@aztec/bb-prover 3.0.0-nightly.20250908 → 3.0.0-nightly.20250911

package/dest/verifier/bb_verifier.d.ts

@@ -1,19 +1,17 @@
 import { type Logger } from '@aztec/foundation/log';
-import type { ServerProtocolArtifact } from '@aztec/noir-protocol-circuits-types/types';
+import type { ProtocolArtifact, ServerProtocolArtifact } from '@aztec/noir-protocol-circuits-types/types';
 import type { ClientProtocolCircuitVerifier, IVCProofVerificationResult } from '@aztec/stdlib/interfaces/server';
 import type { Proof } from '@aztec/stdlib/proofs';
 import { Tx } from '@aztec/stdlib/tx';
 import type { VerificationKeyData } from '@aztec/stdlib/vks';
 import type { BBConfig } from '../config.js';
-export declare const PRIVATE_TAIL_CIVC_VK: string;
-export declare const PUBLIC_TAIL_CIVC_VK: string;
 export declare class BBCircuitVerifier implements ClientProtocolCircuitVerifier {
     private config;
     private logger;
     private constructor();
     stop(): Promise<void>;
     static new(config: BBConfig, logger?: Logger): Promise<BBCircuitVerifier>;
-    getVerificationKeyData(circuitType: ServerProtocolArtifact): VerificationKeyData;
+    getVerificationKeyData(circuit: ProtocolArtifact): VerificationKeyData;
     verifyProofForCircuit(circuit: ServerProtocolArtifact, proof: Proof): Promise<void>;
     verifyProof(tx: Tx): Promise<IVCProofVerificationResult>;
 }

package/dest/verifier/bb_verifier.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"bb_verifier.d.ts","sourceRoot":"","sources":["../../src/verifier/bb_verifier.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,uBAAuB,CAAC;AAGlE,OAAO,KAAK,EAA0B,sBAAsB,EAAE,MAAM,2CAA2C,CAAC;AAChH,OAAO,KAAK,EAAE,6BAA6B,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AACjH,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AAElD,OAAO,EAAE,EAAE,EAAE,MAAM,kBAAkB,CAAC;AACtC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAc7D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AAQ7C,eAAO,MAAM,oBAAoB,QAA0D,CAAC;AAC5F,eAAO,MAAM,mBAAmB,QAAyD,CAAC;AAE1F,qBAAa,iBAAkB,YAAW,6BAA6B;IAEnE,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,MAAM;IAFhB,OAAO;IAKA,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAIR,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,SAAqC;IAK9E,sBAAsB,CAAC,WAAW,EAAE,sBAAsB,GAAG,mBAAmB;IAQ1E,qBAAqB,CAAC,OAAO,EAAE,sBAAsB,EAAE,KAAK,EAAE,KAAK;IAqCnE,WAAW,CAAC,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,0BAA0B,CAAC;CAiDtE"}
+{"version":3,"file":"bb_verifier.d.ts","sourceRoot":"","sources":["../../src/verifier/bb_verifier.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,MAAM,EAAgB,MAAM,uBAAuB,CAAC;AAGlE,OAAO,KAAK,EAEV,gBAAgB,EAChB,sBAAsB,EACvB,MAAM,2CAA2C,CAAC;AACnD,OAAO,KAAK,EAAE,6BAA6B,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AACjH,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AAElD,OAAO,EAAE,EAAE,EAAE,MAAM,kBAAkB,CAAC;AACtC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAa7D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AAK7C,qBAAa,iBAAkB,YAAW,6BAA6B;IAEnE,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,MAAM;IAFhB,OAAO;IAKA,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;WAIR,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,SAAqC;IAK9E,sBAAsB,CAAC,OAAO,EAAE,gBAAgB,GAAG,mBAAmB;IAQhE,qBAAqB,CAAC,OAAO,EAAE,sBAAsB,EAAE,KAAK,EAAE,KAAK;IAqCnE,WAAW,CAAC,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,0BAA0B,CAAC;CAkDtE"}

package/dest/verifier/bb_verifier.js

@@ -1,18 +1,13 @@
 import { runInDirectory } from '@aztec/foundation/fs';
 import { createLogger } from '@aztec/foundation/log';
 import { Timer } from '@aztec/foundation/timer';
-import { ServerCircuitVks } from '@aztec/noir-protocol-circuits-types/server/vks';
+import { ProtocolCircuitVks } from '@aztec/noir-protocol-circuits-types/server/vks';
 import { promises as fs } from 'fs';
 import * as path from 'path';
-import { fileURLToPath } from 'url';
 import { BB_RESULT, PROOF_FILENAME, PUBLIC_INPUTS_FILENAME, VK_FILENAME, verifyClientIvcProof, verifyProof } from '../bb/execute.js';
 import { getUltraHonkFlavorForCircuit } from '../honk.js';
-import { writeClientIVCProofToOutputDirectory } from '../prover/proof_utils.js';
+import { writeClientIVCProofToPath } from '../prover/proof_utils.js';
 import { mapProtocolArtifactNameToCircuitName } from '../stats.js';
-const __dirname = path.dirname(fileURLToPath(import.meta.url));
-// Built by yarn generate
-export const PRIVATE_TAIL_CIVC_VK = path.join(__dirname, '../../artifacts/private-civc-vk');
-export const PUBLIC_TAIL_CIVC_VK = path.join(__dirname, '../../artifacts/public-civc-vk');
 export class BBCircuitVerifier {
     config;
     logger;
@@ -29,10 +24,10 @@ export class BBCircuitVerifier {
         });
         return new BBCircuitVerifier(config, logger);
     }
-    getVerificationKeyData(circuitType) {
-        const vk = ServerCircuitVks[circuitType];
+    getVerificationKeyData(circuit) {
+        const vk = ProtocolCircuitVks[circuit];
         if (vk === undefined) {
-            throw new Error('Could not find VK for server artifact ' + circuitType);
+            throw new Error(`Could not find VK for artifact ${circuit}`);
         }
         return vk;
     }
@@ -62,30 +57,30 @@ export class BBCircuitVerifier {
         await runInDirectory(this.config.bbWorkingDirectory, operation, this.config.bbSkipCleanup, this.logger);
     }
     async verifyProof(tx) {
+        const proofType = 'ClientIVC';
         try {
             const totalTimer = new Timer();
             let verificationDuration = 0;
-            // TODO(#7370) The verification keys should be supplied separately and based on the expectedCircuit
-            // rather than read from the tx object itself. We also need the vks for the translator and ecc, which
-            // are not being saved along the other vks yet. Reuse the 'verifyProofForCircuit' method above once
-            // we have all the verification keys available.
-            const expectedCircuit = tx.data.forPublic ? 'PrivateKernelTailToPublicArtifact' : 'PrivateKernelTailArtifact';
-            const circuit = 'ClientIVC';
+            const circuit = tx.data.forPublic ? 'HidingKernelToPublic' : 'HidingKernelToRollup';
             // Block below is almost copy-pasted from verifyProofForCircuit
             const operation = async (bbWorkingDirectory)=>{
                 const logFunction = (message)=>{
-                    this.logger.debug(`${circuit} BB out - ${message}`);
+                    this.logger.debug(`${proofType} BB out - ${message}`);
                 };
-                await writeClientIVCProofToOutputDirectory(tx.clientIvcProof, bbWorkingDirectory);
+                const proofPath = path.join(bbWorkingDirectory, PROOF_FILENAME);
+                await writeClientIVCProofToPath(tx.clientIvcProof, proofPath);
+                const verificationKeyPath = path.join(bbWorkingDirectory, VK_FILENAME);
+                const verificationKey = this.getVerificationKeyData(circuit);
+                await fs.writeFile(verificationKeyPath, verificationKey.keyAsBytes);
                 const timer = new Timer();
-                const result = await verifyClientIvcProof(this.config.bbBinaryPath, bbWorkingDirectory.concat('/proof'), tx.data.forPublic ? PUBLIC_TAIL_CIVC_VK : PRIVATE_TAIL_CIVC_VK, logFunction, this.config.bbIVCConcurrency);
+                const result = await verifyClientIvcProof(this.config.bbBinaryPath, proofPath, verificationKeyPath, logFunction, this.config.bbIVCConcurrency);
                 verificationDuration = timer.ms();
                 if (result.status === BB_RESULT.FAILURE) {
-                    const errorMessage = `Failed to verify ${circuit} proof for ${expectedCircuit}!`;
+                    const errorMessage = `Failed to verify ${proofType} proof for ${circuit}!`;
                     throw new Error(errorMessage);
                 }
-                this.logger.debug(`${circuit} verification successful`, {
-                    circuitName: mapProtocolArtifactNameToCircuitName(expectedCircuit),
+                this.logger.debug(`${proofType} verification successful`, {
+                    circuitName: mapProtocolArtifactNameToCircuitName(circuit),
                     duration: result.durationMs,
                     eventName: 'circuit-verification',
                     proofType: 'client-ivc'
@@ -98,7 +93,7 @@ export class BBCircuitVerifier {
                 totalDurationMs: totalTimer.ms()
             };
         } catch (err) {
-            this.logger.warn(`Failed to verify ClientIVC proof for tx ${tx.getTxHash().toString()}: ${String(err)}`);
+            this.logger.warn(`Failed to verify ${proofType} proof for tx ${tx.getTxHash().toString()}: ${String(err)}`);
             return {
                 valid: false,
                 durationMs: 0,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/bb-prover",
-  "version": "3.0.0-nightly.20250908",
+  "version": "3.0.0-nightly.20250911",
   "type": "module",
   "exports": {
     ".": "./dest/index.js",
@@ -28,7 +28,6 @@
     "build": "yarn clean && tsc -b",
     "build:dev": "tsc -b --watch",
     "clean": "rm -rf ./dest .tsbuildinfo",
-    "generate": "scripts/copy_ivc_hiding_circuit_vks.sh",
     "bb": "node --no-warnings ./dest/bb/index.js",
     "test": "NODE_NO_WARNINGS=1 node --experimental-vm-modules ../node_modules/.bin/jest --passWithNoTests --maxWorkers=${JEST_MAX_WORKERS:-8}"
   },
@@ -70,27 +69,27 @@
     ]
   },
   "dependencies": {
-    "@aztec/bb.js": "3.0.0-nightly.20250908",
-    "@aztec/constants": "3.0.0-nightly.20250908",
-    "@aztec/foundation": "3.0.0-nightly.20250908",
-    "@aztec/noir-noirc_abi": "3.0.0-nightly.20250908",
-    "@aztec/noir-protocol-circuits-types": "3.0.0-nightly.20250908",
-    "@aztec/noir-types": "3.0.0-nightly.20250908",
-    "@aztec/simulator": "3.0.0-nightly.20250908",
-    "@aztec/stdlib": "3.0.0-nightly.20250908",
-    "@aztec/telemetry-client": "3.0.0-nightly.20250908",
-    "@aztec/world-state": "3.0.0-nightly.20250908",
+    "@aztec/bb.js": "3.0.0-nightly.20250911",
+    "@aztec/constants": "3.0.0-nightly.20250911",
+    "@aztec/foundation": "3.0.0-nightly.20250911",
+    "@aztec/noir-noirc_abi": "3.0.0-nightly.20250911",
+    "@aztec/noir-protocol-circuits-types": "3.0.0-nightly.20250911",
+    "@aztec/noir-types": "3.0.0-nightly.20250911",
+    "@aztec/simulator": "3.0.0-nightly.20250911",
+    "@aztec/stdlib": "3.0.0-nightly.20250911",
+    "@aztec/telemetry-client": "3.0.0-nightly.20250911",
+    "@aztec/world-state": "3.0.0-nightly.20250911",
     "commander": "^12.1.0",
     "pako": "^2.1.0",
     "source-map-support": "^0.5.21",
     "tslib": "^2.4.0"
   },
   "devDependencies": {
-    "@aztec/ethereum": "3.0.0-nightly.20250908",
-    "@aztec/kv-store": "3.0.0-nightly.20250908",
-    "@aztec/noir-contracts.js": "3.0.0-nightly.20250908",
-    "@aztec/noir-test-contracts.js": "3.0.0-nightly.20250908",
-    "@aztec/protocol-contracts": "3.0.0-nightly.20250908",
+    "@aztec/ethereum": "3.0.0-nightly.20250911",
+    "@aztec/kv-store": "3.0.0-nightly.20250911",
+    "@aztec/noir-contracts.js": "3.0.0-nightly.20250911",
+    "@aztec/noir-test-contracts.js": "3.0.0-nightly.20250911",
+    "@aztec/protocol-contracts": "3.0.0-nightly.20250911",
     "@jest/globals": "^30.0.0",
     "@types/jest": "^30.0.0",
     "@types/node": "^22.15.17",

package/src/bb/execute.ts

@@ -15,7 +15,6 @@ export const PROOF_FILENAME = 'proof';
 export const AVM_INPUTS_FILENAME = 'avm_inputs.bin';
 export const AVM_BYTECODE_FILENAME = 'avm_bytecode.bin';
 export const AVM_PUBLIC_INPUTS_FILENAME = 'avm_public_inputs.bin';
-export const CLIENT_IVC_PROOF_FILE_NAME = 'proof';
 
 export enum BB_RESULT {
   SUCCESS,
@@ -214,6 +213,7 @@ export async function generateProof(
   workingDirectory: string,
   circuitName: string,
   bytecode: Buffer,
+  verificationKey: Buffer,
   inputWitnessFile: string,
   flavor: UltraHonkFlavor,
   log: Logger,
@@ -227,6 +227,7 @@ export async function generateProof(
 
   // The bytecode is written to e.g. /workingDirectory/BaseParityArtifact-bytecode
   const bytecodePath = `${workingDirectory}/${circuitName}-bytecode`;
+  const vkPath = `${workingDirectory}/${circuitName}-vk`;
 
   // The proof is written to e.g. /workingDirectory/ultra_honk/proof
   const outputPath = `${workingDirectory}`;
@@ -240,16 +241,16 @@ export async function generateProof(
   }
 
   try {
-    // Write the bytecode to the working directory
-    await fs.writeFile(bytecodePath, bytecode);
-    // TODO(#15043): Avoid write_vk flag here.
+    // Write the bytecode and vk to the working directory
+    await Promise.all([fs.writeFile(bytecodePath, bytecode), fs.writeFile(vkPath, verificationKey)]);
     const args = getArgs(flavor).concat([
       '--disable_zk',
-      '--write_vk',
       '-o',
       outputPath,
       '-b',
       bytecodePath,
+      '-k',
+      vkPath,
       '-w',
       inputWitnessFile,
       '-v',
@@ -286,74 +287,6 @@ export async function generateProof(
   }
 }
 
-/**
- * Used for generating proofs of the tube circuit
- * It is assumed that the working directory is a temporary and/or random directory used solely for generating this proof.
- *
- * @returns An object containing a result indication, the location of the proof and the duration taken
- */
-export async function generateTubeProof(
-  pathToBB: string,
-  workingDirectory: string,
-  vkPath: string,
-  log: LogFn,
-): Promise<BBFailure | BBSuccess> {
-  // Check that the working directory exists
-  try {
-    await fs.access(workingDirectory);
-  } catch {
-    return { status: BB_RESULT.FAILURE, reason: `Working directory ${workingDirectory} does not exist` };
-  }
-
-  // Paths for the inputs
-  const proofPath = join(workingDirectory, CLIENT_IVC_PROOF_FILE_NAME);
-
-  // The proof is written to e.g. /workingDirectory/proof
-  const outputPath = workingDirectory;
-  const filePresent = async (file: string) =>
-    await fs
-      .access(file, fs.constants.R_OK)
-      .then(_ => true)
-      .catch(_ => false);
-
-  const binaryPresent = await filePresent(pathToBB);
-  if (!binaryPresent) {
-    return { status: BB_RESULT.FAILURE, reason: `Failed to find bb binary at ${pathToBB}` };
-  }
-
-  try {
-    if (!(await filePresent(proofPath))) {
-      return { status: BB_RESULT.FAILURE, reason: `Client IVC input files not present in  ${workingDirectory}` };
-    }
-    const args = ['-o', outputPath, '-k', vkPath, '-v'];
-
-    const timer = new Timer();
-    const logFunction = (message: string) => {
-      log(`TubeCircuit (prove) BB out - ${message}`);
-    };
-    const result = await executeBB(pathToBB, 'prove_tube', args, logFunction);
-    const durationMs = timer.ms();
-
-    if (result.status == BB_RESULT.SUCCESS) {
-      return {
-        status: BB_RESULT.SUCCESS,
-        durationMs,
-        proofPath: outputPath,
-        pkPath: undefined,
-        vkDirectoryPath: outputPath,
-      };
-    }
-    // Not a great error message here but it is difficult to decipher what comes from bb
-    return {
-      status: BB_RESULT.FAILURE,
-      reason: `Failed to generate proof. Exit code ${result.exitCode}. Signal ${result.signal}.`,
-      retry: !!result.signal,
-    };
-  } catch (error) {
-    return { status: BB_RESULT.FAILURE, reason: `${error}` };
-  }
-}
-
 /**
  * Used for generating AVM proofs.
  * It is assumed that the working directory is a temporary and/or random directory used solely for generating this proof.

package/src/instrumentation.ts

@@ -86,7 +86,7 @@ export class ProverInstrumentation {
    */
   recordDuration(
     metric: 'simulationDuration' | 'witGenDuration' | 'provingDuration',
-    circuitName: CircuitName | 'tubeCircuit',
+    circuitName: CircuitName,
     timerOrMS: Timer | number,
   ) {
     const s = typeof timerOrMS === 'number' ? timerOrMS / 1000 : timerOrMS.s();
@@ -116,7 +116,7 @@ export class ProverInstrumentation {
    */
   recordSize(
     metric: 'witGenInputSize' | 'witGenOutputSize' | 'proofSize' | 'circuitSize' | 'circuitPublicInputCount',
-    circuitName: CircuitName | 'tubeCircuit',
+    circuitName: CircuitName,
     size: number,
   ) {
     this[metric].record(Math.ceil(size), {

package/src/prover/client/wasm/bb_wasm_private_kernel_prover.ts

@@ -29,9 +29,7 @@ export abstract class BBWASMPrivateKernelProver extends BBPrivateKernelProver {
       { threads: this.threads, logger: this.log.verbose, wasmPath: process.env.BB_WASM_PATH },
     );
 
-    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1297): the vk is not provided to the network anymore.
-    // Move this sanity check inside the wasm code and remove the vk from the return value.
-    const [proof, _vk] = await backend.prove(
+    const [proof] = await backend.prove(
       executionSteps.map(step => ungzip(serializeWitness(step.witness))),
       executionSteps.map(step => step.vk),
     );
@@ -41,7 +39,7 @@ export abstract class BBWASMPrivateKernelProver extends BBPrivateKernelProver {
       duration: timer.ms(),
       proofSize: proof.length,
     });
-    return new ClientIvcProof(Buffer.from(proof));
+    return ClientIvcProof.fromBufferArray(proof);
   }
 
   public override async computeGateCountForCircuit(_bytecode: Buffer, _circuitName: string): Promise<number> {

package/src/prover/proof_utils.ts

@@ -1,4 +1,6 @@
 import {
+  CIVC_PROOF_LENGTH,
+  HIDING_KERNEL_IO_PUBLIC_INPUTS_SIZE,
   IPA_CLAIM_SIZE,
   NESTED_RECURSIVE_PROOF_LENGTH,
   NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH,
@@ -14,7 +16,7 @@ import assert from 'assert';
 import { promises as fs } from 'fs';
 import * as path from 'path';
 
-import { CLIENT_IVC_PROOF_FILE_NAME, PROOF_FILENAME, PUBLIC_INPUTS_FILENAME } from '../bb/execute.js';
+import { PROOF_FILENAME, PUBLIC_INPUTS_FILENAME } from '../bb/execute.js';
 
 /**
  * Create a ClientIvcProof proof file.
@@ -23,8 +25,10 @@ import { CLIENT_IVC_PROOF_FILE_NAME, PROOF_FILENAME, PUBLIC_INPUTS_FILENAME } fr
  * @returns the encapsulated client ivc proof
  */
 export async function readClientIVCProofFromOutputDirectory(directory: string) {
-  const clientIvcProofBuffer = await fs.readFile(path.join(directory, CLIENT_IVC_PROOF_FILE_NAME));
-  return new ClientIvcProof(clientIvcProofBuffer);
+  const proofFilename = path.join(directory, PROOF_FILENAME);
+  const binaryProof = await fs.readFile(proofFilename);
+  const proofFields = splitBufferIntoFields(binaryProof);
+  return new ClientIvcProof(proofFields);
 }
 
 /**
@@ -33,9 +37,23 @@ export async function readClientIVCProofFromOutputDirectory(directory: string) {
  * @param proof the ClientIvcProof from object
  * @param directory the directory to write in
  */
-export async function writeClientIVCProofToOutputDirectory(clientIvcProof: ClientIvcProof, directory: string) {
-  const { clientIvcProofBuffer } = clientIvcProof;
-  await fs.writeFile(path.join(directory, CLIENT_IVC_PROOF_FILE_NAME), clientIvcProofBuffer);
+export async function writeClientIVCProofToPath(clientIvcProof: ClientIvcProof, outputPath: string) {
+  // NB: Don't use clientIvcProof.toBuffer here because it will include the proof length.
+  const fieldsBuf = Buffer.concat(clientIvcProof.proof.map(field => field.toBuffer()));
+  await fs.writeFile(outputPath, fieldsBuf);
+}
+
+function getNumCustomPublicInputs(proofLength: number, vkData: VerificationKeyData) {
+  let numPublicInputs = vkData.numPublicInputs;
+  if (proofLength == CIVC_PROOF_LENGTH) {
+    numPublicInputs -= HIDING_KERNEL_IO_PUBLIC_INPUTS_SIZE;
+  } else {
+    numPublicInputs -= PAIRING_POINTS_SIZE;
+    if (proofLength == NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH) {
+      numPublicInputs -= IPA_CLAIM_SIZE;
+    }
+  }
+  return numPublicInputs;
 }
 
 function splitBufferIntoFields(buffer: Buffer): Fr[] {
@@ -46,43 +64,47 @@ function splitBufferIntoFields(buffer: Buffer): Fr[] {
   return fields;
 }
 
-export async function readProofAsFields<PROOF_LENGTH extends number>(
-  filePath: string,
+export async function readProofsFromOutputDirectory<PROOF_LENGTH extends number>(
+  directory: string,
   vkData: VerificationKeyData,
   proofLength: PROOF_LENGTH,
   logger: Logger,
 ): Promise<RecursiveProof<PROOF_LENGTH>> {
-  const publicInputsFilename = path.join(filePath, PUBLIC_INPUTS_FILENAME);
-  const proofFilename = path.join(filePath, PROOF_FILENAME);
-
-  const [binaryPublicInputs, binaryProof] = await Promise.all([
-    fs.readFile(publicInputsFilename),
-    fs.readFile(proofFilename),
-  ]);
-
-  const fieldsWithoutPublicInputs = splitBufferIntoFields(binaryProof);
-
-  let numPublicInputs = vkData.numPublicInputs - PAIRING_POINTS_SIZE;
   assert(
-    proofLength == NESTED_RECURSIVE_PROOF_LENGTH ||
+    proofLength == CIVC_PROOF_LENGTH ||
+      proofLength == NESTED_RECURSIVE_PROOF_LENGTH ||
       proofLength == NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH ||
       proofLength == ULTRA_KECCAK_PROOF_LENGTH,
     `Proof length must be one of the expected proof lengths, received ${proofLength}`,
   );
-  if (proofLength == NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH) {
-    numPublicInputs -= IPA_CLAIM_SIZE;
+
+  const publicInputsFilename = path.join(directory, PUBLIC_INPUTS_FILENAME);
+  const proofFilename = path.join(directory, PROOF_FILENAME);
+
+  // Handle CIVC separately because bb outputs the proof fields with public inputs for CIVC.
+  const isCIVC = proofLength == CIVC_PROOF_LENGTH;
+
+  const [binaryPublicInputs, binaryProof] = await Promise.all([
+    isCIVC ? Buffer.alloc(0) : fs.readFile(publicInputsFilename),
+    fs.readFile(proofFilename),
+  ]);
+
+  const numPublicInputs = getNumCustomPublicInputs(proofLength, vkData);
+  let fieldsWithoutPublicInputs = splitBufferIntoFields(binaryProof);
+  if (isCIVC) {
+    fieldsWithoutPublicInputs = fieldsWithoutPublicInputs.slice(numPublicInputs);
   }
 
   assert(
     fieldsWithoutPublicInputs.length == proofLength,
-    `Proof length mismatch: ${fieldsWithoutPublicInputs.length} != ${proofLength}`,
+    `Proof fields length mismatch: ${fieldsWithoutPublicInputs.length} != ${proofLength}`,
   );
 
   // Concat binary public inputs and binary proof
   // This buffer will have the form: [binary public inputs, binary proof]
   const binaryProofWithPublicInputs = Buffer.concat([binaryPublicInputs, binaryProof]);
   logger.debug(
-    `Circuit path: ${filePath}, complete proof length: ${fieldsWithoutPublicInputs.length}, num public inputs: ${numPublicInputs}, circuit size: ${vkData.circuitSize}`,
+    `Circuit path: ${directory}, proof fields length: ${fieldsWithoutPublicInputs.length}, num public inputs: ${numPublicInputs}, circuit size: ${vkData.circuitSize}`,
   );
   return new RecursiveProof(
     fieldsWithoutPublicInputs,

package/src/prover/server/bb_prover.ts

@@ -4,7 +4,6 @@ import {
   NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH,
   PAIRING_POINTS_SIZE,
   RECURSIVE_PROOF_LENGTH,
-  TUBE_PROOF_LENGTH,
   ULTRA_KECCAK_PROOF_LENGTH,
 } from '@aztec/constants';
 import { Fr } from '@aztec/foundation/fields';
@@ -29,6 +28,8 @@ import {
   convertPrivateBaseRollupOutputsFromWitnessMap,
   convertPublicBaseRollupInputsToWitnessMap,
   convertPublicBaseRollupOutputsFromWitnessMap,
+  convertPublicTubeOutputsFromWitnessMap,
+  convertPublicTubePrivateInputsToWitnessMap,
   convertRootParityInputsToWitnessMap,
   convertRootParityOutputsFromWitnessMap,
   convertRootRollupInputsToWitnessMap,
@@ -49,6 +50,7 @@ import {
   makeProofAndVerificationKey,
   makePublicInputsAndRecursiveProof,
 } from '@aztec/stdlib/interfaces/server';
+import type { PrivateToPublicKernelCircuitPublicInputs } from '@aztec/stdlib/kernel';
 import type { BaseParityInputs, ParityPublicInputs, RootParityInputs } from '@aztec/stdlib/parity';
 import { Proof, RecursiveProof, makeRecursiveProofFromBinary } from '@aztec/stdlib/proofs';
 import {
@@ -61,17 +63,16 @@ import {
   PaddingBlockRootRollupInputs,
   type PrivateBaseRollupInputs,
   PublicBaseRollupInputs,
+  PublicTubePrivateInputs,
   type RootRollupInputs,
   type RootRollupPublicInputs,
   type SingleTxBlockRootRollupInputs,
-  type TubeInputs,
   enhanceProofWithPiValidationFlag,
 } from '@aztec/stdlib/rollup';
 import type { CircuitProvingStats, CircuitWitnessGenerationStats } from '@aztec/stdlib/stats';
 import type { VerificationKeyData } from '@aztec/stdlib/vks';
 import { Attributes, type TelemetryClient, getTelemetryClient, trackSpan } from '@aztec/telemetry-client';
 
-import crypto from 'crypto';
 import { promises as fs } from 'fs';
 import * as path from 'path';
 
@@ -84,7 +85,6 @@ import {
   VK_FILENAME,
   generateAvmProof,
   generateProof,
-  generateTubeProof,
   verifyAvmProof,
   verifyProof,
 } from '../../bb/execute.js';
@@ -92,9 +92,8 @@ import type { ACVMConfig, BBConfig } from '../../config.js';
 import { type UltraHonkFlavor, getUltraHonkFlavorForCircuit } from '../../honk.js';
 import { ProverInstrumentation } from '../../instrumentation.js';
 import { mapProtocolArtifactNameToCircuitName } from '../../stats.js';
-import { extractAvmVkData, extractVkData } from '../../verification_key/verification_key_data.js';
-import { PRIVATE_TAIL_CIVC_VK, PUBLIC_TAIL_CIVC_VK } from '../../verifier/bb_verifier.js';
-import { readProofAsFields, writeClientIVCProofToOutputDirectory } from '../proof_utils.js';
+import { extractAvmVkData } from '../../verification_key/verification_key_data.js';
+import { readProofsFromOutputDirectory } from '../proof_utils.js';
 
 const logger = createLogger('bb-prover');
 
@@ -197,6 +196,31 @@ export class BBNativeRollupProver implements ServerCircuitProver {
     return proofAndVk;
   }
 
+  public async getPublicTubeProof(
+    inputs: PublicTubePrivateInputs,
+  ): Promise<
+    PublicInputsAndRecursiveProof<
+      PrivateToPublicKernelCircuitPublicInputs,
+      typeof NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH
+    >
+  > {
+    const artifactName = 'PublicTube';
+
+    const { circuitOutput, proof } = await this.createRecursiveProof(
+      inputs,
+      artifactName,
+      NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH,
+      convertPublicTubePrivateInputsToWitnessMap,
+      convertPublicTubeOutputsFromWitnessMap,
+    );
+
+    const verificationKey = this.getVerificationKeyDataForCircuit(artifactName);
+
+    await this.verifyProof(artifactName, proof.binaryProof);
+
+    return makePublicInputsAndRecursiveProof(circuitOutput, proof, verificationKey);
+  }
+
   /**
    * Simulates the base rollup circuit from its inputs.
    * @param inputs - Inputs to the circuit.
@@ -467,6 +491,7 @@ export class BBNativeRollupProver implements ServerCircuitProver {
       workingDirectory,
       circuitType,
       Buffer.from(artifact.bytecode, 'base64'),
+      this.getVerificationKeyDataForCircuit(circuitType).keyAsBytes,
       outputWitnessFile,
       getUltraHonkFlavorForCircuit(circuitType),
       logger,
@@ -500,7 +525,7 @@ export class BBNativeRollupProver implements ServerCircuitProver {
       const vkData = this.getVerificationKeyDataForCircuit(circuitType);
 
       const PROOF_LENGTH = circuitType == 'RootRollupArtifact' ? ULTRA_KECCAK_PROOF_LENGTH : RECURSIVE_PROOF_LENGTH;
-      const proof = await readProofAsFields(provingResult.proofPath!, vkData, PROOF_LENGTH, logger);
+      const proof = await readProofsFromOutputDirectory(provingResult.proofPath!, vkData, PROOF_LENGTH, logger);
 
       const circuitName = mapProtocolArtifactNameToCircuitName(circuitType);
 
@@ -539,28 +564,6 @@ export class BBNativeRollupProver implements ServerCircuitProver {
     return provingResult;
   }
 
-  private async generateTubeProofWithBB(bbWorkingDirectory: string, input: TubeInputs): Promise<BBSuccess> {
-    logger.debug(`Proving tube...`);
-
-    const hasher = crypto.createHash('sha256');
-    hasher.update(input.toBuffer());
-
-    await writeClientIVCProofToOutputDirectory(input.clientIVCData, bbWorkingDirectory);
-    const provingResult = await generateTubeProof(
-      this.config.bbBinaryPath,
-      bbWorkingDirectory,
-      input.usePublicTailVk ? PUBLIC_TAIL_CIVC_VK : PRIVATE_TAIL_CIVC_VK,
-      logger.verbose,
-    );
-
-    if (provingResult.status === BB_RESULT.FAILURE) {
-      logger.error(`Failed to generate proof for tube circuit: ${provingResult.reason}`);
-      throw new ProvingError(provingResult.reason, provingResult, provingResult.retry);
-    }
-
-    return provingResult;
-  }
-
   private async createAvmProof(
     input: AvmCircuitInputs,
   ): Promise<ProofAndVerificationKey<typeof AVM_V2_PROOF_LENGTH_IN_FIELDS_PADDED>> {
@@ -595,35 +598,6 @@ export class BBNativeRollupProver implements ServerCircuitProver {
     return await this.runInDirectory(operation);
   }
 
-  public async getTubeProof(input: TubeInputs): Promise<ProofAndVerificationKey<typeof TUBE_PROOF_LENGTH>> {
-    const operation = async (bbWorkingDirectory: string) => {
-      logger.debug(`createTubeProof: ${bbWorkingDirectory}`);
-      const provingResult = await this.generateTubeProofWithBB(bbWorkingDirectory, input);
-
-      // Read the proof as fields
-      // TODO(AD): this is the only remaining use of extractVkData.
-      const tubeVK = await extractVkData(provingResult.vkDirectoryPath!);
-      const tubeProof = await readProofAsFields(provingResult.proofPath!, tubeVK, TUBE_PROOF_LENGTH, logger);
-
-      this.instrumentation.recordDuration('provingDuration', 'tubeCircuit', provingResult.durationMs);
-      this.instrumentation.recordSize('proofSize', 'tubeCircuit', tubeProof.binaryProof.buffer.length);
-      this.instrumentation.recordSize('circuitPublicInputCount', 'tubeCircuit', tubeVK.numPublicInputs);
-      this.instrumentation.recordSize('circuitSize', 'tubeCircuit', tubeVK.circuitSize);
-
-      // Sanity check the tube proof (can be removed later)
-      await this.verifyWithKey('ultra_rollup_honk', tubeVK, tubeProof.binaryProof);
-
-      logger.info(
-        `Generated proof for tubeCircuit in ${Math.ceil(provingResult.durationMs)} ms, size: ${
-          tubeProof.proof.length
-        } fields`,
-      );
-
-      return makeProofAndVerificationKey(tubeProof, tubeVK);
-    };
-    return await this.runInDirectory(operation);
-  }
-
   /**
    * Executes a circuit and returns its outputs and corresponding proof with embedded aggregation object
    * @param witnessMap - The input witness
@@ -656,7 +630,7 @@ export class BBNativeRollupProver implements ServerCircuitProver {
 
       const vkData = this.getVerificationKeyDataForCircuit(circuitType);
       // Read the proof as fields
-      const proof = await readProofAsFields(provingResult.proofPath!, vkData, proofLength, logger);
+      const proof = await readProofsFromOutputDirectory(provingResult.proofPath!, vkData, proofLength, logger);
 
       const circuitName = mapProtocolArtifactNameToCircuitName(circuitType);
       this.instrumentation.recordDuration('provingDuration', circuitName, provingResult.durationMs);

package/src/stats.ts

@@ -7,6 +7,8 @@ export function mapProtocolArtifactNameToCircuitName(artifact: ProtocolArtifact)
       return 'base-parity';
     case 'RootParityArtifact':
       return 'root-parity';
+    case 'PublicTube':
+      return 'public-tube';
     case 'PrivateBaseRollupArtifact':
       return 'private-base-rollup';
     case 'PublicBaseRollupArtifact':