@aztec/pxe 0.67.0 → 0.67.1-devnet

package/src/kernel_prover/hints/build_private_kernel_reset_private_inputs.ts

@@ -37,7 +37,7 @@ import {
 import { makeTuple } from '@aztec/foundation/array';
 import { padArrayEnd } from '@aztec/foundation/collection';
 import { type Tuple, assertLength } from '@aztec/foundation/serialize';
-import { privateKernelResetDimensionsConfig } from '@aztec/noir-protocol-circuits-types';
+import { privateKernelResetDimensionsConfig } from '@aztec/noir-protocol-circuits-types/client';
 
 import { type ProvingDataOracle } from '../proving_data_oracle.js';
 

package/src/kernel_prover/kernel_prover.ts

@@ -31,7 +31,8 @@ import { vkAsFieldsMegaHonk } from '@aztec/foundation/crypto';
 import { createLogger } from '@aztec/foundation/log';
 import { assertLength } from '@aztec/foundation/serialize';
 import { pushTestData } from '@aztec/foundation/testing';
-import { getVKTreeRoot } from '@aztec/noir-protocol-circuits-types';
+import { Timer } from '@aztec/foundation/timer';
+import { getVKTreeRoot } from '@aztec/noir-protocol-circuits-types/client';
 import {
   getProtocolContractSiblingPath,
   isProtocolContract,
@@ -118,6 +119,8 @@ export class KernelProver {
     profile: boolean = false,
     dryRun: boolean = false,
   ): Promise<PrivateKernelSimulateOutput<PrivateKernelTailCircuitPublicInputs>> {
+    const timer = new Timer();
+
     const isPrivateOnlyTx = this.isPrivateOnly(executionResult);
 
     const executionStack = [executionResult];
@@ -197,7 +200,9 @@ export class KernelProver {
           privateCallData,
           isPrivateOnlyTx,
         );
+
         pushTestData('private-kernel-inputs-init', proofInput);
+
         output = await this.proofCreator.simulateProofInit(proofInput);
 
         acirs.push(output.bytecode);
@@ -214,7 +219,9 @@ export class KernelProver {
           assertLength<Fr, typeof VK_TREE_HEIGHT>(previousVkMembershipWitness.siblingPath, VK_TREE_HEIGHT),
         );
         const proofInput = new PrivateKernelInnerCircuitPrivateInputs(previousKernelData, privateCallData);
+
         pushTestData('private-kernel-inputs-inner', proofInput);
+
         output = await this.proofCreator.simulateProofInner(proofInput);
 
         acirs.push(output.bytecode);
@@ -267,6 +274,7 @@ export class KernelProver {
     const privateInputs = new PrivateKernelTailCircuitPrivateInputs(previousKernelData);
 
     pushTestData('private-kernel-inputs-ordering', privateInputs);
+
     const tailOutput = await this.proofCreator.simulateProofTail(privateInputs);
     if (tailOutput.publicInputs.forPublic) {
       const privateLogs = privateInputs.previousKernel.publicInputs.end.privateLogs;
@@ -282,6 +290,8 @@ export class KernelProver {
       tailOutput.profileResult = { gateCounts };
     }
 
+    this.log.info(`Witness generation took ${timer.ms()}ms`);
+
     // TODO(#7368) how do we 'bincode' encode these inputs?
     if (!dryRun) {
       const ivcProof = await this.proofCreator.createClientIvcProof(acirs, witnessStack);

package/src/kernel_prover/test/test_circuit_prover.ts

@@ -1,11 +1,6 @@
-import {
-  type AppCircuitSimulateOutput,
-  type PrivateKernelProver,
-  type PrivateKernelSimulateOutput,
-} from '@aztec/circuit-types';
+import { type PrivateKernelProver, type PrivateKernelSimulateOutput } from '@aztec/circuit-types';
 import type { CircuitSimulationStats } from '@aztec/circuit-types/stats';
 import {
-  CLIENT_IVC_VERIFICATION_KEY_LENGTH_IN_FIELDS,
   ClientIvcProof,
   type PrivateKernelCircuitPublicInputs,
   type PrivateKernelInitCircuitPrivateInputs,
@@ -13,13 +8,12 @@ import {
   type PrivateKernelResetCircuitPrivateInputs,
   type PrivateKernelTailCircuitPrivateInputs,
   type PrivateKernelTailCircuitPublicInputs,
-  VerificationKeyAsFields,
 } from '@aztec/circuits.js';
 import { createLogger } from '@aztec/foundation/log';
 import { elapsed } from '@aztec/foundation/timer';
 import {
-  type ProtocolArtifact,
-  ProtocolCircuitVks,
+  ClientCircuitVks,
+  type ClientProtocolArtifact,
   executeInit,
   executeInner,
   executeReset,
@@ -27,7 +21,7 @@ import {
   executeTailForPublic,
   getPrivateKernelResetArtifactName,
   maxPrivateKernelResetDimensions,
-} from '@aztec/noir-protocol-circuits-types';
+} from '@aztec/noir-protocol-circuits-types/client';
 
 import { type WitnessMap } from '@noir-lang/types';
 
@@ -114,22 +108,12 @@ export class TestPrivateKernelProver implements PrivateKernelProver {
     return Promise.resolve(0);
   }
 
-  computeAppCircuitVerificationKey(
-    _bytecode: Buffer,
-    _appCircuitName?: string | undefined,
-  ): Promise<AppCircuitSimulateOutput> {
-    const appCircuitProofOutput: AppCircuitSimulateOutput = {
-      verificationKey: VerificationKeyAsFields.makeEmpty(CLIENT_IVC_VERIFICATION_KEY_LENGTH_IN_FIELDS),
-    };
-    return Promise.resolve(appCircuitProofOutput);
-  }
-
   private makeEmptyKernelSimulateOutput<
     PublicInputsType extends PrivateKernelTailCircuitPublicInputs | PrivateKernelCircuitPublicInputs,
-  >(publicInputs: PublicInputsType, circuitType: ProtocolArtifact) {
+  >(publicInputs: PublicInputsType, circuitType: ClientProtocolArtifact) {
     const kernelProofOutput: PrivateKernelSimulateOutput<PublicInputsType> = {
       publicInputs,
-      verificationKey: ProtocolCircuitVks[circuitType].keyAsFields,
+      verificationKey: ClientCircuitVks[circuitType].keyAsFields,
       outputWitness: new Map(),
       bytecode: Buffer.from([]),
     };

package/src/pxe_service/pxe_service.ts

@@ -56,13 +56,11 @@ import {
 } from '@aztec/foundation/abi';
 import { Fr, type Point } from '@aztec/foundation/fields';
 import { type Logger, createLogger } from '@aztec/foundation/log';
+import { Timer } from '@aztec/foundation/timer';
 import { type KeyStore } from '@aztec/key-store';
 import { type L2TipsStore } from '@aztec/kv-store/stores';
-import {
-  ProtocolContractAddress,
-  getCanonicalProtocolContract,
-  protocolContractNames,
-} from '@aztec/protocol-contracts';
+import { ProtocolContractAddress, protocolContractNames } from '@aztec/protocol-contracts';
+import { getCanonicalProtocolContract } from '@aztec/protocol-contracts/bundle';
 import { type AcirSimulator } from '@aztec/simulator/client';
 
 import { inspect } from 'util';
@@ -494,10 +492,11 @@ export class PXEService implements PXE {
         version: txRequest.txContext.version,
         authWitnesses: txRequest.authWitnesses.map(w => w.requestHash),
       };
-      this.log.verbose(
+      this.log.info(
         `Simulating transaction execution request to ${txRequest.functionSelector} at ${txRequest.origin}`,
         txInfo,
       );
+      const timer = new Timer();
       await this.synchronizer.sync();
       const privateExecutionResult = await this.#executePrivate(txRequest, msgSender, scopes);
 
@@ -526,7 +525,7 @@ export class PXEService implements PXE {
         }
       }
 
-      this.log.info(`Simulation completed for ${simulatedTx.tryGetTxHash()}`, {
+      this.log.info(`Simulation completed for ${simulatedTx.tryGetTxHash()} in ${timer.ms()}ms`, {
         txHash: simulatedTx.tryGetTxHash(),
         ...txInfo,
         ...(profileResult ? { gateCounts: profileResult.gateCounts } : {}),

package/src/simulator_oracle/index.ts

@@ -24,7 +24,7 @@ import {
   type L1_TO_L2_MSG_TREE_HEIGHT,
   PrivateLog,
   computeAddressSecret,
-  computeTaggingSecret,
+  computeTaggingSecretPoint,
 } from '@aztec/circuits.js';
 import { type FunctionArtifact, getFunctionArtifact } from '@aztec/foundation/abi';
 import { poseidon2Hash } from '@aztec/foundation/crypto';
@@ -38,6 +38,7 @@ import { type IncomingNoteDao } from '../database/incoming_note_dao.js';
 import { type PxeDatabase } from '../database/index.js';
 import { produceNoteDaos } from '../note_decryption_utils/produce_note_daos.js';
 import { getAcirSimulator } from '../simulator/index.js';
+import { getIndexedTaggingSecretsForTheWindow, getInitialIndexesMap } from './tagging_utils.js';
 
 /**
  * A data oracle that provides information needed for simulating a transaction.
@@ -257,28 +258,28 @@ export class SimulatorOracle implements DBOracle {
   }
 
   /**
-   * Returns the tagging secret for a given sender and recipient pair. For this to work, the ivpsk_m of the sender must be known.
+   * Returns the tagging secret for a given sender and recipient pair. For this to work, the ivsk_m of the sender must be known.
    * Includes the next index to be used used for tagging with this secret.
    * @param contractAddress - The contract address to silo the secret for
    * @param sender - The address sending the note
    * @param recipient - The address receiving the note
-   * @returns A siloed tagging secret that can be used to tag notes.
+   * @returns An indexed tagging secret that can be used to tag notes.
    */
-  public async getAppTaggingSecretAsSender(
+  public async getIndexedTaggingSecretAsSender(
     contractAddress: AztecAddress,
     sender: AztecAddress,
     recipient: AztecAddress,
   ): Promise<IndexedTaggingSecret> {
     await this.syncTaggedLogsAsSender(contractAddress, sender, recipient);
 
-    const secret = await this.#calculateTaggingSecret(contractAddress, sender, recipient);
-    const [index] = await this.db.getTaggingSecretsIndexesAsSender([secret]);
+    const appTaggingSecret = await this.#calculateAppTaggingSecret(contractAddress, sender, recipient);
+    const [index] = await this.db.getTaggingSecretsIndexesAsSender([appTaggingSecret]);
 
-    return new IndexedTaggingSecret(secret, index);
+    return new IndexedTaggingSecret(appTaggingSecret, index);
   }
 
   /**
-   * Increments the tagging secret for a given sender and recipient pair. For this to work, the ivpsk_m of the sender must be known.
+   * Increments the tagging secret for a given sender and recipient pair. For this to work, the ivsk_m of the sender must be known.
    * @param contractAddress - The contract address to silo the secret for
    * @param sender - The address sending the note
    * @param recipient - The address receiving the note
@@ -288,7 +289,7 @@ export class SimulatorOracle implements DBOracle {
     sender: AztecAddress,
     recipient: AztecAddress,
   ): Promise<void> {
-    const secret = await this.#calculateTaggingSecret(contractAddress, sender, recipient);
+    const secret = await this.#calculateAppTaggingSecret(contractAddress, sender, recipient);
     const contractName = await this.contractDataOracle.getDebugContractName(contractAddress);
     this.log.debug(`Incrementing app tagging secret at ${contractName}(${contractAddress})`, {
       secret,
@@ -302,25 +303,25 @@ export class SimulatorOracle implements DBOracle {
     await this.db.setTaggingSecretsIndexesAsSender([new IndexedTaggingSecret(secret, index + 1)]);
   }
 
-  async #calculateTaggingSecret(contractAddress: AztecAddress, sender: AztecAddress, recipient: AztecAddress) {
+  async #calculateAppTaggingSecret(contractAddress: AztecAddress, sender: AztecAddress, recipient: AztecAddress) {
     const senderCompleteAddress = await this.getCompleteAddress(sender);
     const senderIvsk = await this.keyStore.getMasterIncomingViewingSecretKey(sender);
-    const sharedSecret = computeTaggingSecret(senderCompleteAddress, senderIvsk, recipient);
-    // Silo the secret to the app so it can't be used to track other app's notes
-    const siloedSecret = poseidon2Hash([sharedSecret.x, sharedSecret.y, contractAddress]);
-    return siloedSecret;
+    const secretPoint = computeTaggingSecretPoint(senderCompleteAddress, senderIvsk, recipient);
+    // Silo the secret so it can't be used to track other app's notes
+    const appSecret = poseidon2Hash([secretPoint.x, secretPoint.y, contractAddress]);
+    return appSecret;
   }
 
   /**
-   * Returns the siloed tagging secrets for a given recipient and all the senders in the address book
+   * Returns the indexed tagging secrets for a given recipient and all the senders in the address book
    * This method should be exposed as an oracle call to allow aztec.nr to perform the orchestration
    * of the syncTaggedLogs and processTaggedLogs methods. However, it is not possible to do so at the moment,
    * so we're keeping it private for now.
    * @param contractAddress - The contract address to silo the secret for
    * @param recipient - The address receiving the notes
-   * @returns A list of siloed tagging secrets
+   * @returns A list of indexed tagging secrets
    */
-  async #getAppTaggingSecretsForContacts(
+  async #getIndexedTaggingSecretsForContacts(
     contractAddress: AztecAddress,
     recipient: AztecAddress,
   ): Promise<IndexedTaggingSecret[]> {
@@ -332,7 +333,7 @@ export class SimulatorOracle implements DBOracle {
       (address, index, self) => index === self.findIndex(otherAddress => otherAddress.equals(address)),
     );
     const appTaggingSecrets = contacts.map(contact => {
-      const sharedSecret = computeTaggingSecret(recipientCompleteAddress, recipientIvsk, contact);
+      const sharedSecret = computeTaggingSecretPoint(recipientCompleteAddress, recipientIvsk, contact);
       return poseidon2Hash([sharedSecret.x, sharedSecret.y, contractAddress]);
     });
     const indexes = await this.db.getTaggingSecretsIndexesAsRecipient(appTaggingSecrets);
@@ -351,7 +352,7 @@ export class SimulatorOracle implements DBOracle {
     sender: AztecAddress,
     recipient: AztecAddress,
   ): Promise<void> {
-    const appTaggingSecret = await this.#calculateTaggingSecret(contractAddress, sender, recipient);
+    const appTaggingSecret = await this.#calculateAppTaggingSecret(contractAddress, sender, recipient);
     let [currentIndex] = await this.db.getTaggingSecretsIndexesAsSender([appTaggingSecret]);
 
     const INDEX_OFFSET = 10;
@@ -409,7 +410,8 @@ export class SimulatorOracle implements DBOracle {
 
   /**
    * Synchronizes the logs tagged with scoped addresses and all the senders in the address book.
-   * Returns the unsynched logs and updates the indexes of the secrets used to tag them until there are no more logs to sync.
+   * Returns the unsynched logs and updates the indexes of the secrets used to tag them until there are no more logs
+   * to sync.
    * @param contractAddress - The address of the contract that the logs are tagged for
    * @param recipient - The address of the recipient
    * @returns A list of encrypted logs tagged with the recipient's address
@@ -419,125 +421,140 @@ export class SimulatorOracle implements DBOracle {
     maxBlockNumber: number,
     scopes?: AztecAddress[],
   ): Promise<Map<string, TxScopedL2Log[]>> {
+    // Half the size of the window we slide over the tagging secret indexes.
+    const WINDOW_HALF_SIZE = 10;
+
+    // Ideally this algorithm would be implemented in noir, exposing its building blocks as oracles.
+    // However it is impossible at the moment due to the language not supporting nested slices.
+    // This nesting is necessary because for a given set of tags we don't
+    // know how many logs we will get back. Furthermore, these logs are of undetermined
+    // length, since we don't really know the note they correspond to until we decrypt them.
+
     const recipients = scopes ? scopes : await this.keyStore.getAccounts();
-    const result = new Map<string, TxScopedL2Log[]>();
+    // A map of logs going from recipient address to logs. Note that the logs might have been processed before
+    // due to us having a sliding window that "looks back" for logs as well. (We look back as there is no guarantee
+    // that a logs will be received ordered by a given tax index and that the tags won't be reused).
+    const logsMap = new Map<string, TxScopedL2Log[]>();
     const contractName = await this.contractDataOracle.getDebugContractName(contractAddress);
     for (const recipient of recipients) {
-      const logs: TxScopedL2Log[] = [];
-      // Ideally this algorithm would be implemented in noir, exposing its building blocks as oracles.
-      // However it is impossible at the moment due to the language not supporting nested slices.
-      // This nesting is necessary because for a given set of tags we don't
-      // know how many logs we will get back. Furthermore, these logs are of undetermined
-      // length, since we don't really know the note they correspond to until we decrypt them.
-
-      // 1. Get all the secrets for the recipient and sender pairs (#9365)
-      const appTaggingSecrets = await this.#getAppTaggingSecretsForContacts(contractAddress, recipient);
-
-      // 1.1 Set up a sliding window with an offset. Chances are the sender might have messed up
-      // and inadvertently incremented their index without use getting any logs (for example, in case
-      // of a revert). If we stopped looking for logs the first time
-      // we receive 0 for a tag, we might never receive anything from that sender again.
-      // Also there's a possibility that we have advanced our index, but the sender has reused it, so
-      // we might have missed some logs. For these reasons, we have to look both back and ahead of the
-      // stored index
-      const INDEX_OFFSET = 10;
-      type SearchState = {
-        currentTagggingSecrets: IndexedTaggingSecret[];
-        maxIndexesToCheck: { [k: string]: number };
-        initialSecretIndexes: { [k: string]: number };
-        secretsToIncrement: { [k: string]: number };
-      };
-      const searchState = appTaggingSecrets.reduce<SearchState>(
-        (acc, appTaggingSecret) => ({
-          // Start looking for logs before the stored index
-          currentTagggingSecrets: acc.currentTagggingSecrets.concat([
-            new IndexedTaggingSecret(appTaggingSecret.secret, Math.max(0, appTaggingSecret.index - INDEX_OFFSET)),
-          ]),
-          // Keep looking for logs beyond the stored index
-          maxIndexesToCheck: {
-            ...acc.maxIndexesToCheck,
-            ...{ [appTaggingSecret.secret.toString()]: appTaggingSecret.index + INDEX_OFFSET },
-          },
-          // Keeps track of the secrets we have to increment in the database
-          secretsToIncrement: {},
-          // Store the initial set of indexes for the secrets
-          initialSecretIndexes: {
-            ...acc.initialSecretIndexes,
-            ...{ [appTaggingSecret.secret.toString()]: appTaggingSecret.index },
-          },
-        }),
-        { currentTagggingSecrets: [], maxIndexesToCheck: {}, secretsToIncrement: {}, initialSecretIndexes: {} },
-      );
+      const logsForRecipient: TxScopedL2Log[] = [];
+
+      // Get all the secrets for the recipient and sender pairs (#9365)
+      const secrets = await this.#getIndexedTaggingSecretsForContacts(contractAddress, recipient);
+
+      // We fetch logs for a window of indexes in a range:
+      //    <latest_log_index - WINDOW_HALF_SIZE, latest_log_index + WINDOW_HALF_SIZE>.
+      //
+      // We use this window approach because it could happen that a sender might have messed up and inadvertently
+      // incremented their index without us getting any logs (for example, in case of a revert). If we stopped looking
+      // for logs the first time we don't receive any logs for a tag, we might never receive anything from that sender again.
+      //    Also there's a possibility that we have advanced our index, but the sender has reused it, so we might have missed
+      // some logs. For these reasons, we have to look both back and ahead of the stored index.
+      let secretsAndWindows = secrets.map(secret => {
+        return {
+          appTaggingSecret: secret.appTaggingSecret,
+          leftMostIndex: Math.max(0, secret.index - WINDOW_HALF_SIZE),
+          rightMostIndex: secret.index + WINDOW_HALF_SIZE,
+        };
+      });
+
+      // As we iterate we store the largest index we have seen for a given secret to later on store it in the db.
+      const newLargestIndexMapToStore: { [k: string]: number } = {};
 
-      let { currentTagggingSecrets } = searchState;
-      const { maxIndexesToCheck, secretsToIncrement, initialSecretIndexes } = searchState;
+      // The initial/unmodified indexes of the secrets stored in a key-value map where key is the app tagging secret.
+      const initialIndexesMap = getInitialIndexesMap(secrets);
 
-      while (currentTagggingSecrets.length > 0) {
-        // 2. Compute tags using the secrets, recipient and index. Obtain logs for each tag (#9380)
-        const currentTags = currentTagggingSecrets.map(taggingSecret =>
-          taggingSecret.computeSiloedTag(recipient, contractAddress),
+      while (secretsAndWindows.length > 0) {
+        const secretsForTheWholeWindow = getIndexedTaggingSecretsForTheWindow(secretsAndWindows);
+        const tagsForTheWholeWindow = secretsForTheWholeWindow.map(secret =>
+          secret.computeSiloedTag(recipient, contractAddress),
         );
-        const logsByTags = await this.aztecNode.getLogsByTags(currentTags);
-        const newTaggingSecrets: IndexedTaggingSecret[] = [];
+
+        // We store the new largest indexes we find in the iteration in the following map to later on construct
+        // a new set of secrets and windows to fetch logs for.
+        const newLargestIndexMapForIteration: { [k: string]: number } = {};
+
+        // Fetch the logs for the tags and iterate over them
+        const logsByTags = await this.aztecNode.getLogsByTags(tagsForTheWholeWindow);
+
         logsByTags.forEach((logsByTag, logIndex) => {
-          const { secret: currentSecret, index: currentIndex } = currentTagggingSecrets[logIndex];
-          const currentSecretAsStr = currentSecret.toString();
-          this.log.debug(`Syncing logs for recipient ${recipient} at contract ${contractName}(${contractAddress})`, {
-            recipient,
-            secret: currentSecret,
-            index: currentIndex,
-            contractName,
-            contractAddress,
-          });
-          // 3.1. Append logs to the list and increment the index for the tags that have logs (#9380)
           if (logsByTag.length > 0) {
-            const newIndex = currentIndex + 1;
-            this.log.debug(
-              `Found ${logsByTag.length} logs as recipient ${recipient}. Incrementing index to ${newIndex} at contract ${contractName}(${contractAddress})`,
-              {
-                recipient,
-                secret: currentSecret,
-                newIndex,
-                contractName,
-                contractAddress,
-              },
-            );
-            logs.push(...logsByTag);
-
-            if (currentIndex >= initialSecretIndexes[currentSecretAsStr]) {
-              // 3.2. Increment the index for the tags that have logs, provided they're higher than the one
-              // we have stored in the db (#9380)
-              secretsToIncrement[currentSecretAsStr] = newIndex;
-              // 3.3. Slide the window forwards if we have found logs beyond the initial index
-              maxIndexesToCheck[currentSecretAsStr] = currentIndex + INDEX_OFFSET;
+            // The logs for the given tag exist so we store them for later processing
+            logsForRecipient.push(...logsByTag);
+
+            // We retrieve the indexed tagging secret corresponding to the log as I need that to evaluate whether
+            // a new largest index have been found.
+            const secretCorrespondingToLog = secretsForTheWholeWindow[logIndex];
+            const initialIndex = initialIndexesMap[secretCorrespondingToLog.appTaggingSecret.toString()];
+
+            this.log.debug(`Found ${logsByTag.length} logs as recipient ${recipient}`, {
+              recipient,
+              secret: secretCorrespondingToLog.appTaggingSecret,
+              contractName,
+              contractAddress,
+            });
+
+            if (
+              secretCorrespondingToLog.index >= initialIndex &&
+              (newLargestIndexMapForIteration[secretCorrespondingToLog.appTaggingSecret.toString()] === undefined ||
+                secretCorrespondingToLog.index >=
+                  newLargestIndexMapForIteration[secretCorrespondingToLog.appTaggingSecret.toString()])
+            ) {
+              // We have found a new largest index so we store it for later processing (storing it in the db + fetching
+              // the difference of the window sets of current and the next iteration)
+              newLargestIndexMapForIteration[secretCorrespondingToLog.appTaggingSecret.toString()] =
+                secretCorrespondingToLog.index + 1;
+
+              this.log.debug(
+                `Incrementing index to ${
+                  secretCorrespondingToLog.index + 1
+                } at contract ${contractName}(${contractAddress})`,
+              );
             }
           }
-          // 3.4 Keep increasing the index (inside the window) temporarily for the tags that have no logs
-          // There's a chance the sender missed some and we want to catch up
-          if (currentIndex < maxIndexesToCheck[currentSecretAsStr]) {
-            const newTaggingSecret = new IndexedTaggingSecret(currentSecret, currentIndex + 1);
-            newTaggingSecrets.push(newTaggingSecret);
-          }
         });
-        await this.db.setTaggingSecretsIndexesAsRecipient(
-          Object.keys(secretsToIncrement).map(
-            secret => new IndexedTaggingSecret(Fr.fromHexString(secret), secretsToIncrement[secret]),
-          ),
-        );
-        currentTagggingSecrets = newTaggingSecrets;
+
+        // Now based on the new largest indexes we found, we will construct a new secrets and windows set to fetch logs
+        // for. Note that it's very unlikely that a new log from the current window would appear between the iterations
+        // so we fetch the logs only for the difference of the window sets.
+        const newSecretsAndWindows = [];
+        for (const [appTaggingSecret, newIndex] of Object.entries(newLargestIndexMapForIteration)) {
+          const secret = secrets.find(secret => secret.appTaggingSecret.toString() === appTaggingSecret);
+          if (secret) {
+            newSecretsAndWindows.push({
+              appTaggingSecret: secret.appTaggingSecret,
+              // We set the left most index to the new index to avoid fetching the same logs again
+              leftMostIndex: newIndex,
+              rightMostIndex: newIndex + WINDOW_HALF_SIZE,
+            });
+
+            // We store the new largest index in the map to later store it in the db.
+            newLargestIndexMapToStore[appTaggingSecret] = newIndex;
+          } else {
+            throw new Error(
+              `Secret not found for appTaggingSecret ${appTaggingSecret}. This is a bug as it should never happen!`,
+            );
+          }
+        }
+
+        // Now we set the new secrets and windows and proceed to the next iteration.
+        secretsAndWindows = newSecretsAndWindows;
       }
 
-      result.set(
+      // We filter the logs by block number and store them in the map.
+      logsMap.set(
         recipient.toString(),
-        // Remove logs with a block number higher than the max block number
-        // Duplicates are likely to happen due to the sliding window, so we also filter them out
-        logs.filter(
-          (log, index, self) =>
-            log.blockNumber <= maxBlockNumber && index === self.findIndex(otherLog => otherLog.equals(log)),
+        logsForRecipient.filter(log => log.blockNumber <= maxBlockNumber),
+      );
+
+      // At this point we have processed all the logs for the recipient so we store the new largest indexes in the db.
+      await this.db.setTaggingSecretsIndexesAsRecipient(
+        Object.entries(newLargestIndexMapToStore).map(
+          ([appTaggingSecret, index]) => new IndexedTaggingSecret(Fr.fromHexString(appTaggingSecret), index),
         ),
       );
     }
-    return result;
+    return logsMap;
   }
 
   /**
@@ -628,27 +645,30 @@ export class SimulatorOracle implements DBOracle {
         });
       });
     }
-    const nullifiedNotes: IncomingNoteDao[] = [];
-    const currentNotesForRecipient = await this.db.getIncomingNotes({ owner: recipient });
-    const nullifiersToCheck = currentNotesForRecipient.map(note => note.siloedNullifier);
-    const currentBlockNumber = await this.getBlockNumber();
-    const nullifierIndexes = await this.aztecNode.findNullifiersIndexesWithBlock(currentBlockNumber, nullifiersToCheck);
-
-    const foundNullifiers = nullifiersToCheck
-      .map((nullifier, i) => {
-        if (nullifierIndexes[i] !== undefined) {
-          return { ...nullifierIndexes[i], ...{ data: nullifier } } as InBlock<Fr>;
-        }
-      })
-      .filter(nullifier => nullifier !== undefined) as InBlock<Fr>[];
-
-    await this.db.removeNullifiedNotes(foundNullifiers, recipient.toAddressPoint());
-    nullifiedNotes.forEach(noteDao => {
-      this.log.verbose(`Removed note for contract ${noteDao.contractAddress} at slot ${noteDao.storageSlot}`, {
-        contract: noteDao.contractAddress,
-        slot: noteDao.storageSlot,
-        nullifier: noteDao.siloedNullifier.toString(),
+  }
+
+  public async removeNullifiedNotes(contractAddress: AztecAddress) {
+    for (const recipient of await this.keyStore.getAccounts()) {
+      const currentNotesForRecipient = await this.db.getIncomingNotes({ contractAddress, owner: recipient });
+      const nullifiersToCheck = currentNotesForRecipient.map(note => note.siloedNullifier);
+      const nullifierIndexes = await this.aztecNode.findNullifiersIndexesWithBlock('latest', nullifiersToCheck);
+
+      const foundNullifiers = nullifiersToCheck
+        .map((nullifier, i) => {
+          if (nullifierIndexes[i] !== undefined) {
+            return { ...nullifierIndexes[i], ...{ data: nullifier } } as InBlock<Fr>;
+          }
+        })
+        .filter(nullifier => nullifier !== undefined) as InBlock<Fr>[];
+
+      const nullifiedNotes = await this.db.removeNullifiedNotes(foundNullifiers, recipient.toAddressPoint());
+      nullifiedNotes.forEach(noteDao => {
+        this.log.verbose(`Removed note for contract ${noteDao.contractAddress} at slot ${noteDao.storageSlot}`, {
+          contract: noteDao.contractAddress,
+          slot: noteDao.storageSlot,
+          nullifier: noteDao.siloedNullifier.toString(),
+        });
       });
-    });
+    }
   }
 }

package/src/simulator_oracle/tagging_utils.ts

@@ -0,0 +1,28 @@
+import { type Fr, IndexedTaggingSecret } from '@aztec/circuits.js';
+
+export function getIndexedTaggingSecretsForTheWindow(
+  secretsAndWindows: { appTaggingSecret: Fr; leftMostIndex: number; rightMostIndex: number }[],
+): IndexedTaggingSecret[] {
+  const secrets: IndexedTaggingSecret[] = [];
+  for (const secretAndWindow of secretsAndWindows) {
+    for (let i = secretAndWindow.leftMostIndex; i <= secretAndWindow.rightMostIndex; i++) {
+      secrets.push(new IndexedTaggingSecret(secretAndWindow.appTaggingSecret, i));
+    }
+  }
+  return secrets;
+}
+
+/**
+ * Creates a map from app tagging secret to initial index.
+ * @param indexedTaggingSecrets - The indexed tagging secrets to get the initial indexes from.
+ * @returns The map from app tagging secret to initial index.
+ */
+export function getInitialIndexesMap(indexedTaggingSecrets: IndexedTaggingSecret[]): { [k: string]: number } {
+  const initialIndexes: { [k: string]: number } = {};
+
+  for (const indexedTaggingSecret of indexedTaggingSecrets) {
+    initialIndexes[indexedTaggingSecret.appTaggingSecret.toString()] = indexedTaggingSecret.index;
+  }
+
+  return initialIndexes;
+}

package/src/utils/create_pxe_service.ts

@@ -1,4 +1,5 @@
 import { BBNativePrivateKernelProver } from '@aztec/bb-prover';
+import { BBWasmPrivateKernelProver } from '@aztec/bb-prover/wasm';
 import { type AztecNode, type PrivateKernelProver } from '@aztec/circuit-types';
 import { randomBytes } from '@aztec/foundation/crypto';
 import { createLogger } from '@aztec/foundation/log';
@@ -59,9 +60,11 @@ function createProver(config: PXEServiceConfig, logSuffix?: string) {
 
   // (@PhilWindle) Temporary validation until WASM is implemented
   if (!config.bbBinaryPath || !config.bbWorkingDirectory) {
-    throw new Error(`Prover must be configured with binary path and working directory`);
+    return new BBWasmPrivateKernelProver(16);
+  } else {
+    const bbConfig = config as Required<Pick<PXEServiceConfig, 'bbBinaryPath' | 'bbWorkingDirectory'>> &
+      PXEServiceConfig;
+    const log = createLogger('pxe:bb-native-prover' + (logSuffix ? `:${logSuffix}` : ''));
+    return BBNativePrivateKernelProver.new({ bbSkipCleanup: false, ...bbConfig }, log);
   }
-  const bbConfig = config as Required<Pick<PXEServiceConfig, 'bbBinaryPath' | 'bbWorkingDirectory'>> & PXEServiceConfig;
-  const log = createLogger('pxe:bb-native-prover' + (logSuffix ? `:${logSuffix}` : ''));
-  return BBNativePrivateKernelProver.new({ bbSkipCleanup: false, ...bbConfig }, log);
 }