@aztec/bb-prover 4.0.0-nightly.20250907 → 4.0.0-nightly.20260107

package/src/bb/execute.ts

@@ -1,4 +1,4 @@
-import { sha256 } from '@aztec/foundation/crypto';
+import { sha256 } from '@aztec/foundation/crypto/sha256';
 import type { LogFn, Logger } from '@aztec/foundation/log';
 import { Timer } from '@aztec/foundation/timer';
 import type { AvmCircuitInputs, AvmCircuitPublicInputs } from '@aztec/stdlib/avm';
@@ -6,6 +6,7 @@ import type { AvmCircuitInputs, AvmCircuitPublicInputs } from '@aztec/stdlib/avm
 import * as proc from 'child_process';
 import { promises as fs } from 'fs';
 import { basename, dirname, join } from 'path';
+import readline from 'readline';
 
 import type { UltraHonkFlavor } from '../honk.js';
 
@@ -15,7 +16,6 @@ export const PROOF_FILENAME = 'proof';
 export const AVM_INPUTS_FILENAME = 'avm_inputs.bin';
 export const AVM_BYTECODE_FILENAME = 'avm_bytecode.bin';
 export const AVM_PUBLIC_INPUTS_FILENAME = 'avm_public_inputs.bin';
-export const CLIENT_IVC_PROOF_FILE_NAME = 'proof';
 
 export enum BB_RESULT {
   SUCCESS,
@@ -86,6 +86,7 @@ export function executeBB(
     logger(`BB concurrency: ${env.HARDWARE_CONCURRENCY}`);
     logger(`Executing BB with: ${pathToBB} ${command} ${args.join(' ')}`);
     const bb = proc.spawn(pathToBB, [command, ...args], {
+      stdio: ['ignore', 'pipe', 'pipe'],
       env,
     });
 
@@ -100,14 +101,9 @@ export function executeBB(
       }, timeout);
     }
 
-    bb.stdout.on('data', data => {
-      const message = data.toString('utf-8').replace(/\n$/, '');
-      logger(message);
-    });
-    bb.stderr.on('data', data => {
-      const message = data.toString('utf-8').replace(/\n$/, '');
-      logger(message);
-    });
+    readline.createInterface({ input: bb.stdout }).on('line', logger);
+    readline.createInterface({ input: bb.stderr }).on('line', logger);
+
     bb.on('close', (exitCode: number, signal?: string) => {
       if (timeoutId) {
         clearTimeout(timeoutId);
@@ -121,7 +117,7 @@ export function executeBB(
   }).catch(_ => ({ status: BB_RESULT.FAILURE, exitCode: -1, signal: undefined }));
 }
 
-export async function executeBbClientIvcProof(
+export async function executeBbChonkProof(
   pathToBB: string,
   workingDirectory: string,
   inputsPath: string,
@@ -154,7 +150,7 @@ export async function executeBbClientIvcProof(
       log(`bb - ${message}`);
     };
 
-    const args = ['-o', outputPath, '--ivc_inputs_path', inputsPath, '-v', '--scheme', 'client_ivc'];
+    const args = ['-o', outputPath, '--ivc_inputs_path', inputsPath, '-v', '--scheme', 'chonk'];
     if (writeVk) {
       args.push('--write_vk');
     }
@@ -214,6 +210,7 @@ export async function generateProof(
   workingDirectory: string,
   circuitName: string,
   bytecode: Buffer,
+  verificationKey: Buffer,
   inputWitnessFile: string,
   flavor: UltraHonkFlavor,
   log: Logger,
@@ -225,8 +222,9 @@ export async function generateProof(
     return { status: BB_RESULT.FAILURE, reason: `Working directory ${workingDirectory} does not exist` };
   }
 
-  // The bytecode is written to e.g. /workingDirectory/BaseParityArtifact-bytecode
+  // The bytecode is written to e.g. /workingDirectory/ParityBaseArtifact-bytecode
   const bytecodePath = `${workingDirectory}/${circuitName}-bytecode`;
+  const vkPath = `${workingDirectory}/${circuitName}-vk`;
 
   // The proof is written to e.g. /workingDirectory/ultra_honk/proof
   const outputPath = `${workingDirectory}`;
@@ -240,16 +238,16 @@ export async function generateProof(
   }
 
   try {
-    // Write the bytecode to the working directory
-    await fs.writeFile(bytecodePath, bytecode);
-    // TODO(#15043): Avoid write_vk flag here.
+    // Write the bytecode and vk to the working directory
+    await Promise.all([fs.writeFile(bytecodePath, bytecode), fs.writeFile(vkPath, verificationKey)]);
     const args = getArgs(flavor).concat([
       '--disable_zk',
-      '--write_vk',
       '-o',
       outputPath,
       '-b',
       bytecodePath,
+      '-k',
+      vkPath,
       '-w',
       inputWitnessFile,
       '-v',
@@ -286,74 +284,6 @@ export async function generateProof(
   }
 }
 
-/**
- * Used for generating proofs of the tube circuit
- * It is assumed that the working directory is a temporary and/or random directory used solely for generating this proof.
- *
- * @returns An object containing a result indication, the location of the proof and the duration taken
- */
-export async function generateTubeProof(
-  pathToBB: string,
-  workingDirectory: string,
-  vkPath: string,
-  log: LogFn,
-): Promise<BBFailure | BBSuccess> {
-  // Check that the working directory exists
-  try {
-    await fs.access(workingDirectory);
-  } catch {
-    return { status: BB_RESULT.FAILURE, reason: `Working directory ${workingDirectory} does not exist` };
-  }
-
-  // Paths for the inputs
-  const proofPath = join(workingDirectory, CLIENT_IVC_PROOF_FILE_NAME);
-
-  // The proof is written to e.g. /workingDirectory/proof
-  const outputPath = workingDirectory;
-  const filePresent = async (file: string) =>
-    await fs
-      .access(file, fs.constants.R_OK)
-      .then(_ => true)
-      .catch(_ => false);
-
-  const binaryPresent = await filePresent(pathToBB);
-  if (!binaryPresent) {
-    return { status: BB_RESULT.FAILURE, reason: `Failed to find bb binary at ${pathToBB}` };
-  }
-
-  try {
-    if (!(await filePresent(proofPath))) {
-      return { status: BB_RESULT.FAILURE, reason: `Client IVC input files not present in  ${workingDirectory}` };
-    }
-    const args = ['-o', outputPath, '-k', vkPath, '-v'];
-
-    const timer = new Timer();
-    const logFunction = (message: string) => {
-      log(`TubeCircuit (prove) BB out - ${message}`);
-    };
-    const result = await executeBB(pathToBB, 'prove_tube', args, logFunction);
-    const durationMs = timer.ms();
-
-    if (result.status == BB_RESULT.SUCCESS) {
-      return {
-        status: BB_RESULT.SUCCESS,
-        durationMs,
-        proofPath: outputPath,
-        pkPath: undefined,
-        vkDirectoryPath: outputPath,
-      };
-    }
-    // Not a great error message here but it is difficult to decipher what comes from bb
-    return {
-      status: BB_RESULT.FAILURE,
-      reason: `Failed to generate proof. Exit code ${result.exitCode}. Signal ${result.signal}.`,
-      retry: !!result.signal,
-    };
-  } catch (error) {
-    return { status: BB_RESULT.FAILURE, reason: `${error}` };
-  }
-}
-
 /**
  * Used for generating AVM proofs.
  * It is assumed that the working directory is a temporary and/or random directory used solely for generating this proof.
@@ -491,7 +421,7 @@ export async function verifyAvmProof(
 }
 
 /**
- * Verifies a ClientIvcProof
+ * Verifies a ChonkProof
  * TODO(#7370) The verification keys should be supplied separately
  * @param pathToBB - The full path to the bb binary
  * @param targetPath - The path to the folder with the proof, accumulator, and verification keys
@@ -499,7 +429,7 @@ export async function verifyAvmProof(
  * @param concurrency - The number of threads to use for the verification
  * @returns An object containing a result indication and duration taken
  */
-export async function verifyClientIvcProof(
+export async function verifyChonkProof(
   pathToBB: string,
   proofPath: string,
   keyPath: string,
@@ -515,7 +445,7 @@ export async function verifyClientIvcProof(
   }
 
   try {
-    const args = ['--scheme', 'client_ivc', '-p', proofPath, '-k', keyPath, '-v'];
+    const args = ['--scheme', 'chonk', '-p', proofPath, '-k', keyPath, '-v'];
     const timer = new Timer();
     const command = 'verify';
 
@@ -679,7 +609,7 @@ export async function computeGateCountForCircuit(
     return { status: BB_RESULT.FAILURE, reason: `Working directory ${workingDirectory} does not exist` };
   }
 
-  // The bytecode is written to e.g. /workingDirectory/BaseParityArtifact-bytecode
+  // The bytecode is written to e.g. /workingDirectory/ParityBaseArtifact-bytecode
   const bytecodePath = `${workingDirectory}/${circuitName}-bytecode`;
 
   const binaryPresent = await fs
@@ -705,7 +635,7 @@ export async function computeGateCountForCircuit(
     const result = await executeBB(
       pathToBB,
       'gates',
-      ['--scheme', flavor === 'mega_honk' ? 'client_ivc' : 'ultra_honk', '-b', bytecodePath, '-v'],
+      ['--scheme', flavor === 'mega_honk' ? 'chonk' : 'ultra_honk', '-b', bytecodePath, '-v'],
       logHandler,
     );
     const duration = timer.ms();

package/src/honk.ts

@@ -3,7 +3,7 @@ import type { ServerProtocolArtifact } from '@aztec/noir-protocol-circuits-types
 export type UltraHonkFlavor = 'ultra_honk' | 'ultra_keccak_honk' | 'ultra_starknet_honk' | 'ultra_rollup_honk';
 
 const UltraKeccakHonkCircuits = ['RootRollupArtifact'] as const satisfies ServerProtocolArtifact[];
-const UltraHonkCircuits = ['BaseParityArtifact', 'RootParityArtifact'] as const satisfies ServerProtocolArtifact[];
+const UltraHonkCircuits = ['ParityBaseArtifact', 'ParityRootArtifact'] as const satisfies ServerProtocolArtifact[];
 
 export type UltraKeccakHonkServerProtocolArtifact = (typeof UltraKeccakHonkCircuits)[number];
 export type UltraHonkServerProtocolArtifact = (typeof UltraHonkCircuits)[number];

package/src/instrumentation.ts

@@ -86,7 +86,7 @@ export class ProverInstrumentation {
    */
   recordDuration(
     metric: 'simulationDuration' | 'witGenDuration' | 'provingDuration',
-    circuitName: CircuitName | 'tubeCircuit',
+    circuitName: CircuitName,
     timerOrMS: Timer | number,
   ) {
     const s = typeof timerOrMS === 'number' ? timerOrMS / 1000 : timerOrMS.s();
@@ -116,7 +116,7 @@ export class ProverInstrumentation {
    */
   recordSize(
     metric: 'witGenInputSize' | 'witGenOutputSize' | 'proofSize' | 'circuitSize' | 'circuitPublicInputCount',
-    circuitName: CircuitName | 'tubeCircuit',
+    circuitName: CircuitName,
     size: number,
   ) {
     this[metric].record(Math.ceil(size), {

package/src/prover/client/bb_private_kernel_prover.ts

@@ -1,4 +1,7 @@
-import { createLogger } from '@aztec/foundation/log';
+import { AztecClientBackend, type BackendOptions, Barretenberg } from '@aztec/bb.js';
+import { type LogLevel, type Logger, createLogger } from '@aztec/foundation/log';
+import { Timer } from '@aztec/foundation/timer';
+import { serializeWitness } from '@aztec/noir-noirc_abi';
 import {
   convertHidingKernelPublicInputsToWitnessMapWithAbi,
   convertHidingKernelToRollupInputsToWitnessMapWithAbi,
@@ -16,7 +19,11 @@ import {
   getPrivateKernelResetArtifactName,
   updateResetCircuitSampleInputs,
 } from '@aztec/noir-protocol-circuits-types/client';
-import type { ArtifactProvider, ClientProtocolArtifact } from '@aztec/noir-protocol-circuits-types/types';
+import {
+  type ArtifactProvider,
+  type ClientProtocolArtifact,
+  mapProtocolArtifactNameToCircuitName,
+} from '@aztec/noir-protocol-circuits-types/types';
 import type { Abi, WitnessMap } from '@aztec/noir-types';
 import type { CircuitSimulator } from '@aztec/simulator/client';
 import type { PrivateKernelProver } from '@aztec/stdlib/interfaces/client';
@@ -33,17 +40,22 @@ import type {
   PrivateKernelTailCircuitPublicInputs,
 } from '@aztec/stdlib/kernel';
 import type { NoirCompiledCircuitWithName } from '@aztec/stdlib/noir';
-import type { ClientIvcProof } from '@aztec/stdlib/proofs';
+import { ChonkProofWithPublicInputs } from '@aztec/stdlib/proofs';
 import type { CircuitSimulationStats, CircuitWitnessGenerationStats } from '@aztec/stdlib/stats';
 
-import { mapProtocolArtifactNameToCircuitName } from '../../stats.js';
+import { ungzip } from 'pako';
 
+export type BBPrivateKernelProverOptions = Omit<BackendOptions, 'logger'> & { logger?: Logger };
 export abstract class BBPrivateKernelProver implements PrivateKernelProver {
+  private log: Logger;
+
   constructor(
     protected artifactProvider: ArtifactProvider,
     protected simulator: CircuitSimulator,
-    protected log = createLogger('bb-prover'),
-  ) {}
+    protected options: BBPrivateKernelProverOptions = {},
+  ) {
+    this.log = options.logger || createLogger('bb-prover:private-kernel');
+  }
 
   public async generateInitOutput(
     inputs: PrivateKernelInitCircuitPrivateInputs,
@@ -261,11 +273,38 @@ export abstract class BBPrivateKernelProver implements PrivateKernelProver {
     return kernelProofOutput;
   }
 
-  public createClientIvcProof(_executionSteps: PrivateExecutionStep[]): Promise<ClientIvcProof> {
-    throw new Error('Not implemented');
+  public async createChonkProof(executionSteps: PrivateExecutionStep[]): Promise<ChonkProofWithPublicInputs> {
+    const timer = new Timer();
+    this.log.info(`Generating ClientIVC proof...`);
+    const barretenberg = await Barretenberg.initSingleton({
+      ...this.options,
+      logger: this.options.logger?.[(process.env.LOG_LEVEL as LogLevel) || 'verbose'],
+    });
+    const backend = new AztecClientBackend(
+      executionSteps.map(step => ungzip(step.bytecode)),
+      barretenberg,
+    );
+
+    const [proof] = await backend.prove(
+      executionSteps.map(step => ungzip(serializeWitness(step.witness))),
+      executionSteps.map(step => step.vk),
+    );
+    this.log.info(`Generated ClientIVC proof`, {
+      eventName: 'client-ivc-proof-generation',
+      duration: timer.ms(),
+      proofSize: proof.length,
+    });
+    return ChonkProofWithPublicInputs.fromBufferArray(proof);
   }
 
-  public computeGateCountForCircuit(_bytecode: Buffer, _circuitName: string): Promise<number> {
-    throw new Error('Not implemented');
+  public async computeGateCountForCircuit(_bytecode: Buffer, _circuitName: string): Promise<number> {
+    // Note we do not pass the vk to the backend. This is unneeded for gate counts.
+    const barretenberg = await Barretenberg.initSingleton({
+      ...this.options,
+      logger: this.options.logger?.[(process.env.LOG_LEVEL as LogLevel) || 'verbose'],
+    });
+    const backend = new AztecClientBackend([ungzip(_bytecode)], barretenberg);
+    const gateCount = await backend.gates();
+    return gateCount[0];
   }
 }

package/src/prover/client/bundle.ts

@@ -0,0 +1,10 @@
+import { BundleArtifactProvider } from '@aztec/noir-protocol-circuits-types/client/bundle';
+import type { CircuitSimulator } from '@aztec/simulator/client';
+
+import { BBPrivateKernelProver, type BBPrivateKernelProverOptions } from './bb_private_kernel_prover.js';
+
+export class BBBundlePrivateKernelProver extends BBPrivateKernelProver {
+  constructor(simulator: CircuitSimulator, options: BBPrivateKernelProverOptions = {}) {
+    super(new BundleArtifactProvider(), simulator, options);
+  }
+}

package/src/prover/client/lazy.ts

@@ -0,0 +1,10 @@
+import { LazyArtifactProvider } from '@aztec/noir-protocol-circuits-types/client/lazy';
+import type { CircuitSimulator } from '@aztec/simulator/client';
+
+import { BBPrivateKernelProver, type BBPrivateKernelProverOptions } from './bb_private_kernel_prover.js';
+
+export class BBLazyPrivateKernelProver extends BBPrivateKernelProver {
+  constructor(simulator: CircuitSimulator, options: BBPrivateKernelProverOptions = {}) {
+    super(new LazyArtifactProvider(), simulator, options);
+  }
+}

package/src/prover/proof_utils.ts

@@ -1,41 +1,59 @@
 import {
+  CHONK_PROOF_LENGTH,
+  HIDING_KERNEL_IO_PUBLIC_INPUTS_SIZE,
   IPA_CLAIM_SIZE,
   NESTED_RECURSIVE_PROOF_LENGTH,
   NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH,
   PAIRING_POINTS_SIZE,
   ULTRA_KECCAK_PROOF_LENGTH,
 } from '@aztec/constants';
-import { Fr } from '@aztec/foundation/fields';
+import { Fr } from '@aztec/foundation/curves/bn254';
 import type { Logger } from '@aztec/foundation/log';
-import { ClientIvcProof, Proof, RecursiveProof } from '@aztec/stdlib/proofs';
+import { ChonkProofWithPublicInputs, Proof, RecursiveProof } from '@aztec/stdlib/proofs';
 import type { VerificationKeyData } from '@aztec/stdlib/vks';
 
 import assert from 'assert';
 import { promises as fs } from 'fs';
 import * as path from 'path';
 
-import { CLIENT_IVC_PROOF_FILE_NAME, PROOF_FILENAME, PUBLIC_INPUTS_FILENAME } from '../bb/execute.js';
+import { PROOF_FILENAME, PUBLIC_INPUTS_FILENAME } from '../bb/execute.js';
 
 /**
- * Create a ClientIvcProof proof file.
+ * Create a ChonkProof proof file.
  *
  * @param directory the directory to read the proof from.
- * @returns the encapsulated client ivc proof
+ * @returns the encapsulated chonk proof
  */
-export async function readClientIVCProofFromOutputDirectory(directory: string) {
-  const clientIvcProofBuffer = await fs.readFile(path.join(directory, CLIENT_IVC_PROOF_FILE_NAME));
-  return new ClientIvcProof(clientIvcProofBuffer);
+export async function readChonkProofFromOutputDirectory(directory: string) {
+  const proofFilename = path.join(directory, PROOF_FILENAME);
+  const binaryProof = await fs.readFile(proofFilename);
+  const proofFields = splitBufferIntoFields(binaryProof);
+  return new ChonkProofWithPublicInputs(proofFields);
 }
 
 /**
- * Serialize a ClientIvcProof to a proof file.
+ * Serialize a ChonkProof to a proof file.
  *
- * @param proof the ClientIvcProof from object
+ * @param proof the ChonkProof from object
  * @param directory the directory to write in
  */
-export async function writeClientIVCProofToOutputDirectory(clientIvcProof: ClientIvcProof, directory: string) {
-  const { clientIvcProofBuffer } = clientIvcProof;
-  await fs.writeFile(path.join(directory, CLIENT_IVC_PROOF_FILE_NAME), clientIvcProofBuffer);
+export async function writeChonkProofToPath(chonkProof: ChonkProofWithPublicInputs, outputPath: string) {
+  // NB: Don't use chonkProof.toBuffer here because it will include the proof length.
+  const fieldsBuf = Buffer.concat(chonkProof.fieldsWithPublicInputs.map(field => field.toBuffer()));
+  await fs.writeFile(outputPath, fieldsBuf);
+}
+
+function getNumCustomPublicInputs(proofLength: number, vkData: VerificationKeyData) {
+  let numPublicInputs = vkData.numPublicInputs;
+  if (proofLength == CHONK_PROOF_LENGTH) {
+    numPublicInputs -= HIDING_KERNEL_IO_PUBLIC_INPUTS_SIZE;
+  } else {
+    numPublicInputs -= PAIRING_POINTS_SIZE;
+    if (proofLength == NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH) {
+      numPublicInputs -= IPA_CLAIM_SIZE;
+    }
+  }
+  return numPublicInputs;
 }
 
 function splitBufferIntoFields(buffer: Buffer): Fr[] {
@@ -46,43 +64,47 @@ function splitBufferIntoFields(buffer: Buffer): Fr[] {
   return fields;
 }
 
-export async function readProofAsFields<PROOF_LENGTH extends number>(
-  filePath: string,
+export async function readProofsFromOutputDirectory<PROOF_LENGTH extends number>(
+  directory: string,
   vkData: VerificationKeyData,
   proofLength: PROOF_LENGTH,
   logger: Logger,
 ): Promise<RecursiveProof<PROOF_LENGTH>> {
-  const publicInputsFilename = path.join(filePath, PUBLIC_INPUTS_FILENAME);
-  const proofFilename = path.join(filePath, PROOF_FILENAME);
-
-  const [binaryPublicInputs, binaryProof] = await Promise.all([
-    fs.readFile(publicInputsFilename),
-    fs.readFile(proofFilename),
-  ]);
-
-  const fieldsWithoutPublicInputs = splitBufferIntoFields(binaryProof);
-
-  let numPublicInputs = vkData.numPublicInputs - PAIRING_POINTS_SIZE;
   assert(
-    proofLength == NESTED_RECURSIVE_PROOF_LENGTH ||
+    proofLength == CHONK_PROOF_LENGTH ||
+      proofLength == NESTED_RECURSIVE_PROOF_LENGTH ||
       proofLength == NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH ||
       proofLength == ULTRA_KECCAK_PROOF_LENGTH,
     `Proof length must be one of the expected proof lengths, received ${proofLength}`,
   );
-  if (proofLength == NESTED_RECURSIVE_ROLLUP_HONK_PROOF_LENGTH) {
-    numPublicInputs -= IPA_CLAIM_SIZE;
+
+  const publicInputsFilename = path.join(directory, PUBLIC_INPUTS_FILENAME);
+  const proofFilename = path.join(directory, PROOF_FILENAME);
+
+  // Handle CHONK separately because bb outputs the proof fields with public inputs for CHONK.
+  const isChonk = proofLength == CHONK_PROOF_LENGTH;
+
+  const [binaryPublicInputs, binaryProof] = await Promise.all([
+    isChonk ? Buffer.alloc(0) : fs.readFile(publicInputsFilename),
+    fs.readFile(proofFilename),
+  ]);
+
+  const numPublicInputs = getNumCustomPublicInputs(proofLength, vkData);
+  let fieldsWithoutPublicInputs = splitBufferIntoFields(binaryProof);
+  if (isChonk) {
+    fieldsWithoutPublicInputs = fieldsWithoutPublicInputs.slice(numPublicInputs);
   }
 
   assert(
     fieldsWithoutPublicInputs.length == proofLength,
-    `Proof length mismatch: ${fieldsWithoutPublicInputs.length} != ${proofLength}`,
+    `Proof fields length mismatch: ${fieldsWithoutPublicInputs.length} != ${proofLength}`,
   );
 
   // Concat binary public inputs and binary proof
   // This buffer will have the form: [binary public inputs, binary proof]
   const binaryProofWithPublicInputs = Buffer.concat([binaryPublicInputs, binaryProof]);
   logger.debug(
-    `Circuit path: ${filePath}, complete proof length: ${fieldsWithoutPublicInputs.length}, num public inputs: ${numPublicInputs}, circuit size: ${vkData.circuitSize}`,
+    `Circuit path: ${directory}, proof fields length: ${fieldsWithoutPublicInputs.length}, num public inputs: ${numPublicInputs}, circuit size: ${vkData.circuitSize}`,
   );
   return new RecursiveProof(
     fieldsWithoutPublicInputs,