@aztec/pxe 0.0.1-commit.d6f2b3f94 → 0.0.1-commit.dbf9cec

package/src/private_kernel/hints/test_utils.ts

@@ -0,0 +1,325 @@
+import {
+  MAX_KEY_VALIDATION_REQUESTS_PER_CALL,
+  MAX_KEY_VALIDATION_REQUESTS_PER_TX,
+  MAX_NOTE_HASHES_PER_CALL,
+  MAX_NOTE_HASHES_PER_TX,
+  MAX_NOTE_HASH_READ_REQUESTS_PER_CALL,
+  MAX_NOTE_HASH_READ_REQUESTS_PER_TX,
+  MAX_NULLIFIERS_PER_CALL,
+  MAX_NULLIFIERS_PER_TX,
+  MAX_NULLIFIER_READ_REQUESTS_PER_CALL,
+  MAX_NULLIFIER_READ_REQUESTS_PER_TX,
+  MAX_PRIVATE_LOGS_PER_CALL,
+  MAX_PRIVATE_LOGS_PER_TX,
+} from '@aztec/constants';
+import { makeTuple } from '@aztec/foundation/array';
+import { Fr } from '@aztec/foundation/curves/bn254';
+import { Point } from '@aztec/foundation/curves/grumpkin';
+import type { Serializable } from '@aztec/foundation/serialize';
+import { AztecAddress } from '@aztec/stdlib/aztec-address';
+import {
+  ClaimedLengthArray,
+  KeyValidationRequest,
+  KeyValidationRequestAndSeparator,
+  NoteHash,
+  Nullifier,
+  PrivateCircuitPublicInputs,
+  PrivateKernelCircuitPublicInputs,
+  type PrivateKernelSimulateOutput,
+  ReadRequest,
+  ScopedKeyValidationRequestAndSeparator,
+  ScopedNoteHash,
+  ScopedNullifier,
+  ScopedReadRequest,
+} from '@aztec/stdlib/kernel';
+import { PrivateLogData, ScopedPrivateLogData } from '@aztec/stdlib/kernel';
+import { PrivateLog } from '@aztec/stdlib/logs';
+import { PrivateCallExecutionResult } from '@aztec/stdlib/tx';
+import { VerificationKeyData } from '@aztec/stdlib/vks';
+
+const DEFAULT_CONTRACT_ADDRESS = AztecAddress.fromBigInt(987654n);
+
+/**
+ * Builds a ClaimedLengthArray from a list of items, padding to the required size.
+ */
+function makeClaimed<T extends Serializable, N extends number>(items: T[], emptyFactory: { empty(): T }, maxSize: N) {
+  const padded = makeTuple(maxSize, i => items[i] ?? emptyFactory.empty());
+  return new ClaimedLengthArray<T, typeof maxSize>(padded, items.length);
+}
+
+/** Builder for PrivateKernelCircuitPublicInputs with fluent API for adding side effects. */
+export class PrivateKernelCircuitPublicInputsBuilder {
+  private noteHashes: ScopedNoteHash[] = [];
+  private nullifiers: ScopedNullifier[] = [];
+  private noteHashReadRequests: ScopedReadRequest[] = [];
+  private nullifierReadRequests: ScopedReadRequest[] = [];
+  private keyValidationRequests: ScopedKeyValidationRequestAndSeparator[] = [];
+  private privateLogs: ScopedPrivateLogData[] = [];
+  private nextCounter: number;
+
+  constructor(
+    private contractAddress: AztecAddress = DEFAULT_CONTRACT_ADDRESS,
+    startCounter = 1,
+  ) {
+    this.nextCounter = startCounter;
+  }
+
+  private getCounter(sideEffectCounter?: number): number {
+    if (sideEffectCounter !== undefined) {
+      this.nextCounter = sideEffectCounter + 1;
+      return sideEffectCounter;
+    }
+    return this.nextCounter++;
+  }
+
+  /** Adds a note hash to the accumulated data. Defaults are generated randomly. */
+  addNoteHash(opts?: { value?: Fr; counter?: number; contractAddress?: AztecAddress }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    const addr = opts?.contractAddress ?? this.contractAddress;
+    this.noteHashes.push(new NoteHash(value, counter).scope(addr));
+    return this;
+  }
+
+  /** Adds a nullifier to the accumulated data. Defaults are generated randomly. */
+  addNullifier(opts?: { value?: Fr; noteHash?: Fr; counter?: number; contractAddress?: AztecAddress }): this {
+    const value = opts?.value ?? Fr.random();
+    const noteHash = opts?.noteHash ?? Fr.ZERO;
+    const counter = this.getCounter(opts?.counter);
+    const addr = opts?.contractAddress ?? this.contractAddress;
+    this.nullifiers.push(new Nullifier(value, noteHash, counter).scope(addr));
+    return this;
+  }
+
+  /** Adds a pending note hash read request (non-empty contract address, can match a pending note hash). */
+  addPendingNoteHashReadRequest(opts?: { value?: Fr; counter?: number; contractAddress?: AztecAddress }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    const addr = opts?.contractAddress ?? this.contractAddress;
+    this.noteHashReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), addr));
+    return this;
+  }
+
+  /** Adds a settled note hash read request (empty contract address, resolved against the note hash tree). */
+  addSettledNoteHashReadRequest(opts?: { value?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    this.noteHashReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), AztecAddress.ZERO));
+    return this;
+  }
+
+  /** Adds a pending nullifier read request (non-empty contract address, can match a pending nullifier). */
+  addPendingNullifierReadRequest(opts?: { value?: Fr; counter?: number; contractAddress?: AztecAddress }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    const addr = opts?.contractAddress ?? this.contractAddress;
+    this.nullifierReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), addr));
+    return this;
+  }
+
+  /** Adds a settled nullifier read request (empty contract address, resolved against the nullifier tree). */
+  addSettledNullifierReadRequest(opts?: { value?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    this.nullifierReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), AztecAddress.ZERO));
+    return this;
+  }
+
+  /** Adds a key validation request to validation requests. */
+  addKeyValidationRequest(opts?: { contractAddress?: AztecAddress }): this {
+    const addr = opts?.contractAddress ?? this.contractAddress;
+    this.keyValidationRequests.push(
+      new ScopedKeyValidationRequestAndSeparator(
+        new KeyValidationRequestAndSeparator(
+          new KeyValidationRequest(new Point(Fr.random(), Fr.random(), false), Fr.random()),
+          Fr.random(),
+        ),
+        addr,
+      ),
+    );
+    return this;
+  }
+
+  /** Adds a private log to the accumulated data. Defaults are generated randomly. */
+  addPrivateLog(opts?: { noteHashCounter?: number; counter?: number; contractAddress?: AztecAddress }): this {
+    const noteHashCounter = opts?.noteHashCounter ?? 0;
+    const counter = this.getCounter(opts?.counter);
+    const addr = opts?.contractAddress ?? this.contractAddress;
+    this.privateLogs.push(
+      new ScopedPrivateLogData(new PrivateLogData(PrivateLog.empty(), noteHashCounter, counter), addr),
+    );
+    return this;
+  }
+
+  /** Builds the PrivateKernelCircuitPublicInputs with all added side effects. */
+  build(): PrivateKernelCircuitPublicInputs {
+    const publicInputs = PrivateKernelCircuitPublicInputs.empty();
+    publicInputs.end.noteHashes = makeClaimed(this.noteHashes, ScopedNoteHash, MAX_NOTE_HASHES_PER_TX);
+    publicInputs.end.nullifiers = makeClaimed(this.nullifiers, ScopedNullifier, MAX_NULLIFIERS_PER_TX);
+    publicInputs.end.privateLogs = makeClaimed(this.privateLogs, ScopedPrivateLogData, MAX_PRIVATE_LOGS_PER_TX);
+    publicInputs.validationRequests.noteHashReadRequests = makeClaimed(
+      this.noteHashReadRequests,
+      ScopedReadRequest,
+      MAX_NOTE_HASH_READ_REQUESTS_PER_TX,
+    );
+    publicInputs.validationRequests.nullifierReadRequests = makeClaimed(
+      this.nullifierReadRequests,
+      ScopedReadRequest,
+      MAX_NULLIFIER_READ_REQUESTS_PER_TX,
+    );
+    publicInputs.validationRequests.scopedKeyValidationRequestsAndSeparators = makeClaimed(
+      this.keyValidationRequests,
+      ScopedKeyValidationRequestAndSeparator,
+      MAX_KEY_VALIDATION_REQUESTS_PER_TX,
+    );
+    return publicInputs;
+  }
+}
+
+/** Builder for PrivateCircuitPublicInputs (call-level) with fluent API for adding side effects. */
+export class PrivateCircuitPublicInputsBuilder {
+  private noteHashes: NoteHash[] = [];
+  private nullifiers: Nullifier[] = [];
+  private noteHashReadRequests: ScopedReadRequest[] = [];
+  private nullifierReadRequests: ScopedReadRequest[] = [];
+  private keyValidationRequests: KeyValidationRequestAndSeparator[] = [];
+  private privateLogs: PrivateLogData[] = [];
+  private nextCounter: number;
+
+  constructor(
+    private contractAddress: AztecAddress = DEFAULT_CONTRACT_ADDRESS,
+    startCounter = 1,
+  ) {
+    this.nextCounter = startCounter;
+  }
+
+  private getCounter(sideEffectCounter?: number): number {
+    if (sideEffectCounter !== undefined) {
+      this.nextCounter = sideEffectCounter + 1;
+      return sideEffectCounter;
+    }
+    return this.nextCounter++;
+  }
+
+  /** Adds a note hash. Defaults are generated randomly. */
+  addNoteHash(opts?: { value?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    this.noteHashes.push(new NoteHash(value, counter));
+    return this;
+  }
+
+  /** Adds a nullifier. Defaults are generated randomly. */
+  addNullifier(opts?: { value?: Fr; noteHash?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const noteHash = opts?.noteHash ?? Fr.ZERO;
+    const counter = this.getCounter(opts?.counter);
+    this.nullifiers.push(new Nullifier(value, noteHash, counter));
+    return this;
+  }
+
+  /** Adds a pending note hash read request (non-empty contract address, can match a pending note hash). */
+  addPendingNoteHashReadRequest(opts?: { value?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    this.noteHashReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), this.contractAddress));
+    return this;
+  }
+
+  /** Adds a settled note hash read request (empty contract address, resolved against the note hash tree). */
+  addSettledNoteHashReadRequest(opts?: { value?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    this.noteHashReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), AztecAddress.ZERO));
+    return this;
+  }
+
+  /** Adds a pending nullifier read request (non-empty contract address, can match a pending nullifier). */
+  addPendingNullifierReadRequest(opts?: { value?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    this.nullifierReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), this.contractAddress));
+    return this;
+  }
+
+  /** Adds a settled nullifier read request (empty contract address, resolved against the nullifier tree). */
+  addSettledNullifierReadRequest(opts?: { value?: Fr; counter?: number }): this {
+    const value = opts?.value ?? Fr.random();
+    const counter = this.getCounter(opts?.counter);
+    this.nullifierReadRequests.push(new ScopedReadRequest(new ReadRequest(value, counter), AztecAddress.ZERO));
+    return this;
+  }
+
+  /** Adds a key validation request. */
+  addKeyValidationRequest(): this {
+    this.keyValidationRequests.push(
+      new KeyValidationRequestAndSeparator(
+        new KeyValidationRequest(new Point(Fr.random(), Fr.random(), false), Fr.random()),
+        Fr.random(),
+      ),
+    );
+    return this;
+  }
+
+  /** Adds a private log. Defaults are generated randomly. */
+  addPrivateLog(opts?: { noteHashCounter?: number; counter?: number }): this {
+    const noteHashCounter = opts?.noteHashCounter ?? 0;
+    const counter = this.getCounter(opts?.counter);
+    this.privateLogs.push(new PrivateLogData(PrivateLog.empty(), noteHashCounter, counter));
+    return this;
+  }
+
+  /** Builds the PrivateCircuitPublicInputs with all added side effects. */
+  build(): PrivateCircuitPublicInputs {
+    const publicInputs = PrivateCircuitPublicInputs.empty();
+    publicInputs.callContext.contractAddress = this.contractAddress;
+    publicInputs.noteHashes = makeClaimed(this.noteHashes, NoteHash, MAX_NOTE_HASHES_PER_CALL);
+    publicInputs.nullifiers = makeClaimed(this.nullifiers, Nullifier, MAX_NULLIFIERS_PER_CALL);
+    publicInputs.privateLogs = makeClaimed(this.privateLogs, PrivateLogData, MAX_PRIVATE_LOGS_PER_CALL);
+    publicInputs.noteHashReadRequests = makeClaimed(
+      this.noteHashReadRequests,
+      ScopedReadRequest,
+      MAX_NOTE_HASH_READ_REQUESTS_PER_CALL,
+    );
+    publicInputs.nullifierReadRequests = makeClaimed(
+      this.nullifierReadRequests,
+      ScopedReadRequest,
+      MAX_NULLIFIER_READ_REQUESTS_PER_CALL,
+    );
+    publicInputs.keyValidationRequestsAndSeparators = makeClaimed(
+      this.keyValidationRequests,
+      KeyValidationRequestAndSeparator,
+      MAX_KEY_VALIDATION_REQUESTS_PER_CALL,
+    );
+    return publicInputs;
+  }
+}
+
+/** Wraps a PrivateKernelCircuitPublicInputs in a PrivateKernelSimulateOutput. */
+export function makeKernelOutput(
+  publicInputs?: PrivateKernelCircuitPublicInputs,
+): PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs> {
+  return {
+    publicInputs: publicInputs ?? PrivateKernelCircuitPublicInputs.empty(),
+    verificationKey: VerificationKeyData.empty(),
+    outputWitness: new Map(),
+    bytecode: Buffer.from([]),
+  };
+}
+
+/** Wraps a PrivateCircuitPublicInputs in a PrivateCallExecutionResult. */
+export function makeExecutionResult(publicInputs?: PrivateCircuitPublicInputs): PrivateCallExecutionResult {
+  return new PrivateCallExecutionResult(
+    Buffer.alloc(0),
+    Buffer.alloc(0),
+    new Map(),
+    publicInputs ?? PrivateCircuitPublicInputs.empty(),
+    [],
+    new Map(),
+    [],
+    [],
+    [],
+    [],
+    [],
+  );
+}

package/src/private_kernel/private_kernel_execution_prover.ts

@@ -116,6 +116,7 @@ export class PrivateKernelExecutionProver {
           splitCounter,
         );
         while (resetBuilder.needsReset()) {
+          // Inner reset: without siloing.
           const witgenTimer = new Timer();
           const privateInputs = await resetBuilder.build(this.oracle);
           output = generateWitnesses
@@ -216,16 +217,24 @@ export class PrivateKernelExecutionProver {
       firstIteration = false;
     }
 
-    // Reset.
-    let resetBuilder = new PrivateKernelResetPrivateInputsBuilder(
+    // Final reset: include siloing of note hashes, nullifiers and private logs.
+    const finalResetBuilder = new PrivateKernelResetPrivateInputsBuilder(
       output,
       [],
       noteHashNullifierCounterMap,
       splitCounter,
     );
-    while (resetBuilder.needsReset()) {
+    if (!finalResetBuilder.needsReset()) {
+      // The final reset must be performed exactly once, because each tx has at least one nullifier that requires
+      // siloing, and siloing cannot be done multiple times.
+      // While, in theory, it might be possible to silo note hashes first and then run another reset to silo nullifiers
+      // and/or private logs, we currently don't have standalone dimensions for the arrays that require siloing. As a
+      // result, all necessary siloing must be done together in a single reset.
+      // Refer to the possible combinations of dimensions in private_kernel_reset_config.json.
+      throw new Error('Nothing to reset for the final reset.');
+    } else {
       const witgenTimer = new Timer();
-      const privateInputs = await resetBuilder.build(this.oracle);
+      const privateInputs = await finalResetBuilder.build(this.oracle);
       output = generateWitnesses
         ? await this.proofCreator.generateResetOutput(privateInputs)
         : await this.proofCreator.simulateReset(privateInputs);
@@ -239,8 +248,6 @@ export class PrivateKernelExecutionProver {
           witgen: witgenTimer.ms(),
         },
       });
-
-      resetBuilder = new PrivateKernelResetPrivateInputsBuilder(output, [], noteHashNullifierCounterMap, splitCounter);
     }
 
     if (output.publicInputs.feePayer.isZero() && skipFeeEnforcement) {
@@ -260,20 +267,20 @@ export class PrivateKernelExecutionProver {
     // TODO: Enable padding once we better understand the final amounts to pad to.
     const paddedSideEffectAmounts = PaddedSideEffectAmounts.empty();
 
-    // Use the aggregated includeByTimestamp set throughout the tx execution.
-    // TODO: Call `computeTxIncludeByTimestamp` to round the value down and reduce precision, improving privacy.
-    const includeByTimestampUpperBound = previousKernelData.publicInputs.includeByTimestamp;
+    // Use the aggregated expirationTimestamp set throughout the tx execution.
+    // TODO: Call `computeTxExpirationTimestamp` to round the value down and reduce precision, improving privacy.
+    const expirationTimestampUpperBound = previousKernelData.publicInputs.expirationTimestamp;
     const anchorBlockTimestamp = previousKernelData.publicInputs.constants.anchorBlockHeader.globalVariables.timestamp;
-    if (includeByTimestampUpperBound <= anchorBlockTimestamp) {
+    if (expirationTimestampUpperBound <= anchorBlockTimestamp) {
       throw new Error(
-        `Include-by timestamp must be greater than the anchor block timestamp. Anchor block timestamp: ${anchorBlockTimestamp}. Include-by timestamp: ${includeByTimestampUpperBound}.`,
+        `Include-by timestamp must be greater than the anchor block timestamp. Anchor block timestamp: ${anchorBlockTimestamp}. Include-by timestamp: ${expirationTimestampUpperBound}.`,
       );
     }
 
     const privateInputs = new PrivateKernelTailCircuitPrivateInputs(
       previousKernelData,
       paddedSideEffectAmounts,
-      includeByTimestampUpperBound,
+      expirationTimestampUpperBound,
     );
 
     const witgenTimer = new Timer();

package/src/private_kernel/private_kernel_oracle.ts

@@ -8,11 +8,7 @@ import { ProtocolContractAddress } from '@aztec/protocol-contracts';
 import type { FunctionSelector } from '@aztec/stdlib/abi';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
 import { BlockHash } from '@aztec/stdlib/block';
-import {
-  type ContractInstanceWithAddress,
-  computeContractClassIdPreimage,
-  computeSaltedInitializationHash,
-} from '@aztec/stdlib/contract';
+import { type ContractInstanceWithAddress, computeSaltedInitializationHash } from '@aztec/stdlib/contract';
 import { DelayedPublicMutableValues, DelayedPublicMutableValuesWithHash } from '@aztec/stdlib/delayed-public-mutable';
 import { computePublicDataTreeLeafSlot } from '@aztec/stdlib/hash';
 import type { AztecNode } from '@aztec/stdlib/interfaces/client';
@@ -49,11 +45,15 @@ export class PrivateKernelOracle {
 
   /** Retrieves the preimage of a contract class id from the contract classes db. */
   public async getContractClassIdPreimage(contractClassId: Fr) {
-    const contractClass = await this.contractStore.getContractClass(contractClassId);
+    const contractClass = await this.contractStore.getContractClassWithPreimage(contractClassId);
     if (!contractClass) {
       throw new Error(`Contract class not found when getting class id preimage. Class id: ${contractClassId}.`);
     }
-    return computeContractClassIdPreimage(contractClass);
+    return {
+      artifactHash: contractClass.artifactHash,
+      privateFunctionsRoot: contractClass.privateFunctionsRoot,
+      publicBytecodeCommitment: contractClass.publicBytecodeCommitment,
+    };
   }
 
   /** Returns a membership witness with the sibling path and leaf index in our private functions tree. */