@aztec/pxe 0.0.1-commit.f504929 → 0.0.1-commit.f5d02921e

package/src/pxe.ts

@@ -68,6 +68,7 @@ import { PXEDebugUtils } from './debug/pxe_debug_utils.js';
 import { enrichPublicSimulationError, enrichSimulationError } from './error_enriching.js';
 import { PrivateEventFilterValidator } from './events/private_event_filter_validator.js';
 import { JobCoordinator } from './job_coordinator/job_coordinator.js';
+import { MessageContextService } from './messages/message_context_service.js';
 import {
   PrivateKernelExecutionProver,
   type PrivateKernelExecutionProverConfig,
@@ -106,7 +107,9 @@ export type SimulateTxOpts = {
   skipTxValidation?: boolean;
   /** If false, fees are enforced. */
   skipFeeEnforcement?: boolean;
-  /** State overrides for the simulation, such as contract instances and artifacts. */
+  /** If true, kernel logic is emulated in TS for simulation */
+  skipKernels?: boolean;
+  /** State overrides for the simulation, such as contract instances and artifacts. Requires skipKernels: true */
   overrides?: SimulationOverrides;
   /** Addresses whose private state and keys are accessible during private execution */
   scopes: AccessScopes;
@@ -158,6 +161,7 @@ export class PXE {
     private addressStore: AddressStore,
     private privateEventStore: PrivateEventStore,
     private contractSyncService: ContractSyncService,
+    private messageContextService: MessageContextService,
     private simulator: CircuitSimulator,
     private proverEnabled: boolean,
     private proofCreator: PrivateKernelProver,
@@ -211,8 +215,11 @@ export class PXE {
       node,
       contractStore,
       noteStore,
+      () => keyStore.getAccounts(),
       createLogger('pxe:contract_sync', bindings),
     );
+    const messageContextService = new MessageContextService(node);
+
     const synchronizer = new BlockSynchronizer(
       node,
       store,
@@ -254,6 +261,7 @@ export class PXE {
       addressStore,
       privateEventStore,
       contractSyncService,
+      messageContextService,
       simulator,
       proverEnabled,
       proofCreator,
@@ -295,6 +303,7 @@ export class PXE {
       privateEventStore: this.privateEventStore,
       simulator: this.simulator,
       contractSyncService: this.contractSyncService,
+      messageContextService: this.messageContextService,
     });
   }
 
@@ -414,7 +423,14 @@ export class PXE {
   ) {
     try {
       const anchorBlockHeader = await this.anchorBlockStore.getBlockHeader();
-      return contractFunctionSimulator.runUtility(call, authWitnesses ?? [], anchorBlockHeader, scopes, jobId);
+      const { result, offchainEffects } = await contractFunctionSimulator.runUtility(
+        call,
+        authWitnesses ?? [],
+        anchorBlockHeader,
+        scopes,
+        jobId,
+      );
+      return { result, offchainEffects };
     } catch (err) {
       if (err instanceof SimulationError) {
         await enrichSimulationError(err, this.contractStore, this.log);
@@ -487,7 +503,9 @@ export class PXE {
    * @returns The synced block header
    */
   public getSyncedBlockHeader(): Promise<BlockHeader> {
-    return this.anchorBlockStore.getBlockHeader();
+    return this.#putInJobQueue(() => {
+      return this.anchorBlockStore.getBlockHeader();
+    });
   }
 
   /**
@@ -554,6 +572,9 @@ export class PXE {
 
     if (wasAdded) {
       this.log.info(`Added sender:\n ${sender.toString()}`);
+      // Wipe the entire sync cache: the new sender's tagged logs could contain notes/events for any contract, so
+      // all contracts must re-sync to discover them.
+      this.contractSyncService.wipe();
     } else {
       this.log.info(`Sender:\n "${sender.toString()}"\n already registered.`);
     }
@@ -766,17 +787,17 @@ export class PXE {
         // transaction before this one is included in a block from this PXE, and that transaction contains a log with
         // a tag derived from the same secret, we would reuse the tag and the transactions would be linked. Hence
         // storing the tags here prevents linkage of txs sent from the same PXE.
-        const preTagsUsedInTheTx = privateExecutionResult.entrypoint.preTags;
-        if (preTagsUsedInTheTx.length > 0) {
+        const taggingIndexRangesUsedInTheTx = privateExecutionResult.entrypoint.taggingIndexRanges;
+        if (taggingIndexRangesUsedInTheTx.length > 0) {
           // TODO(benesjan): The following is an expensive operation. Figure out a way to avoid it.
           const txHash = (await txProvingResult.toTx()).txHash;
 
-          await this.senderTaggingStore.storePendingIndexes(preTagsUsedInTheTx, txHash, jobId);
-          this.log.debug(`Stored used pre-tags as sender for the tx`, {
-            preTagsUsedInTheTx,
+          await this.senderTaggingStore.storePendingIndexes(taggingIndexRangesUsedInTheTx, txHash, jobId);
+          this.log.debug(`Stored used tagging index ranges as sender for the tx`, {
+            taggingIndexRangesUsedInTheTx,
           });
         } else {
-          this.log.debug(`No pre-tags used in the tx`);
+          this.log.debug(`No tagging index ranges used in the tx`);
         }
 
         return txProvingResult;
@@ -883,7 +904,14 @@ export class PXE {
    */
   public simulateTx(
     txRequest: TxExecutionRequest,
-    { simulatePublic, skipTxValidation = false, skipFeeEnforcement = false, overrides, scopes }: SimulateTxOpts,
+    {
+      simulatePublic,
+      skipTxValidation = false,
+      skipFeeEnforcement = false,
+      skipKernels = true,
+      overrides,
+      scopes,
+    }: SimulateTxOpts,
   ): Promise<TxSimulationResult> {
     // We disable concurrent simulations since those might execute oracles which read and write to the PXE stores (e.g.
     // to the capsules), and we need to prevent concurrent runs from interfering with one another (e.g. attempting to
@@ -907,17 +935,20 @@ export class PXE {
         await this.blockStateSynchronizer.sync();
         const syncTime = syncTimer.ms();
 
-        const contractFunctionSimulator = this.#getSimulatorForTx(overrides);
-        // Temporary: in case there are overrides, we have to skip the kernels or validations
-        // will fail. Consider handing control to the user/wallet on whether they want to run them
-        // or not.
         const overriddenContracts = overrides?.contracts ? new Set(Object.keys(overrides.contracts)) : undefined;
         const hasOverriddenContracts = overriddenContracts !== undefined && overriddenContracts.size > 0;
-        const skipKernels = hasOverriddenContracts;
 
-        // Set overridden contracts on the sync service so it knows to skip syncing them
+        if (hasOverriddenContracts && !skipKernels) {
+          throw new Error(
+            'Simulating with overridden contracts is not compatible with kernel execution. Please set skipKernels to true when simulating with overridden contracts.',
+          );
+        }
+        const contractFunctionSimulator = this.#getSimulatorForTx(overrides);
+
         if (hasOverriddenContracts) {
-          this.contractSyncService.setOverriddenContracts(jobId, overriddenContracts);
+          // Overridden contracts don't have a sync function, so calling sync on them would fail.
+          // We exclude them so the sync service skips them entirely.
+          this.contractSyncService.setExcludedFromSync(jobId, overriddenContracts);
         }
 
         // Execution of private functions only; no proving, and no kernel logic.
@@ -1049,7 +1080,7 @@ export class PXE {
           scopes,
         );
 
-        const executionResult = await this.#executeUtility(
+        const { result: executionResult, offchainEffects } = await this.#executeUtility(
           contractFunctionSimulator,
           call,
           authwits ?? [],
@@ -1070,7 +1101,12 @@ export class PXE {
         };
 
         const simulationStats = contractFunctionSimulator.getStats();
-        return { result: executionResult, stats: { timings, nodeRPCCalls: simulationStats.nodeRPCCalls } };
+        return {
+          result: executionResult,
+          offchainEffects,
+          anchorBlockTimestamp: anchorBlockHeader.globalVariables.timestamp,
+          stats: { timings, nodeRPCCalls: simulationStats.nodeRPCCalls },
+        };
       } catch (err: any) {
         const { to, name, args } = call;
         const stringifiedArgs = args.map(arg => arg.toString()).join(', ');

package/src/storage/capsule_store/capsule_service.ts

@@ -0,0 +1,91 @@
+import type { Fr } from '@aztec/foundation/curves/bn254';
+import { AztecAddress } from '@aztec/stdlib/aztec-address';
+import type { Capsule } from '@aztec/stdlib/tx';
+
+import type { AccessScopes } from '../../access_scopes.js';
+import type { CapsuleStore } from './capsule_store.js';
+
+/**
+ * Wraps a CapsuleStore with scope-based access control. Each operation asserts that the requested scope is in the
+ * allowed scopes list before delegating to the underlying store.
+ */
+export class CapsuleService {
+  constructor(
+    private readonly capsuleStore: CapsuleStore,
+    private readonly allowedScopes: AccessScopes,
+  ) {}
+
+  setCapsule(contractAddress: AztecAddress, slot: Fr, capsule: Fr[], jobId: string, scope: AztecAddress) {
+    assertAllowedScope(scope, this.allowedScopes);
+    this.capsuleStore.setCapsule(contractAddress, slot, capsule, jobId, scope);
+  }
+
+  async getCapsule(
+    contractAddress: AztecAddress,
+    slot: Fr,
+    jobId: string,
+    scope: AztecAddress,
+    transientCapsules?: Capsule[],
+  ): Promise<Fr[] | null> {
+    assertAllowedScope(scope, this.allowedScopes);
+
+    // TODO(#12425): On the following line, the pertinent capsule gets overshadowed by the transient one. Tackle this.
+    const maybeTransientCapsule = transientCapsules?.find(
+      c =>
+        c.contractAddress.equals(contractAddress) &&
+        c.storageSlot.equals(slot) &&
+        (c.scope ?? AztecAddress.ZERO).equals(scope),
+    )?.data;
+
+    return maybeTransientCapsule ?? (await this.capsuleStore.getCapsule(contractAddress, slot, jobId, scope));
+  }
+
+  deleteCapsule(contractAddress: AztecAddress, slot: Fr, jobId: string, scope: AztecAddress) {
+    assertAllowedScope(scope, this.allowedScopes);
+    this.capsuleStore.deleteCapsule(contractAddress, slot, jobId, scope);
+  }
+
+  copyCapsule(
+    contractAddress: AztecAddress,
+    srcSlot: Fr,
+    dstSlot: Fr,
+    numEntries: number,
+    jobId: string,
+    scope: AztecAddress,
+  ): Promise<void> {
+    assertAllowedScope(scope, this.allowedScopes);
+    return this.capsuleStore.copyCapsule(contractAddress, srcSlot, dstSlot, numEntries, jobId, scope);
+  }
+
+  appendToCapsuleArray(
+    contractAddress: AztecAddress,
+    baseSlot: Fr,
+    content: Fr[][],
+    jobId: string,
+    scope: AztecAddress,
+  ): Promise<void> {
+    assertAllowedScope(scope, this.allowedScopes);
+    return this.capsuleStore.appendToCapsuleArray(contractAddress, baseSlot, content, jobId, scope);
+  }
+
+  readCapsuleArray(contractAddress: AztecAddress, baseSlot: Fr, jobId: string, scope: AztecAddress): Promise<Fr[][]> {
+    assertAllowedScope(scope, this.allowedScopes);
+    return this.capsuleStore.readCapsuleArray(contractAddress, baseSlot, jobId, scope);
+  }
+
+  setCapsuleArray(contractAddress: AztecAddress, baseSlot: Fr, content: Fr[][], jobId: string, scope: AztecAddress) {
+    assertAllowedScope(scope, this.allowedScopes);
+    return this.capsuleStore.setCapsuleArray(contractAddress, baseSlot, content, jobId, scope);
+  }
+}
+
+function assertAllowedScope(scope: AztecAddress, allowedScopes: AccessScopes) {
+  if (allowedScopes === 'ALL_SCOPES' || scope.equals(AztecAddress.ZERO)) {
+    return;
+  }
+  if (!allowedScopes.some(allowed => allowed.equals(scope))) {
+    throw new Error(
+      `Scope ${scope.toString()} is not in the allowed scopes list: [${allowedScopes.map(s => s.toString()).join(', ')}]. See https://docs.aztec.network/errors/10`,
+    );
+  }
+}

package/src/storage/capsule_store/capsule_store.ts

@@ -1,7 +1,7 @@
 import { Fr } from '@aztec/foundation/curves/bn254';
 import { type Logger, createLogger } from '@aztec/foundation/log';
 import type { AztecAsyncKVStore, AztecAsyncMap } from '@aztec/kv-store';
-import type { AztecAddress } from '@aztec/stdlib/aztec-address';
+import { AztecAddress } from '@aztec/stdlib/aztec-address';
 
 import type { StagedStore } from '../../job_coordinator/job_coordinator.js';
 
@@ -10,11 +10,12 @@ export class CapsuleStore implements StagedStore {
 
   #store: AztecAsyncKVStore;
 
-  // Arbitrary data stored by contracts. Key is computed as `${contractAddress}:${key}`
+  // Arbitrary data stored by contracts. Key is computed as `${contractAddress}:${scope}:${key}`, using the zero
+  // address for the global scope.
   #capsules: AztecAsyncMap<string, Buffer>;
 
-  // jobId => `${contractAddress}:${key}` => capsule data
-  // when `#stagedCapsules.get('some-job-id').get('${some-contract-address:some-key') === null`,
+  // jobId => `${contractAddress}:${scope}:${key}` => capsule data
+  // when `#stagedCapsules.get('some-job-id').get('${some-contract-address}:${some-scope}:${some-key}') === null`,
   // it signals that the capsule was deleted during the job, so it needs to be deleted on commit
   #stagedCapsules: Map<string, Map<string, Buffer | null>>;
 
@@ -134,8 +135,8 @@ export class CapsuleStore implements StagedStore {
    * to public contract storage in that it's indexed by the contract address and storage slot but instead of the global
    * network state it's backed by local PXE db.
    */
-  storeCapsule(contractAddress: AztecAddress, slot: Fr, capsule: Fr[], jobId: string) {
-    const dbSlotKey = dbSlotToKey(contractAddress, slot);
+  setCapsule(contractAddress: AztecAddress, slot: Fr, capsule: Fr[], jobId: string, scope: AztecAddress) {
+    const dbSlotKey = dbSlotToKey(contractAddress, slot, scope);
 
     // A store overrides any pre-existing data on the slot
     this.#setOnStage(jobId, dbSlotKey, Buffer.concat(capsule.map(value => value.toBuffer())));
@@ -147,8 +148,8 @@ export class CapsuleStore implements StagedStore {
    * @param slot - The slot in the database to read.
    * @returns The stored data or `null` if no data is stored under the slot.
    */
-  async loadCapsule(contractAddress: AztecAddress, slot: Fr, jobId: string): Promise<Fr[] | null> {
-    const dataBuffer = await this.#getFromStage(jobId, dbSlotToKey(contractAddress, slot));
+  async getCapsule(contractAddress: AztecAddress, slot: Fr, jobId: string, scope: AztecAddress): Promise<Fr[] | null> {
+    const dataBuffer = await this.#getFromStage(jobId, dbSlotToKey(contractAddress, slot, scope));
     if (!dataBuffer) {
       this.logger.trace(`Data not found for contract ${contractAddress.toString()} and slot ${slot.toString()}`);
       return null;
@@ -165,9 +166,9 @@ export class CapsuleStore implements StagedStore {
    * @param contractAddress - The contract address under which the data is scoped.
    * @param slot - The slot in the database to delete.
    */
-  deleteCapsule(contractAddress: AztecAddress, slot: Fr, jobId: string) {
+  deleteCapsule(contractAddress: AztecAddress, slot: Fr, jobId: string, scope: AztecAddress) {
     // When we commit this, we will interpret null as a deletion, so we'll propagate the delete to the KV store
-    this.#deleteOnStage(jobId, dbSlotToKey(contractAddress, slot));
+    this.#deleteOnStage(jobId, dbSlotToKey(contractAddress, slot, scope));
   }
 
   /**
@@ -187,6 +188,7 @@ export class CapsuleStore implements StagedStore {
     dstSlot: Fr,
     numEntries: number,
     jobId: string,
+    scope: AztecAddress,
   ): Promise<void> {
     // This transactional context gives us "copy atomicity":
     // there shouldn't be concurrent writes to what's being copied here.
@@ -203,8 +205,8 @@ export class CapsuleStore implements StagedStore {
       }
 
       for (const i of indexes) {
-        const currentSrcSlot = dbSlotToKey(contractAddress, srcSlot.add(new Fr(i)));
-        const currentDstSlot = dbSlotToKey(contractAddress, dstSlot.add(new Fr(i)));
+        const currentSrcSlot = dbSlotToKey(contractAddress, srcSlot.add(new Fr(i)), scope);
+        const currentDstSlot = dbSlotToKey(contractAddress, dstSlot.add(new Fr(i)), scope);
 
         const toCopy = await this.#getFromStage(jobId, currentSrcSlot);
         if (!toCopy) {
@@ -224,7 +226,13 @@ export class CapsuleStore implements StagedStore {
    * @param baseSlot - The slot where the array length is stored
    * @param content - Array of capsule data to append
    */
-  appendToCapsuleArray(contractAddress: AztecAddress, baseSlot: Fr, content: Fr[][], jobId: string): Promise<void> {
+  appendToCapsuleArray(
+    contractAddress: AztecAddress,
+    baseSlot: Fr,
+    content: Fr[][],
+    jobId: string,
+    scope: AztecAddress,
+  ): Promise<void> {
     // We wrap this in a transaction to serialize concurrent calls from Promise.all.
     // Without this, concurrent appends to the same array could race: both read length=0,
     // both write at the same slots, one overwrites the other.
@@ -232,22 +240,22 @@ export class CapsuleStore implements StagedStore {
     // and not using a transaction here would heavily impact performance.
     return this.#store.transactionAsync(async () => {
       // Load current length, defaulting to 0 if not found
-      const lengthData = await this.loadCapsule(contractAddress, baseSlot, jobId);
+      const lengthData = await this.getCapsule(contractAddress, baseSlot, jobId, scope);
       const currentLength = lengthData ? lengthData[0].toNumber() : 0;
 
       // Store each capsule at consecutive slots after baseSlot + 1 + currentLength
       for (let i = 0; i < content.length; i++) {
         const nextSlot = arraySlot(baseSlot, currentLength + i);
-        this.storeCapsule(contractAddress, nextSlot, content[i], jobId);
+        this.setCapsule(contractAddress, nextSlot, content[i], jobId, scope);
       }
 
       // Update length to include all new capsules
       const newLength = currentLength + content.length;
-      this.storeCapsule(contractAddress, baseSlot, [new Fr(newLength)], jobId);
+      this.setCapsule(contractAddress, baseSlot, [new Fr(newLength)], jobId, scope);
     });
   }
 
-  readCapsuleArray(contractAddress: AztecAddress, baseSlot: Fr, jobId: string): Promise<Fr[][]> {
+  readCapsuleArray(contractAddress: AztecAddress, baseSlot: Fr, jobId: string, scope: AztecAddress): Promise<Fr[][]> {
     // I'm leaving this transactional context here though because I'm assuming this
     // gives us "read array atomicity": there shouldn't be concurrent writes to what's being copied
     // here.
@@ -255,14 +263,14 @@ export class CapsuleStore implements StagedStore {
     // of jobs: different calls running concurrently on the same contract may cause trouble.
     return this.#store.transactionAsync(async () => {
       // Load length, defaulting to 0 if not found
-      const maybeLength = await this.loadCapsule(contractAddress, baseSlot, jobId);
+      const maybeLength = await this.getCapsule(contractAddress, baseSlot, jobId, scope);
       const length = maybeLength ? maybeLength[0].toBigInt() : 0n;
 
       const values: Fr[][] = [];
 
       // Read each capsule at consecutive slots after baseSlot
       for (let i = 0; i < length; i++) {
-        const currentValue = await this.loadCapsule(contractAddress, arraySlot(baseSlot, i), jobId);
+        const currentValue = await this.getCapsule(contractAddress, arraySlot(baseSlot, i), jobId, scope);
         if (currentValue == undefined) {
           throw new Error(
             `Expected non-empty value at capsule array in base slot ${baseSlot} at index ${i} for contract ${contractAddress}`,
@@ -276,7 +284,7 @@ export class CapsuleStore implements StagedStore {
     });
   }
 
-  setCapsuleArray(contractAddress: AztecAddress, baseSlot: Fr, content: Fr[][], jobId: string) {
+  setCapsuleArray(contractAddress: AztecAddress, baseSlot: Fr, content: Fr[][], jobId: string, scope: AztecAddress) {
     // This transactional context in theory isn't so critical now because we aren't
     // writing to DB so if there's exceptions midway and it blows up, no visible impact
     // to persistent storage will happen.
@@ -287,27 +295,27 @@ export class CapsuleStore implements StagedStore {
     // of jobs: different calls running concurrently on the same contract may cause trouble.
     return this.#store.transactionAsync(async () => {
       // Load current length, defaulting to 0 if not found
-      const maybeLength = await this.loadCapsule(contractAddress, baseSlot, jobId);
+      const maybeLength = await this.getCapsule(contractAddress, baseSlot, jobId, scope);
       const originalLength = maybeLength ? maybeLength[0].toNumber() : 0;
 
       // Set the new length
-      this.storeCapsule(contractAddress, baseSlot, [new Fr(content.length)], jobId);
+      this.setCapsule(contractAddress, baseSlot, [new Fr(content.length)], jobId, scope);
 
       // Store the new content, possibly overwriting existing values
       for (let i = 0; i < content.length; i++) {
-        this.storeCapsule(contractAddress, arraySlot(baseSlot, i), content[i], jobId);
+        this.setCapsule(contractAddress, arraySlot(baseSlot, i), content[i], jobId, scope);
       }
 
       // Clear any stragglers
       for (let i = content.length; i < originalLength; i++) {
-        this.deleteCapsule(contractAddress, arraySlot(baseSlot, i), jobId);
+        this.deleteCapsule(contractAddress, arraySlot(baseSlot, i), jobId, scope);
       }
     });
   }
 }
 
-function dbSlotToKey(contractAddress: AztecAddress, slot: Fr): string {
-  return `${contractAddress.toString()}:${slot.toString()}`;
+function dbSlotToKey(contractAddress: AztecAddress, slot: Fr, scope: AztecAddress): string {
+  return [contractAddress.toString(), scope.toString(), slot.toString()].join(':');
 }
 
 function arraySlot(baseSlot: Fr, index: number) {

package/src/storage/capsule_store/index.ts

@@ -1 +1,2 @@
+export { CapsuleService } from './capsule_service.js';
 export { CapsuleStore } from './capsule_store.js';

package/src/storage/metadata.ts

@@ -1 +1 @@
-export const PXE_DATA_SCHEMA_VERSION = 3;
+export const PXE_DATA_SCHEMA_VERSION = 5;