@aztec/pxe 0.40.1 → 0.41.0

package/src/kernel_prover/private_inputs_builders/build_private_kernel_reset_hints.ts

@@ -0,0 +1,179 @@
+import {
+  Fr,
+  KeyValidationHint,
+  MAX_KEY_VALIDATION_REQUESTS_PER_TX,
+  MAX_NEW_NOTE_HASHES_PER_TX,
+  MAX_NEW_NULLIFIERS_PER_TX,
+  MAX_NOTE_ENCRYPTED_LOGS_PER_TX,
+  MAX_NOTE_HASH_READ_REQUESTS_PER_TX,
+  MAX_NULLIFIER_READ_REQUESTS_PER_TX,
+  MembershipWitness,
+  NULLIFIER_TREE_HEIGHT,
+  PRIVATE_RESET_VARIANTS,
+  type PrivateKernelData,
+  PrivateKernelResetCircuitPrivateInputs,
+  type PrivateKernelResetCircuitPrivateInputsVariants,
+  PrivateKernelResetHints,
+  type ScopedKeyValidationRequest,
+  type ScopedNullifier,
+  type ScopedReadRequest,
+  buildNoteHashReadRequestHints,
+  buildNullifierReadRequestHints,
+  buildTransientDataHints,
+} from '@aztec/circuits.js';
+import { makeTuple } from '@aztec/foundation/array';
+import { type Tuple } from '@aztec/foundation/serialize';
+
+import { type ProvingDataOracle } from '../proving_data_oracle.js';
+import { buildPrivateKernelResetOutputs } from './build_private_kernel_reset_outputs.js';
+
+function getNullifierReadRequestHints<PENDING extends number, SETTLED extends number>(
+  nullifierReadRequests: Tuple<ScopedReadRequest, typeof MAX_NULLIFIER_READ_REQUESTS_PER_TX>,
+  nullifiers: Tuple<ScopedNullifier, typeof MAX_NEW_NULLIFIERS_PER_TX>,
+  oracle: ProvingDataOracle,
+  sizePending: PENDING,
+  sizeSettled: SETTLED,
+) {
+  const getNullifierMembershipWitness = async (nullifier: Fr) => {
+    const res = await oracle.getNullifierMembershipWitness(nullifier);
+    if (!res) {
+      throw new Error(`Cannot find the leaf for nullifier ${nullifier.toBigInt()}.`);
+    }
+
+    const { index, siblingPath, leafPreimage } = res;
+    return {
+      membershipWitness: new MembershipWitness(
+        NULLIFIER_TREE_HEIGHT,
+        index,
+        siblingPath.toTuple<typeof NULLIFIER_TREE_HEIGHT>(),
+      ),
+      leafPreimage,
+    };
+  };
+
+  return buildNullifierReadRequestHints(
+    { getNullifierMembershipWitness },
+    nullifierReadRequests,
+    nullifiers,
+    sizePending,
+    sizeSettled,
+  );
+}
+
+async function getMasterSecretKeysAndAppKeyGenerators(
+  keyValidationRequests: Tuple<ScopedKeyValidationRequest, typeof MAX_KEY_VALIDATION_REQUESTS_PER_TX>,
+  oracle: ProvingDataOracle,
+) {
+  const keysHints = makeTuple(MAX_KEY_VALIDATION_REQUESTS_PER_TX, KeyValidationHint.empty);
+
+  let keyIndex = 0;
+  for (let i = 0; i < keyValidationRequests.length; ++i) {
+    const request = keyValidationRequests[i].request;
+    if (request.isEmpty()) {
+      break;
+    }
+    const [secretKeys, appKeyGenerator] = await oracle.getMasterSecretKeyAndAppKeyGenerator(request.masterPublicKey);
+    keysHints[keyIndex] = new KeyValidationHint(secretKeys, new Fr(appKeyGenerator), i);
+    keyIndex++;
+  }
+  return {
+    keysCount: keyIndex,
+    keysHints,
+  };
+}
+
+export async function buildPrivateKernelResetInputs(
+  previousKernelData: PrivateKernelData,
+  noteHashLeafIndexMap: Map<bigint, bigint>,
+  oracle: ProvingDataOracle,
+) {
+  const publicInputs = previousKernelData.publicInputs;
+  // Use max sizes, they will be trimmed down later.
+  const {
+    numPendingReadHints: noteHashPendingReadHints,
+    numSettledReadHints: noteHashSettledReadHints,
+    hints: noteHashReadRequestHints,
+  } = await buildNoteHashReadRequestHints(
+    oracle,
+    publicInputs.validationRequests.noteHashReadRequests,
+    publicInputs.end.newNoteHashes,
+    noteHashLeafIndexMap,
+    MAX_NOTE_HASH_READ_REQUESTS_PER_TX,
+    MAX_NOTE_HASH_READ_REQUESTS_PER_TX,
+  );
+
+  const {
+    numPendingReadHints: nullifierPendingReadHints,
+    numSettledReadHints: nullifierSettledReadHints,
+    hints: nullifierReadRequestHints,
+  } = await getNullifierReadRequestHints(
+    publicInputs.validationRequests.nullifierReadRequests,
+    publicInputs.end.newNullifiers,
+    oracle,
+    MAX_NULLIFIER_READ_REQUESTS_PER_TX,
+    MAX_NULLIFIER_READ_REQUESTS_PER_TX,
+  );
+
+  const { keysCount, keysHints } = await getMasterSecretKeysAndAppKeyGenerators(
+    publicInputs.validationRequests.keyValidationRequests,
+    oracle,
+  );
+
+  const [
+    transientNullifierIndexesForNoteHashes,
+    transientNoteHashIndexesForNullifiers,
+    transientNoteHashIndexesForLogs,
+  ] = buildTransientDataHints(
+    publicInputs.end.newNoteHashes,
+    publicInputs.end.newNullifiers,
+    publicInputs.end.noteEncryptedLogsHashes,
+    MAX_NEW_NOTE_HASHES_PER_TX,
+    MAX_NEW_NULLIFIERS_PER_TX,
+    MAX_NOTE_ENCRYPTED_LOGS_PER_TX,
+  );
+
+  const expectedOutputs = buildPrivateKernelResetOutputs(
+    previousKernelData.publicInputs.end.newNoteHashes,
+    previousKernelData.publicInputs.end.newNullifiers,
+    previousKernelData.publicInputs.end.noteEncryptedLogsHashes,
+  );
+
+  let privateInputs;
+
+  for (const [sizeTag, hintSizes] of Object.entries(PRIVATE_RESET_VARIANTS)) {
+    if (
+      hintSizes.NOTE_HASH_PENDING_AMOUNT >= noteHashPendingReadHints &&
+      hintSizes.NOTE_HASH_SETTLED_AMOUNT >= noteHashSettledReadHints &&
+      hintSizes.NULLIFIER_PENDING_AMOUNT >= nullifierPendingReadHints &&
+      hintSizes.NULLIFIER_SETTLED_AMOUNT >= nullifierSettledReadHints &&
+      hintSizes.NULLIFIER_KEYS >= keysCount
+    ) {
+      privateInputs = new PrivateKernelResetCircuitPrivateInputs(
+        previousKernelData,
+        expectedOutputs,
+        new PrivateKernelResetHints(
+          transientNullifierIndexesForNoteHashes,
+          transientNoteHashIndexesForNullifiers,
+          transientNoteHashIndexesForLogs,
+          noteHashReadRequestHints,
+          nullifierReadRequestHints,
+          keysHints,
+        ).trimToSizes(
+          hintSizes.NOTE_HASH_PENDING_AMOUNT,
+          hintSizes.NOTE_HASH_SETTLED_AMOUNT,
+          hintSizes.NULLIFIER_PENDING_AMOUNT,
+          hintSizes.NULLIFIER_SETTLED_AMOUNT,
+          hintSizes.NULLIFIER_KEYS,
+        ),
+        sizeTag,
+      );
+      break;
+    }
+  }
+
+  if (!privateInputs) {
+    throw new Error('No private inputs found for the given hint sizes.');
+  }
+
+  return privateInputs as PrivateKernelResetCircuitPrivateInputsVariants;
+}

package/src/kernel_prover/private_inputs_builders/{build_private_kernel_tail_outputs.ts → build_private_kernel_reset_outputs.ts}

@@ -1,16 +1,19 @@
 import {
   MAX_NEW_NOTE_HASHES_PER_TX,
   MAX_NEW_NULLIFIERS_PER_TX,
-  PrivateKernelTailOutputs,
+  MAX_NOTE_ENCRYPTED_LOGS_PER_TX,
+  NoteLogHash,
+  PrivateKernelResetOutputs,
   ScopedNoteHash,
   ScopedNullifier,
 } from '@aztec/circuits.js';
 import { padArrayEnd } from '@aztec/foundation/collection';
 import { type Tuple } from '@aztec/foundation/serialize';
 
-export function buildPrivateKernelTailOutputs(
+export function buildPrivateKernelResetOutputs(
   prevNoteHashes: Tuple<ScopedNoteHash, typeof MAX_NEW_NOTE_HASHES_PER_TX>,
   prevNullifiers: Tuple<ScopedNullifier, typeof MAX_NEW_NULLIFIERS_PER_TX>,
+  prevLogs: Tuple<NoteLogHash, typeof MAX_NOTE_ENCRYPTED_LOGS_PER_TX>,
 ) {
   // Propagate note hashes that are not linked to a nullifier.
   // Note that note hashes can't link to the first nullifier (counter == 0).
@@ -26,5 +29,13 @@ export function buildPrivateKernelTailOutputs(
     MAX_NEW_NULLIFIERS_PER_TX,
   );
 
-  return new PrivateKernelTailOutputs(noteHashes, nullifiers);
+  const nullifiedNotes = prevNoteHashes.filter(n => !n.isEmpty() && n.nullifierCounter).map(n => n.counter);
+
+  const logs = padArrayEnd(
+    prevLogs.filter(l => !l.isEmpty() && !nullifiedNotes.includes(l.noteHashCounter)),
+    NoteLogHash.empty(),
+    MAX_NOTE_ENCRYPTED_LOGS_PER_TX,
+  );
+
+  return new PrivateKernelResetOutputs(noteHashes, nullifiers, logs);
 }

package/src/kernel_prover/private_inputs_builders/build_private_kernel_tail_hints.ts

@@ -1,119 +1,15 @@
 import {
-  type Fr,
-  GrumpkinScalar,
-  type MAX_ENCRYPTED_LOGS_PER_TX,
+  MAX_ENCRYPTED_LOGS_PER_TX,
   MAX_NEW_NOTE_HASHES_PER_TX,
   MAX_NEW_NULLIFIERS_PER_TX,
-  MAX_NULLIFIER_KEY_VALIDATION_REQUESTS_PER_TX,
-  type MAX_NULLIFIER_READ_REQUESTS_PER_TX,
-  type MAX_UNENCRYPTED_LOGS_PER_TX,
-  MembershipWitness,
-  NULLIFIER_TREE_HEIGHT,
+  MAX_NOTE_ENCRYPTED_LOGS_PER_TX,
+  MAX_UNENCRYPTED_LOGS_PER_TX,
   type PrivateKernelCircuitPublicInputs,
   PrivateKernelTailHints,
-  type ScopedNullifier,
-  type ScopedNullifierKeyValidationRequest,
-  type ScopedReadRequest,
-  type SideEffect,
-  type SideEffectType,
-  buildNoteHashReadRequestHints,
-  buildNullifierReadRequestHints,
-  buildTransientDataHints,
   sortByCounterGetSortedHints,
 } from '@aztec/circuits.js';
-import { makeTuple } from '@aztec/foundation/array';
-import { type Tuple } from '@aztec/foundation/serialize';
-
-import { type ProvingDataOracle } from '../proving_data_oracle.js';
-
-/** @deprecated Use sortByCounterGetSortedHints instead */
-function sortSideEffects<T extends SideEffectType, K extends number>(
-  sideEffects: Tuple<T, K>,
-): [Tuple<T, K>, Tuple<number, K>] {
-  const sorted = sideEffects
-    .map((sideEffect, index) => ({ sideEffect, index }))
-    .sort((a, b) => {
-      // Empty ones go to the right
-      if (a.sideEffect.isEmpty()) {
-        return 1;
-      }
-      return Number(a.sideEffect.counter.toBigInt() - b.sideEffect.counter.toBigInt());
-    });
-
-  const originalToSorted = sorted.map(() => 0);
-  sorted.forEach(({ index }, i) => {
-    originalToSorted[index] = i;
-  });
-
-  return [sorted.map(({ sideEffect }) => sideEffect) as Tuple<T, K>, originalToSorted as Tuple<number, K>];
-}
-
-function getNullifierReadRequestHints(
-  nullifierReadRequests: Tuple<ScopedReadRequest, typeof MAX_NULLIFIER_READ_REQUESTS_PER_TX>,
-  nullifiers: Tuple<ScopedNullifier, typeof MAX_NEW_NULLIFIERS_PER_TX>,
-  oracle: ProvingDataOracle,
-) {
-  const getNullifierMembershipWitness = async (nullifier: Fr) => {
-    const res = await oracle.getNullifierMembershipWitness(nullifier);
-    if (!res) {
-      throw new Error(`Cannot find the leaf for nullifier ${nullifier.toBigInt()}.`);
-    }
-
-    const { index, siblingPath, leafPreimage } = res;
-    return {
-      membershipWitness: new MembershipWitness(
-        NULLIFIER_TREE_HEIGHT,
-        index,
-        siblingPath.toTuple<typeof NULLIFIER_TREE_HEIGHT>(),
-      ),
-      leafPreimage,
-    };
-  };
-
-  return buildNullifierReadRequestHints({ getNullifierMembershipWitness }, nullifierReadRequests, nullifiers);
-}
-
-async function getMasterNullifierSecretKeys(
-  nullifierKeyValidationRequests: Tuple<
-    ScopedNullifierKeyValidationRequest,
-    typeof MAX_NULLIFIER_KEY_VALIDATION_REQUESTS_PER_TX
-  >,
-  oracle: ProvingDataOracle,
-) {
-  const keys = makeTuple(MAX_NULLIFIER_KEY_VALIDATION_REQUESTS_PER_TX, GrumpkinScalar.zero);
-  for (let i = 0; i < nullifierKeyValidationRequests.length; ++i) {
-    const request = nullifierKeyValidationRequests[i].request;
-    if (request.isEmpty()) {
-      break;
-    }
-    keys[i] = await oracle.getMasterNullifierSecretKey(request.masterNullifierPublicKey);
-  }
-  return keys;
-}
-
-export async function buildPrivateKernelTailHints(
-  publicInputs: PrivateKernelCircuitPublicInputs,
-  noteHashLeafIndexMap: Map<bigint, bigint>,
-  oracle: ProvingDataOracle,
-) {
-  const noteHashReadRequestHints = await buildNoteHashReadRequestHints(
-    oracle,
-    publicInputs.validationRequests.noteHashReadRequests,
-    publicInputs.end.newNoteHashes,
-    noteHashLeafIndexMap,
-  );
-
-  const nullifierReadRequestHints = await getNullifierReadRequestHints(
-    publicInputs.validationRequests.nullifierReadRequests,
-    publicInputs.end.newNullifiers,
-    oracle,
-  );
-
-  const masterNullifierSecretKeys = await getMasterNullifierSecretKeys(
-    publicInputs.validationRequests.nullifierKeyValidationRequests,
-    oracle,
-  );
 
+export function buildPrivateKernelTailHints(publicInputs: PrivateKernelCircuitPublicInputs) {
   const [sortedNoteHashes, sortedNoteHashesIndexes] = sortByCounterGetSortedHints(
     publicInputs.end.newNoteHashes,
     MAX_NEW_NOTE_HASHES_PER_TX,
@@ -124,33 +20,28 @@ export async function buildPrivateKernelTailHints(
     MAX_NEW_NULLIFIERS_PER_TX,
   );
 
-  const [sortedEncryptedLogHashes, sortedEncryptedLogHashesIndexes] = sortSideEffects<
-    SideEffect,
-    typeof MAX_ENCRYPTED_LOGS_PER_TX
-  >(publicInputs.end.encryptedLogsHashes);
+  const [sortedNoteEncryptedLogHashes, sortedNoteEncryptedLogHashesIndexes] = sortByCounterGetSortedHints(
+    publicInputs.end.noteEncryptedLogsHashes,
+    MAX_NOTE_ENCRYPTED_LOGS_PER_TX,
+  );
 
-  const [sortedUnencryptedLogHashes, sortedUnencryptedLogHashesIndexes] = sortSideEffects<
-    SideEffect,
-    typeof MAX_UNENCRYPTED_LOGS_PER_TX
-  >(publicInputs.end.unencryptedLogsHashes);
+  const [sortedEncryptedLogHashes, sortedEncryptedLogHashesIndexes] = sortByCounterGetSortedHints(
+    publicInputs.end.encryptedLogsHashes,
+    MAX_ENCRYPTED_LOGS_PER_TX,
+  );
 
-  const [transientNullifierIndexesForNoteHashes, transientNoteHashIndexesForNullifiers] = buildTransientDataHints(
-    sortedNoteHashes,
-    sortedNullifiers,
-    MAX_NEW_NOTE_HASHES_PER_TX,
-    MAX_NEW_NULLIFIERS_PER_TX,
+  const [sortedUnencryptedLogHashes, sortedUnencryptedLogHashesIndexes] = sortByCounterGetSortedHints(
+    publicInputs.end.unencryptedLogsHashes,
+    MAX_UNENCRYPTED_LOGS_PER_TX,
   );
 
   return new PrivateKernelTailHints(
-    transientNullifierIndexesForNoteHashes,
-    transientNoteHashIndexesForNullifiers,
-    noteHashReadRequestHints,
-    nullifierReadRequestHints,
-    masterNullifierSecretKeys,
     sortedNoteHashes,
     sortedNoteHashesIndexes,
     sortedNullifiers,
     sortedNullifiersIndexes,
+    sortedNoteEncryptedLogHashes,
+    sortedNoteEncryptedLogHashesIndexes,
     sortedEncryptedLogHashes,
     sortedEncryptedLogHashesIndexes,
     sortedUnencryptedLogHashes,

package/src/kernel_prover/private_inputs_builders/index.ts

@@ -1,3 +1,5 @@
+export { buildPrivateKernelInitHints } from './build_private_kernel_init_hints.js';
 export { buildPrivateKernelInnerHints } from './build_private_kernel_inner_hints.js';
 export { buildPrivateKernelTailHints } from './build_private_kernel_tail_hints.js';
-export { buildPrivateKernelTailOutputs } from './build_private_kernel_tail_outputs.js';
+export { buildPrivateKernelResetInputs } from './build_private_kernel_reset_hints.js';
+export { buildPrivateKernelResetOutputs } from './build_private_kernel_reset_outputs.js';

package/src/kernel_prover/proving_data_oracle.ts

@@ -4,6 +4,7 @@ import {
   type Fr,
   type FunctionSelector,
   type GrumpkinPrivateKey,
+  type KeyGenerator,
   type MembershipWitness,
   type NOTE_HASH_TREE_HEIGHT,
   type Point,
@@ -70,10 +71,13 @@ export interface ProvingDataOracle {
   getNoteHashTreeRoot(): Promise<Fr>;
 
   /**
-   * Get the master secret key of the nullifier public key.
-   *
-   * @param nullifierPublicKey - The nullifier public key.
-   * @returns the master nullifier secret key.
+   * Retrieves the sk_m for the pk_m and a generator index of the key type.
+   * @throws If the provided public key is not associated with any of the registered accounts.
+   * @param masterPublicKey - The master public key to get secret key for.
+   * @returns A Promise that resolves to sk_m and the corresponding app key generator.
+   * @dev Used when feeding the sk_m to the kernel circuit for keys verification.
    */
-  getMasterNullifierSecretKey(nullifierPublicKey: Point): Promise<GrumpkinPrivateKey>;
+  getMasterSecretKeyAndAppKeyGenerator(masterPublicKey: Point): Promise<[GrumpkinPrivateKey, KeyGenerator]>;
+
+  getFunctionName(contractAddress: AztecAddress, selector: FunctionSelector): Promise<string | undefined>;
 }

package/src/kernel_prover/test/test_circuit_prover.ts

@@ -1,11 +1,12 @@
 import { type AppCircuitProofOutput, type KernelProofOutput, type ProofCreator } from '@aztec/circuit-types';
-import { type CircuitSimulationStats } from '@aztec/circuit-types/stats';
+import type { CircuitName, CircuitSimulationStats } from '@aztec/circuit-types/stats';
 import {
   NESTED_RECURSIVE_PROOF_LENGTH,
   type PrivateCircuitPublicInputs,
   type PrivateKernelCircuitPublicInputs,
   type PrivateKernelInitCircuitPrivateInputs,
   type PrivateKernelInnerCircuitPrivateInputs,
+  type PrivateKernelResetCircuitPrivateInputsVariants,
   type PrivateKernelTailCircuitPrivateInputs,
   type PrivateKernelTailCircuitPublicInputs,
   RECURSIVE_PROOF_LENGTH,
@@ -15,7 +16,13 @@ import {
 import { siloNoteHash } from '@aztec/circuits.js/hash';
 import { createDebugLogger } from '@aztec/foundation/log';
 import { elapsed } from '@aztec/foundation/timer';
-import { executeInit, executeInner, executeTail, executeTailForPublic } from '@aztec/noir-protocol-circuits-types';
+import {
+  executeInit,
+  executeInner,
+  executeReset,
+  executeTail,
+  executeTailForPublic,
+} from '@aztec/noir-protocol-circuits-types';
 
 /**
  * Test Proof Creator executes circuit simulations and provides fake proofs.
@@ -59,6 +66,20 @@ export class TestProofCreator implements ProofCreator {
     return this.makeEmptyKernelProofOutput<PrivateKernelCircuitPublicInputs>(result);
   }
 
+  public async createProofReset(
+    privateInputs: PrivateKernelResetCircuitPrivateInputsVariants,
+  ): Promise<KernelProofOutput<PrivateKernelCircuitPublicInputs>> {
+    const [duration, result] = await elapsed(() => executeReset(privateInputs));
+    this.log.debug(`Simulated private kernel reset`, {
+      eventName: 'circuit-simulation',
+      circuitName: ('private-kernel-reset-' + privateInputs.sizeTag) as CircuitName,
+      duration,
+      inputSize: privateInputs.toBuffer().length,
+      outputSize: result.toBuffer().length,
+    } satisfies CircuitSimulationStats);
+    return this.makeEmptyKernelProofOutput<PrivateKernelCircuitPublicInputs>(result);
+  }
+
   public async createProofTail(
     privateInputs: PrivateKernelTailCircuitPrivateInputs,
   ): Promise<KernelProofOutput<PrivateKernelTailCircuitPublicInputs>> {
@@ -68,7 +89,7 @@ export class TestProofCreator implements ProofCreator {
     );
     this.log.debug(`Simulated private kernel ordering`, {
       eventName: 'circuit-simulation',
-      circuitName: 'private-kernel-ordering',
+      circuitName: 'private-kernel-tail',
       duration,
       inputSize: privateInputs.toBuffer().length,
       outputSize: result.toBuffer().length,

package/src/note_processor/note_processor.ts

@@ -1,7 +1,6 @@
 import {
   type AztecNode,
   type EncryptedL2BlockL2Logs,
-  type KeyStore,
   L1NotePayload,
   type L2Block,
   TaggedNote,
@@ -11,6 +10,7 @@ import { INITIAL_L2_BLOCK_NUM, MAX_NEW_NOTE_HASHES_PER_TX, type PublicKey } from
 import { type Fr } from '@aztec/foundation/fields';
 import { createDebugLogger } from '@aztec/foundation/log';
 import { Timer } from '@aztec/foundation/timer';
+import { type KeyStore } from '@aztec/key-store';
 import { ContractNotFoundError } from '@aztec/simulator';
 
 import { DeferredNoteDao } from '../database/deferred_note_dao.js';
@@ -130,7 +130,8 @@ export class NoteProcessor {
         for (const functionLogs of txFunctionLogs) {
           for (const log of functionLogs.logs) {
             this.stats.seen++;
-            const taggedNote = TaggedNote.fromEncryptedBuffer(log.data, secretKey);
+            // @todo Issue(#6410) We should also try decrypting as outgoing if this fails.
+            const taggedNote = TaggedNote.decryptAsIncoming(log.data, secretKey);
             if (taggedNote?.notePayload) {
               const { notePayload: payload } = taggedNote;
               // We have successfully decrypted the data.

package/src/note_processor/produce_note_dao.ts

@@ -107,25 +107,9 @@ async function findNoteIndexAndNullifier(
   }
 
   if (!nonce) {
-    let errorString;
-    if (siloedNoteHash == undefined) {
-      errorString = 'Cannot find a matching commitment for the note.';
-    } else {
-      errorString = `We decrypted a log, but couldn't find a corresponding note in the tree.
-This might be because the note was nullified in the same tx which created it.
-In that case, everything is fine. To check whether this is the case, look back through
-the logs for a notification
-'important: chopped commitment for siloed inner hash note
-${siloedNoteHash.toString()}'.
-If you can see that notification. Everything's fine.
-If that's not the case, and you can't find such a notification, something has gone wrong.
-There could be a problem with the way you've defined a custom note, or with the way you're
-serializing / deserializing / hashing / encrypting / decrypting that note.
-Please see the following github issue to track an improvement that we're working on:
-https://github.com/AztecProtocol/aztec-packages/issues/1641`;
-    }
-
-    throw new Error(errorString);
+    // NB: this used to warn the user that a decrypted log didn't match any notes.
+    // This was previously fine as we didn't chop transient note logs, but now we do (#1641 complete).
+    throw new Error('Cannot find a matching commitment for the note.');
   }
 
   return {

package/src/pxe_service/create_pxe_service.ts

@@ -1,7 +1,8 @@
 import { BBNativeProofCreator } from '@aztec/bb-prover';
 import { type AztecNode, type ProofCreator } from '@aztec/circuit-types';
 import { randomBytes } from '@aztec/foundation/crypto';
-import { TestKeyStore } from '@aztec/key-store';
+import { createDebugLogger } from '@aztec/foundation/log';
+import { KeyStore } from '@aztec/key-store';
 import { AztecLmdbStore } from '@aztec/kv-store/lmdb';
 import { initStoreForRollup } from '@aztec/kv-store/utils';
 import { getCanonicalClassRegisterer } from '@aztec/protocol-contracts/class-registerer';
@@ -19,7 +20,7 @@ import { PXEService } from './pxe_service.js';
 
 /**
  * Create and start an PXEService instance with the given AztecNode.
- * If no keyStore or database is provided, it will use TestKeyStore and MemoryDB as default values.
+ * If no keyStore or database is provided, it will use KeyStore and MemoryDB as default values.
  * Returns a Promise that resolves to the started PXEService instance.
  *
  * @param aztecNode - The AztecNode instance to be used by the server.
@@ -41,9 +42,7 @@ export async function createPXEService(
   const keyStorePath = config.dataDirectory ? join(config.dataDirectory, 'pxe_key_store') : undefined;
   const l1Contracts = await aztecNode.getL1ContractAddresses();
 
-  const keyStore = new TestKeyStore(
-    await initStoreForRollup(AztecLmdbStore.open(keyStorePath), l1Contracts.rollupAddress),
-  );
+  const keyStore = new KeyStore(await initStoreForRollup(AztecLmdbStore.open(keyStorePath), l1Contracts.rollupAddress));
   const db = new KVPxeDatabase(await initStoreForRollup(AztecLmdbStore.open(pxeDbPath), l1Contracts.rollupAddress));
 
   // (@PhilWindle) Temporary validation until WASM is implemented
@@ -54,7 +53,11 @@ export async function createPXEService(
     }
     prover = !config.proverEnabled
       ? new TestProofCreator()
-      : new BBNativeProofCreator(config.bbBinaryPath!, config.bbWorkingDirectory!);
+      : new BBNativeProofCreator(
+          config.bbBinaryPath!,
+          config.bbWorkingDirectory!,
+          createDebugLogger('aztec:pxe:bb-native-prover' + (logSuffix ? `:${logSuffix}` : '')),
+        );
   }
 
   const server = new PXEService(keyStore, aztecNode, db, prover, config, logSuffix);

package/src/pxe_service/pxe_service.ts

@@ -5,7 +5,6 @@ import {
   ExtendedNote,
   type FunctionCall,
   type GetUnencryptedLogsResponse,
-  type KeyStore,
   type L2Block,
   type LogFilter,
   MerkleTreeId,
@@ -38,16 +37,19 @@ import {
 import { computeNoteHashNonce, siloNullifier } from '@aztec/circuits.js/hash';
 import { type ContractArtifact, type DecodedReturn, FunctionSelector, encodeArguments } from '@aztec/foundation/abi';
 import { arrayNonEmptyLength, padArrayEnd } from '@aztec/foundation/collection';
-import { Fr } from '@aztec/foundation/fields';
+import { type Fq, Fr } from '@aztec/foundation/fields';
 import { SerialQueue } from '@aztec/foundation/fifo';
 import { type DebugLogger, createDebugLogger } from '@aztec/foundation/log';
 import { Timer } from '@aztec/foundation/timer';
+import { type KeyStore } from '@aztec/key-store';
 import {
   type AcirSimulator,
   type ExecutionResult,
+  accumulateReturnValues,
   collectEnqueuedPublicFunctionCalls,
   collectPublicTeardownFunctionCall,
   collectSortedEncryptedLogs,
+  collectSortedNoteEncryptedLogs,
   collectSortedUnencryptedLogs,
   resolveOpcodeLocations,
 } from '@aztec/simulator';
@@ -159,6 +161,10 @@ export class PXEService implements PXE {
     return this.db.getAuthWitness(messageHash);
   }
 
+  async rotateNskM(account: AztecAddress, secretKey: Fq): Promise<void> {
+    await this.keyStore.rotateMasterNullifierKey(account, secretKey);
+  }
+
   public addCapsule(capsule: Fr[]) {
     return this.db.addCapsule(capsule);
   }
@@ -207,14 +213,6 @@ export class PXEService implements PXE {
     return Promise.resolve(account);
   }
 
-  public async getRegisteredAccountPublicKeysHash(address: AztecAddress): Promise<Fr | undefined> {
-    const accounts = await this.keyStore.getAccounts();
-    if (!accounts.some(account => account.equals(address))) {
-      return undefined;
-    }
-    return this.keyStore.getPublicKeysHash(address);
-  }
-
   public async registerRecipient(recipient: CompleteAddress): Promise<void> {
     const wasAdded = await this.db.addCompleteAddress(recipient);
 
@@ -468,7 +466,7 @@ export class PXEService implements PXE {
     return txHash;
   }
 
-  public async viewTx(
+  public async simulateUnconstrained(
     functionName: string,
     args: any[],
     to: AztecAddress,
@@ -523,6 +521,7 @@ export class PXEService implements PXE {
       args: encodeArguments(functionDao, args),
       functionData: FunctionData.fromAbi(functionDao),
       to,
+      isStatic: functionDao.isStatic,
     };
   }
 
@@ -665,6 +664,7 @@ export class PXEService implements PXE {
     this.log.debug(`Executing kernel prover...`);
     const { proof, publicInputs } = await kernelProver.prove(txExecutionRequest.toTxRequest(), executionResult);
 
+    const noteEncryptedLogs = new EncryptedTxL2Logs([collectSortedNoteEncryptedLogs(executionResult)]);
     const unencryptedLogs = new UnencryptedTxL2Logs([collectSortedUnencryptedLogs(executionResult)]);
     const encryptedLogs = new EncryptedTxL2Logs([collectSortedEncryptedLogs(executionResult)]);
     const enqueuedPublicFunctions = collectEnqueuedPublicFunctionCalls(executionResult);
@@ -677,12 +677,14 @@ export class PXEService implements PXE {
     const tx = new Tx(
       publicInputs,
       proof.binaryProof,
+      noteEncryptedLogs,
       encryptedLogs,
       unencryptedLogs,
       enqueuedPublicFunctions,
       teardownPublicFunction,
     );
-    return new SimulatedTx(tx, executionResult.returnValues);
+
+    return new SimulatedTx(tx, accumulateReturnValues(executionResult));
   }
 
   /**