@aztec/bb-prover 0.0.1-commit.96bb3f7 → 0.0.1-commit.993d240

package/src/bb/bb_js_debug.ts

@@ -0,0 +1,227 @@
+import type { AvmStat } from '@aztec/bb.js';
+import type { Logger } from '@aztec/foundation/log';
+
+import { promises as fs } from 'fs';
+import * as path from 'path';
+import { gzipSync } from 'zlib';
+
+import type { UltraHonkFlavor } from '../honk.js';
+import type { BBJsApi, BBJsProofResult } from './bb_js_backend.js';
+
+/**
+ * Maps UltraHonk flavors to the CLI flags used by the bb binary.
+ * The CLI always uses `--scheme ultra_honk`; flavors are expressed via
+ * `--oracle_hash` and `--ipa_accumulation`.
+ */
+function getCliFlags(flavor: UltraHonkFlavor): string {
+  const base = '--scheme ultra_honk --disable_zk';
+  switch (flavor) {
+    case 'ultra_honk':
+      return `${base} --oracle_hash poseidon2`;
+    case 'ultra_keccak_honk':
+      return `${base} --oracle_hash keccak`;
+    case 'ultra_starknet_honk':
+      return `${base} --oracle_hash starknet`;
+    case 'ultra_rollup_honk':
+      return `${base} --oracle_hash poseidon2 --ipa_accumulation`;
+  }
+}
+
+/** Concatenate an array of 32-byte field elements into a single buffer. */
+function concatFields(fields: Uint8Array[]): Buffer {
+  const totalLen = fields.reduce((sum, f) => sum + f.length, 0);
+  const buf = Buffer.alloc(totalLen);
+  let offset = 0;
+  for (const f of fields) {
+    buf.set(f, offset);
+    offset += f.length;
+  }
+  return buf;
+}
+
+/**
+ * Wraps a BBJsApi instance to write debug files and log equivalent CLI commands.
+ * Activated when BB_DEBUG_OUTPUT_DIR is set. Each operation writes its inputs
+ * and outputs to a numbered subdirectory, enabling offline reproduction.
+ */
+export class DebugBBJsInstance implements BBJsApi {
+  private counter = 0;
+
+  constructor(
+    private inner: BBJsApi,
+    private debugDir: string,
+    private bbPath: string,
+    private logger: Logger,
+  ) {}
+
+  private nextDir(prefix: string): string {
+    this.counter++;
+    const padded = String(this.counter).padStart(3, '0');
+    return path.join(this.debugDir, `${prefix}-${padded}`);
+  }
+
+  /** Write a command string to both the logger and a command.sh file in the given directory. */
+  private async logCommand(dir: string, command: string): Promise<void> {
+    this.logger.info(`Executing BB with: ${command}`);
+    await fs.writeFile(path.join(dir, 'command.sh'), `#!/bin/bash\n${command}\n`, { mode: 0o755 });
+  }
+
+  async generateProof(
+    circuitName: string,
+    bytecode: Uint8Array,
+    verificationKey: Uint8Array,
+    witness: Uint8Array,
+    flavor: UltraHonkFlavor,
+  ): Promise<BBJsProofResult> {
+    const dir = this.nextDir(circuitName);
+    await fs.mkdir(dir, { recursive: true });
+
+    const bytecodePath = path.join(dir, `${circuitName}-bytecode.gz`);
+    const vkPath = path.join(dir, `${circuitName}-vk`);
+    const witnessPath = path.join(dir, 'partial-witness.gz');
+
+    await Promise.all([
+      fs.writeFile(bytecodePath, gzipSync(bytecode)),
+      fs.writeFile(vkPath, verificationKey),
+      fs.writeFile(witnessPath, gzipSync(witness)),
+    ]);
+
+    const flags = getCliFlags(flavor);
+    await this.logCommand(
+      dir,
+      `${this.bbPath} prove ${flags} -o ${dir} -b ${bytecodePath} -k ${vkPath} -w ${witnessPath}`,
+    );
+
+    const result = await this.inner.generateProof(circuitName, bytecode, verificationKey, witness, flavor);
+
+    const proofBuf = concatFields(result.proofFields);
+    const publicInputsBuf = concatFields(result.publicInputFields);
+    await Promise.all([
+      fs.writeFile(path.join(dir, 'proof'), proofBuf),
+      fs.writeFile(path.join(dir, 'public_inputs'), publicInputsBuf),
+    ]);
+
+    return result;
+  }
+
+  async verifyProof(
+    proofFields: Uint8Array[],
+    verificationKey: Uint8Array,
+    publicInputFields: Uint8Array[],
+    flavor: UltraHonkFlavor,
+  ): Promise<{ verified: boolean; durationMs: number }> {
+    const dir = this.nextDir(`verify-${flavor}`);
+    await fs.mkdir(dir, { recursive: true });
+
+    const proofPath = path.join(dir, 'proof');
+    const vkPath = path.join(dir, 'vk');
+    const publicInputsPath = path.join(dir, 'public_inputs');
+
+    const proofBuf = concatFields(proofFields);
+    const publicInputsBuf = concatFields(publicInputFields);
+    await Promise.all([
+      fs.writeFile(proofPath, proofBuf),
+      fs.writeFile(vkPath, verificationKey),
+      fs.writeFile(publicInputsPath, publicInputsBuf),
+    ]);
+
+    const flags = getCliFlags(flavor);
+    await this.logCommand(dir, `${this.bbPath} verify ${flags} -p ${proofPath} -k ${vkPath} -i ${publicInputsPath}`);
+
+    return this.inner.verifyProof(proofFields, verificationKey, publicInputFields, flavor);
+  }
+
+  async verifyChonkProof(
+    fieldsWithPublicInputs: Uint8Array[],
+    verificationKey: Uint8Array,
+  ): Promise<{ verified: boolean; durationMs: number }> {
+    const dir = this.nextDir('verify-chonk');
+    await fs.mkdir(dir, { recursive: true });
+
+    const proofPath = path.join(dir, 'proof');
+    const vkPath = path.join(dir, 'vk');
+
+    const proofBuf = concatFields(fieldsWithPublicInputs);
+    await Promise.all([fs.writeFile(proofPath, proofBuf), fs.writeFile(vkPath, verificationKey)]);
+
+    await this.logCommand(dir, `${this.bbPath} verify --scheme chonk -p ${proofPath} -k ${vkPath} -v`);
+
+    return this.inner.verifyChonkProof(fieldsWithPublicInputs, verificationKey);
+  }
+
+  async computeGateCount(
+    circuitName: string,
+    bytecode: Uint8Array,
+    flavor: UltraHonkFlavor | 'mega_honk',
+  ): Promise<{ circuitSize: number; durationMs: number }> {
+    const dir = this.nextDir(`gates-${circuitName}`);
+    await fs.mkdir(dir, { recursive: true });
+
+    const bytecodePath = path.join(dir, `${circuitName}-bytecode.gz`);
+    await fs.writeFile(bytecodePath, gzipSync(bytecode));
+
+    if (flavor === 'mega_honk') {
+      await this.logCommand(dir, `${this.bbPath} gates --scheme chonk -b ${bytecodePath}`);
+    } else {
+      const flags = getCliFlags(flavor);
+      await this.logCommand(dir, `${this.bbPath} gates ${flags} -b ${bytecodePath}`);
+    }
+
+    return this.inner.computeGateCount(circuitName, bytecode, flavor);
+  }
+
+  async generateAvmProof(inputs: Uint8Array): Promise<{ proof: Uint8Array[]; stats: AvmStat[]; durationMs: number }> {
+    const dir = this.nextDir('avm-prove');
+    await fs.mkdir(dir, { recursive: true });
+
+    const inputsPath = path.join(dir, 'avm_inputs.bin');
+    await fs.writeFile(inputsPath, inputs);
+
+    await this.logCommand(dir, `${this.bbPath} avm_prove --avm-inputs ${inputsPath} -o ${dir}`);
+
+    const result = await this.inner.generateAvmProof(inputs);
+
+    const proofBuf = concatFields(result.proof);
+    await fs.writeFile(path.join(dir, 'proof'), proofBuf);
+
+    return result;
+  }
+
+  async verifyAvmProof(
+    proof: Uint8Array[],
+    publicInputs: Uint8Array,
+  ): Promise<{ verified: boolean; durationMs: number }> {
+    const dir = this.nextDir('avm-verify');
+    await fs.mkdir(dir, { recursive: true });
+
+    const proofPath = path.join(dir, 'proof');
+    const publicInputsPath = path.join(dir, 'avm_public_inputs.bin');
+
+    const proofBuf = concatFields(proof);
+    await Promise.all([fs.writeFile(proofPath, proofBuf), fs.writeFile(publicInputsPath, publicInputs)]);
+
+    await this.logCommand(dir, `${this.bbPath} avm_verify -p ${proofPath} --avm-public-inputs ${publicInputsPath}`);
+
+    return this.inner.verifyAvmProof(proof, publicInputs);
+  }
+
+  async checkAvmCircuit(inputs: Uint8Array): Promise<{ passed: boolean; stats: AvmStat[]; durationMs: number }> {
+    const dir = this.nextDir('avm-check-circuit');
+    await fs.mkdir(dir, { recursive: true });
+
+    const inputsPath = path.join(dir, 'avm_inputs.bin');
+    await fs.writeFile(inputsPath, inputs);
+
+    await this.logCommand(dir, `${this.bbPath} avm_check_circuit --avm-inputs ${inputsPath}`);
+
+    return this.inner.checkAvmCircuit(inputs);
+  }
+
+  generateContract(verificationKey: Uint8Array): Promise<{ solidityCode: string; durationMs: number }> {
+    return this.inner.generateContract(verificationKey);
+  }
+
+  destroy(): Promise<void> {
+    return this.inner.destroy();
+  }
+}

package/src/bb/file_names.ts

@@ -0,0 +1,6 @@
+// File-naming conventions used by `bb` CLI output directories. Retained for consumers that still
+// read/write proofs to disk alongside bb-prover's in-memory bb.js flows.
+
+export const VK_FILENAME = 'vk';
+export const PROOF_FILENAME = 'proof';
+export const PUBLIC_INPUTS_FILENAME = 'public_inputs';

package/src/config.ts

@@ -3,8 +3,24 @@ export interface BBConfig {
   bbWorkingDirectory: string;
   /** Whether to skip tmp dir cleanup for debugging purposes */
   bbSkipCleanup: boolean;
+  /**
+   * Number of long-lived bb processes pooled by the RPC verifier (BBCircuitVerifier).
+   * Also caps concurrent verifications via the wrapping QueuedIVCVerifier.
+   */
   numConcurrentIVCVerifiers: number;
+  /** Thread count for the RPC IVC verifier. */
   bbIVCConcurrency: number;
+  /**
+   * Upper bound on proofs per batch for the peer chonk batch verifier.
+   * Proofs are verified immediately as they arrive — this only caps how many
+   * can accumulate while a batch is already being processed.
+   * Default 16: at 4 cores, a full batch of 16 verifies in ~245ms wall time.
+   */
+  bbChonkVerifyMaxBatch: number;
+  /** Thread count for the peer batch verifier parallel reduce. Default 6 to leave cores for the rest of the node. */
+  bbChonkVerifyConcurrency: number;
+  /** When set, bb.js operations write input/output files and log equivalent CLI commands to this directory. */
+  bbDebugOutputDir?: string;
 }
 
 export interface ACVMConfig {

package/src/index.ts

@@ -2,7 +2,8 @@ export * from './prover/index.js';
 export * from './test/index.js';
 export * from './verifier/index.js';
 export * from './config.js';
-export * from './bb/execute.js';
+export * from './bb/file_names.js';
+export * from './bb/bb_js_backend.js';
 export * from './honk.js';
 export * from './verification_key/verification_key_data.js';
 

package/src/instrumentation.ts

@@ -58,10 +58,18 @@ export class ProverInstrumentation {
     circuitName: CircuitName,
     timerOrMS: Timer | number,
   ) {
-    const s = typeof timerOrMS === 'number' ? timerOrMS / 1000 : timerOrMS.s();
-    this[metric].record(s, {
-      [Attributes.PROTOCOL_CIRCUIT_NAME]: circuitName,
-    });
+    // Simulation duration is stored in ms, while the others are stored in seconds
+    if (metric === 'simulationDuration') {
+      const ms = typeof timerOrMS === 'number' ? timerOrMS : timerOrMS.ms();
+      this[metric].record(Math.trunc(ms), {
+        [Attributes.PROTOCOL_CIRCUIT_NAME]: circuitName,
+      });
+    } else {
+      const s = typeof timerOrMS === 'number' ? timerOrMS / 1000 : timerOrMS.s();
+      this[metric].record(s, {
+        [Attributes.PROTOCOL_CIRCUIT_NAME]: circuitName,
+      });
+    }
   }
 
   /**

package/src/prover/client/bb_private_kernel_prover.ts

@@ -5,8 +5,16 @@ import { serializeWitness } from '@aztec/noir-noirc_abi';
 import {
   convertHidingKernelPublicInputsToWitnessMapWithAbi,
   convertHidingKernelToRollupInputsToWitnessMapWithAbi,
+  convertPrivateKernelInit2InputsToWitnessMapWithAbi,
+  convertPrivateKernelInit2OutputsFromWitnessMapWithAbi,
+  convertPrivateKernelInit3InputsToWitnessMapWithAbi,
+  convertPrivateKernelInit3OutputsFromWitnessMapWithAbi,
   convertPrivateKernelInitInputsToWitnessMapWithAbi,
   convertPrivateKernelInitOutputsFromWitnessMapWithAbi,
+  convertPrivateKernelInner2InputsToWitnessMapWithAbi,
+  convertPrivateKernelInner2OutputsFromWitnessMapWithAbi,
+  convertPrivateKernelInner3InputsToWitnessMapWithAbi,
+  convertPrivateKernelInner3OutputsFromWitnessMapWithAbi,
   convertPrivateKernelInnerInputsToWitnessMapWithAbi,
   convertPrivateKernelInnerOutputsFromWitnessMapWithAbi,
   convertPrivateKernelResetInputsToWitnessMapWithAbi,
@@ -32,7 +40,11 @@ import type {
   HidingKernelToRollupPrivateInputs,
   PrivateExecutionStep,
   PrivateKernelCircuitPublicInputs,
+  PrivateKernelInit2CircuitPrivateInputs,
+  PrivateKernelInit3CircuitPrivateInputs,
   PrivateKernelInitCircuitPrivateInputs,
+  PrivateKernelInner2CircuitPrivateInputs,
+  PrivateKernelInner3CircuitPrivateInputs,
   PrivateKernelInnerCircuitPrivateInputs,
   PrivateKernelResetCircuitPrivateInputs,
   PrivateKernelSimulateOutput,
@@ -79,6 +91,50 @@ export abstract class BBPrivateKernelProver implements PrivateKernelProver {
     );
   }
 
+  public async generateInit2Output(
+    inputs: PrivateKernelInit2CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.generateCircuitOutput(
+      inputs,
+      'PrivateKernelInit2Artifact',
+      convertPrivateKernelInit2InputsToWitnessMapWithAbi,
+      convertPrivateKernelInit2OutputsFromWitnessMapWithAbi,
+    );
+  }
+
+  public async simulateInit2(
+    inputs: PrivateKernelInit2CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.simulateCircuitOutput(
+      inputs,
+      'PrivateKernelInit2Artifact',
+      convertPrivateKernelInit2InputsToWitnessMapWithAbi,
+      convertPrivateKernelInit2OutputsFromWitnessMapWithAbi,
+    );
+  }
+
+  public async generateInit3Output(
+    inputs: PrivateKernelInit3CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.generateCircuitOutput(
+      inputs,
+      'PrivateKernelInit3Artifact',
+      convertPrivateKernelInit3InputsToWitnessMapWithAbi,
+      convertPrivateKernelInit3OutputsFromWitnessMapWithAbi,
+    );
+  }
+
+  public async simulateInit3(
+    inputs: PrivateKernelInit3CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.simulateCircuitOutput(
+      inputs,
+      'PrivateKernelInit3Artifact',
+      convertPrivateKernelInit3InputsToWitnessMapWithAbi,
+      convertPrivateKernelInit3OutputsFromWitnessMapWithAbi,
+    );
+  }
+
   public async generateInnerOutput(
     inputs: PrivateKernelInnerCircuitPrivateInputs,
   ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
@@ -101,6 +157,50 @@ export abstract class BBPrivateKernelProver implements PrivateKernelProver {
     );
   }
 
+  public async generateInner2Output(
+    inputs: PrivateKernelInner2CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.generateCircuitOutput(
+      inputs,
+      'PrivateKernelInner2Artifact',
+      convertPrivateKernelInner2InputsToWitnessMapWithAbi,
+      convertPrivateKernelInner2OutputsFromWitnessMapWithAbi,
+    );
+  }
+
+  public async simulateInner2(
+    inputs: PrivateKernelInner2CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.simulateCircuitOutput(
+      inputs,
+      'PrivateKernelInner2Artifact',
+      convertPrivateKernelInner2InputsToWitnessMapWithAbi,
+      convertPrivateKernelInner2OutputsFromWitnessMapWithAbi,
+    );
+  }
+
+  public async generateInner3Output(
+    inputs: PrivateKernelInner3CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.generateCircuitOutput(
+      inputs,
+      'PrivateKernelInner3Artifact',
+      convertPrivateKernelInner3InputsToWitnessMapWithAbi,
+      convertPrivateKernelInner3OutputsFromWitnessMapWithAbi,
+    );
+  }
+
+  public async simulateInner3(
+    inputs: PrivateKernelInner3CircuitPrivateInputs,
+  ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
+    return await this.simulateCircuitOutput(
+      inputs,
+      'PrivateKernelInner3Artifact',
+      convertPrivateKernelInner3InputsToWitnessMapWithAbi,
+      convertPrivateKernelInner3OutputsFromWitnessMapWithAbi,
+    );
+  }
+
   public async generateResetOutput(
     inputs: PrivateKernelResetCircuitPrivateInputs,
   ): Promise<PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>> {
@@ -278,23 +378,36 @@ export abstract class BBPrivateKernelProver implements PrivateKernelProver {
     this.log.info(`Generating ClientIVC proof...`);
     const barretenberg = await Barretenberg.initSingleton({
       ...this.options,
-      logger: this.options.logger?.[(process.env.LOG_LEVEL as LogLevel) || 'verbose'],
+      logger: this.options.logger?.verbose,
     });
     const backend = new AztecClientBackend(
       executionSteps.map(step => ungzip(step.bytecode)),
       barretenberg,
+      executionSteps.map(step => step.functionName),
     );
 
-    const [proof] = await backend.prove(
+    // Use compressed prove path to get both proof fields and compressed proof bytes
+    const result = await backend.prove(
       executionSteps.map(step => ungzip(serializeWitness(step.witness))),
       executionSteps.map(step => step.vk),
+      { compress: true },
     );
     this.log.info(`Generated ClientIVC proof`, {
       eventName: 'client-ivc-proof-generation',
       duration: timer.ms(),
-      proofSize: proof.length,
+      proofSize: result.proofFields.length,
+      compressedSize: result.compressedProof?.length,
     });
-    return ChonkProofWithPublicInputs.fromBufferArray(proof);
+
+    // Create ChonkProofWithPublicInputs from the flat field elements
+    const proofWithPubInputs = ChonkProofWithPublicInputs.fromBufferArray(result.proofFields);
+
+    // Attach compressed proof bytes to the ChonkProof (without public inputs).
+    // The compressed bytes are for the full proof WITH public inputs from bb;
+    // when deserializing, the decompressor will strip them to match CHONK_PROOF_LENGTH.
+    proofWithPubInputs.compressedProof = result.compressedProof ? Buffer.from(result.compressedProof) : undefined;
+
+    return proofWithPubInputs;
   }
 
   public async computeGateCountForCircuit(_bytecode: Buffer, _circuitName: string): Promise<number> {
@@ -303,7 +416,7 @@ export abstract class BBPrivateKernelProver implements PrivateKernelProver {
       ...this.options,
       logger: this.options.logger?.[(process.env.LOG_LEVEL as LogLevel) || 'verbose'],
     });
-    const backend = new AztecClientBackend([ungzip(_bytecode)], barretenberg);
+    const backend = new AztecClientBackend([ungzip(_bytecode)], barretenberg, [_circuitName]);
     const gateCount = await backend.gates();
     return gateCount[0];
   }

package/src/prover/proof_utils.ts

@@ -16,7 +16,7 @@ import assert from 'assert';
 import { promises as fs } from 'fs';
 import * as path from 'path';
 
-import { PROOF_FILENAME, PUBLIC_INPUTS_FILENAME } from '../bb/execute.js';
+import { PROOF_FILENAME, PUBLIC_INPUTS_FILENAME } from '../bb/file_names.js';
 
 /**
  * Create a ChonkProof proof file.
@@ -113,3 +113,43 @@ export async function readProofsFromOutputDirectory<PROOF_LENGTH extends number>
     proofLength,
   );
 }
+
+/**
+ * Construct a RecursiveProof from in-memory proof and public input field arrays
+ * returned by the bb.js circuitProve API, without reading from files.
+ *
+ * @param proofFields - Proof fields as 32-byte Uint8Arrays from circuitProve.
+ * @param publicInputFields - Public input fields as 32-byte Uint8Arrays from circuitProve.
+ * @param vkData - Verification key data for the circuit.
+ * @param proofLength - Expected proof field count.
+ */
+export function constructRecursiveProofFromBuffers<PROOF_LENGTH extends number>(
+  proofFields: Uint8Array[],
+  publicInputFields: Uint8Array[],
+  vkData: VerificationKeyData,
+  proofLength: PROOF_LENGTH,
+): RecursiveProof<PROOF_LENGTH> {
+  assert(
+    proofLength == NESTED_RECURSIVE_PROOF_LENGTH ||
+      proofLength == NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH ||
+      proofLength == ULTRA_KECCAK_PROOF_LENGTH,
+    `Proof length must be one of the expected proof lengths, received ${proofLength}`,
+  );
+
+  // Convert Uint8Array fields to Fr instances
+  const proofFieldsFr = proofFields.map(f => Fr.fromBuffer(Buffer.from(f)));
+
+  assert(
+    proofFieldsFr.length == proofLength,
+    `Proof fields length mismatch: ${proofFieldsFr.length} != ${proofLength}`,
+  );
+
+  // Reconstruct the binary proof with public inputs prepended (same format as file-based path)
+  const binaryPublicInputs = Buffer.concat(publicInputFields.map(f => Buffer.from(f)));
+  const binaryProof = Buffer.concat(proofFields.map(f => Buffer.from(f)));
+  const binaryProofWithPublicInputs = Buffer.concat([binaryPublicInputs, binaryProof]);
+
+  const numPublicInputs = getNumCustomPublicInputs(proofLength, vkData);
+
+  return new RecursiveProof(proofFieldsFr, new Proof(binaryProofWithPublicInputs, numPublicInputs), true, proofLength);
+}