@aztec/bb-prover 0.87.2 → 0.87.3-nightly.20250528

package/src/prover/server/bb_prover.ts

@@ -1,5 +1,5 @@
 import {
-  AVM_PROOF_LENGTH_IN_FIELDS,
+  AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED,
   NESTED_RECURSIVE_PROOF_LENGTH,
   NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH,
   PAIRING_POINTS_SIZE,
@@ -37,7 +37,7 @@ import {
 import { ServerCircuitVks } from '@aztec/noir-protocol-circuits-types/server/vks';
 import type { WitnessMap } from '@aztec/noir-types';
 import { NativeACVMSimulator } from '@aztec/simulator/server';
-import type { AvmCircuitInputs } from '@aztec/stdlib/avm';
+import type { AvmCircuitInputs, AvmCircuitPublicInputs } from '@aztec/stdlib/avm';
 import { ProvingError } from '@aztec/stdlib/errors';
 import {
   type ProofAndVerificationKey,
@@ -48,19 +48,20 @@ import {
 } from '@aztec/stdlib/interfaces/server';
 import type { BaseParityInputs, ParityPublicInputs, RootParityInputs } from '@aztec/stdlib/parity';
 import { Proof, RecursiveProof, makeRecursiveProofFromBinary } from '@aztec/stdlib/proofs';
-import type {
-  BaseOrMergeRollupPublicInputs,
-  BlockMergeRollupInputs,
-  BlockRootOrBlockMergePublicInputs,
-  BlockRootRollupInputs,
-  EmptyBlockRootRollupInputs,
-  MergeRollupInputs,
-  PrivateBaseRollupInputs,
+import {
+  type BaseOrMergeRollupPublicInputs,
+  type BlockMergeRollupInputs,
+  type BlockRootOrBlockMergePublicInputs,
+  type BlockRootRollupInputs,
+  type EmptyBlockRootRollupInputs,
+  type MergeRollupInputs,
+  type PrivateBaseRollupInputs,
   PublicBaseRollupInputs,
-  RootRollupInputs,
-  RootRollupPublicInputs,
-  SingleTxBlockRootRollupInputs,
-  TubeInputs,
+  type RootRollupInputs,
+  type RootRollupPublicInputs,
+  type SingleTxBlockRootRollupInputs,
+  type TubeInputs,
+  enhanceProofWithPiValidationFlag,
 } from '@aztec/stdlib/rollup';
 import type { CircuitProvingStats, CircuitWitnessGenerationStats } from '@aztec/stdlib/stats';
 import type { VerificationKeyData } from '@aztec/stdlib/vks';
@@ -185,9 +186,13 @@ export class BBNativeRollupProver implements ServerCircuitProver {
   }))
   public async getAvmProof(
     inputs: AvmCircuitInputs,
-  ): Promise<ProofAndVerificationKey<typeof AVM_PROOF_LENGTH_IN_FIELDS>> {
+    skipPublicInputsValidation: boolean = false,
+  ): Promise<ProofAndVerificationKey<typeof AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED>> {
     const proofAndVk = await this.createAvmProof(inputs);
-    await this.verifyAvmProof(proofAndVk.proof.binaryProof, proofAndVk.verificationKey);
+    await this.verifyAvmProof(proofAndVk.proof.binaryProof, proofAndVk.verificationKey, inputs.publicInputs);
+
+    // TODO(#14234)[Unconditional PIs validation]: remove next lines and directly return proofAndVk
+    proofAndVk.proof.proof = enhanceProofWithPiValidationFlag(proofAndVk.proof.proof, skipPublicInputsValidation);
     return proofAndVk;
   }
 
@@ -536,13 +541,13 @@ export class BBNativeRollupProver implements ServerCircuitProver {
 
   private async createAvmProof(
     input: AvmCircuitInputs,
-  ): Promise<ProofAndVerificationKey<typeof AVM_PROOF_LENGTH_IN_FIELDS>> {
+  ): Promise<ProofAndVerificationKey<typeof AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED>> {
     const operation = async (bbWorkingDirectory: string) => {
       const provingResult = await this.generateAvmProofWithBB(input, bbWorkingDirectory);
 
       // TODO(https://github.com/AztecProtocol/aztec-packages/issues/6773): this VK data format is wrong.
       // In particular, the number of public inputs, etc will be wrong.
-      const verificationKey = await extractAvmVkData(provingResult.vkPath!);
+      const verificationKey = await extractAvmVkData(provingResult.vkDirectoryPath!);
       const avmProof = await this.readAvmProofAsFields(provingResult.proofPath!, verificationKey);
 
       const circuitType = 'avm-circuit' as const;
@@ -579,7 +584,7 @@ export class BBNativeRollupProver implements ServerCircuitProver {
 
       // Read the proof as fields
       // TODO(AD): this is the only remaining use of extractVkData.
-      const tubeVK = await extractVkData(provingResult.vkPath!);
+      const tubeVK = await extractVkData(provingResult.vkDirectoryPath!);
       const tubeProof = await readProofAsFields(provingResult.proofPath!, tubeVK, TUBE_PROOF_LENGTH, logger);
 
       this.instrumentation.recordDuration('provingDuration', 'tubeCircuit', provingResult.durationMs);
@@ -673,9 +678,13 @@ export class BBNativeRollupProver implements ServerCircuitProver {
     return await this.verifyWithKey(getUltraHonkFlavorForCircuit(circuitType), verificationKey, proof);
   }
 
-  public async verifyAvmProof(proof: Proof, verificationKey: VerificationKeyData) {
+  public async verifyAvmProof(
+    proof: Proof,
+    verificationKey: VerificationKeyData,
+    publicInputs: AvmCircuitPublicInputs,
+  ) {
     return await this.verifyWithKeyInternal(proof, verificationKey, (proofPath, vkPath) =>
-      verifyAvmProof(this.config.bbBinaryPath, proofPath, vkPath, logger),
+      verifyAvmProof(this.config.bbBinaryPath, this.config.bbWorkingDirectory, proofPath, publicInputs, vkPath, logger),
     );
   }
 
@@ -728,16 +737,25 @@ export class BBNativeRollupProver implements ServerCircuitProver {
   private async readAvmProofAsFields(
     proofFilename: string,
     vkData: VerificationKeyData,
-  ): Promise<RecursiveProof<typeof AVM_PROOF_LENGTH_IN_FIELDS>> {
-    const rawProof = await fs.readFile(proofFilename);
-
-    const reader = BufferReader.asReader(rawProof);
-    const fields = reader.readArray(rawProof.length / Fr.SIZE_IN_BYTES, Fr);
-    const fieldsWithoutPublicCols = fields.slice(-1 * AVM_PROOF_LENGTH_IN_FIELDS);
-
-    const proof = new Proof(rawProof, vkData.numPublicInputs);
+  ): Promise<RecursiveProof<typeof AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED>> {
+    const rawProofBuffer = await fs.readFile(proofFilename);
+    const reader = BufferReader.asReader(rawProofBuffer);
+    const proofFields = reader.readArray(rawProofBuffer.length / Fr.SIZE_IN_BYTES, Fr);
+
+    // We extend to a fixed-size padded proof as during development any new AVM circuit column changes the
+    // proof length and we do not have a mechanism to feedback a cpp constant to noir/TS.
+    // TODO(#13390): Revive a non-padded AVM proof
+    if (proofFields.length > AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED) {
+      throw new Error(
+        `Proof has ${proofFields.length} fields, expected no more than ${AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED}.`,
+      );
+    }
+    const proofFieldsPadded = proofFields.concat(
+      Array(AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED - proofFields.length).fill(new Fr(0)),
+    );
 
-    return new RecursiveProof(fieldsWithoutPublicCols, proof, true, AVM_PROOF_LENGTH_IN_FIELDS);
+    const proof = new Proof(rawProofBuffer, vkData.numPublicInputs);
+    return new RecursiveProof(proofFieldsPadded, proof, true, AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED);
   }
 
   private runInDirectory<T>(fn: (dir: string) => Promise<T>) {

package/src/test/test_circuit_prover.ts

@@ -1,6 +1,6 @@
 import {
-  AVM_PROOF_LENGTH_IN_FIELDS,
-  AVM_VERIFICATION_KEY_LENGTH_IN_FIELDS,
+  AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED,
+  AVM_V2_VERIFICATION_KEY_LENGTH_IN_FIELDS_PADDED,
   NESTED_RECURSIVE_PROOF_LENGTH,
   NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH,
   RECURSIVE_PROOF_LENGTH,
@@ -302,14 +302,16 @@ export class TestCircuitProver implements ServerCircuitProver {
     );
   }
 
-  public getAvmProof(_inputs: AvmCircuitInputs): Promise<ProofAndVerificationKey<typeof AVM_PROOF_LENGTH_IN_FIELDS>> {
+  public getAvmProof(
+    _inputs: AvmCircuitInputs,
+  ): Promise<ProofAndVerificationKey<typeof AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED>> {
     // We can't simulate the AVM because we don't have enough context to do so (e.g., DBs).
     // We just return an empty proof and VK data.
     this.logger.debug('Skipping AVM simulation in TestCircuitProver.');
     return this.applyDelay(ProvingRequestType.PUBLIC_VM, () =>
       makeProofAndVerificationKey(
-        makeEmptyRecursiveProof(AVM_PROOF_LENGTH_IN_FIELDS),
-        VerificationKeyData.makeFake(AVM_VERIFICATION_KEY_LENGTH_IN_FIELDS),
+        makeEmptyRecursiveProof(AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED),
+        VerificationKeyData.makeFake(AVM_V2_VERIFICATION_KEY_LENGTH_IN_FIELDS_PADDED),
       ),
     );
   }

package/src/verification_key/verification_key_data.ts

@@ -1,5 +1,6 @@
-import { AVM_VERIFICATION_KEY_LENGTH_IN_FIELDS } from '@aztec/constants';
+import { AVM_V2_VERIFICATION_KEY_LENGTH_IN_FIELDS_PADDED } from '@aztec/constants';
 import { Fr } from '@aztec/foundation/fields';
+import { BufferReader } from '@aztec/foundation/serialize';
 import { hashVK } from '@aztec/stdlib/hash';
 import { VerificationKeyAsFields, VerificationKeyData } from '@aztec/stdlib/vks';
 
@@ -27,19 +28,25 @@ export async function extractVkData(vkDirectoryPath: string): Promise<Verificati
   return new VerificationKeyData(vkAsFields, rawBinary);
 }
 
-// TODO: This was adapted from the above function. A refactor might be needed.
+/**
+ * Reads the verification key data stored in a binary file at the specified directory location and parses into a VerificationKeyData.
+ * We do not assume any JSON file available but only the binary version, contrary to the above extractVkData() method.
+ * @param vkDirectoryPath - The directory containing the verification key binary data file.
+ * @returns The verification key data
+ */
 export async function extractAvmVkData(vkDirectoryPath: string): Promise<VerificationKeyData> {
-  const [rawFields, rawBinary] = await Promise.all([
-    fs.readFile(path.join(vkDirectoryPath, VK_FIELDS_FILENAME), { encoding: 'utf-8' }),
-    fs.readFile(path.join(vkDirectoryPath, VK_FILENAME)),
-  ]);
-  const fieldsJson = JSON.parse(rawFields);
-  const fields = fieldsJson.map(Fr.fromHexString);
-  // The first item is the hash, this is not part of the actual VK
-  // TODO: is the above actually the case?
-  const vkHash = fields[0];
-  assert(fields.length === AVM_VERIFICATION_KEY_LENGTH_IN_FIELDS, 'Invalid AVM verification key length');
-  const vkAsFields = new VerificationKeyAsFields(fields, vkHash);
+  const rawBinary = await fs.readFile(path.join(vkDirectoryPath, VK_FILENAME));
+
+  const numFields = rawBinary.length / Fr.SIZE_IN_BYTES;
+  assert(numFields <= AVM_V2_VERIFICATION_KEY_LENGTH_IN_FIELDS_PADDED, 'Invalid AVM verification key length');
+  const reader = BufferReader.asReader(rawBinary);
+  const fieldsArray = reader.readArray(numFields, Fr);
+
+  const fieldsArrayPadded = fieldsArray.concat(
+    Array(AVM_V2_VERIFICATION_KEY_LENGTH_IN_FIELDS_PADDED - fieldsArray.length).fill(new Fr(0)),
+  );
+  // Currently, we do not need the vk hash for the AVM as we are not adding in the vk tree.
+  const vkAsFields = new VerificationKeyAsFields(fieldsArrayPadded, new Fr(0));
   const vk = new VerificationKeyData(vkAsFields, rawBinary);
   return vk;
 }