@aztec/pxe 0.81.0 → 0.82.1-alpha-testnet.1

package/dest/config/index.js

@@ -27,7 +27,7 @@ export const pxeConfigMappings = {
     proverEnabled: {
         env: 'PXE_PROVER_ENABLED',
         description: 'Enable real proofs',
-        ...booleanConfigHelper()
+        ...booleanConfigHelper(true)
     }
 };
 /**

package/dest/config/package_info.js

@@ -1,6 +1,6 @@
 export function getPackageInfo() {
     return {
-        version: '0.1.0',
+        version: '0.82.0',
         name: '@aztec/pxe'
     };
 }

package/dest/entrypoints/server/utils.d.ts

@@ -1,16 +1,24 @@
-import type { AztecNode, PrivateKernelProver } from '@aztec/stdlib/interfaces/client';
+import { type SimulationProvider } from '@aztec/simulator/client';
+import type { AztecNode } from '@aztec/stdlib/interfaces/client';
 import type { PXEServiceConfig } from '../../config/index.js';
 import { PXEService } from '../../pxe_service/pxe_service.js';
 /**
- * Create and start an PXEService instance with the given AztecNode.
- * If no keyStore or database is provided, it will use KeyStore and MemoryDB as default values.
- * Returns a Promise that resolves to the started PXEService instance.
+ * Create and start an PXEService instance with the given AztecNode and config.
  *
  * @param aztecNode - The AztecNode instance to be used by the server.
  * @param config - The PXE Service Config to use
- * @param useLogSuffix - (Optional) Log suffix for PXE's logger.
- * @param proofCreator - An optional proof creator to use in place of any other configuration
+ * @param useLogSuffix - Whether to add a randomly generated suffix to the PXE debug logs.
  * @returns A Promise that resolves to the started PXEService instance.
  */
-export declare function createPXEService(aztecNode: AztecNode, config: PXEServiceConfig, useLogSuffix?: string | boolean | undefined, proofCreator?: PrivateKernelProver): Promise<PXEService>;
+export declare function createPXEService(aztecNode: AztecNode, config: PXEServiceConfig, useLogSuffix?: string | boolean | undefined): Promise<PXEService>;
+/**
+ * Create and start an PXEService instance with the given AztecNode, SimulationProvider and config.
+ *
+ * @param aztecNode - The AztecNode instance to be used by the server.
+ * @param simulationProvider - The SimulationProvider to use
+ * @param config - The PXE Service Config to use
+ * @param useLogSuffix - Whether to add a randomly generated suffix to the PXE debug logs.
+ * @returns A Promise that resolves to the started PXEService instance.
+ */
+export declare function createPXEServiceWithSimulationProvider(aztecNode: AztecNode, simulationProvider: SimulationProvider, config: PXEServiceConfig, useLogSuffix?: string | boolean | undefined): Promise<PXEService>;
 //# sourceMappingURL=utils.d.ts.map

package/dest/entrypoints/server/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/entrypoints/server/utils.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AAEtF,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,kCAAkC,CAAC;AAG9D;;;;;;;;;;GAUG;AACH,wBAAsB,gBAAgB,CACpC,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,gBAAgB,EACxB,YAAY,GAAE,MAAM,GAAG,OAAO,GAAG,SAAqB,EACtD,YAAY,CAAC,EAAE,mBAAmB,uBA+BnC"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/entrypoints/server/utils.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,kBAAkB,EAAiB,MAAM,yBAAyB,CAAC;AACjF,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAEjE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,kCAAkC,CAAC;AAG9D;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,gBAAgB,EACxB,YAAY,GAAE,MAAM,GAAG,OAAO,GAAG,SAAqB,uBAIvD;AAED;;;;;;;;GAQG;AACH,wBAAsB,sCAAsC,CAC1D,SAAS,EAAE,SAAS,EACpB,kBAAkB,EAAE,kBAAkB,EACtC,MAAM,EAAE,gBAAgB,EACxB,YAAY,GAAE,MAAM,GAAG,OAAO,GAAG,SAAqB,uBA8BvD"}

package/dest/entrypoints/server/utils.js

@@ -6,18 +6,27 @@ import { createStore } from '@aztec/kv-store/lmdb-v2';
 import { BundledProtocolContractsProvider } from '@aztec/protocol-contracts/providers/bundle';
 import { WASMSimulator } from '@aztec/simulator/client';
 import { PXEService } from '../../pxe_service/pxe_service.js';
-import { PXE_DATA_SCHEMA_VERSION } from './index.js';
+import { PXE_DATA_SCHEMA_VERSION } from '../../storage/index.js';
 /**
- * Create and start an PXEService instance with the given AztecNode.
- * If no keyStore or database is provided, it will use KeyStore and MemoryDB as default values.
- * Returns a Promise that resolves to the started PXEService instance.
+ * Create and start an PXEService instance with the given AztecNode and config.
  *
  * @param aztecNode - The AztecNode instance to be used by the server.
  * @param config - The PXE Service Config to use
- * @param useLogSuffix - (Optional) Log suffix for PXE's logger.
- * @param proofCreator - An optional proof creator to use in place of any other configuration
+ * @param useLogSuffix - Whether to add a randomly generated suffix to the PXE debug logs.
  * @returns A Promise that resolves to the started PXEService instance.
- */ export async function createPXEService(aztecNode, config, useLogSuffix = undefined, proofCreator) {
+ */ export function createPXEService(aztecNode, config, useLogSuffix = undefined) {
+    const simulationProvider = new WASMSimulator();
+    return createPXEServiceWithSimulationProvider(aztecNode, simulationProvider, config, useLogSuffix);
+}
+/**
+ * Create and start an PXEService instance with the given AztecNode, SimulationProvider and config.
+ *
+ * @param aztecNode - The AztecNode instance to be used by the server.
+ * @param simulationProvider - The SimulationProvider to use
+ * @param config - The PXE Service Config to use
+ * @param useLogSuffix - Whether to add a randomly generated suffix to the PXE debug logs.
+ * @returns A Promise that resolves to the started PXEService instance.
+ */ export async function createPXEServiceWithSimulationProvider(aztecNode, simulationProvider, config, useLogSuffix = undefined) {
     const logSuffix = typeof useLogSuffix === 'boolean' ? useLogSuffix ? randomBytes(3).toString('hex') : undefined : useLogSuffix;
     const l1Contracts = await aztecNode.getL1ContractAddresses();
     const configWithContracts = {
@@ -25,8 +34,7 @@ import { PXE_DATA_SCHEMA_VERSION } from './index.js';
         l1Contracts
     };
     const store = await createStore('pxe_data', PXE_DATA_SCHEMA_VERSION, configWithContracts, createLogger('pxe:data:lmdb'));
-    const simulationProvider = new WASMSimulator();
-    const prover = proofCreator ?? await createProver(config, simulationProvider, logSuffix);
+    const prover = await createProver(config, simulationProvider, logSuffix);
     const protocolContractsProvider = new BundledProtocolContractsProvider();
     const pxe = await PXEService.create(aztecNode, store, prover, simulationProvider, protocolContractsProvider, config, logSuffix);
     return pxe;

package/dest/{kernel_prover → private_kernel}/hints/build_private_kernel_reset_private_inputs.d.ts

@@ -1,6 +1,6 @@
 import { type PrivateKernelCircuitPublicInputs, PrivateKernelResetCircuitPrivateInputs, type PrivateKernelSimulateOutput } from '@aztec/stdlib/kernel';
 import { type PrivateCallExecutionResult } from '@aztec/stdlib/tx';
-import type { ProvingDataOracle } from '../proving_data_oracle.js';
+import type { PrivateKernelOracle } from '../private_kernel_oracle.js';
 export declare class PrivateKernelResetPrivateInputsBuilder {
     private previousKernelOutput;
     private executionStack;
@@ -15,7 +15,7 @@ export declare class PrivateKernelResetPrivateInputsBuilder {
     private requestedDimensions;
     constructor(previousKernelOutput: PrivateKernelSimulateOutput<PrivateKernelCircuitPublicInputs>, executionStack: PrivateCallExecutionResult[], noteHashNullifierCounterMap: Map<number, number>, validationRequestsSplitCounter: number);
     needsReset(): boolean;
-    build(oracle: ProvingDataOracle, noteHashLeafIndexMap: Map<bigint, bigint>): Promise<PrivateKernelResetCircuitPrivateInputs>;
+    build(oracle: PrivateKernelOracle, noteHashLeafIndexMap: Map<bigint, bigint>): Promise<PrivateKernelResetCircuitPrivateInputs>;
     private reduceReadRequestStates;
     private needsResetNoteHashReadRequests;
     private needsResetNullifierReadRequests;

package/dest/private_kernel/hints/build_private_kernel_reset_private_inputs.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"build_private_kernel_reset_private_inputs.d.ts","sourceRoot":"","sources":["../../../src/private_kernel/hints/build_private_kernel_reset_private_inputs.ts"],"names":[],"mappings":"AAgBA,OAAO,EAGL,KAAK,gCAAgC,EAErC,sCAAsC,EAGtC,KAAK,2BAA2B,EAkBjC,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,KAAK,0BAA0B,EAAiB,MAAM,kBAAkB,CAAC;AAElF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAiDvE,qBAAa,sCAAsC;IAY/C,OAAO,CAAC,oBAAoB;IAC5B,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,2BAA2B;IACnC,OAAO,CAAC,8BAA8B;IAdxC,OAAO,CAAC,cAAc,CAAmC;IAEzD,OAAO,CAAC,aAAa,CAAC,CAA6B;IAEnD,OAAO,CAAC,mBAAmB,CAAoE;IAC/F,OAAO,CAAC,oBAAoB,CAAoE;IAChG,OAAO,CAAC,gBAAgB,CAAC,CAAS;IAClC,OAAO,CAAC,uBAAuB,CAA8D;IAC7F,OAAO,CAAC,mBAAmB,CAA+B;gBAGhD,oBAAoB,EAAE,2BAA2B,CAAC,gCAAgC,CAAC,EACnF,cAAc,EAAE,0BAA0B,EAAE,EAC5C,2BAA2B,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EAChD,8BAA8B,EAAE,MAAM;IAahD,UAAU,IAAI,OAAO;IAwBf,KAAK,CAAC,MAAM,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC;IAgElF,OAAO,CAAC,uBAAuB;IA2B/B,OAAO,CAAC,8BAA8B;IAoDtC,OAAO,CAAC,+BAA+B;IAoDvC,OAAO,CAAC,uBAAuB;IAiB/B,OAAO,CAAC,uBAAuB;IA6E/B,OAAO,CAAC,mBAAmB;IAY3B,OAAO,CAAC,mBAAmB;IAgB3B,OAAO,CAAC,oBAAoB;CAmB7B"}

package/dest/private_kernel/hints/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/private_kernel/hints/index.ts"],"names":[],"mappings":"AAAA,cAAc,gDAAgD,CAAC"}

package/dest/private_kernel/index.d.ts

@@ -0,0 +1,3 @@
+export * from './private_kernel_execution_prover.js';
+export * from './private_kernel_oracle.js';
+//# sourceMappingURL=index.d.ts.map

package/dest/private_kernel/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/private_kernel/index.ts"],"names":[],"mappings":"AAAA,cAAc,sCAAsC,CAAC;AACrD,cAAc,4BAA4B,CAAC"}

package/dest/private_kernel/index.js

@@ -0,0 +1,2 @@
+export * from './private_kernel_execution_prover.js';
+export * from './private_kernel_oracle.js';

package/dest/private_kernel/private_kernel_execution_prover.d.ts

@@ -0,0 +1,36 @@
+import type { PrivateKernelProver } from '@aztec/stdlib/interfaces/client';
+import { type PrivateKernelExecutionProofOutput, type PrivateKernelTailCircuitPublicInputs } from '@aztec/stdlib/kernel';
+import { type PrivateExecutionResult, TxRequest } from '@aztec/stdlib/tx';
+import type { PrivateKernelOracle } from './private_kernel_oracle.js';
+export interface PrivateKernelExecutionProverConfig {
+    simulate: boolean;
+    skipFeeEnforcement: boolean;
+    profileMode: 'gates' | 'execution-steps' | 'full' | 'none';
+}
+/**
+ * The PrivateKernelSequencer class is responsible for taking a transaction request and sequencing the
+ * the execution of the private functions within, sequenced with private kernel "glue" to check protocol rules.
+ * The result can be a client IVC proof of the private transaction portion, or just a simulation that can e.g.
+ * inform state tree updates.
+ */
+export declare class PrivateKernelExecutionProver {
+    private oracle;
+    private proofCreator;
+    private fakeProofs;
+    private log;
+    constructor(oracle: PrivateKernelOracle, proofCreator: PrivateKernelProver, fakeProofs?: boolean);
+    /**
+     * Generate a proof for a given transaction request and execution result.
+     * The function iterates through the nested executions in the execution result, creates private call data,
+     * and generates a proof using the provided ProofCreator instance. It also maintains an index of new notes
+     * created during the execution and returns them as a part of the KernelProverOutput.
+     *
+     * @param txRequest - The authenticated transaction request object.
+     * @param executionResult - The execution result object containing nested executions and preimages.
+     * @param profile - Set true to profile the gate count for each circuit
+     * @returns A Promise that resolves to a KernelProverOutput object containing proof, public inputs, and output notes.
+     */
+    proveWithKernels(txRequest: TxRequest, executionResult: PrivateExecutionResult, { simulate, skipFeeEnforcement, profileMode }?: PrivateKernelExecutionProverConfig): Promise<PrivateKernelExecutionProofOutput<PrivateKernelTailCircuitPublicInputs>>;
+    private createPrivateCallData;
+}
+//# sourceMappingURL=private_kernel_execution_prover.d.ts.map

package/dest/private_kernel/private_kernel_execution_prover.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"private_kernel_execution_prover.d.ts","sourceRoot":"","sources":["../../src/private_kernel/private_kernel_execution_prover.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AAC3E,OAAO,EAKL,KAAK,iCAAiC,EAKtC,KAAK,oCAAoC,EAE1C,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAEL,KAAK,sBAAsB,EAC3B,SAAS,EAIV,MAAM,kBAAkB,CAAC;AAI1B,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAStE,MAAM,WAAW,kCAAkC;IACjD,QAAQ,EAAE,OAAO,CAAC;IAClB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,WAAW,EAAE,OAAO,GAAG,iBAAiB,GAAG,MAAM,GAAG,MAAM,CAAC;CAC5D;AAED;;;;;GAKG;AACH,qBAAa,4BAA4B;IAIrC,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,UAAU;IALpB,OAAO,CAAC,GAAG,CAAuD;gBAGxD,MAAM,EAAE,mBAAmB,EAC3B,YAAY,EAAE,mBAAmB,EACjC,UAAU,UAAQ;IAG5B;;;;;;;;;;OAUG;IACG,gBAAgB,CACpB,SAAS,EAAE,SAAS,EACpB,eAAe,EAAE,sBAAsB,EACvC,EAAE,QAAQ,EAAE,kBAAkB,EAAE,WAAW,EAAE,GAAE,kCAI9C,GACA,OAAO,CAAC,iCAAiC,CAAC,oCAAoC,CAAC,CAAC;YAgNrE,qBAAqB;CA2CpC"}

package/dest/{kernel_prover/kernel_prover.js → private_kernel/private_kernel_execution_prover.js}

@@ -12,21 +12,21 @@ import { computeContractAddressFromInstance } from '@aztec/stdlib/contract';
 import { hashVK } from '@aztec/stdlib/hash';
 import { PrivateCallData, PrivateKernelCircuitPublicInputs, PrivateKernelData, PrivateKernelInitCircuitPrivateInputs, PrivateKernelInnerCircuitPrivateInputs, PrivateKernelTailCircuitPrivateInputs, PrivateVerificationKeyHints } from '@aztec/stdlib/kernel';
 import { ClientIvcProof } from '@aztec/stdlib/proofs';
-import { collectEnqueuedPublicFunctionCalls, collectNoteHashLeafIndexMap, collectNoteHashNullifierCounterMap, collectPublicTeardownFunctionCall, getFinalMinRevertibleSideEffectCounter } from '@aztec/stdlib/tx';
+import { collectNoteHashLeafIndexMap, collectNoteHashNullifierCounterMap, getFinalMinRevertibleSideEffectCounter } from '@aztec/stdlib/tx';
 import { VerificationKeyAsFields } from '@aztec/stdlib/vks';
 import { PrivateKernelResetPrivateInputsBuilder } from './hints/build_private_kernel_reset_private_inputs.js';
-const NULL_PROVE_OUTPUT = {
+const NULL_SIMULATE_OUTPUT = {
     publicInputs: PrivateKernelCircuitPublicInputs.empty(),
     verificationKey: VerificationKeyAsFields.makeEmpty(CLIENT_IVC_VERIFICATION_KEY_LENGTH_IN_FIELDS),
     outputWitness: new Map(),
     bytecode: Buffer.from([])
 };
 /**
- * The KernelProver class is responsible for generating kernel proofs.
- * It takes a transaction request, its signature, and the simulation result as inputs, and outputs a proof
- * along with output notes. The class interacts with a ProvingDataOracle to fetch membership witnesses and
- * constructs private call data based on the execution results.
- */ export class KernelProver {
+ * The PrivateKernelSequencer class is responsible for taking a transaction request and sequencing the
+ * the execution of the private functions within, sequenced with private kernel "glue" to check protocol rules.
+ * The result can be a client IVC proof of the private transaction portion, or just a simulation that can e.g.
+ * inform state tree updates.
+ */ export class PrivateKernelExecutionProver {
     oracle;
     proofCreator;
     fakeProofs;
@@ -35,7 +35,7 @@ const NULL_PROVE_OUTPUT = {
         this.oracle = oracle;
         this.proofCreator = proofCreator;
         this.fakeProofs = fakeProofs;
-        this.log = createLogger('pxe:kernel-prover');
+        this.log = createLogger('pxe:private-kernel-execution-prover');
     }
     /**
    * Generate a proof for a given transaction request and execution result.
@@ -47,50 +47,35 @@ const NULL_PROVE_OUTPUT = {
    * @param executionResult - The execution result object containing nested executions and preimages.
    * @param profile - Set true to profile the gate count for each circuit
    * @returns A Promise that resolves to a KernelProverOutput object containing proof, public inputs, and output notes.
-   * TODO(#7368) this should be refactored to not recreate the ACIR bytecode now that it operates on a program stack
-   */ async prove(txRequest, executionResult, { simulate, skipFeeEnforcement, profile } = {
+   */ async proveWithKernels(txRequest, executionResult, { simulate, skipFeeEnforcement, profileMode } = {
         simulate: false,
         skipFeeEnforcement: false,
-        profile: false
+        profileMode: 'none'
     }) {
         const skipProofGeneration = this.fakeProofs || simulate;
-        const generateWitnesses = !skipProofGeneration || profile;
+        const generateWitnesses = !skipProofGeneration || profileMode !== 'none';
         const timer = new Timer();
-        const isPrivateOnlyTx = this.isPrivateOnly(executionResult);
+        const isPrivateOnlyTx = executionResult.publicFunctionCalldata.length === 0;
         const executionStack = [
             executionResult.entrypoint
         ];
         let firstIteration = true;
-        let output = NULL_PROVE_OUTPUT;
-        const gateCounts = [];
-        const addGateCount = async (circuitName, bytecode)=>{
-            const gateCount = await this.proofCreator.computeGateCountForCircuit(bytecode, circuitName);
-            gateCounts.push({
-                circuitName,
-                gateCount
-            });
-            this.log.debug(`Gate count for ${circuitName} - ${gateCount}`);
-        };
+        let output = NULL_SIMULATE_OUTPUT;
+        const executionSteps = [];
         const noteHashLeafIndexMap = collectNoteHashLeafIndexMap(executionResult);
         const noteHashNullifierCounterMap = collectNoteHashNullifierCounterMap(executionResult);
-        const enqueuedPublicFunctions = collectEnqueuedPublicFunctionCalls(executionResult);
-        const hasPublicCalls = enqueuedPublicFunctions.length > 0 || !collectPublicTeardownFunctionCall(executionResult).isEmpty();
-        const validationRequestsSplitCounter = hasPublicCalls ? getFinalMinRevertibleSideEffectCounter(executionResult) : 0;
-        // vector of gzipped bincode acirs
-        const acirs = [];
-        const witnessStack = [];
+        const validationRequestsSplitCounter = isPrivateOnlyTx ? 0 : getFinalMinRevertibleSideEffectCounter(executionResult);
         while(executionStack.length){
             if (!firstIteration) {
                 let resetBuilder = new PrivateKernelResetPrivateInputsBuilder(output, executionStack, noteHashNullifierCounterMap, validationRequestsSplitCounter);
                 while(resetBuilder.needsReset()){
                     const privateInputs = await resetBuilder.build(this.oracle, noteHashLeafIndexMap);
-                    output = generateWitnesses ? await this.proofCreator.generateResetOutput(privateInputs) : await this.proofCreator.simulateReset(privateInputs);
-                    // TODO(#7368) consider refactoring this redundant bytecode pushing
-                    acirs.push(output.bytecode);
-                    witnessStack.push(output.outputWitness);
-                    if (profile) {
-                        await addGateCount('private_kernel_reset', output.bytecode);
-                    }
+                    output = simulate ? await this.proofCreator.simulateReset(privateInputs) : await this.proofCreator.generateResetOutput(privateInputs);
+                    executionSteps.push({
+                        functionName: 'private_kernel_reset',
+                        bytecode: output.bytecode,
+                        witness: output.outputWitness
+                    });
                     resetBuilder = new PrivateKernelResetPrivateInputsBuilder(output, executionStack, noteHashNullifierCounterMap, validationRequestsSplitCounter);
                 }
             }
@@ -99,35 +84,33 @@ const NULL_PROVE_OUTPUT = {
                 ...currentExecution.nestedExecutions
             ].reverse());
             const functionName = await this.oracle.getDebugFunctionName(currentExecution.publicInputs.callContext.contractAddress, currentExecution.publicInputs.callContext.functionSelector);
-            // TODO(#7368): This used to be associated with getDebugFunctionName
-            // TODO(#7368): Is there any way to use this with client IVC proving?
-            acirs.push(currentExecution.acir);
-            witnessStack.push(currentExecution.partialWitness);
-            if (profile) {
-                await addGateCount(functionName, currentExecution.acir);
-            }
+            executionSteps.push({
+                functionName: functionName,
+                bytecode: currentExecution.acir,
+                witness: currentExecution.partialWitness
+            });
             const privateCallData = await this.createPrivateCallData(currentExecution);
             if (firstIteration) {
                 const proofInput = new PrivateKernelInitCircuitPrivateInputs(txRequest, getVKTreeRoot(), protocolContractTreeRoot, privateCallData, isPrivateOnlyTx, executionResult.firstNullifier);
                 this.log.debug(`Calling private kernel init with isPrivateOnly ${isPrivateOnlyTx} and firstNullifierHint ${proofInput.firstNullifierHint}`);
                 pushTestData('private-kernel-inputs-init', proofInput);
                 output = generateWitnesses ? await this.proofCreator.generateInitOutput(proofInput) : await this.proofCreator.simulateInit(proofInput);
-                acirs.push(output.bytecode);
-                witnessStack.push(output.outputWitness);
-                if (profile) {
-                    await addGateCount('private_kernel_init', output.bytecode);
-                }
+                executionSteps.push({
+                    functionName: 'private_kernel_init',
+                    bytecode: output.bytecode,
+                    witness: output.outputWitness
+                });
             } else {
                 const previousVkMembershipWitness = await this.oracle.getVkMembershipWitness(output.verificationKey);
                 const previousKernelData = new PrivateKernelData(output.publicInputs, output.verificationKey, Number(previousVkMembershipWitness.leafIndex), assertLength(previousVkMembershipWitness.siblingPath, VK_TREE_HEIGHT));
                 const proofInput = new PrivateKernelInnerCircuitPrivateInputs(previousKernelData, privateCallData);
                 pushTestData('private-kernel-inputs-inner', proofInput);
                 output = generateWitnesses ? await this.proofCreator.generateInnerOutput(proofInput) : await this.proofCreator.simulateInner(proofInput);
-                acirs.push(output.bytecode);
-                witnessStack.push(output.outputWitness);
-                if (profile) {
-                    await addGateCount('private_kernel_inner', output.bytecode);
-                }
+                executionSteps.push({
+                    functionName: 'private_kernel_inner',
+                    bytecode: output.bytecode,
+                    witness: output.outputWitness
+                });
             }
             firstIteration = false;
         }
@@ -136,11 +119,11 @@ const NULL_PROVE_OUTPUT = {
         while(resetBuilder.needsReset()){
             const privateInputs = await resetBuilder.build(this.oracle, noteHashLeafIndexMap);
             output = generateWitnesses ? await this.proofCreator.generateResetOutput(privateInputs) : await this.proofCreator.simulateReset(privateInputs);
-            acirs.push(output.bytecode);
-            witnessStack.push(output.outputWitness);
-            if (profile) {
-                await addGateCount('private_kernel_reset', output.bytecode);
-            }
+            executionSteps.push({
+                functionName: 'private_kernel_reset',
+                bytecode: output.bytecode,
+                witness: output.outputWitness
+            });
             resetBuilder = new PrivateKernelResetPrivateInputsBuilder(output, [], noteHashNullifierCounterMap, validationRequestsSplitCounter);
         }
         if (output.publicInputs.feePayer.isZero() && skipFeeEnforcement) {
@@ -156,25 +139,40 @@ const NULL_PROVE_OUTPUT = {
         const privateInputs = new PrivateKernelTailCircuitPrivateInputs(previousKernelData);
         pushTestData('private-kernel-inputs-ordering', privateInputs);
         const tailOutput = generateWitnesses ? await this.proofCreator.generateTailOutput(privateInputs) : await this.proofCreator.simulateTail(privateInputs);
-        acirs.push(tailOutput.bytecode);
-        witnessStack.push(tailOutput.outputWitness);
-        if (profile) {
-            await addGateCount('private_kernel_tail', tailOutput.bytecode);
-            tailOutput.profileResult = {
-                gateCounts
-            };
+        executionSteps.push({
+            functionName: 'private_kernel_tail',
+            bytecode: tailOutput.bytecode,
+            witness: tailOutput.outputWitness
+        });
+        if (profileMode == 'gates' || profileMode == 'full') {
+            for (const entry of executionSteps){
+                const gateCount = await this.proofCreator.computeGateCountForCircuit(entry.bytecode, entry.functionName);
+                entry.gateCount = gateCount;
+            }
+        }
+        if (profileMode === 'gates') {
+            for (const entry of executionSteps){
+                // These buffers are often a few megabytes in size - prevent accidentally serializing them if not requested.
+                entry.bytecode = Buffer.from([]);
+                entry.witness = new Map();
+            }
         }
         if (generateWitnesses) {
             this.log.info(`Private kernel witness generation took ${timer.ms()}ms`);
         }
+        let clientIvcProof;
         // TODO(#7368) how do we 'bincode' encode these inputs?
         if (!skipProofGeneration) {
-            const ivcProof = await this.proofCreator.createClientIvcProof(acirs, witnessStack);
-            tailOutput.clientIvcProof = ivcProof;
+            clientIvcProof = await this.proofCreator.createClientIvcProof(executionSteps);
         } else {
-            tailOutput.clientIvcProof = ClientIvcProof.random();
+            clientIvcProof = ClientIvcProof.random();
         }
-        return tailOutput;
+        return {
+            publicInputs: tailOutput.publicInputs,
+            executionSteps,
+            clientIvcProof,
+            verificationKey: tailOutput.verificationKey
+        };
     }
     async createPrivateCallData({ publicInputs, vk: vkAsBuffer }) {
         const { contractAddress, functionSelector } = publicInputs.callContext;
@@ -207,11 +205,4 @@ const NULL_PROVE_OUTPUT = {
             })
         });
     }
-    isPrivateOnly(executionResult) {
-        const isPrivateOnlyRecursive = (callResult)=>{
-            const makesPublicCalls = callResult.enqueuedPublicFunctionCalls.some((enqueuedCall)=>!enqueuedCall.isEmpty()) || !callResult.publicTeardownFunctionCall.isEmpty();
-            return !makesPublicCalls && callResult.nestedExecutions.every((nestedExecution)=>isPrivateOnlyRecursive(nestedExecution));
-        };
-        return isPrivateOnlyRecursive(executionResult.entrypoint);
-    }
 }

package/dest/{kernel_prover/proving_data_oracle.d.ts → private_kernel/private_kernel_oracle.d.ts}

@@ -1,6 +1,6 @@
-import type { FUNCTION_TREE_HEIGHT, NOTE_HASH_TREE_HEIGHT, VK_TREE_HEIGHT } from '@aztec/constants';
+import { FUNCTION_TREE_HEIGHT, NOTE_HASH_TREE_HEIGHT, VK_TREE_HEIGHT } from '@aztec/constants';
 import type { Fr, GrumpkinScalar, Point } from '@aztec/foundation/fields';
-import type { MembershipWitness } from '@aztec/foundation/trees';
+import { MembershipWitness } from '@aztec/foundation/trees';
 import type { FunctionSelector } from '@aztec/stdlib/abi';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
 import { UpdatedClassIdHints } from '@aztec/stdlib/kernel';
@@ -8,10 +8,10 @@ import type { PublicKeys } from '@aztec/stdlib/keys';
 import type { NullifierMembershipWitness } from '@aztec/stdlib/trees';
 import type { VerificationKeyAsFields } from '@aztec/stdlib/vks';
 /**
- * Provides functionality to fetch membership witnesses for verification keys,
- * contract addresses, and function selectors in their respective merkle trees.
+ * Provides functionality needed by the private kernel for interacting with our state trees.
+ * This is either PrivateKernelOracleImpl, or a mocked test implementation.
  */
-export interface ProvingDataOracle {
+export interface PrivateKernelOracle {
     /** Retrieves the preimage of a contract address from the registered contract instances db. */
     getContractAddressPreimage(address: AztecAddress): Promise<{
         saltedInitializationHash: Fr;
@@ -26,37 +26,23 @@ export interface ProvingDataOracle {
         privateFunctionsRoot: Fr;
     }>;
     /**
-     * Retrieve the function membership witness for the given contract class and function selector.
-     * The function membership witness represents a proof that the function belongs to the specified contract.
-     * Throws an error if the contract address or function selector is unknown.
-     *
-     * @param contractClassId - The id of the class.
-     * @param selector - The function selector.
-     * @returns A promise that resolves with the MembershipWitness instance for the specified contract's function.
+     * Returns a membership witness with the sibling path and leaf index in our private functions tree.
      */
     getFunctionMembershipWitness(contractClassId: Fr, selector: FunctionSelector): Promise<MembershipWitness<typeof FUNCTION_TREE_HEIGHT>>;
     /**
-     * Retrieve the membership witness corresponding to a verification key.
-     * This function currently returns a random membership witness of the specified height,
-     * which is a placeholder implementation until a concrete membership witness calculation
-     * is implemented.
-     *
-     * @param vk - The VerificationKey for which the membership witness is needed.
-     * @returns A Promise that resolves to the MembershipWitness instance.
+     * Returns a membership witness with the sibling path and leaf index in our protocol VK indexed merkle tree.
+     * Used to validate the previous kernel's verification key.
      */
     getVkMembershipWitness(vk: VerificationKeyAsFields): Promise<MembershipWitness<typeof VK_TREE_HEIGHT>>;
     /**
-     * Get the note membership witness for a note in the note hash tree at the given leaf index.
-     *
-     * @param leafIndex - The leaf index of the note in the note hash tree.
-     * @returns the MembershipWitness for the note.
+     * Returns a membership witness with the sibling path and leaf index in our private function indexed merkle tree.
+     */ getNoteHashMembershipWitness(leafIndex: bigint): Promise<MembershipWitness<typeof NOTE_HASH_TREE_HEIGHT>>;
+    /**
+     * Returns a membership witness with the sibling path and leaf index in our nullifier indexed merkle tree.
      */
-    getNoteHashMembershipWitness(leafIndex: bigint): Promise<MembershipWitness<typeof NOTE_HASH_TREE_HEIGHT>>;
     getNullifierMembershipWitness(nullifier: Fr): Promise<NullifierMembershipWitness | undefined>;
     /**
-     * Get the root of the note hash tree.
-     *
-     * @returns the root of the note hash tree.
+     * Returns the root of our note hash merkle tree.
      */
     getNoteHashTreeRoot(): Promise<Fr>;
     /**
@@ -67,7 +53,10 @@ export interface ProvingDataOracle {
      * @dev Used when feeding the sk_m to the kernel circuit for keys verification.
      */
     getMasterSecretKey(masterPublicKey: Point): Promise<GrumpkinScalar>;
+    /** Use debug data to get the function name corresponding to a selector. */
     getDebugFunctionName(contractAddress: AztecAddress, selector: FunctionSelector): Promise<string | undefined>;
+    /** Returns a membership witness and leaf index to our public data indexed merkle tree,
+     * along with an associated SharedMutable containing the class ID to update. */
     getUpdatedClassIdHints(contractAddress: AztecAddress): Promise<UpdatedClassIdHints>;
 }
-//# sourceMappingURL=proving_data_oracle.d.ts.map
+//# sourceMappingURL=private_kernel_oracle.d.ts.map

package/dest/private_kernel/private_kernel_oracle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"private_kernel_oracle.d.ts","sourceRoot":"","sources":["../../src/private_kernel/private_kernel_oracle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAC/F,OAAO,KAAK,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACtE,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAEjE;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,8FAA8F;IAC9F,0BAA0B,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC;QACzD,wBAAwB,EAAE,EAAE,CAAC;QAC7B,UAAU,EAAE,UAAU,CAAC;QACvB,sBAAsB,EAAE,EAAE,CAAC;QAC3B,uBAAuB,EAAE,EAAE,CAAC;KAC7B,CAAC,CAAC;IAEH,kFAAkF;IAClF,0BAA0B,CACxB,eAAe,EAAE,EAAE,GAClB,OAAO,CAAC;QAAE,YAAY,EAAE,EAAE,CAAC;QAAC,wBAAwB,EAAE,EAAE,CAAC;QAAC,oBAAoB,EAAE,EAAE,CAAA;KAAE,CAAC,CAAC;IAEzF;;OAEG;IACH,4BAA4B,CAC1B,eAAe,EAAE,EAAE,EACnB,QAAQ,EAAE,gBAAgB,GACzB,OAAO,CAAC,iBAAiB,CAAC,OAAO,oBAAoB,CAAC,CAAC,CAAC;IAE3D;;;OAGG;IACH,sBAAsB,CAAC,EAAE,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,OAAO,cAAc,CAAC,CAAC,CAAC;IAEvG;;OAEG,CAAC,4BAA4B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,OAAO,qBAAqB,CAAC,CAAC,CAAC;IAE9G;;OAEG;IACH,6BAA6B,CAAC,SAAS,EAAE,EAAE,GAAG,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAAC;IAC9F;;OAEG;IACH,mBAAmB,IAAI,OAAO,CAAC,EAAE,CAAC,CAAC;IAEnC;;;;;;OAMG;IACH,kBAAkB,CAAC,eAAe,EAAE,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAEpE,2EAA2E;IAC3E,oBAAoB,CAAC,eAAe,EAAE,YAAY,EAAE,QAAQ,EAAE,gBAAgB,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;IAE7G;mFAC+E;IAC/E,sBAAsB,CAAC,eAAe,EAAE,YAAY,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;CACrF"}

package/dest/private_kernel/private_kernel_oracle.js

@@ -0,0 +1,4 @@
+/**
+ * Provides functionality needed by the private kernel for interacting with our state trees.
+ * This is either PrivateKernelOracleImpl, or a mocked test implementation.
+ */ export { };

package/dest/{kernel_oracle/index.d.ts → private_kernel/private_kernel_oracle_impl.d.ts}

@@ -1,4 +1,4 @@
-import { type NOTE_HASH_TREE_HEIGHT } from '@aztec/constants';
+import { NOTE_HASH_TREE_HEIGHT } from '@aztec/constants';
 import type { Fr, GrumpkinScalar, Point } from '@aztec/foundation/fields';
 import { MembershipWitness } from '@aztec/foundation/trees';
 import type { KeyStore } from '@aztec/key-store';
@@ -9,12 +9,12 @@ import type { AztecNode } from '@aztec/stdlib/interfaces/client';
 import { UpdatedClassIdHints } from '@aztec/stdlib/kernel';
 import type { NullifierMembershipWitness } from '@aztec/stdlib/trees';
 import type { VerificationKeyAsFields } from '@aztec/stdlib/vks';
-import type { ContractDataProvider } from '../storage/contract_data_provider/contract_data_provider.js';
-import type { ProvingDataOracle } from './../kernel_prover/proving_data_oracle.js';
+import type { ContractDataProvider } from '../storage/index.js';
+import type { PrivateKernelOracle } from './private_kernel_oracle.js';
 /**
  * A data oracle that provides information needed for simulating a transaction.
  */
-export declare class KernelOracle implements ProvingDataOracle {
+export declare class PrivateKernelOracleImpl implements PrivateKernelOracle {
     private contractDataProvider;
     private keyStore;
     private node;
@@ -28,7 +28,7 @@ export declare class KernelOracle implements ProvingDataOracle {
         currentContractClassId: Fr;
         originalContractClassId: Fr;
         initializationHash: Fr;
-        publicKeys: import("@aztec/aztec.js").PublicKeys;
+        publicKeys: import("@aztec/stdlib/keys").PublicKeys;
         address: AztecAddress;
         saltedInitializationHash: Fr;
     }>;
@@ -42,4 +42,4 @@ export declare class KernelOracle implements ProvingDataOracle {
     getDebugFunctionName(contractAddress: AztecAddress, selector: FunctionSelector): Promise<string>;
     getUpdatedClassIdHints(contractAddress: AztecAddress): Promise<UpdatedClassIdHints>;
 }
-//# sourceMappingURL=index.d.ts.map
+//# sourceMappingURL=private_kernel_oracle_impl.d.ts.map

package/dest/private_kernel/private_kernel_oracle_impl.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"private_kernel_oracle_impl.d.ts","sourceRoot":"","sources":["../../src/private_kernel/private_kernel_oracle_impl.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAA2C,MAAM,kBAAkB,CAAC;AAClG,OAAO,KAAK,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,0BAA0B,CAAC;AAG1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAGjD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAGzD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE3D,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACtE,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAEjE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAChE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAItE;;GAEG;AAEH,qBAAa,uBAAwB,YAAW,mBAAmB;IAE/D,OAAO,CAAC,oBAAoB;IAC5B,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,IAAI;IACZ,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,GAAG;gBAJH,oBAAoB,EAAE,oBAAoB,EAC1C,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,SAAS,EACf,WAAW,GAAE,aAAwB,EACrC,GAAG,yCAAoC;IAGpC,0BAA0B,CAAC,OAAO,EAAE,YAAY;;;;;;;;;;;IAWhD,0BAA0B,CAAC,eAAe,EAAE,EAAE;IAQ9C,4BAA4B,CAAC,eAAe,EAAE,EAAE,EAAE,QAAQ,EAAE,gBAAgB;IAUlF,sBAAsB,CAAC,EAAE,EAAE,uBAAuB;IAKnD,4BAA4B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,OAAO,qBAAqB,CAAC,CAAC;IAS/G,6BAA6B,CAAC,SAAS,EAAE,EAAE,GAAG,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC;IAIvF,mBAAmB,IAAI,OAAO,CAAC,EAAE,CAAC;IAQjC,kBAAkB,CAAC,eAAe,EAAE,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC;IAInE,oBAAoB,CAAC,eAAe,EAAE,YAAY,EAAE,QAAQ,EAAE,gBAAgB,GAAG,OAAO,CAAC,MAAM,CAAC;IAI1F,sBAAsB,CAAC,eAAe,EAAE,YAAY,GAAG,OAAO,CAAC,mBAAmB,CAAC;CA6BjG"}

package/dest/{kernel_oracle/index.js → private_kernel/private_kernel_oracle_impl.js}

@@ -11,7 +11,7 @@ import { SharedMutableValues, SharedMutableValuesWithHash } from '@aztec/stdlib/
 // It should be fixed at the time the proof is being simulated. I.e., it should be the same as the value defined in the constant data.
 /**
  * A data oracle that provides information needed for simulating a transaction.
- */ export class KernelOracle {
+ */ export class PrivateKernelOracleImpl {
     contractDataProvider;
     keyStore;
     node;
@@ -26,6 +26,9 @@ import { SharedMutableValues, SharedMutableValuesWithHash } from '@aztec/stdlib/
     }
     async getContractAddressPreimage(address) {
         const instance = await this.contractDataProvider.getContractInstance(address);
+        if (!instance) {
+            throw new Error(`Contract instance not found when getting address preimage. Contract address: ${address}.`);
+        }
         return {
             saltedInitializationHash: await computeSaltedInitializationHash(instance),
             ...instance
@@ -33,10 +36,17 @@ import { SharedMutableValues, SharedMutableValuesWithHash } from '@aztec/stdlib/
     }
     async getContractClassIdPreimage(contractClassId) {
         const contractClass = await this.contractDataProvider.getContractClass(contractClassId);
+        if (!contractClass) {
+            throw new Error(`Contract class not found when getting class id preimage. Class id: ${contractClassId}.`);
+        }
         return computeContractClassIdPreimage(contractClass);
     }
     async getFunctionMembershipWitness(contractClassId, selector) {
-        return await this.contractDataProvider.getFunctionMembershipWitness(contractClassId, selector);
+        const membershipWitness = await this.contractDataProvider.getFunctionMembershipWitness(contractClassId, selector);
+        if (!membershipWitness) {
+            throw new Error(`Membership witness not found for contract class id ${contractClassId} and selector ${selector}.`);
+        }
+        return membershipWitness;
     }
     getVkMembershipWitness(vk) {
         const leafIndex = getVKIndex(vk);
@@ -65,7 +75,7 @@ import { SharedMutableValues, SharedMutableValuesWithHash } from '@aztec/stdlib/
     async getUpdatedClassIdHints(contractAddress) {
         const { sharedMutableSlot, sharedMutableHashSlot } = await SharedMutableValuesWithHash.getContractUpdateSlots(contractAddress);
         const hashLeafSlot = await computePublicDataTreeLeafSlot(ProtocolContractAddress.ContractInstanceDeployer, sharedMutableHashSlot);
-        const updatedClassIdWitness = await this.node.getPublicDataTreeWitness(this.blockNumber, hashLeafSlot);
+        const updatedClassIdWitness = await this.node.getPublicDataWitness(this.blockNumber, hashLeafSlot);
         if (!updatedClassIdWitness) {
             throw new Error(`No public data tree witness found for ${hashLeafSlot}`);
         }