@aztec/end-to-end 0.0.1-commit.d431d1c → 0.0.1-commit.dbf9cec

package/src/e2e_storage_proof/fixtures/storage_proof_fetcher.ts

@@ -0,0 +1,190 @@
+/**
+ * Fetches a ERC20 balance storage proof from the Ethereum mainnet and saves it to a Prover.toml compatible JSON.
+ * The JSON can be converted to toml for use with nargo, or used directly as a JSON file when used in
+ * Aztec contracts. This script is not using any Aztec library code, so it's easily portable.
+ */
+import fs from 'fs';
+import { dirname, join } from 'path';
+import { fileURLToPath } from 'url';
+import { createPublicClient, encodeAbiParameters, fromRlp, hexToBytes, http, keccak256 } from 'viem';
+import { mainnet } from 'viem/chains';
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+
+const RPC_URL = process.env.RPC_URL;
+const ERC20_CONTRACT = (process.env.ERC20_CONTRACT || '0xdAC17F958D2ee523a2206206994597C13D831ec7') as `0x${string}`;
+const HOLDER = (process.env.HOLDER || '0x23878914EFE38d27C4D67Ab83ed1b93A74D4086a') as `0x${string}`;
+const SLOT = BigInt(process.env.SLOT || '2');
+const BLOCK_TAG = process.env.BLOCK_NUMBER ? BigInt(process.env.BLOCK_NUMBER) : 'latest';
+const MAX_ACCOUNT_PATH = 15;
+const MAX_STORAGE_PATH = 10;
+
+function padTo(arr: number[], len: number) {
+  return [...arr, ...Array(len - arr.length).fill(0)].slice(0, len);
+}
+
+function toBytes(hex: `0x${string}`) {
+  return Array.from(hexToBytes(hex));
+}
+
+function bytesToU64s(bytes: number[]) {
+  const paddedBytes = padTo(bytes, 32);
+  return Array.from({ length: 4 }, (_, i) => {
+    let val = 0n;
+    for (let j = 0; j < 8; j++) {
+      val += BigInt(paddedBytes[i * 8 + j]) << BigInt(j * 8);
+    }
+    return val.toString();
+  });
+}
+
+function toBytesAndLen(val: bigint | number) {
+  if (val === 0n || val === 0) {
+    return { bytes: [0], length: 0 };
+  }
+  let hex = val.toString(16);
+  if (hex.length % 2) {
+    hex = '0' + hex;
+  }
+  const bytes = toBytes(`0x${hex}`);
+  return { bytes, length: bytes.length };
+}
+
+function parseNode(rlp: `0x${string}`) {
+  // Should be safe when working with branches and extensions without embedded children.
+  const decoded = fromRlp(rlp) as `0x${string}`[];
+  const node = {
+    rows: Array(16)
+      .fill(0)
+      .map(() => Array(32).fill(0)),
+    row_exist: Array(16).fill(false),
+    node_type: 0,
+  };
+
+  if (decoded.length === 17) {
+    for (let i = 0; i < 16; i++) {
+      if (decoded[i] !== '0x') {
+        node.row_exist[i] = true;
+        node.rows[i] = padTo(toBytes(decoded[i]), 32);
+      }
+    }
+  } else if (decoded.length === 2) {
+    const keyBytes = toBytes(decoded[0]);
+    const prefix = keyBytes[0];
+    if (prefix >> 4 >= 2) {
+      throw new Error('Unsupported: leaf node in proof path');
+    }
+    node.node_type = 1;
+    // Extension header format expected by the noir code: check out storage_proof types.nr.
+    node.rows[0][0] = prefix >> 4;
+    node.rows[0][8] = prefix & 0x0f;
+    node.rows[0][16] = keyBytes.length - 1;
+
+    for (let i = 1; i < keyBytes.length && i < 32; i++) {
+      node.rows[1][i - 1] = keyBytes[i];
+    }
+    node.rows[2] = padTo(toBytes(decoded[1]), 32);
+    node.row_exist[0] = node.row_exist[1] = node.row_exist[2] = true;
+  }
+  return node;
+}
+
+function parseProof(proof: `0x${string}`[], maxLen: number) {
+  const nodes = proof.slice(0, -1).slice(0, maxLen).map(parseNode);
+  while (nodes.length < maxLen) {
+    nodes.push({
+      rows: Array(16)
+        .fill(0)
+        .map(() => Array(32).fill(0)),
+      row_exist: Array(16).fill(false),
+      node_type: 0,
+    });
+  }
+  return nodes;
+}
+
+function nodeToLibFormat(node: { rows: number[][]; row_exist: boolean[]; node_type: number }) {
+  return {
+    rows: node.rows.map(bytesToU64s),
+    row_exist: node.row_exist,
+    node_type: String(node.node_type),
+  };
+}
+
+async function main() {
+  if (!RPC_URL) {
+    throw new Error('RPC_URL is not set');
+  }
+  const storageKey = keccak256(encodeAbiParameters([{ type: 'address' }, { type: 'uint256' }], [HOLDER, SLOT]));
+  console.log(`Fetching storage proof for ${ERC20_CONTRACT}, holder ${HOLDER}, slot ${SLOT}`);
+  console.log(`Storage key: ${storageKey}`);
+
+  const client = createPublicClient({
+    chain: mainnet,
+    transport: http(RPC_URL),
+  });
+
+  const [blockNumber, proof, block] = await Promise.all([
+    client.getBlockNumber(),
+    client.getProof({
+      address: ERC20_CONTRACT,
+      storageKeys: [storageKey],
+      blockNumber: BLOCK_TAG === 'latest' ? undefined : BLOCK_TAG,
+    }),
+    client.getBlock({
+      blockNumber: BLOCK_TAG === 'latest' ? undefined : BLOCK_TAG,
+    }),
+  ]);
+
+  const storageProof = proof.storageProof[0];
+  console.log(
+    `Block: ${blockNumber}, Account nodes: ${proof.accountProof.length}, Storage nodes: ${storageProof.proof.length}`,
+  );
+  console.log(`Value: ${storageProof.value}`);
+
+  // The -1 is because the last node in the proof is the leaf, which is excluded from path verification.
+  const accountPathLen = proof.accountProof.length - 1;
+  const storagePathLen = storageProof.proof.length - 1;
+  if (accountPathLen > MAX_ACCOUNT_PATH) {
+    throw new Error(
+      `Account proof path length ${accountPathLen} exceeds MAX_ACCOUNT_PATH ${MAX_ACCOUNT_PATH}. Increase the limit.`,
+    );
+  }
+  if (storagePathLen > MAX_STORAGE_PATH) {
+    throw new Error(
+      `Storage proof path length ${storagePathLen} exceeds MAX_STORAGE_PATH ${MAX_STORAGE_PATH}. Increase the limit.`,
+    );
+  }
+
+  const nonce = toBytesAndLen(proof.nonce);
+  const balance = toBytesAndLen(proof.balance);
+  const slotValue = toBytesAndLen(storageProof.value);
+
+  const data = {
+    account_nodes: parseProof(proof.accountProof, MAX_ACCOUNT_PATH).map(nodeToLibFormat),
+    account_node_length: String(accountPathLen),
+    storage_nodes: parseProof(storageProof.proof, MAX_STORAGE_PATH).map(nodeToLibFormat),
+    storage_node_length: String(storagePathLen),
+    account: {
+      nonce: padTo(nonce.bytes, 8).map(String),
+      nonce_length: String(nonce.length),
+      balance: padTo(balance.bytes, 32).map(String),
+      balance_length: String(balance.length),
+      address: toBytes(ERC20_CONTRACT).map(String),
+      storage_hash: bytesToU64s(toBytes(proof.storageHash)),
+      code_hash: bytesToU64s(toBytes(proof.codeHash)),
+    },
+    slot: {
+      value: padTo(slotValue.bytes, 32).map(String),
+      value_length: String(slotValue.length),
+    },
+    slot_key: toBytes(storageKey).map(String),
+    root: bytesToU64s(toBytes(block.stateRoot)),
+    block_number: String(blockNumber),
+  };
+
+  fs.writeFileSync(join(__dirname, 'storage_proof.json'), JSON.stringify(data, null, 2));
+  console.log('storage_proof.json generated');
+}
+
+main().catch(console.error);

package/src/e2e_storage_proof/fixtures/storage_proof_fixture.ts

@@ -0,0 +1,173 @@
+import type { AztecAddress } from '@aztec/aztec.js/addresses';
+import { poseidon2Hash } from '@aztec/foundation/crypto/poseidon';
+import { Fr } from '@aztec/foundation/curves/bn254';
+import { EthAddress } from '@aztec/foundation/eth-address';
+import { Capsule } from '@aztec/stdlib/tx';
+
+import { readFileSync } from 'fs';
+import { dirname, join } from 'path';
+import { fileURLToPath } from 'url';
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const FIXTURE_PATH = join(__dirname, './storage_proof.json');
+
+// Constants matching the Noir contract
+const ACCOUNT_CAPSULE_KEY_SEPARATOR = 100;
+const ACCOUNT_PROOF_CAPSULE_KEY_SEPARATOR = 101;
+const STORAGE_PROOF_CAPSULE_KEY_SEPARATOR = 102;
+const STORAGE_PROOF_NODE_CAPSULE_KEY_SEPARATOR = 103;
+const MAX_ACCOUNT_PROOF_LENGTH = 15;
+/** Node: rows [[u64;4];16] (64) + row_exist [bool;16] (16) + node_type u8 (1) = 81 fields */
+const NODE_FIELD_COUNT = 81;
+
+// --- JSON fixture types ---
+
+type JsonNode = { rows: string[][]; row_exist: boolean[]; node_type: string };
+
+type JsonAccount = {
+  nonce: string[];
+  balance: string[];
+  address: string[];
+  nonce_length: string;
+  balance_length: string;
+  storage_hash: string[];
+  code_hash: string[];
+};
+
+type StorageProofJSON = {
+  root: string[];
+  slot_key: string[];
+  account_node_length: string;
+  storage_node_length: string;
+  account_nodes: JsonNode[];
+  storage_nodes: JsonNode[];
+  account: JsonAccount;
+  slot: { value: string[]; value_length: string };
+};
+
+// --- Serialization helpers (Noir struct Serialize layout) ---
+
+function serializeNode(node: JsonNode): Fr[] {
+  const fields: Fr[] = [];
+  for (const row of node.rows) {
+    for (const val of row) {
+      fields.push(new Fr(BigInt(val)));
+    }
+  }
+  for (const exists of node.row_exist) {
+    fields.push(new Fr(exists ? 1n : 0n));
+  }
+  fields.push(new Fr(BigInt(node.node_type)));
+  return fields;
+}
+
+/** Account: nonce [u8;8] + balance [u8;32] + address [u8;20] + nonce_length u8 + balance_length u8 + storage_hash [u64;4] + code_hash [u64;4] = 70 fields */
+function serializeAccount(account: JsonAccount): Fr[] {
+  const fields: Fr[] = [];
+  for (const v of account.nonce) {
+    fields.push(new Fr(BigInt(v)));
+  }
+  for (const v of account.balance) {
+    fields.push(new Fr(BigInt(v)));
+  }
+  for (const v of account.address) {
+    fields.push(new Fr(BigInt(v)));
+  }
+  fields.push(new Fr(BigInt(account.nonce_length)));
+  fields.push(new Fr(BigInt(account.balance_length)));
+  for (const v of account.storage_hash) {
+    fields.push(new Fr(BigInt(v)));
+  }
+  for (const v of account.code_hash) {
+    fields.push(new Fr(BigInt(v)));
+  }
+  return fields;
+}
+
+function zeroNode(): Fr[] {
+  return Array(NODE_FIELD_COUNT).fill(Fr.ZERO);
+}
+
+// --- Public API ---
+
+/** Parsed + typed fixture data ready for use as contract function arguments. */
+export type StorageProofArgs = {
+  ethAddress: EthAddress;
+  slotKey: number[];
+  slotContents: { value: number[]; value_length: number };
+  root: bigint[];
+};
+
+/** Loads the storage proof fixture from disk and returns the contract args. */
+export function loadStorageProofArgs(): StorageProofArgs {
+  const fixture: StorageProofJSON = JSON.parse(readFileSync(FIXTURE_PATH, 'utf8'));
+  const addressBytes = Buffer.from(fixture.account.address.map(v => Number(v)));
+  return {
+    ethAddress: EthAddress.fromString('0x' + addressBytes.toString('hex')),
+    slotKey: fixture.slot_key.map(v => Number(v)),
+    slotContents: {
+      value: fixture.slot.value.map(v => Number(v)),
+      // eslint-disable-next-line camelcase
+      value_length: Number(fixture.slot.value_length),
+    },
+    root: fixture.root.map(v => BigInt(v)),
+  };
+}
+
+/** Builds all the capsules the StorageProofTest contract expects during private execution. */
+export async function buildStorageProofCapsules(contractAddress: AztecAddress): Promise<Capsule[]> {
+  const fixture: StorageProofJSON = JSON.parse(readFileSync(FIXTURE_PATH, 'utf8'));
+
+  const root = fixture.root.map(v => BigInt(v));
+  const slotKey = fixture.slot_key.map(v => Number(v));
+  const accountNodeLength = Number(fixture.account_node_length);
+  const storageNodeLength = Number(fixture.storage_node_length);
+  const ethAddress = EthAddress.fromBuffer(Buffer.from(fixture.account.address.map(v => Number(v))));
+
+  // Compute capsule keys (must match the Noir contract's poseidon2_hash computations)
+  const addressCapsuleKey = await poseidon2Hash([
+    new Fr(ACCOUNT_CAPSULE_KEY_SEPARATOR),
+    ...root.map(v => new Fr(v)),
+    ethAddress.toField(),
+  ]);
+
+  const accountProofCapsuleKey = await poseidon2Hash([new Fr(ACCOUNT_PROOF_CAPSULE_KEY_SEPARATOR), addressCapsuleKey]);
+
+  const storageProofCapsuleKey = await poseidon2Hash([
+    new Fr(STORAGE_PROOF_CAPSULE_KEY_SEPARATOR),
+    addressCapsuleKey,
+    ...slotKey.map(v => new Fr(v)),
+  ]);
+
+  // Build capsule data
+
+  // 1. Account data
+  const accountData = serializeAccount(fixture.account);
+
+  // 2. Account proof nodes padded to MAX_ACCOUNT_PROOF_LENGTH
+  const accountProofData: Fr[] = [new Fr(accountNodeLength)];
+  for (let i = 0; i < MAX_ACCOUNT_PROOF_LENGTH; i++) {
+    accountProofData.push(...(i < fixture.account_nodes.length ? serializeNode(fixture.account_nodes[i]) : zeroNode()));
+  }
+
+  // 3. Storage proof length (u32)
+  const storageProofLengthData = [new Fr(storageNodeLength)];
+
+  const capsules: Capsule[] = [
+    new Capsule(contractAddress, addressCapsuleKey, accountData),
+    new Capsule(contractAddress, accountProofCapsuleKey, accountProofData),
+    new Capsule(contractAddress, storageProofCapsuleKey, storageProofLengthData),
+  ];
+
+  // 4. Individual storage node capsules for private recursion.
+  for (let i = 0; i < storageNodeLength; i++) {
+    const nodeCapsuleKey = await poseidon2Hash([
+      new Fr(STORAGE_PROOF_NODE_CAPSULE_KEY_SEPARATOR),
+      storageProofCapsuleKey,
+      new Fr(i),
+    ]);
+    capsules.push(new Capsule(contractAddress, nodeCapsuleKey, serializeNode(fixture.storage_nodes[i])));
+  }
+
+  return capsules;
+}

package/src/e2e_token_contract/token_contract_test.ts

@@ -2,14 +2,15 @@ import { AztecAddress } from '@aztec/aztec.js/addresses';
 import { type Logger, createLogger } from '@aztec/aztec.js/log';
 import type { AztecNode } from '@aztec/aztec.js/node';
 import { TokenContract } from '@aztec/noir-contracts.js/Token';
+import { GenericProxyContract } from '@aztec/noir-test-contracts.js/GenericProxy';
 import { InvalidAccountContract } from '@aztec/noir-test-contracts.js/InvalidAccount';
-import type { TestWallet } from '@aztec/test-wallet/server';
 
 import { jest } from '@jest/globals';
 
 import { type EndToEndContext, deployAccounts, publicDeployAccounts, setup, teardown } from '../fixtures/setup.js';
 import { mintTokensToPrivate } from '../fixtures/token_utils.js';
 import { TokenSimulator } from '../simulators/token_simulator.js';
+import type { TestWallet } from '../test-wallet/test_wallet.js';
 
 const { METRICS_PORT: metricsPort } = process.env;
 
@@ -25,6 +26,7 @@ export class TokenContractTest {
   node!: AztecNode;
 
   badAccount!: InvalidAccountContract;
+  authwitProxy!: GenericProxyContract;
   wallet!: TestWallet;
   adminAddress!: AztecAddress;
   account1Address!: AztecAddress;
@@ -70,7 +72,7 @@ export class TokenContractTest {
       initialFundedAccounts: this.context.initialFundedAccounts,
     });
 
-    this.node = this.context.aztecNodeService!;
+    this.node = this.context.aztecNodeService;
     this.wallet = this.context.wallet;
     [this.adminAddress, this.account1Address, this.account2Address] = deployedAccounts.map(acc => acc.address);
 
@@ -85,15 +87,20 @@ export class TokenContractTest {
       TokenContractTest.TOKEN_NAME,
       TokenContractTest.TOKEN_SYMBOL,
       TokenContractTest.TOKEN_DECIMALS,
-    )
-      .send({ from: this.adminAddress })
-      .deployed();
+    ).send({ from: this.adminAddress });
     this.logger.verbose(`Token deployed to ${this.asset.address}`);
 
     this.logger.verbose(`Deploying bad account...`);
-    this.badAccount = await InvalidAccountContract.deploy(this.wallet).send({ from: this.adminAddress }).deployed();
+    this.badAccount = await InvalidAccountContract.deploy(this.wallet).send({ from: this.adminAddress });
     this.logger.verbose(`Deployed to ${this.badAccount.address}.`);
 
+    // Deploy a proxy contract for "on behalf of other" tests. The note owner must be the tx sender
+    // (so their notes are in scope), but msg_sender in the target must differ from the note owner
+    // to trigger authwit validation. The proxy forwards calls so that msg_sender != tx sender.
+    this.logger.verbose(`Deploying generic proxy...`);
+    this.authwitProxy = await GenericProxyContract.deploy(this.wallet).send({ from: this.adminAddress });
+    this.logger.verbose(`Deployed to ${this.authwitProxy.address}.`);
+
     this.tokenSim = new TokenSimulator(this.asset, this.wallet, this.adminAddress, this.logger, [
       this.adminAddress,
       this.account1Address,
@@ -130,7 +137,7 @@ export class TokenContractTest {
     const amount = 10000n;
 
     this.logger.verbose(`Minting ${amount} publicly...`);
-    await asset.methods.mint_to_public(adminAddress, amount).send({ from: adminAddress }).wait();
+    await asset.methods.mint_to_public(adminAddress, amount).send({ from: adminAddress });
     tokenSim.mintPublic(adminAddress, amount);
 
     const publicBalance = await asset.methods.balance_of_public(adminAddress).simulate({ from: adminAddress });

package/src/fixtures/authwit_proxy.ts

@@ -0,0 +1,50 @@
+import type {
+  ContractFunctionInteraction,
+  SendInteractionOptions,
+  SimulateInteractionOptions,
+} from '@aztec/aztec.js/contracts';
+import type { GenericProxyContract } from '@aztec/noir-test-contracts.js/GenericProxy';
+
+/**
+ * Builds a proxy forwarding call from an action, selecting the right forward_private_N method.
+ */
+async function buildProxyCall(proxy: GenericProxyContract, action: ContractFunctionInteraction) {
+  const call = await action.getFunctionCall();
+  const argCount = call.args.length;
+  if (argCount === 2) {
+    return proxy.methods.forward_private_2(call.to, call.selector, call.args);
+  } else if (argCount === 3) {
+    return proxy.methods.forward_private_3(call.to, call.selector, call.args);
+  } else if (argCount === 4) {
+    return proxy.methods.forward_private_4(call.to, call.selector, call.args);
+  }
+  throw new Error(`No forward_private_${argCount} method on proxy`);
+}
+
+/**
+ * Sends a contract call through the authwit proxy.
+ * The proxy becomes msg_sender in the target (triggering authwit validation),
+ * while the actual tx sender retains their keys in scope.
+ */
+export async function sendThroughAuthwitProxy(
+  proxy: GenericProxyContract,
+  action: ContractFunctionInteraction,
+  options: SendInteractionOptions,
+) {
+  const proxyCall = await buildProxyCall(proxy, action);
+  return proxyCall.send(options);
+}
+
+/**
+ * Simulates a contract call through the authwit proxy.
+ * The proxy becomes msg_sender in the target (triggering authwit validation),
+ * while the actual tx sender retains their keys in scope.
+ */
+export async function simulateThroughAuthwitProxy(
+  proxy: GenericProxyContract,
+  action: ContractFunctionInteraction,
+  options: SimulateInteractionOptions,
+) {
+  const proxyCall = await buildProxyCall(proxy, action);
+  return proxyCall.simulate(options);
+}