@aztec/pxe 1.2.1 → 2.0.0-nightly.20250813

package/src/private_kernel/hints/build_private_kernel_reset_private_inputs.ts

@@ -14,6 +14,7 @@ import { type Tuple, assertLength } from '@aztec/foundation/serialize';
 import { MembershipWitness } from '@aztec/foundation/trees';
 import { privateKernelResetDimensionsConfig } from '@aztec/noir-protocol-circuits-types/client';
 import {
+  ClaimedLengthArray,
   KeyValidationHint,
   PaddedSideEffects,
   type PrivateCircuitPublicInputs,
@@ -24,21 +25,19 @@ import {
   PrivateKernelResetHints,
   type PrivateKernelSimulateOutput,
   type ReadRequest,
-  ReadRequestResetStates,
-  ReadRequestState,
+  ReadRequestActionEnum,
+  ReadRequestResetActions,
   type ScopedKeyValidationRequestAndGenerator,
   ScopedNoteHash,
   ScopedNullifier,
   ScopedReadRequest,
-  TransientDataIndexHint,
-  buildNoteHashReadRequestHintsFromResetStates,
-  buildNullifierReadRequestHintsFromResetStates,
+  TransientDataSquashingHint,
+  buildNoteHashReadRequestHintsFromResetActions,
+  buildNullifierReadRequestHintsFromResetActions,
   buildTransientDataHints,
-  countAccumulatedItems,
   findPrivateKernelResetDimensions,
-  getNonEmptyItems,
-  getNoteHashReadRequestResetStates,
-  getNullifierReadRequestResetStates,
+  getNoteHashReadRequestResetActions,
+  getNullifierReadRequestResetActions,
   privateKernelResetDimensionNames,
 } from '@aztec/stdlib/kernel';
 import { type PrivateCallExecutionResult, collectNested } from '@aztec/stdlib/tx';
@@ -46,15 +45,14 @@ import { VkData } from '@aztec/stdlib/vks';
 
 import type { PrivateKernelOracle } from '../private_kernel_oracle.js';
 
-function collectNestedReadRequests(
+function collectNestedReadRequests<N extends number>(
   executionStack: PrivateCallExecutionResult[],
-  extractReadRequests: (execution: PrivateCallExecutionResult) => ReadRequest[],
+  extractReadRequests: (execution: PrivateCallExecutionResult) => ClaimedLengthArray<ReadRequest, N>,
 ): ScopedReadRequest[] {
   return collectNested(executionStack, executionResult => {
-    const nonEmptyReadRequests = getNonEmptyItems(extractReadRequests(executionResult));
-    return nonEmptyReadRequests.map(
-      readRequest => new ScopedReadRequest(readRequest, executionResult.publicInputs.callContext.contractAddress),
-    );
+    return extractReadRequests(executionResult)
+      .getActiveItems()
+      .map(readRequest => new ScopedReadRequest(readRequest, executionResult.publicInputs.callContext.contractAddress));
   });
 }
 
@@ -74,13 +72,16 @@ function getNullifierMembershipWitnessResolver(oracle: PrivateKernelOracle) {
 }
 
 async function getMasterSecretKeysAndAppKeyGenerators(
-  keyValidationRequests: Tuple<ScopedKeyValidationRequestAndGenerator, typeof MAX_KEY_VALIDATION_REQUESTS_PER_TX>,
+  keyValidationRequests: ClaimedLengthArray<
+    ScopedKeyValidationRequestAndGenerator,
+    typeof MAX_KEY_VALIDATION_REQUESTS_PER_TX
+  >,
   numRequestsToVerify: number,
   oracle: PrivateKernelOracle,
 ) {
-  const numRequests = countAccumulatedItems(keyValidationRequests);
+  const numRequestsToProcess = Math.min(keyValidationRequests.claimedLength, numRequestsToVerify);
   const keysHints = await Promise.all(
-    keyValidationRequests.slice(0, Math.min(numRequests, numRequestsToVerify)).map(async ({ request }) => {
+    keyValidationRequests.array.slice(0, numRequestsToProcess).map(async ({ request }) => {
       const secretKeys = await oracle.getMasterSecretKey(request.request.pkM);
       return new KeyValidationHint(secretKeys);
     }),
@@ -93,10 +94,10 @@ export class PrivateKernelResetPrivateInputsBuilder {
   // If there's no next iteration, it's the final reset.
   private nextIteration?: PrivateCircuitPublicInputs;
 
-  private noteHashResetStates: ReadRequestResetStates<typeof MAX_NOTE_HASH_READ_REQUESTS_PER_TX>;
-  private nullifierResetStates: ReadRequestResetStates<typeof MAX_NULLIFIER_READ_REQUESTS_PER_TX>;
+  private noteHashResetActions: ReadRequestResetActions<typeof MAX_NOTE_HASH_READ_REQUESTS_PER_TX>;
+  private nullifierResetActions: ReadRequestResetActions<typeof MAX_NULLIFIER_READ_REQUESTS_PER_TX>;
   private numTransientData?: number;
-  private transientDataIndexHints: Tuple<TransientDataIndexHint, typeof MAX_NULLIFIERS_PER_TX>;
+  private transientDataSquashingHints: Tuple<TransientDataSquashingHint, typeof MAX_NULLIFIERS_PER_TX>;
   private requestedDimensions: PrivateKernelResetDimensions;
 
   constructor(
@@ -107,11 +108,11 @@ export class PrivateKernelResetPrivateInputsBuilder {
   ) {
     this.previousKernel = previousKernelOutput.publicInputs;
     this.requestedDimensions = PrivateKernelResetDimensions.empty();
-    this.noteHashResetStates = ReadRequestResetStates.empty(MAX_NOTE_HASH_READ_REQUESTS_PER_TX);
-    this.nullifierResetStates = ReadRequestResetStates.empty(MAX_NULLIFIER_READ_REQUESTS_PER_TX);
-    this.transientDataIndexHints = makeTuple(
+    this.noteHashResetActions = ReadRequestResetActions.empty(MAX_NOTE_HASH_READ_REQUESTS_PER_TX);
+    this.nullifierResetActions = ReadRequestResetActions.empty(MAX_NULLIFIER_READ_REQUESTS_PER_TX);
+    this.transientDataSquashingHints = makeTuple(
       MAX_NULLIFIERS_PER_TX,
-      () => new TransientDataIndexHint(MAX_NULLIFIERS_PER_TX, MAX_NOTE_HASHES_PER_TX),
+      () => new TransientDataSquashingHint(MAX_NULLIFIERS_PER_TX, MAX_NOTE_HASHES_PER_TX),
     );
     this.nextIteration = executionStack[this.executionStack.length - 1]?.publicInputs;
   }
@@ -169,13 +170,13 @@ export class PrivateKernelResetPrivateInputsBuilder {
     );
     const previousKernelData = new PrivateKernelData(this.previousKernelOutput.publicInputs, vkData);
 
-    this.reduceReadRequestStates(
-      this.noteHashResetStates,
+    this.reduceReadRequestActions(
+      this.noteHashResetActions,
       dimensions.NOTE_HASH_PENDING_READ,
       dimensions.NOTE_HASH_SETTLED_READ,
     );
-    this.reduceReadRequestStates(
-      this.nullifierResetStates,
+    this.reduceReadRequestActions(
+      this.nullifierResetActions,
       dimensions.NULLIFIER_PENDING_READ,
       dimensions.NULLIFIER_SETTLED_READ,
     );
@@ -187,101 +188,104 @@ export class PrivateKernelResetPrivateInputsBuilder {
       previousKernelData,
       paddedSideEffects,
       new PrivateKernelResetHints(
-        await buildNoteHashReadRequestHintsFromResetStates(
+        await buildNoteHashReadRequestHintsFromResetActions(
           oracle,
           this.previousKernel.validationRequests.noteHashReadRequests,
           this.previousKernel.end.noteHashes,
-          this.noteHashResetStates,
+          this.noteHashResetActions,
           noteHashLeafIndexMap,
         ),
-        await buildNullifierReadRequestHintsFromResetStates(
+        await buildNullifierReadRequestHintsFromResetActions(
           { getNullifierMembershipWitness: getNullifierMembershipWitnessResolver(oracle) },
           this.previousKernel.validationRequests.nullifierReadRequests,
-          this.nullifierResetStates,
+          this.nullifierResetActions,
         ),
         await getMasterSecretKeysAndAppKeyGenerators(
           this.previousKernel.validationRequests.scopedKeyValidationRequestsAndGenerators,
           dimensions.KEY_VALIDATION,
           oracle,
         ),
-        this.transientDataIndexHints,
+        this.transientDataSquashingHints,
         this.validationRequestsSplitCounter,
       ),
       dimensions,
     );
   }
 
-  private reduceReadRequestStates<NUM_READS extends number>(
-    resetStates: ReadRequestResetStates<NUM_READS>,
+  private reduceReadRequestActions<NUM_READS extends number>(
+    resetActions: ReadRequestResetActions<NUM_READS>,
     maxPending: number,
     maxSettled: number,
   ) {
     let numPending = 0;
     let numSettled = 0;
-    for (let i = 0; i < resetStates.states.length; i++) {
-      const state = resetStates.states[i];
-      if (state === ReadRequestState.PENDING) {
+    for (let i = 0; i < resetActions.actions.length; i++) {
+      const action = resetActions.actions[i];
+      if (action === ReadRequestActionEnum.READ_AS_PENDING) {
         if (numPending < maxPending) {
           numPending++;
         } else {
-          resetStates.states[i] = ReadRequestState.NADA;
+          resetActions.actions[i] = ReadRequestActionEnum.SKIP;
         }
-      } else if (state === ReadRequestState.SETTLED) {
+      } else if (action === ReadRequestActionEnum.READ_AS_SETTLED) {
         if (numSettled < maxSettled) {
           numSettled++;
         } else {
-          resetStates.states[i] = ReadRequestState.NADA;
+          resetActions.actions[i] = ReadRequestActionEnum.SKIP;
         }
       }
     }
 
-    resetStates.pendingReadHints = resetStates.pendingReadHints.slice(0, maxPending);
+    resetActions.pendingReadHints = resetActions.pendingReadHints.slice(0, maxPending);
   }
 
   private needsResetNoteHashReadRequests(forceResetAll = false) {
-    const numCurr = countAccumulatedItems(this.previousKernel.validationRequests.noteHashReadRequests);
-    const numNext = this.nextIteration ? countAccumulatedItems(this.nextIteration.noteHashReadRequests) : 0;
+    const numCurr = this.previousKernel.validationRequests.noteHashReadRequests.claimedLength;
+    const numNext = this.nextIteration ? this.nextIteration.noteHashReadRequests.claimedLength : 0;
     const maxAmountToKeep = !this.nextIteration || forceResetAll ? 0 : MAX_NOTE_HASH_READ_REQUESTS_PER_TX;
     if (numCurr + numNext <= maxAmountToKeep) {
       return false;
     }
 
     const futureNoteHashes = collectNested(this.executionStack, executionResult => {
-      const nonEmptyNoteHashes = getNonEmptyItems(executionResult.publicInputs.noteHashes);
-      return nonEmptyNoteHashes.map(
-        noteHash => new ScopedNoteHash(noteHash, executionResult.publicInputs.callContext.contractAddress),
-      );
+      return executionResult.publicInputs.noteHashes
+        .getActiveItems()
+        .map(noteHash => new ScopedNoteHash(noteHash, executionResult.publicInputs.callContext.contractAddress));
     });
 
-    const resetStates = getNoteHashReadRequestResetStates(
+    const resetActions = getNoteHashReadRequestResetActions(
       this.previousKernel.validationRequests.noteHashReadRequests,
       this.previousKernel.end.noteHashes,
       futureNoteHashes,
     );
 
-    const numPendingReads = resetStates.pendingReadHints.length;
-    const numSettledReads = resetStates.states.reduce(
-      (accum, state) => accum + (state === ReadRequestState.SETTLED ? 1 : 0),
+    const numPendingReads = resetActions.pendingReadHints.length;
+    const numSettledReads = resetActions.actions.reduce(
+      (accum, action) => accum + (action === ReadRequestActionEnum.READ_AS_SETTLED ? 1 : 0),
       0,
     );
 
     if (!this.nextIteration) {
-      this.noteHashResetStates = resetStates;
+      this.noteHashResetActions = resetActions;
       this.requestedDimensions.NOTE_HASH_PENDING_READ = numPendingReads;
       this.requestedDimensions.NOTE_HASH_SETTLED_READ = numSettledReads;
     } else {
       // Pick only one dimension to reset if next iteration is not empty.
       if (numPendingReads > numSettledReads) {
         this.requestedDimensions.NOTE_HASH_PENDING_READ = numPendingReads;
-        this.noteHashResetStates.states = assertLength(
-          resetStates.states.map(state => (state === ReadRequestState.PENDING ? state : ReadRequestState.NADA)),
+        this.noteHashResetActions.actions = assertLength(
+          resetActions.actions.map(action =>
+            action === ReadRequestActionEnum.READ_AS_PENDING ? action : ReadRequestActionEnum.SKIP,
+          ),
           MAX_NOTE_HASH_READ_REQUESTS_PER_TX,
         );
-        this.noteHashResetStates.pendingReadHints = resetStates.pendingReadHints;
+        this.noteHashResetActions.pendingReadHints = resetActions.pendingReadHints;
       } else {
         this.requestedDimensions.NOTE_HASH_SETTLED_READ = numSettledReads;
-        this.noteHashResetStates.states = assertLength(
-          resetStates.states.map(state => (state === ReadRequestState.SETTLED ? state : ReadRequestState.NADA)),
+        this.noteHashResetActions.actions = assertLength(
+          resetActions.actions.map(action =>
+            action === ReadRequestActionEnum.READ_AS_SETTLED ? action : ReadRequestActionEnum.SKIP,
+          ),
           MAX_NOTE_HASH_READ_REQUESTS_PER_TX,
         );
       }
@@ -291,49 +295,52 @@ export class PrivateKernelResetPrivateInputsBuilder {
   }
 
   private needsResetNullifierReadRequests(forceResetAll = false) {
-    const numCurr = countAccumulatedItems(this.previousKernel.validationRequests.nullifierReadRequests);
-    const numNext = this.nextIteration ? countAccumulatedItems(this.nextIteration.nullifierReadRequests) : 0;
+    const numCurr = this.previousKernel.validationRequests.nullifierReadRequests.claimedLength;
+    const numNext = this.nextIteration ? this.nextIteration.nullifierReadRequests.claimedLength : 0;
     const maxAmountToKeep = !this.nextIteration || forceResetAll ? 0 : MAX_NULLIFIER_READ_REQUESTS_PER_TX;
     if (numCurr + numNext <= maxAmountToKeep) {
       return false;
     }
 
     const futureNullifiers = collectNested(this.executionStack, executionResult => {
-      const nonEmptyNullifiers = getNonEmptyItems(executionResult.publicInputs.nullifiers);
-      return nonEmptyNullifiers.map(
-        nullifier => new ScopedNullifier(nullifier, executionResult.publicInputs.callContext.contractAddress),
-      );
+      return executionResult.publicInputs.nullifiers
+        .getActiveItems()
+        .map(nullifier => new ScopedNullifier(nullifier, executionResult.publicInputs.callContext.contractAddress));
     });
 
-    const resetStates = getNullifierReadRequestResetStates(
+    const resetActions = getNullifierReadRequestResetActions(
       this.previousKernel.validationRequests.nullifierReadRequests,
       this.previousKernel.end.nullifiers,
       futureNullifiers,
     );
 
-    const numPendingReads = resetStates.pendingReadHints.length;
-    const numSettledReads = resetStates.states.reduce(
-      (accum, state) => accum + (state === ReadRequestState.SETTLED ? 1 : 0),
+    const numPendingReads = resetActions.pendingReadHints.length;
+    const numSettledReads = resetActions.actions.reduce(
+      (accum, action) => accum + (action === ReadRequestActionEnum.READ_AS_SETTLED ? 1 : 0),
       0,
     );
 
     if (!this.nextIteration) {
-      this.nullifierResetStates = resetStates;
+      this.nullifierResetActions = resetActions;
       this.requestedDimensions.NULLIFIER_PENDING_READ = numPendingReads;
       this.requestedDimensions.NULLIFIER_SETTLED_READ = numSettledReads;
     } else {
       // Pick only one dimension to reset if next iteration is not empty.
       if (numPendingReads > numSettledReads) {
         this.requestedDimensions.NULLIFIER_PENDING_READ = numPendingReads;
-        this.nullifierResetStates.states = assertLength(
-          resetStates.states.map(state => (state === ReadRequestState.PENDING ? state : ReadRequestState.NADA)),
+        this.nullifierResetActions.actions = assertLength(
+          resetActions.actions.map(action =>
+            action === ReadRequestActionEnum.READ_AS_PENDING ? action : ReadRequestActionEnum.SKIP,
+          ),
           MAX_NULLIFIER_READ_REQUESTS_PER_TX,
         );
-        this.nullifierResetStates.pendingReadHints = resetStates.pendingReadHints;
+        this.nullifierResetActions.pendingReadHints = resetActions.pendingReadHints;
       } else {
         this.requestedDimensions.NULLIFIER_SETTLED_READ = numSettledReads;
-        this.nullifierResetStates.states = assertLength(
-          resetStates.states.map(state => (state === ReadRequestState.SETTLED ? state : ReadRequestState.NADA)),
+        this.nullifierResetActions.actions = assertLength(
+          resetActions.actions.map(action =>
+            action === ReadRequestActionEnum.READ_AS_SETTLED ? action : ReadRequestActionEnum.SKIP,
+          ),
           MAX_NULLIFIER_READ_REQUESTS_PER_TX,
         );
       }
@@ -343,12 +350,8 @@ export class PrivateKernelResetPrivateInputsBuilder {
   }
 
   private needsResetNullifierKeys() {
-    const numCurr = countAccumulatedItems(
-      this.previousKernel.validationRequests.scopedKeyValidationRequestsAndGenerators,
-    );
-    const numNext = this.nextIteration
-      ? countAccumulatedItems(this.nextIteration.keyValidationRequestsAndGenerators)
-      : 0;
+    const numCurr = this.previousKernel.validationRequests.scopedKeyValidationRequestsAndGenerators.claimedLength;
+    const numNext = this.nextIteration ? this.nextIteration.keyValidationRequestsAndGenerators.claimedLength : 0;
     const maxAmountToKeep = !this.nextIteration ? 0 : MAX_KEY_VALIDATION_REQUESTS_PER_TX;
     if (numCurr + numNext <= maxAmountToKeep) {
       return false;
@@ -364,16 +367,13 @@ export class PrivateKernelResetPrivateInputsBuilder {
     this.numTransientData = 0;
 
     const nextAccumNoteHashes =
-      countAccumulatedItems(this.previousKernel.end.noteHashes) +
-      countAccumulatedItems(this.nextIteration?.noteHashes ?? []);
+      this.previousKernel.end.noteHashes.claimedLength + (this.nextIteration?.noteHashes.claimedLength ?? 0);
     const noteHashWillOverflow = nextAccumNoteHashes > MAX_NOTE_HASHES_PER_TX;
     const nextAccumNullifiers =
-      countAccumulatedItems(this.previousKernel.end.nullifiers) +
-      countAccumulatedItems(this.nextIteration?.nullifiers ?? []);
+      this.previousKernel.end.nullifiers.claimedLength + (this.nextIteration?.nullifiers.claimedLength ?? 0);
     const nullifierWillOverflow = nextAccumNullifiers > MAX_NULLIFIERS_PER_TX;
     const nextAccumLogs =
-      countAccumulatedItems(this.previousKernel.end.privateLogs) +
-      countAccumulatedItems(this.nextIteration?.privateLogs ?? []);
+      this.previousKernel.end.privateLogs.claimedLength + (this.nextIteration?.privateLogs.claimedLength ?? 0);
     const logsWillOverflow = nextAccumLogs > MAX_PRIVATE_LOGS_PER_TX;
 
     if (this.nextIteration && !noteHashWillOverflow && !nullifierWillOverflow && !logsWillOverflow) {
@@ -388,26 +388,22 @@ export class PrivateKernelResetPrivateInputsBuilder {
       this.executionStack,
       executionResult => executionResult.publicInputs.nullifierReadRequests,
     );
+    // TODO(#15902): Collect future logs and only allow squashing a note hash when all its logs have been emitted
+    // (i.e. none of the future logs are linked to the to-be-squashed note hashes).
     if (this.nextIteration) {
       // If it's not the final reset, only one dimension will be reset at a time.
       // The note hashes and nullifiers for the remaining read requests can't be squashed.
-      futureNoteHashReads.push(
-        ...this.previousKernel.validationRequests.noteHashReadRequests.filter(r => !r.isEmpty()),
-      );
-      futureNullifierReads.push(
-        ...this.previousKernel.validationRequests.nullifierReadRequests.filter(r => !r.isEmpty()),
-      );
+      futureNoteHashReads.push(...this.previousKernel.validationRequests.noteHashReadRequests.getActiveItems());
+      futureNullifierReads.push(...this.previousKernel.validationRequests.nullifierReadRequests.getActiveItems());
     }
 
-    const { numTransientData, hints: transientDataIndexHints } = buildTransientDataHints(
+    const { numTransientData, hints: transientDataSquashingHints } = buildTransientDataHints(
       this.previousKernel.end.noteHashes,
       this.previousKernel.end.nullifiers,
       futureNoteHashReads,
       futureNullifierReads,
       this.noteHashNullifierCounterMap,
       this.validationRequestsSplitCounter,
-      MAX_NOTE_HASHES_PER_TX,
-      MAX_NULLIFIERS_PER_TX,
     );
 
     if (this.nextIteration && !numTransientData) {
@@ -430,7 +426,7 @@ export class PrivateKernelResetPrivateInputsBuilder {
     }
 
     this.numTransientData = numTransientData;
-    this.transientDataIndexHints = transientDataIndexHints;
+    this.transientDataSquashingHints = transientDataSquashingHints;
     this.requestedDimensions.TRANSIENT_DATA_SQUASHING = numTransientData;
 
     return numTransientData > 0;
@@ -441,7 +437,9 @@ export class PrivateKernelResetPrivateInputsBuilder {
       throw new Error('`needsResetTransientData` must be run before `needsSiloNoteHashes`.');
     }
 
-    const numNoteHashes = this.previousKernel.end.noteHashes.filter(n => !n.contractAddress.isZero()).length;
+    const numNoteHashes = this.previousKernel.end.noteHashes
+      .getActiveItems()
+      .filter(n => !n.contractAddress.isZero()).length;
     const numToSilo = Math.max(0, numNoteHashes - this.numTransientData);
     this.requestedDimensions.NOTE_HASH_SILOING = numToSilo;
 
@@ -453,7 +451,9 @@ export class PrivateKernelResetPrivateInputsBuilder {
       throw new Error('`needsResetTransientData` must be run before `needsSiloNullifiers`.');
     }
 
-    const numNullifiers = this.previousKernel.end.nullifiers.filter(n => !n.contractAddress.isZero()).length;
+    const numNullifiers = this.previousKernel.end.nullifiers
+      .getActiveItems()
+      .filter(n => !n.contractAddress.isZero()).length;
     const numToSilo = Math.max(0, numNullifiers - this.numTransientData);
     // Include the first nullifier if there's something to silo.
     // The reset circuit checks that capped_size must be greater than or equal to all non-empty nullifiers.
@@ -470,13 +470,15 @@ export class PrivateKernelResetPrivateInputsBuilder {
     }
 
     const privateLogs = this.previousKernel.end.privateLogs;
-    const numLogs = privateLogs.filter(l => !l.contractAddress.isZero()).length;
+    const numLogs = privateLogs.getActiveItems().filter(l => !l.contractAddress.isZero()).length;
 
     const noteHashes = this.previousKernel.end.noteHashes;
-    const squashedNoteHashCounters = this.transientDataIndexHints
-      .filter(h => h.noteHashIndex < noteHashes.length)
-      .map(h => noteHashes[h.noteHashIndex].counter);
-    const numSquashedLogs = privateLogs.filter(l => squashedNoteHashCounters.includes(l.inner.noteHashCounter)).length;
+    const squashedNoteHashCounters = this.transientDataSquashingHints
+      .filter(h => h.noteHashIndex < noteHashes.claimedLength)
+      .map(h => noteHashes.array[h.noteHashIndex].counter);
+    const numSquashedLogs = privateLogs
+      .getActiveItems()
+      .filter(l => squashedNoteHashCounters.includes(l.inner.noteHashCounter)).length;
 
     const numToSilo = numLogs - numSquashedLogs;
     this.requestedDimensions.PRIVATE_LOG_SILOING = numToSilo;

package/src/private_kernel/hints/compute_tx_include_by_timestamp.ts

@@ -0,0 +1,58 @@
+import { MAX_INCLUDE_BY_TIMESTAMP_DURATION } from '@aztec/constants';
+import type { PrivateKernelCircuitPublicInputs } from '@aztec/stdlib/kernel';
+import type { UInt64 } from '@aztec/stdlib/types';
+
+const ROUNDED_DURATIONS = [
+  3600, // 1 hour
+  1800, // 30 mins
+  1, // 1 second
+];
+
+function roundTimestamp(blockTimestamp: bigint, includeByTimestamp: bigint): UInt64 {
+  return ROUNDED_DURATIONS.reduce((timestamp, duration) => {
+    if (timestamp <= blockTimestamp) {
+      // The timestamp must be greater than the block timestamp.
+      // If it is too small, round it down again using a smaller duration.
+      const totalDuration = includeByTimestamp - blockTimestamp;
+      const roundedDuration = totalDuration - (totalDuration % BigInt(duration));
+      return blockTimestamp + roundedDuration;
+    }
+    return timestamp;
+  }, 0n);
+}
+
+export function computeTxIncludeByTimestamp(
+  previousKernel: PrivateKernelCircuitPublicInputs,
+  maxDuration = MAX_INCLUDE_BY_TIMESTAMP_DURATION,
+): UInt64 {
+  if (maxDuration > MAX_INCLUDE_BY_TIMESTAMP_DURATION) {
+    throw new Error(
+      `Custom max duration cannot be greater than the max allowed. Max allowed: ${MAX_INCLUDE_BY_TIMESTAMP_DURATION}. Custom value: ${maxDuration}.`,
+    );
+  }
+
+  const blockTimestamp = previousKernel.constants.historicalHeader.globalVariables.timestamp;
+  const maxTimestamp = blockTimestamp + BigInt(maxDuration);
+  const includeByTimestamp = previousKernel.includeByTimestamp;
+
+  // If the includeByTimestamp set during the tx execution is greater than or equal to the max allowed duration,
+  // use the maximum allowed timestamp.
+  // Note: It shouldn't be larger than the max allowed duration, but we check for it anyway.
+  if (includeByTimestamp >= maxTimestamp) {
+    return maxTimestamp;
+  }
+
+  // Round it down to the nearest hour/min/second to reduce precision and avoid revealing the exact value.
+  // This makes it harder for others to infer what function calls may have been used to produce a specific timestamp.
+  const roundedTimestamp = roundTimestamp(blockTimestamp, includeByTimestamp);
+
+  // The tx can't be published if the timestamp is the same or less than the historical block's timestamp.
+  // Future blocks will have a greater timestamp, so the tx would never be included.
+  if (roundedTimestamp <= blockTimestamp) {
+    throw new Error(
+      `Include-by timestamp must be greater than the historical block timestamp. Block timestamp: ${blockTimestamp}. Include-by timestamp: ${includeByTimestamp}.`,
+    );
+  }
+
+  return roundedTimestamp;
+}

package/src/private_kernel/hints/index.ts

@@ -1 +1,2 @@
 export * from './build_private_kernel_reset_private_inputs.js';
+export * from './compute_tx_include_by_timestamp.js';

package/src/private_kernel/private_kernel_execution_prover.ts

@@ -50,7 +50,7 @@ export interface PrivateKernelExecutionProverConfig {
 }
 
 /**
- * The PrivateKernelSequencer class is responsible for taking a transaction request and sequencing the
+ * The PrivateKernelExecutionProver class is responsible for taking a transaction request and sequencing the
  * the execution of the private functions within, sequenced with private kernel "glue" to check protocol rules.
  * The result can be a client IVC proof of the private transaction portion, or just a simulation that can e.g.
  * inform state tree updates.
@@ -91,6 +91,8 @@ export class PrivateKernelExecutionProver {
 
     const isPrivateOnlyTx = executionResult.publicFunctionCalldata.length === 0;
 
+    // Initialise an executionStack, beginning with the PrivateCallExecutionResult
+    // of the entrypoint function of the tx.
     const executionStack = [executionResult.entrypoint];
     let firstIteration = true;
 
@@ -138,7 +140,7 @@ export class PrivateKernelExecutionProver {
 
       const currentExecution = executionStack.pop()!;
 
-      executionStack.push(...[...currentExecution.nestedExecutions].reverse());
+      executionStack.push(...[...currentExecution.nestedExecutionResults].reverse());
 
       const functionName = await this.oracle.getDebugFunctionName(
         currentExecution.publicInputs.callContext.contractAddress,
@@ -270,9 +272,24 @@ export class PrivateKernelExecutionProver {
       `Calling private kernel tail with hwm ${previousKernelData.publicInputs.minRevertibleSideEffectCounter}`,
     );
 
-    // TODO: Enable padding when we have a better what are the final amounts we should pad to.
+    // TODO: Enable padding once we better understand the final amounts to pad to.
     const paddedSideEffectAmounts = PaddedSideEffectAmounts.empty();
-    const privateInputs = new PrivateKernelTailCircuitPrivateInputs(previousKernelData, paddedSideEffectAmounts);
+
+    // Use the aggregated includeByTimestamp set throughout the tx execution.
+    // TODO: Call `computeTxIncludeByTimestamp` to round the value down and reduce precision, improving privacy.
+    const includeByTimestampUpperBound = previousKernelData.publicInputs.includeByTimestamp;
+    const blockTimestamp = previousKernelData.publicInputs.constants.historicalHeader.globalVariables.timestamp;
+    if (includeByTimestampUpperBound <= blockTimestamp) {
+      throw new Error(
+        `Include-by timestamp must be greater than the historical block timestamp. Block timestamp: ${blockTimestamp}. Include-by timestamp: ${includeByTimestampUpperBound}.`,
+      );
+    }
+
+    const privateInputs = new PrivateKernelTailCircuitPrivateInputs(
+      previousKernelData,
+      paddedSideEffectAmounts,
+      includeByTimestampUpperBound,
+    );
 
     pushTestData('private-kernel-inputs-ordering', privateInputs);
 

package/src/private_kernel/private_kernel_oracle.ts

@@ -66,6 +66,6 @@ export interface PrivateKernelOracle {
   getDebugFunctionName(contractAddress: AztecAddress, selector: FunctionSelector): Promise<string | undefined>;
 
   /** Returns a membership witness and leaf index to our public data indexed merkle tree,
-   * along with an associated SharedMutable containing the class ID to update. */
+   * along with an associated DelayedPublicMutable containing the class ID to update. */
   getUpdatedClassIdHints(contractAddress: AztecAddress): Promise<UpdatedClassIdHints>;
 }

package/src/private_kernel/private_kernel_oracle_impl.ts

@@ -10,10 +10,10 @@ import type { FunctionSelector } from '@aztec/stdlib/abi';
 import type { AztecAddress } from '@aztec/stdlib/aztec-address';
 import type { L2BlockNumber } from '@aztec/stdlib/block';
 import { computeContractClassIdPreimage, computeSaltedInitializationHash } from '@aztec/stdlib/contract';
+import { DelayedPublicMutableValues, DelayedPublicMutableValuesWithHash } from '@aztec/stdlib/delayed-public-mutable';
 import { computePublicDataTreeLeafSlot } from '@aztec/stdlib/hash';
 import type { AztecNode } from '@aztec/stdlib/interfaces/client';
 import { UpdatedClassIdHints } from '@aztec/stdlib/kernel';
-import { SharedMutableValues, SharedMutableValuesWithHash } from '@aztec/stdlib/shared-mutable';
 import type { NullifierMembershipWitness } from '@aztec/stdlib/trees';
 import type { VerificationKeyAsFields } from '@aztec/stdlib/vks';
 
@@ -22,10 +22,10 @@ import type { PrivateKernelOracle } from './private_kernel_oracle.js';
 
 // TODO: Block number should not be "latest".
 // It should be fixed at the time the proof is being simulated. I.e., it should be the same as the value defined in the constant data.
+
 /**
  * A data oracle that provides information needed for simulating a transaction.
  */
-
 export class PrivateKernelOracleImpl implements PrivateKernelOracle {
   constructor(
     private contractDataProvider: ContractDataProvider,
@@ -99,12 +99,12 @@ export class PrivateKernelOracleImpl implements PrivateKernelOracle {
   }
 
   public async getUpdatedClassIdHints(contractAddress: AztecAddress): Promise<UpdatedClassIdHints> {
-    const { sharedMutableSlot, sharedMutableHashSlot } =
-      await SharedMutableValuesWithHash.getContractUpdateSlots(contractAddress);
+    const { delayedPublicMutableSlot, delayedPublicMutableHashSlot } =
+      await DelayedPublicMutableValuesWithHash.getContractUpdateSlots(contractAddress);
 
     const hashLeafSlot = await computePublicDataTreeLeafSlot(
-      ProtocolContractAddress.ContractInstanceDeployer,
-      sharedMutableHashSlot,
+      ProtocolContractAddress.ContractInstanceRegistry,
+      delayedPublicMutableHashSlot,
     );
     const updatedClassIdWitness = await this.node.getPublicDataWitness(this.blockNumber, hashLeafSlot);
 
@@ -113,8 +113,11 @@ export class PrivateKernelOracleImpl implements PrivateKernelOracle {
     }
 
     const readStorage = (storageSlot: Fr) =>
-      this.node.getPublicStorageAt(this.blockNumber, ProtocolContractAddress.ContractInstanceDeployer, storageSlot);
-    const sharedMutableValues = await SharedMutableValues.readFromTree(sharedMutableSlot, readStorage);
+      this.node.getPublicStorageAt(this.blockNumber, ProtocolContractAddress.ContractInstanceRegistry, storageSlot);
+    const delayedPublicMutableValues = await DelayedPublicMutableValues.readFromTree(
+      delayedPublicMutableSlot,
+      readStorage,
+    );
 
     return new UpdatedClassIdHints(
       new MembershipWitness(
@@ -123,7 +126,7 @@ export class PrivateKernelOracleImpl implements PrivateKernelOracle {
         updatedClassIdWitness.siblingPath.toTuple(),
       ),
       updatedClassIdWitness.leafPreimage,
-      sharedMutableValues,
+      delayedPublicMutableValues,
     );
   }
 }

package/src/pxe_service/error_enriching.ts

@@ -19,6 +19,7 @@ export async function enrichSimulationError(
   // Maps contract addresses to the set of function selectors that were in error.
   // Map and Set do reference equality for their keys instead of value equality, so we store the string
   // representation to get e.g. different contract address objects with the same address value to match.
+  // eslint-disable-next-line aztec-custom/no-non-primitive-in-collections
   const mentionedFunctions: Map<string, Set<FunctionSelector>> = new Map();
 
   err.getCallStack().forEach(({ contractAddress, functionSelector }) => {