@aztec/pxe 0.81.0 → 0.82.0

package/dest/storage/contract_data_provider/contract_data_provider.js

@@ -114,7 +114,12 @@ import { PrivateFunctionsTree } from './private_functions_tree.js';
    * @returns The corresponding function's artifact as an object.
    */ async getFunctionArtifact(contractAddress, selector) {
         const tree = await this.getTreeForAddress(contractAddress);
-        return tree.getFunctionArtifact(selector);
+        const contractArtifact = tree.getArtifact();
+        const functionArtifact = await tree.getFunctionArtifact(selector);
+        return {
+            ...functionArtifact,
+            contractName: contractArtifact.name
+        };
     }
     /**
    * Retrieves the artifact of a specified function within a given contract.

package/dest/storage/contract_data_provider/private_functions_tree.d.ts

@@ -3,7 +3,7 @@
 import { FUNCTION_TREE_HEIGHT } from '@aztec/constants';
 import { Fr } from '@aztec/foundation/fields';
 import { MembershipWitness, type MerkleTree } from '@aztec/foundation/trees';
-import { type ContractArtifact, FunctionSelector } from '@aztec/stdlib/abi';
+import { type ContractArtifact, type FunctionArtifact, FunctionSelector } from '@aztec/stdlib/abi';
 import { type ContractClassWithId } from '@aztec/stdlib/contract';
 /**
  * Represents a Merkle tree of functions for a particular Contract Class.
@@ -25,7 +25,7 @@ export declare class PrivateFunctionsTree {
      * @param selector - The function selector.
      * @returns The artifact object containing relevant information about the targeted function.
      */
-    getFunctionArtifact(selector: FunctionSelector): Promise<import("@aztec/stdlib/abi").FunctionArtifact>;
+    getFunctionArtifact(selector: FunctionSelector): Promise<FunctionArtifact>;
     /**
      * Retrieve the bytecode of a function in the contract by its function selector.
      * The function selector is a unique identifier for each function in a contract.

package/dest/storage/contract_data_provider/private_functions_tree.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"private_functions_tree.d.ts","sourceRoot":"","sources":["../../../src/storage/contract_data_provider/private_functions_tree.ts"],"names":[],"mappings":";;AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,EAAE,EAAE,MAAM,0BAA0B,CAAC;AAE9C,OAAO,EAAE,iBAAiB,EAAE,KAAK,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC7E,OAAO,EAAE,KAAK,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EACL,KAAK,mBAAmB,EAIzB,MAAM,wBAAwB,CAAC;AAEhC;;;;;GAKG;AACH,qBAAa,oBAAoB;IAGX,OAAO,CAAC,QAAQ,CAAC,QAAQ;IAAoB,OAAO,CAAC,aAAa;IAFtF,OAAO,CAAC,IAAI,CAAC,CAAa;IAE1B,OAAO;WAEM,MAAM,CAAC,QAAQ,EAAE,gBAAgB;IAK9C;;;;;;;OAOG;IACU,mBAAmB,CAAC,QAAQ,EAAE,gBAAgB;IAkB3D;;;;;;;OAOG;IACU,WAAW,CAAC,QAAQ,EAAE,gBAAgB;IAKnD;;;;;;OAMG;IACI,mBAAmB;IAI1B,yCAAyC;IAClC,gBAAgB;IAIvB,qCAAqC;IAC9B,WAAW;IAIlB;;OAEG;IACI,kBAAkB;IAIzB;;;;;;;;OAQG;IACU,4BAA4B,CACvC,QAAQ,EAAE,gBAAgB,GACzB,OAAO,CAAC,iBAAiB,CAAC,OAAO,oBAAoB,CAAC,CAAC;YAiB5C,OAAO;CAOtB"}
+{"version":3,"file":"private_functions_tree.d.ts","sourceRoot":"","sources":["../../../src/storage/contract_data_provider/private_functions_tree.ts"],"names":[],"mappings":";;AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,EAAE,EAAE,MAAM,0BAA0B,CAAC;AAE9C,OAAO,EAAE,iBAAiB,EAAE,KAAK,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC7E,OAAO,EAAE,KAAK,gBAAgB,EAAE,KAAK,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACnG,OAAO,EACL,KAAK,mBAAmB,EAIzB,MAAM,wBAAwB,CAAC;AAEhC;;;;;GAKG;AACH,qBAAa,oBAAoB;IAGX,OAAO,CAAC,QAAQ,CAAC,QAAQ;IAAoB,OAAO,CAAC,aAAa;IAFtF,OAAO,CAAC,IAAI,CAAC,CAAa;IAE1B,OAAO;WAEM,MAAM,CAAC,QAAQ,EAAE,gBAAgB;IAK9C;;;;;;;OAOG;IACU,mBAAmB,CAAC,QAAQ,EAAE,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAkBvF;;;;;;;OAOG;IACU,WAAW,CAAC,QAAQ,EAAE,gBAAgB;IAKnD;;;;;;OAMG;IACI,mBAAmB;IAI1B,yCAAyC;IAClC,gBAAgB;IAIvB,qCAAqC;IAC9B,WAAW;IAIlB;;OAEG;IACI,kBAAkB;IAIzB;;;;;;;;OAQG;IACU,4BAA4B,CACvC,QAAQ,EAAE,gBAAgB,GACzB,OAAO,CAAC,iBAAiB,CAAC,OAAO,oBAAoB,CAAC,CAAC;YAiB5C,OAAO;CAOtB"}

package/dest/storage/index.d.ts

@@ -1,10 +1,9 @@
 export * from './address_data_provider/index.js';
-export * from './auth_witness_data_provider/index.js';
 export * from './capsule_data_provider/index.js';
 export * from './contract_data_provider/index.js';
 export * from './note_data_provider/index.js';
 export * from './sync_data_provider/index.js';
 export * from './tagging_data_provider/index.js';
 export * from './data_provider.js';
-export declare const PXE_DATA_SCHEMA_VERSION = 2;
+export * from './metadata.js';
 //# sourceMappingURL=index.d.ts.map

package/dest/storage/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/storage/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAC;AACjD,cAAc,uCAAuC,CAAC;AACtD,cAAc,kCAAkC,CAAC;AACjD,cAAc,mCAAmC,CAAC;AAClD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,+BAA+B,CAAC;AAC9C,cAAc,kCAAkC,CAAC;AACjD,cAAc,oBAAoB,CAAC;AAEnC,eAAO,MAAM,uBAAuB,IAAI,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/storage/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAC;AACjD,cAAc,kCAAkC,CAAC;AACjD,cAAc,mCAAmC,CAAC;AAClD,cAAc,+BAA+B,CAAC;AAC9C,cAAc,+BAA+B,CAAC;AAC9C,cAAc,kCAAkC,CAAC;AACjD,cAAc,oBAAoB,CAAC;AACnC,cAAc,eAAe,CAAC"}

package/dest/storage/index.js

@@ -1,9 +1,8 @@
 export * from './address_data_provider/index.js';
-export * from './auth_witness_data_provider/index.js';
 export * from './capsule_data_provider/index.js';
 export * from './contract_data_provider/index.js';
 export * from './note_data_provider/index.js';
 export * from './sync_data_provider/index.js';
 export * from './tagging_data_provider/index.js';
 export * from './data_provider.js';
-export const PXE_DATA_SCHEMA_VERSION = 2;
+export * from './metadata.js';

package/dest/storage/metadata.d.ts

@@ -0,0 +1,2 @@
+export declare const PXE_DATA_SCHEMA_VERSION = 2;
+//# sourceMappingURL=metadata.d.ts.map

package/dest/storage/metadata.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metadata.d.ts","sourceRoot":"","sources":["../../src/storage/metadata.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,uBAAuB,IAAI,CAAC"}

package/dest/storage/metadata.js

@@ -0,0 +1 @@
+export const PXE_DATA_SCHEMA_VERSION = 2;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aztec/pxe",
-  "version": "0.81.0",
+  "version": "0.82.0",
   "type": "module",
   "exports": {
     "./server": "./dest/entrypoints/server/index.js",
@@ -59,19 +59,19 @@
     ]
   },
   "dependencies": {
-    "@aztec/bb-prover": "0.81.0",
-    "@aztec/bb.js": "0.81.0",
-    "@aztec/builder": "0.81.0",
-    "@aztec/constants": "0.81.0",
-    "@aztec/ethereum": "0.81.0",
-    "@aztec/foundation": "0.81.0",
-    "@aztec/key-store": "0.81.0",
-    "@aztec/kv-store": "0.81.0",
-    "@aztec/noir-protocol-circuits-types": "0.81.0",
-    "@aztec/noir-types": "0.81.0",
-    "@aztec/protocol-contracts": "0.81.0",
-    "@aztec/simulator": "0.81.0",
-    "@aztec/stdlib": "0.81.0",
+    "@aztec/bb-prover": "0.82.0",
+    "@aztec/bb.js": "0.82.0",
+    "@aztec/builder": "0.82.0",
+    "@aztec/constants": "0.82.0",
+    "@aztec/ethereum": "0.82.0",
+    "@aztec/foundation": "0.82.0",
+    "@aztec/key-store": "0.82.0",
+    "@aztec/kv-store": "0.82.0",
+    "@aztec/noir-protocol-circuits-types": "0.82.0",
+    "@aztec/noir-types": "0.82.0",
+    "@aztec/protocol-contracts": "0.82.0",
+    "@aztec/simulator": "0.82.0",
+    "@aztec/stdlib": "0.82.0",
     "@msgpack/msgpack": "^3.0.0-beta2",
     "koa": "^2.14.2",
     "koa-router": "^12.0.0",
@@ -81,7 +81,7 @@
     "viem": "2.23.7"
   },
   "devDependencies": {
-    "@aztec/noir-contracts.js": "0.81.0",
+    "@aztec/noir-contracts.js": "0.82.0",
     "@jest/globals": "^29.5.0",
     "@types/jest": "^29.5.0",
     "@types/lodash.omit": "^4.5.7",

package/src/config/package_info.ts

@@ -1,3 +1,3 @@
 export function getPackageInfo() {
-  return { version: '0.1.0', name: '@aztec/pxe' };
+  return { version: '0.82.0', name: '@aztec/pxe' };
 }

package/src/entrypoints/server/utils.ts

@@ -5,28 +5,43 @@ import { createLogger } from '@aztec/foundation/log';
 import { createStore } from '@aztec/kv-store/lmdb-v2';
 import { BundledProtocolContractsProvider } from '@aztec/protocol-contracts/providers/bundle';
 import { type SimulationProvider, WASMSimulator } from '@aztec/simulator/client';
-import type { AztecNode, PrivateKernelProver } from '@aztec/stdlib/interfaces/client';
+import type { AztecNode } from '@aztec/stdlib/interfaces/client';
 
 import type { PXEServiceConfig } from '../../config/index.js';
 import { PXEService } from '../../pxe_service/pxe_service.js';
-import { PXE_DATA_SCHEMA_VERSION } from './index.js';
+import { PXE_DATA_SCHEMA_VERSION } from '../../storage/index.js';
 
 /**
- * Create and start an PXEService instance with the given AztecNode.
- * If no keyStore or database is provided, it will use KeyStore and MemoryDB as default values.
- * Returns a Promise that resolves to the started PXEService instance.
+ * Create and start an PXEService instance with the given AztecNode and config.
  *
  * @param aztecNode - The AztecNode instance to be used by the server.
  * @param config - The PXE Service Config to use
- * @param useLogSuffix - (Optional) Log suffix for PXE's logger.
- * @param proofCreator - An optional proof creator to use in place of any other configuration
+ * @param useLogSuffix - Whether to add a randomly generated suffix to the PXE debug logs.
  * @returns A Promise that resolves to the started PXEService instance.
  */
-export async function createPXEService(
+export function createPXEService(
   aztecNode: AztecNode,
   config: PXEServiceConfig,
   useLogSuffix: string | boolean | undefined = undefined,
-  proofCreator?: PrivateKernelProver,
+) {
+  const simulationProvider = new WASMSimulator();
+  return createPXEServiceWithSimulationProvider(aztecNode, simulationProvider, config, useLogSuffix);
+}
+
+/**
+ * Create and start an PXEService instance with the given AztecNode, SimulationProvider and config.
+ *
+ * @param aztecNode - The AztecNode instance to be used by the server.
+ * @param simulationProvider - The SimulationProvider to use
+ * @param config - The PXE Service Config to use
+ * @param useLogSuffix - Whether to add a randomly generated suffix to the PXE debug logs.
+ * @returns A Promise that resolves to the started PXEService instance.
+ */
+export async function createPXEServiceWithSimulationProvider(
+  aztecNode: AztecNode,
+  simulationProvider: SimulationProvider,
+  config: PXEServiceConfig,
+  useLogSuffix: string | boolean | undefined = undefined,
 ) {
   const logSuffix =
     typeof useLogSuffix === 'boolean' ? (useLogSuffix ? randomBytes(3).toString('hex') : undefined) : useLogSuffix;
@@ -44,8 +59,7 @@ export async function createPXEService(
     createLogger('pxe:data:lmdb'),
   );
 
-  const simulationProvider = new WASMSimulator();
-  const prover = proofCreator ?? (await createProver(config, simulationProvider, logSuffix));
+  const prover = await createProver(config, simulationProvider, logSuffix);
   const protocolContractsProvider = new BundledProtocolContractsProvider();
   const pxe = await PXEService.create(
     aztecNode,

package/src/{kernel_prover → private_kernel}/hints/build_private_kernel_reset_private_inputs.ts

@@ -43,7 +43,7 @@ import {
 } from '@aztec/stdlib/kernel';
 import { type PrivateCallExecutionResult, collectNested } from '@aztec/stdlib/tx';
 
-import type { ProvingDataOracle } from '../proving_data_oracle.js';
+import type { PrivateKernelOracle } from '../private_kernel_oracle.js';
 
 function collectNestedReadRequests(
   executionStack: PrivateCallExecutionResult[],
@@ -57,7 +57,7 @@ function collectNestedReadRequests(
   });
 }
 
-function getNullifierMembershipWitnessResolver(oracle: ProvingDataOracle) {
+function getNullifierMembershipWitnessResolver(oracle: PrivateKernelOracle) {
   return async (nullifier: Fr) => {
     const res = await oracle.getNullifierMembershipWitness(nullifier);
     if (!res) {
@@ -74,7 +74,7 @@ function getNullifierMembershipWitnessResolver(oracle: ProvingDataOracle) {
 
 async function getMasterSecretKeysAndAppKeyGenerators(
   keyValidationRequests: Tuple<ScopedKeyValidationRequestAndGenerator, typeof MAX_KEY_VALIDATION_REQUESTS_PER_TX>,
-  oracle: ProvingDataOracle,
+  oracle: PrivateKernelOracle,
 ) {
   const keysHints = [];
   for (let i = 0; i < keyValidationRequests.length; ++i) {
@@ -144,7 +144,7 @@ export class PrivateKernelResetPrivateInputsBuilder {
     }
   }
 
-  async build(oracle: ProvingDataOracle, noteHashLeafIndexMap: Map<bigint, bigint>) {
+  async build(oracle: PrivateKernelOracle, noteHashLeafIndexMap: Map<bigint, bigint>) {
     if (privateKernelResetDimensionNames.every(name => !this.requestedDimensions[name])) {
       throw new Error('Reset is not required.');
     }

package/src/private_kernel/index.ts

@@ -0,0 +1,2 @@
+export * from './private_kernel_execution_prover.js';
+export * from './private_kernel_oracle.js';

package/src/{kernel_prover/kernel_prover.ts → private_kernel/private_kernel_execution_prover.ts}

@@ -6,7 +6,6 @@ import { assertLength } from '@aztec/foundation/serialize';
 import { pushTestData } from '@aztec/foundation/testing';
 import { Timer } from '@aztec/foundation/timer';
 import { getVKTreeRoot } from '@aztec/noir-protocol-circuits-types/vk-tree';
-import type { WitnessMap } from '@aztec/noir-types';
 import { getProtocolContractLeafAndMembershipWitness, protocolContractTreeRoot } from '@aztec/protocol-contracts';
 import { AztecAddress } from '@aztec/stdlib/aztec-address';
 import { computeContractAddressFromInstance } from '@aztec/stdlib/contract';
@@ -14,8 +13,10 @@ import { hashVK } from '@aztec/stdlib/hash';
 import type { PrivateKernelProver } from '@aztec/stdlib/interfaces/client';
 import {
   PrivateCallData,
+  type PrivateExecutionStep,
   PrivateKernelCircuitPublicInputs,
   PrivateKernelData,
+  type PrivateKernelExecutionProofOutput,
   PrivateKernelInitCircuitPrivateInputs,
   PrivateKernelInnerCircuitPrivateInputs,
   type PrivateKernelSimulateOutput,
@@ -37,32 +38,32 @@ import {
 import { VerificationKeyAsFields } from '@aztec/stdlib/vks';
 
 import { PrivateKernelResetPrivateInputsBuilder } from './hints/build_private_kernel_reset_private_inputs.js';
-import type { ProvingDataOracle } from './proving_data_oracle.js';
+import type { PrivateKernelOracle } from './private_kernel_oracle.js';
 
-const NULL_PROVE_OUTPUT: PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs> = {
+const NULL_SIMULATE_OUTPUT: PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs> = {
   publicInputs: PrivateKernelCircuitPublicInputs.empty(),
   verificationKey: VerificationKeyAsFields.makeEmpty(CLIENT_IVC_VERIFICATION_KEY_LENGTH_IN_FIELDS),
   outputWitness: new Map(),
   bytecode: Buffer.from([]),
 };
 
-export type ProvingConfig = {
+export interface PrivateKernelExecutionProverConfig {
   simulate: boolean;
   skipFeeEnforcement: boolean;
-  profile: boolean;
-};
+  profileMode: 'gates' | 'execution-steps' | 'full' | 'none';
+}
 
 /**
- * The KernelProver class is responsible for generating kernel proofs.
- * It takes a transaction request, its signature, and the simulation result as inputs, and outputs a proof
- * along with output notes. The class interacts with a ProvingDataOracle to fetch membership witnesses and
- * constructs private call data based on the execution results.
+ * The PrivateKernelSequencer class is responsible for taking a transaction request and sequencing the
+ * the execution of the private functions within, sequenced with private kernel "glue" to check protocol rules.
+ * The result can be a client IVC proof of the private transaction portion, or just a simulation that can e.g.
+ * inform state tree updates.
  */
-export class KernelProver {
-  private log = createLogger('pxe:kernel-prover');
+export class PrivateKernelExecutionProver {
+  private log = createLogger('pxe:private-kernel-execution-prover');
 
   constructor(
-    private oracle: ProvingDataOracle,
+    private oracle: PrivateKernelOracle,
     private proofCreator: PrivateKernelProver,
     private fakeProofs = false,
   ) {}
@@ -77,19 +78,18 @@ export class KernelProver {
    * @param executionResult - The execution result object containing nested executions and preimages.
    * @param profile - Set true to profile the gate count for each circuit
    * @returns A Promise that resolves to a KernelProverOutput object containing proof, public inputs, and output notes.
-   * TODO(#7368) this should be refactored to not recreate the ACIR bytecode now that it operates on a program stack
    */
-  async prove(
+  async proveWithKernels(
     txRequest: TxRequest,
     executionResult: PrivateExecutionResult,
-    { simulate, skipFeeEnforcement, profile }: ProvingConfig = {
+    { simulate, skipFeeEnforcement, profileMode }: PrivateKernelExecutionProverConfig = {
       simulate: false,
       skipFeeEnforcement: false,
-      profile: false,
+      profileMode: 'none',
     },
-  ): Promise<PrivateKernelSimulateOutput<PrivateKernelTailCircuitPublicInputs>> {
+  ): Promise<PrivateKernelExecutionProofOutput<PrivateKernelTailCircuitPublicInputs>> {
     const skipProofGeneration = this.fakeProofs || simulate;
-    const generateWitnesses = !skipProofGeneration || profile;
+    const generateWitnesses = !skipProofGeneration || profileMode !== 'none';
 
     const timer = new Timer();
 
@@ -98,15 +98,9 @@ export class KernelProver {
     const executionStack = [executionResult.entrypoint];
     let firstIteration = true;
 
-    let output = NULL_PROVE_OUTPUT;
+    let output = NULL_SIMULATE_OUTPUT;
 
-    const gateCounts: { circuitName: string; gateCount: number }[] = [];
-    const addGateCount = async (circuitName: string, bytecode: Buffer) => {
-      const gateCount = (await this.proofCreator.computeGateCountForCircuit(bytecode, circuitName)) as number;
-      gateCounts.push({ circuitName, gateCount });
-
-      this.log.debug(`Gate count for ${circuitName} - ${gateCount}`);
-    };
+    const executionSteps: PrivateExecutionStep[] = [];
 
     const noteHashLeafIndexMap = collectNoteHashLeafIndexMap(executionResult);
     const noteHashNullifierCounterMap = collectNoteHashNullifierCounterMap(executionResult);
@@ -114,9 +108,6 @@ export class KernelProver {
     const hasPublicCalls =
       enqueuedPublicFunctions.length > 0 || !collectPublicTeardownFunctionCall(executionResult).isEmpty();
     const validationRequestsSplitCounter = hasPublicCalls ? getFinalMinRevertibleSideEffectCounter(executionResult) : 0;
-    // vector of gzipped bincode acirs
-    const acirs: Buffer[] = [];
-    const witnessStack: WitnessMap[] = [];
 
     while (executionStack.length) {
       if (!firstIteration) {
@@ -128,16 +119,14 @@ export class KernelProver {
         );
         while (resetBuilder.needsReset()) {
           const privateInputs = await resetBuilder.build(this.oracle, noteHashLeafIndexMap);
-          output = generateWitnesses
-            ? await this.proofCreator.generateResetOutput(privateInputs)
-            : await this.proofCreator.simulateReset(privateInputs);
-          // TODO(#7368) consider refactoring this redundant bytecode pushing
-          acirs.push(output.bytecode);
-          witnessStack.push(output.outputWitness);
-          if (profile) {
-            await addGateCount('private_kernel_reset', output.bytecode);
-          }
-
+          output = simulate
+            ? await this.proofCreator.simulateReset(privateInputs)
+            : await this.proofCreator.generateResetOutput(privateInputs);
+          executionSteps.push({
+            functionName: 'private_kernel_reset',
+            bytecode: output.bytecode,
+            witness: output.outputWitness,
+          });
           resetBuilder = new PrivateKernelResetPrivateInputsBuilder(
             output,
             executionStack,
@@ -156,13 +145,11 @@ export class KernelProver {
         currentExecution.publicInputs.callContext.functionSelector,
       );
 
-      // TODO(#7368): This used to be associated with getDebugFunctionName
-      // TODO(#7368): Is there any way to use this with client IVC proving?
-      acirs.push(currentExecution.acir);
-      witnessStack.push(currentExecution.partialWitness);
-      if (profile) {
-        await addGateCount(functionName as string, currentExecution.acir);
-      }
+      executionSteps.push({
+        functionName: functionName!,
+        bytecode: currentExecution.acir,
+        witness: currentExecution.partialWitness,
+      });
 
       const privateCallData = await this.createPrivateCallData(currentExecution);
 
@@ -185,11 +172,11 @@ export class KernelProver {
           ? await this.proofCreator.generateInitOutput(proofInput)
           : await this.proofCreator.simulateInit(proofInput);
 
-        acirs.push(output.bytecode);
-        witnessStack.push(output.outputWitness);
-        if (profile) {
-          await addGateCount('private_kernel_init', output.bytecode);
-        }
+        executionSteps.push({
+          functionName: 'private_kernel_init',
+          bytecode: output.bytecode,
+          witness: output.outputWitness,
+        });
       } else {
         const previousVkMembershipWitness = await this.oracle.getVkMembershipWitness(output.verificationKey);
         const previousKernelData = new PrivateKernelData(
@@ -206,11 +193,11 @@ export class KernelProver {
           ? await this.proofCreator.generateInnerOutput(proofInput)
           : await this.proofCreator.simulateInner(proofInput);
 
-        acirs.push(output.bytecode);
-        witnessStack.push(output.outputWitness);
-        if (profile) {
-          await addGateCount('private_kernel_inner', output.bytecode);
-        }
+        executionSteps.push({
+          functionName: 'private_kernel_inner',
+          bytecode: output.bytecode,
+          witness: output.outputWitness,
+        });
       }
       firstIteration = false;
     }
@@ -228,11 +215,11 @@ export class KernelProver {
         ? await this.proofCreator.generateResetOutput(privateInputs)
         : await this.proofCreator.simulateReset(privateInputs);
 
-      acirs.push(output.bytecode);
-      witnessStack.push(output.outputWitness);
-      if (profile) {
-        await addGateCount('private_kernel_reset', output.bytecode);
-      }
+      executionSteps.push({
+        functionName: 'private_kernel_reset',
+        bytecode: output.bytecode,
+        witness: output.outputWitness,
+      });
 
       resetBuilder = new PrivateKernelResetPrivateInputsBuilder(
         output,
@@ -269,26 +256,44 @@ export class KernelProver {
       ? await this.proofCreator.generateTailOutput(privateInputs)
       : await this.proofCreator.simulateTail(privateInputs);
 
-    acirs.push(tailOutput.bytecode);
-    witnessStack.push(tailOutput.outputWitness);
-    if (profile) {
-      await addGateCount('private_kernel_tail', tailOutput.bytecode);
-      tailOutput.profileResult = { gateCounts };
+    executionSteps.push({
+      functionName: 'private_kernel_tail',
+      bytecode: tailOutput.bytecode,
+      witness: tailOutput.outputWitness,
+    });
+
+    if (profileMode == 'gates' || profileMode == 'full') {
+      for (const entry of executionSteps) {
+        const gateCount = await this.proofCreator.computeGateCountForCircuit(entry.bytecode, entry.functionName);
+        entry.gateCount = gateCount;
+      }
+    }
+    if (profileMode === 'gates') {
+      for (const entry of executionSteps) {
+        // These buffers are often a few megabytes in size - prevent accidentally serializing them if not requested.
+        entry.bytecode = Buffer.from([]);
+        entry.witness = new Map();
+      }
     }
 
     if (generateWitnesses) {
       this.log.info(`Private kernel witness generation took ${timer.ms()}ms`);
     }
 
+    let clientIvcProof: ClientIvcProof;
     // TODO(#7368) how do we 'bincode' encode these inputs?
     if (!skipProofGeneration) {
-      const ivcProof = await this.proofCreator.createClientIvcProof(acirs, witnessStack);
-      tailOutput.clientIvcProof = ivcProof;
+      clientIvcProof = await this.proofCreator.createClientIvcProof(executionSteps);
     } else {
-      tailOutput.clientIvcProof = ClientIvcProof.random();
+      clientIvcProof = ClientIvcProof.random();
     }
 
-    return tailOutput;
+    return {
+      publicInputs: tailOutput.publicInputs,
+      executionSteps,
+      clientIvcProof,
+      verificationKey: tailOutput.verificationKey,
+    };
   }
 
   private async createPrivateCallData({ publicInputs, vk: vkAsBuffer }: PrivateCallExecutionResult) {

package/src/{kernel_prover/proving_data_oracle.ts → private_kernel/private_kernel_oracle.ts}

@@ -1,6 +1,6 @@
-import type { FUNCTION_TREE_HEIGHT, NOTE_HASH_TREE_HEIGHT, VK_TREE_HEIGHT } from '@aztec/constants';
+import { FUNCTION_TREE_HEIGHT, NOTE_HASH_TREE_HEIGHT, VK_TREE_HEIGHT } from '@aztec/constants';
 import type { Fr, GrumpkinScalar, Point } from '@aztec/foundation/fields';
-import type { MembershipWitness } from '@aztec/foundation/trees';
+import { MembershipWitness } from '@aztec/foundation/trees';
 import type { FunctionSelector } from '@aztec/stdlib/abi';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
 import { UpdatedClassIdHints } from '@aztec/stdlib/kernel';
@@ -9,10 +9,10 @@ import type { NullifierMembershipWitness } from '@aztec/stdlib/trees';
 import type { VerificationKeyAsFields } from '@aztec/stdlib/vks';
 
 /**
- * Provides functionality to fetch membership witnesses for verification keys,
- * contract addresses, and function selectors in their respective merkle trees.
+ * Provides functionality needed by the private kernel for interacting with our state trees.
+ * This is either PrivateKernelOracleImpl, or a mocked test implementation.
  */
-export interface ProvingDataOracle {
+export interface PrivateKernelOracle {
   /** Retrieves the preimage of a contract address from the registered contract instances db. */
   getContractAddressPreimage(address: AztecAddress): Promise<{
     saltedInitializationHash: Fr;
@@ -27,13 +27,7 @@ export interface ProvingDataOracle {
   ): Promise<{ artifactHash: Fr; publicBytecodeCommitment: Fr; privateFunctionsRoot: Fr }>;
 
   /**
-   * Retrieve the function membership witness for the given contract class and function selector.
-   * The function membership witness represents a proof that the function belongs to the specified contract.
-   * Throws an error if the contract address or function selector is unknown.
-   *
-   * @param contractClassId - The id of the class.
-   * @param selector - The function selector.
-   * @returns A promise that resolves with the MembershipWitness instance for the specified contract's function.
+   * Returns a membership witness with the sibling path and leaf index in our private functions tree.
    */
   getFunctionMembershipWitness(
     contractClassId: Fr,
@@ -41,30 +35,21 @@ export interface ProvingDataOracle {
   ): Promise<MembershipWitness<typeof FUNCTION_TREE_HEIGHT>>;
 
   /**
-   * Retrieve the membership witness corresponding to a verification key.
-   * This function currently returns a random membership witness of the specified height,
-   * which is a placeholder implementation until a concrete membership witness calculation
-   * is implemented.
-   *
-   * @param vk - The VerificationKey for which the membership witness is needed.
-   * @returns A Promise that resolves to the MembershipWitness instance.
+   * Returns a membership witness with the sibling path and leaf index in our protocol VK indexed merkle tree.
+   * Used to validate the previous kernel's verification key.
    */
   getVkMembershipWitness(vk: VerificationKeyAsFields): Promise<MembershipWitness<typeof VK_TREE_HEIGHT>>;
 
   /**
-   * Get the note membership witness for a note in the note hash tree at the given leaf index.
-   *
-   * @param leafIndex - The leaf index of the note in the note hash tree.
-   * @returns the MembershipWitness for the note.
-   */
-  getNoteHashMembershipWitness(leafIndex: bigint): Promise<MembershipWitness<typeof NOTE_HASH_TREE_HEIGHT>>;
+   * Returns a membership witness with the sibling path and leaf index in our private function indexed merkle tree.
+   */ getNoteHashMembershipWitness(leafIndex: bigint): Promise<MembershipWitness<typeof NOTE_HASH_TREE_HEIGHT>>;
 
+  /**
+   * Returns a membership witness with the sibling path and leaf index in our nullifier indexed merkle tree.
+   */
   getNullifierMembershipWitness(nullifier: Fr): Promise<NullifierMembershipWitness | undefined>;
-
   /**
-   * Get the root of the note hash tree.
-   *
-   * @returns the root of the note hash tree.
+   * Returns the root of our note hash merkle tree.
    */
   getNoteHashTreeRoot(): Promise<Fr>;
 
@@ -77,7 +62,10 @@ export interface ProvingDataOracle {
    */
   getMasterSecretKey(masterPublicKey: Point): Promise<GrumpkinScalar>;
 
+  /** Use debug data to get the function name corresponding to a selector. */
   getDebugFunctionName(contractAddress: AztecAddress, selector: FunctionSelector): Promise<string | undefined>;
 
+  /** Returns a membership witness and leaf index to our public data indexed merkle tree,
+   * along with an associated SharedMutable containing the class ID to update. */
   getUpdatedClassIdHints(contractAddress: AztecAddress): Promise<UpdatedClassIdHints>;
 }

package/src/{kernel_oracle/index.ts → private_kernel/private_kernel_oracle_impl.ts}

@@ -1,4 +1,4 @@
-import { type NOTE_HASH_TREE_HEIGHT, PUBLIC_DATA_TREE_HEIGHT, VK_TREE_HEIGHT } from '@aztec/constants';
+import { NOTE_HASH_TREE_HEIGHT, PUBLIC_DATA_TREE_HEIGHT, VK_TREE_HEIGHT } from '@aztec/constants';
 import type { Fr, GrumpkinScalar, Point } from '@aztec/foundation/fields';
 import { createLogger } from '@aztec/foundation/log';
 import type { Tuple } from '@aztec/foundation/serialize';
@@ -17,15 +17,16 @@ import { SharedMutableValues, SharedMutableValuesWithHash } from '@aztec/stdlib/
 import type { NullifierMembershipWitness } from '@aztec/stdlib/trees';
 import type { VerificationKeyAsFields } from '@aztec/stdlib/vks';
 
-import type { ContractDataProvider } from '../storage/contract_data_provider/contract_data_provider.js';
-import type { ProvingDataOracle } from './../kernel_prover/proving_data_oracle.js';
+import type { ContractDataProvider } from '../storage/index.js';
+import type { PrivateKernelOracle } from './private_kernel_oracle.js';
 
 // TODO: Block number should not be "latest".
 // It should be fixed at the time the proof is being simulated. I.e., it should be the same as the value defined in the constant data.
 /**
  * A data oracle that provides information needed for simulating a transaction.
  */
-export class KernelOracle implements ProvingDataOracle {
+
+export class PrivateKernelOracleImpl implements PrivateKernelOracle {
   constructor(
     private contractDataProvider: ContractDataProvider,
     private keyStore: KeyStore,
@@ -94,7 +95,7 @@ export class KernelOracle implements ProvingDataOracle {
       ProtocolContractAddress.ContractInstanceDeployer,
       sharedMutableHashSlot,
     );
-    const updatedClassIdWitness = await this.node.getPublicDataTreeWitness(this.blockNumber, hashLeafSlot);
+    const updatedClassIdWitness = await this.node.getPublicDataWitness(this.blockNumber, hashLeafSlot);
 
     if (!updatedClassIdWitness) {
       throw new Error(`No public data tree witness found for ${hashLeafSlot}`);