const cliVersion = getCliVersion();
+  const cliVersion = getPackageVersion() ?? 'unknown';
   let program = new Command('aztec');
-  program.description('Aztec command line interface').version(cliVersion);
+  program.description('Aztec command line interface').version(cliVersion).enablePositionalOptions();
   program = injectAztecCommands(program, userLog, debugLogger);
   program = injectBuilderCommands(program);
   program = injectContractCommands(program, userLog, debugLogger);
@@ -56,6 +58,8 @@ async function main() {
   program = injectAztecNodeCommands(program, userLog, debugLogger);
   program = injectMiscCommands(program, userLog);
   program = injectValidatorKeysCommands(program, userLog);
+  program = injectCompileCommand(program, userLog);
+  program = injectProfileCommand(program, userLog);
   program = injectMigrateCommand(program, userLog);
 
   await program.parseAsync(process.argv);

package/src/cli/admin_api_key_store.ts

@@ -0,0 +1,128 @@
+import { randomBytes } from '@aztec/foundation/crypto/random';
+import { sha256Hash } from '@aztec/foundation/json-rpc/server';
+import type { Logger } from '@aztec/foundation/log';
+
+import { promises as fs } from 'fs';
+import { join } from 'path';
+
+/** Subdirectory under dataDirectory for admin API key storage. */
+const ADMIN_STORE_DIR = 'admin';
+const HASH_FILE_NAME = 'api_key_hash';
+
+/**
+ * Result of resolving the admin API key.
+ * Contains the SHA-256 hex hash of the API key to be used by the auth middleware,
+ * and optionally the raw key when newly generated (so the caller can display it).
+ */
+export interface AdminApiKeyResolution {
+  /** The SHA-256 hash of the API key. */
+  apiKeyHash: Buffer;
+  /**
+   * The raw API key, only present when a new key was generated during this call.
+   * The caller MUST display this to the operator — it will not be stored or returned again.
+   */
+  rawKey?: string;
+}
+
+export interface ResolveAdminApiKeyOptions {
+  /** SHA-256 hex hash of a pre-generated API key. When set, the node uses this hash directly. */
+  adminApiKeyHash?: string;
+  /** If true, disable admin API key auth entirely. */
+  disableAdminApiKey?: boolean;
+  /** If true, force-generate a new key even if one is already persisted. */
+  resetAdminApiKey?: boolean;
+  /** Root data directory for persistent storage. */
+  dataDirectory?: string;
+}
+
+/**
+ * Resolves the admin API key for the admin RPC endpoint.
+ *
+ * Strategy:
+ * 1. If opt-out flag is set (`disableAdminApiKey`), return undefined (no auth).
+ * 2. If a pre-generated hash is provided (`adminApiKeyHash`), use it directly.
+ * 3. If a data directory exists, look for a persisted hash file
+ *    at `<dataDirectory>/admin/api_key_hash`:
+ *    - If `resetAdminApiKey` is set, skip loading and force-generate a new key.
+ *    - Found: use the stored hash (operator already saved the key from first run).
+ *    - Not found: auto-generate a random key, display it once, persist the hash.
+ * 3. If no data directory: generate a random key
+ *    each run and display it (cannot persist).
+ *
+ * @param options - The options for resolving the admin API key.
+ * @param log - Logger for outputting the key and status messages.
+ * @returns The resolved API key hash, or undefined if auth is disabled.
+ */
+export async function resolveAdminApiKey(
+  options: ResolveAdminApiKeyOptions,
+  log: Logger,
+): Promise<AdminApiKeyResolution | undefined> {
+  // Operator explicitly opted out of admin auth
+  if (options.disableAdminApiKey) {
+    log.warn('Admin API key authentication is DISABLED (--disable-admin-api-key / AZTEC_DISABLE_ADMIN_API_KEY)');
+    return undefined;
+  }
+
+  // Operator provided a pre-generated hash (e.g. via AZTEC_ADMIN_API_KEY_HASH env var)
+  if (options.adminApiKeyHash) {
+    const hex = options.adminApiKeyHash.trim();
+    if (hex.length !== 64 || !/^[0-9a-f]{64}$/.test(hex)) {
+      throw new Error(`Invalid admin API key hash: expected 64-char hex string, got "${hex}"`);
+    }
+    log.info('Admin API key authentication enabled (using pre-configured key hash)');
+    return { apiKeyHash: Buffer.from(hex, 'hex') };
+  }
+
+  // Persistent storage available, load or generate key
+  if (options.dataDirectory) {
+    const adminDir = join(options.dataDirectory, ADMIN_STORE_DIR);
+    const hashFilePath = join(adminDir, HASH_FILE_NAME);
+
+    // Unless a reset is forced, try to load the existing hash from disk
+    if (!options.resetAdminApiKey) {
+      try {
+        const storedHash = (await fs.readFile(hashFilePath, 'utf-8')).trim();
+        if (storedHash.length === 64) {
+          log.info('Admin API key authentication enabled (loaded stored key hash from disk)');
+          return { apiKeyHash: Buffer.from(storedHash, 'hex') };
+        }
+        log.warn(`Invalid stored admin API key hash at ${hashFilePath}, regenerating...`);
+      } catch (err: any) {
+        if (err.code !== 'ENOENT') {
+          log.warn(`Failed to read admin API key hash from ${hashFilePath}: ${err.message}`);
+        }
+        // File doesn't exist — fall through to generate
+      }
+    } else {
+      log.warn('Admin API key reset requested — generating a new key');
+    }
+
+    // Generate a new key, persist the hash, and return the raw key for the caller to display
+    const { rawKey, hash } = generateApiKey();
+    await fs.mkdir(adminDir, { recursive: true });
+    await fs.writeFile(hashFilePath, hash.toString('hex'), 'utf-8');
+    // Set restrictive permissions (owner read/write only)
+    await fs.chmod(hashFilePath, 0o600);
+
+    log.info('Admin API key authentication enabled (new key generated and hash persisted to disk)');
+    return { apiKeyHash: hash, rawKey };
+  }
+
+  // No data directory, generate a temporary key per session
+  const { rawKey, hash } = generateApiKey();
+
+  log.warn('No data directory configured — admin API key cannot be persisted.');
+  log.warn('A temporary key has been generated for this session only.');
+
+  return { apiKeyHash: hash, rawKey };
+}
+
+/**
+ * Generates a cryptographically random API key and its SHA-256 hash.
+ * @returns The raw key (hex string) and its SHA-256 hash as a Buffer.
+ */
+function generateApiKey(): { rawKey: string; hash: Buffer } {
+  const rawKey = randomBytes(32).toString('hex');
+  const hash = sha256Hash(rawKey);
+  return { rawKey, hash };
+}