@aztec/pxe 5.0.0-rc.1 → 5.0.0-rc.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dest/block_synchronizer/block_stream_source.d.ts +5 -5
- package/dest/block_synchronizer/block_stream_source.d.ts.map +1 -1
- package/dest/block_synchronizer/block_stream_source.js +4 -29
- package/dest/block_synchronizer/block_synchronizer.d.ts +13 -11
- package/dest/block_synchronizer/block_synchronizer.d.ts.map +1 -1
- package/dest/block_synchronizer/block_synchronizer.js +43 -15
- package/dest/config/index.d.ts +2 -1
- package/dest/config/index.d.ts.map +1 -1
- package/dest/config/index.js +1 -0
- package/dest/contract_function_simulator/contract_function_simulator.d.ts +11 -16
- package/dest/contract_function_simulator/contract_function_simulator.d.ts.map +1 -1
- package/dest/contract_function_simulator/contract_function_simulator.js +22 -18
- package/dest/contract_function_simulator/index.d.ts +15 -9
- package/dest/contract_function_simulator/index.d.ts.map +1 -1
- package/dest/contract_function_simulator/index.js +3 -7
- package/dest/contract_function_simulator/noir-structs/bounded_vec.d.ts +8 -27
- package/dest/contract_function_simulator/noir-structs/bounded_vec.d.ts.map +1 -1
- package/dest/contract_function_simulator/noir-structs/bounded_vec.js +8 -23
- package/dest/contract_function_simulator/noir-structs/contract_class_log_data.d.ts +9 -0
- package/dest/contract_function_simulator/noir-structs/contract_class_log_data.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/contract_class_log_data.js +1 -0
- package/dest/contract_function_simulator/noir-structs/embedded_curve_point.d.ts +7 -0
- package/dest/contract_function_simulator/noir-structs/embedded_curve_point.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/embedded_curve_point.js +1 -0
- package/dest/contract_function_simulator/noir-structs/event_validation_request.js +1 -1
- package/dest/contract_function_simulator/noir-structs/fact.d.ts +16 -0
- package/dest/contract_function_simulator/noir-structs/fact.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/fact.js +6 -0
- package/dest/contract_function_simulator/noir-structs/fact_collection.d.ts +27 -0
- package/dest/contract_function_simulator/noir-structs/fact_collection.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/fact_collection.js +29 -0
- package/dest/contract_function_simulator/noir-structs/log_retrieval_request.d.ts +11 -12
- package/dest/contract_function_simulator/noir-structs/log_retrieval_request.d.ts.map +1 -1
- package/dest/contract_function_simulator/noir-structs/log_retrieval_request.js +6 -49
- package/dest/contract_function_simulator/noir-structs/log_retrieval_response.d.ts +4 -8
- package/dest/contract_function_simulator/noir-structs/log_retrieval_response.d.ts.map +1 -1
- package/dest/contract_function_simulator/noir-structs/log_retrieval_response.js +1 -60
- package/dest/contract_function_simulator/noir-structs/note_validation_request.js +2 -2
- package/dest/contract_function_simulator/noir-structs/option.d.ts +9 -11
- package/dest/contract_function_simulator/noir-structs/option.d.ts.map +1 -1
- package/dest/contract_function_simulator/noir-structs/option.js +18 -13
- package/dest/contract_function_simulator/noir-structs/origin_block.d.ts +11 -0
- package/dest/contract_function_simulator/noir-structs/origin_block.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/origin_block.js +5 -0
- package/dest/contract_function_simulator/noir-structs/provided_secret.d.ts +5 -8
- package/dest/contract_function_simulator/noir-structs/provided_secret.d.ts.map +1 -1
- package/dest/contract_function_simulator/noir-structs/provided_secret.js +1 -14
- package/dest/contract_function_simulator/noir-structs/resolved_tagging_strategy.d.ts +21 -0
- package/dest/contract_function_simulator/noir-structs/resolved_tagging_strategy.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/resolved_tagging_strategy.js +33 -0
- package/dest/contract_function_simulator/noir-structs/resolved_tx.d.ts +21 -0
- package/dest/contract_function_simulator/noir-structs/resolved_tx.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/resolved_tx.js +50 -0
- package/dest/contract_function_simulator/noir-structs/tx_effect_data.d.ts +14 -0
- package/dest/contract_function_simulator/noir-structs/tx_effect_data.d.ts.map +1 -0
- package/dest/contract_function_simulator/noir-structs/tx_effect_data.js +5 -0
- package/dest/contract_function_simulator/noir-structs/utility_context.d.ts +6 -11
- package/dest/contract_function_simulator/noir-structs/utility_context.d.ts.map +1 -1
- package/dest/contract_function_simulator/noir-structs/utility_context.js +1 -20
- package/dest/contract_function_simulator/oracle/message_load_oracle_inputs.d.ts +3 -14
- package/dest/contract_function_simulator/oracle/message_load_oracle_inputs.d.ts.map +1 -1
- package/dest/contract_function_simulator/oracle/message_load_oracle_inputs.js +1 -24
- package/dest/contract_function_simulator/oracle/oracle_registry.d.ts +81 -6
- package/dest/contract_function_simulator/oracle/oracle_registry.d.ts.map +1 -1
- package/dest/contract_function_simulator/oracle/oracle_registry.js +128 -9
- package/dest/contract_function_simulator/oracle/oracle_type_mappings.d.ts +80 -36
- package/dest/contract_function_simulator/oracle/oracle_type_mappings.d.ts.map +1 -1
- package/dest/contract_function_simulator/oracle/oracle_type_mappings.js +926 -264
- package/dest/contract_function_simulator/oracle/private_execution_oracle.d.ts +13 -8
- package/dest/contract_function_simulator/oracle/private_execution_oracle.d.ts.map +1 -1
- package/dest/contract_function_simulator/oracle/private_execution_oracle.js +80 -11
- package/dest/contract_function_simulator/oracle/utility_execution_oracle.d.ts +46 -20
- package/dest/contract_function_simulator/oracle/utility_execution_oracle.d.ts.map +1 -1
- package/dest/contract_function_simulator/oracle/utility_execution_oracle.js +119 -55
- package/dest/contract_sync/helpers.d.ts +7 -6
- package/dest/contract_sync/helpers.d.ts.map +1 -1
- package/dest/contract_sync/helpers.js +11 -16
- package/dest/entrypoints/client/bundle/utils.d.ts +1 -1
- package/dest/entrypoints/client/bundle/utils.d.ts.map +1 -1
- package/dest/entrypoints/client/bundle/utils.js +1 -0
- package/dest/entrypoints/client/lazy/utils.d.ts +1 -1
- package/dest/entrypoints/client/lazy/utils.d.ts.map +1 -1
- package/dest/entrypoints/client/lazy/utils.js +1 -0
- package/dest/entrypoints/pxe_creation_options.d.ts +8 -2
- package/dest/entrypoints/pxe_creation_options.d.ts.map +1 -1
- package/dest/entrypoints/server/index.d.ts +1 -2
- package/dest/entrypoints/server/index.d.ts.map +1 -1
- package/dest/entrypoints/server/index.js +0 -1
- package/dest/entrypoints/server/utils.d.ts +1 -1
- package/dest/entrypoints/server/utils.d.ts.map +1 -1
- package/dest/entrypoints/server/utils.js +3 -1
- package/dest/error_enriching.js +1 -1
- package/dest/hooks/execution_hooks.d.ts +16 -7
- package/dest/hooks/execution_hooks.d.ts.map +1 -1
- package/dest/hooks/execution_hooks.js +3 -3
- package/dest/hooks/index.d.ts +3 -3
- package/dest/hooks/index.d.ts.map +1 -1
- package/dest/hooks/resolve_tagging_secret_strategy.d.ts +41 -0
- package/dest/hooks/resolve_tagging_secret_strategy.d.ts.map +1 -0
- package/dest/hooks/resolve_tagging_secret_strategy.js +3 -0
- package/dest/logs/log_service.d.ts +6 -6
- package/dest/logs/log_service.d.ts.map +1 -1
- package/dest/logs/log_service.js +62 -28
- package/dest/messages/tx_resolver_service.d.ts +17 -0
- package/dest/messages/tx_resolver_service.d.ts.map +1 -0
- package/dest/messages/{message_context_service.js → tx_resolver_service.js} +8 -8
- package/dest/oracle_version.d.ts +2 -2
- package/dest/oracle_version.js +2 -2
- package/dest/private_kernel/hints/test_utils.js +1 -1
- package/dest/pxe.d.ts +46 -19
- package/dest/pxe.d.ts.map +1 -1
- package/dest/pxe.js +104 -52
- package/dest/storage/allowed_scopes.d.ts +6 -0
- package/dest/storage/allowed_scopes.d.ts.map +1 -0
- package/dest/storage/allowed_scopes.js +7 -0
- package/dest/storage/backwards_compatibility_tests/schema_tests.d.ts +1 -1
- package/dest/storage/backwards_compatibility_tests/schema_tests.d.ts.map +1 -1
- package/dest/storage/backwards_compatibility_tests/schema_tests.js +86 -33
- package/dest/storage/capsule_store/capsule_service.d.ts +1 -1
- package/dest/storage/capsule_store/capsule_service.d.ts.map +1 -1
- package/dest/storage/capsule_store/capsule_service.js +6 -9
- package/dest/storage/contract_store/contract_store.js +2 -2
- package/dest/storage/fact_store/fact_service.d.ts +20 -0
- package/dest/storage/fact_store/fact_service.d.ts.map +1 -0
- package/dest/storage/fact_store/fact_service.js +30 -0
- package/dest/storage/fact_store/fact_store.d.ts +95 -0
- package/dest/storage/fact_store/fact_store.d.ts.map +1 -0
- package/dest/storage/fact_store/fact_store.js +408 -0
- package/dest/storage/fact_store/fact_store_keys.d.ts +34 -0
- package/dest/storage/fact_store/fact_store_keys.d.ts.map +1 -0
- package/dest/storage/fact_store/fact_store_keys.js +50 -0
- package/dest/storage/fact_store/index.d.ts +5 -0
- package/dest/storage/fact_store/index.d.ts.map +1 -0
- package/dest/storage/fact_store/index.js +3 -0
- package/dest/storage/fact_store/stored_fact.d.ts +32 -0
- package/dest/storage/fact_store/stored_fact.d.ts.map +1 -0
- package/dest/storage/fact_store/stored_fact.js +64 -0
- package/dest/storage/index.d.ts +2 -1
- package/dest/storage/index.d.ts.map +1 -1
- package/dest/storage/index.js +1 -0
- package/dest/storage/metadata.d.ts +1 -1
- package/dest/storage/metadata.js +1 -1
- package/dest/storage/open_pxe_stores.d.ts +5 -3
- package/dest/storage/open_pxe_stores.d.ts.map +1 -1
- package/dest/storage/open_pxe_stores.js +5 -3
- package/dest/storage/tagging_store/index.d.ts +2 -2
- package/dest/storage/tagging_store/index.d.ts.map +1 -1
- package/dest/storage/tagging_store/index.js +1 -1
- package/dest/storage/tagging_store/tagging_secret_sources_store.d.ts +40 -0
- package/dest/storage/tagging_store/tagging_secret_sources_store.d.ts.map +1 -0
- package/dest/storage/tagging_store/tagging_secret_sources_store.js +92 -0
- package/package.json +17 -17
- package/src/block_synchronizer/block_stream_source.ts +6 -45
- package/src/block_synchronizer/block_synchronizer.ts +56 -23
- package/src/config/index.ts +1 -0
- package/src/contract_function_simulator/contract_function_simulator.ts +32 -31
- package/src/contract_function_simulator/index.ts +17 -8
- package/src/contract_function_simulator/noir-structs/bounded_vec.ts +12 -24
- package/src/contract_function_simulator/noir-structs/contract_class_log_data.ts +9 -0
- package/src/contract_function_simulator/noir-structs/embedded_curve_point.ts +4 -0
- package/src/contract_function_simulator/noir-structs/event_validation_request.ts +1 -1
- package/src/contract_function_simulator/noir-structs/fact.ts +13 -0
- package/src/contract_function_simulator/noir-structs/fact_collection.ts +59 -0
- package/src/contract_function_simulator/noir-structs/log_retrieval_request.ts +20 -46
- package/src/contract_function_simulator/noir-structs/log_retrieval_response.ts +7 -60
- package/src/contract_function_simulator/noir-structs/note_validation_request.ts +2 -2
- package/src/contract_function_simulator/noir-structs/option.ts +17 -11
- package/src/contract_function_simulator/noir-structs/origin_block.ts +8 -0
- package/src/contract_function_simulator/noir-structs/provided_secret.ts +3 -14
- package/src/contract_function_simulator/noir-structs/resolved_tagging_strategy.ts +45 -0
- package/src/contract_function_simulator/noir-structs/resolved_tx.ts +53 -0
- package/src/contract_function_simulator/noir-structs/tx_effect_data.ts +15 -0
- package/src/contract_function_simulator/noir-structs/utility_context.ts +5 -17
- package/src/contract_function_simulator/oracle/message_load_oracle_inputs.ts +6 -21
- package/src/contract_function_simulator/oracle/oracle_registry.ts +87 -79
- package/src/contract_function_simulator/oracle/oracle_type_mappings.ts +641 -247
- package/src/contract_function_simulator/oracle/private_execution_oracle.ts +94 -14
- package/src/contract_function_simulator/oracle/utility_execution_oracle.ts +206 -66
- package/src/contract_sync/helpers.ts +11 -18
- package/src/entrypoints/client/bundle/utils.ts +1 -0
- package/src/entrypoints/client/lazy/utils.ts +1 -0
- package/src/entrypoints/pxe_creation_options.ts +7 -1
- package/src/entrypoints/server/index.ts +0 -1
- package/src/entrypoints/server/utils.ts +3 -1
- package/src/error_enriching.ts +1 -1
- package/src/hooks/execution_hooks.ts +17 -8
- package/src/hooks/index.ts +6 -2
- package/src/hooks/resolve_tagging_secret_strategy.ts +46 -0
- package/src/logs/log_service.ts +71 -37
- package/src/messages/{message_context_service.ts → tx_resolver_service.ts} +16 -9
- package/src/oracle_version.ts +2 -2
- package/src/private_kernel/hints/test_utils.ts +1 -1
- package/src/pxe.ts +150 -54
- package/src/storage/allowed_scopes.ts +14 -0
- package/src/storage/backwards_compatibility_tests/__snapshots__/FactStore.json +40 -0
- package/src/storage/backwards_compatibility_tests/__snapshots__/L2TipsKVStore.json +1 -1
- package/src/storage/backwards_compatibility_tests/__snapshots__/TaggingSecretSourcesStore.json +30 -0
- package/src/storage/backwards_compatibility_tests/__snapshots__/opened_stores.json +21 -5
- package/src/storage/backwards_compatibility_tests/schema_tests.ts +88 -33
- package/src/storage/capsule_store/capsule_service.ts +8 -13
- package/src/storage/contract_store/contract_store.ts +2 -2
- package/src/storage/fact_store/fact_service.ts +45 -0
- package/src/storage/fact_store/fact_store.ts +487 -0
- package/src/storage/fact_store/fact_store_keys.ts +75 -0
- package/src/storage/fact_store/index.ts +4 -0
- package/src/storage/fact_store/stored_fact.ts +80 -0
- package/src/storage/index.ts +1 -0
- package/src/storage/metadata.ts +1 -1
- package/src/storage/open_pxe_stores.ts +6 -3
- package/src/storage/tagging_store/index.ts +1 -1
- package/src/storage/tagging_store/tagging_secret_sources_store.ts +117 -0
- package/dest/messages/message_context_service.d.ts +0 -17
- package/dest/messages/message_context_service.d.ts.map +0 -1
- package/dest/storage/tagging_store/sender_address_book_store.d.ts +0 -14
- package/dest/storage/tagging_store/sender_address_book_store.d.ts.map +0 -1
- package/dest/storage/tagging_store/sender_address_book_store.js +0 -36
- package/src/storage/backwards_compatibility_tests/__snapshots__/SenderAddressBookStore.json +0 -16
- package/src/storage/tagging_store/sender_address_book_store.ts +0 -48
|
@@ -1,16 +1,17 @@
|
|
|
1
1
|
import type { AuthorizeUtilityCall } from './authorize_utility_call.js';
|
|
2
|
+
import type { ResolveTaggingSecretStrategy } from './resolve_tagging_secret_strategy.js';
|
|
2
3
|
|
|
3
4
|
/**
|
|
4
|
-
* Hooks that PXE invokes during client-side simulation to gate operations that the protocol
|
|
5
|
+
* Hooks that PXE invokes during client-side simulation to gate or steer operations that the protocol
|
|
5
6
|
* does not restrict on its own. They give the wallet a chance to apply custom policies (e.g.
|
|
6
7
|
* prompting the user, consulting a dynamic allowlist, or inspecting call arguments) before the
|
|
7
|
-
* execution proceeds.
|
|
8
|
+
* execution proceeds. All hooks are optional, and when a hook is absent PXE applies a safe default.
|
|
8
9
|
*
|
|
9
10
|
* For example, {@link authorizeUtilityCall} is called whenever a utility function makes a cross-contract call. A call
|
|
10
11
|
* made by a malicious contract could leak private information, so the hook lets the wallet decide, per-call, whether
|
|
11
12
|
* to allow it. A static allowlist would not work here because neither the app nor the wallet can predict ahead of
|
|
12
13
|
* time which contracts will be invoked during execution. Calls to standard contracts (such as the HandshakeRegistry)
|
|
13
|
-
* bypass this hook and are always authorized.
|
|
14
|
+
* bypass this hook and are always authorized. When the hook is absent, cross-contract utility calls are denied.
|
|
14
15
|
*
|
|
15
16
|
* Note: hooks are unrelated to authentication witnesses (authwits). Authwits are an on-chain
|
|
16
17
|
* mechanism where a contract verifies that a caller was authorized by a specific account; hooks
|
|
@@ -27,22 +28,30 @@ import type { AuthorizeUtilityCall } from './authorize_utility_call.js';
|
|
|
27
28
|
* ? { authorized: true }
|
|
28
29
|
* : { authorized: false, reason: 'Unknown target' };
|
|
29
30
|
* },
|
|
31
|
+
* // When there's no established way to reach the recipient, fall back to a non-interactive handshake.
|
|
32
|
+
* resolveTaggingSecretStrategy: async () => ({ type: 'non-interactive-handshake' }),
|
|
30
33
|
* },
|
|
31
34
|
* });
|
|
32
35
|
* ```
|
|
33
36
|
*/
|
|
34
37
|
export interface ExecutionHooks {
|
|
35
|
-
/** Called when a contract attempts a cross-contract utility call. */
|
|
36
|
-
authorizeUtilityCall
|
|
38
|
+
/** Called when a contract attempts a cross-contract utility call. Calls are denied when absent. */
|
|
39
|
+
authorizeUtilityCall?: AuthorizeUtilityCall;
|
|
40
|
+
/**
|
|
41
|
+
* Resolves a message's tagging secret when none is already established for the sender/recipient pair, letting the
|
|
42
|
+
* wallet apply per-recipient policy. PXE applies a privacy-safe default when absent.
|
|
43
|
+
* See {@link ResolveTaggingSecretStrategy} for the request shape and defaults.
|
|
44
|
+
*/
|
|
45
|
+
resolveTaggingSecretStrategy?: ResolveTaggingSecretStrategy;
|
|
37
46
|
}
|
|
38
47
|
|
|
39
48
|
/**
|
|
40
49
|
* Builds an {@link ExecutionHooks} from individually-constructed hook callbacks. Returns `undefined`
|
|
41
50
|
* when every field is absent, so callers can unconditionally pass the result as `hooks`.
|
|
42
51
|
*/
|
|
43
|
-
export function composeHooks(
|
|
44
|
-
if (Object.values(
|
|
52
|
+
export function composeHooks(hooks: ExecutionHooks): ExecutionHooks | undefined {
|
|
53
|
+
if (Object.values(hooks).every(v => v === undefined)) {
|
|
45
54
|
return undefined;
|
|
46
55
|
}
|
|
47
|
-
return
|
|
56
|
+
return hooks;
|
|
48
57
|
}
|
package/src/hooks/index.ts
CHANGED
|
@@ -3,5 +3,9 @@ export type {
|
|
|
3
3
|
UtilityCallAuthorizationRequest,
|
|
4
4
|
UtilityCallAuthorizationResponse,
|
|
5
5
|
} from './authorize_utility_call.js';
|
|
6
|
-
export type
|
|
7
|
-
export {
|
|
6
|
+
export { type ExecutionHooks, composeHooks } from './execution_hooks.js';
|
|
7
|
+
export {
|
|
8
|
+
type ResolveTaggingSecretStrategy,
|
|
9
|
+
type TaggingSecretStrategy,
|
|
10
|
+
type TaggingSecretStrategyRequest,
|
|
11
|
+
} from './resolve_tagging_secret_strategy.js';
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
import type { Fr } from '@aztec/foundation/curves/bn254';
|
|
2
|
+
import type { Point } from '@aztec/foundation/curves/grumpkin';
|
|
3
|
+
import type { AztecAddress } from '@aztec/stdlib/aztec-address';
|
|
4
|
+
import type { AppTaggingSecretKind } from '@aztec/stdlib/logs';
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* How a message's tagging secret is chosen: the wallet's strategy, returned by the `resolveTaggingSecretStrategy` hook
|
|
8
|
+
* when no onchain handshake has been registered for the sender/recipient pair. This is intent (plus, for an arbitrary
|
|
9
|
+
* secret, the raw material); PXE resolves it into the secret it hands the contract.
|
|
10
|
+
*/
|
|
11
|
+
export type TaggingSecretStrategy =
|
|
12
|
+
| {
|
|
13
|
+
/** Establish a fresh non-interactive handshake via the onchain registry; reveals the recipient onchain. */
|
|
14
|
+
type: 'non-interactive-handshake';
|
|
15
|
+
}
|
|
16
|
+
| {
|
|
17
|
+
/** Derive the secret from the sender's and recipient's address keys via ECDH. PXE computes and silos it. */
|
|
18
|
+
type: 'address-derived';
|
|
19
|
+
}
|
|
20
|
+
| {
|
|
21
|
+
/**
|
|
22
|
+
* A raw shared secret point the two parties already share offchain (e.g. coordinated out-of-band), supplied by
|
|
23
|
+
* the wallet. PXE app-silos it before use. Only sound for unconstrained delivery, since nothing onchain proves
|
|
24
|
+
* the recipient knows it.
|
|
25
|
+
*/
|
|
26
|
+
type: 'arbitrary-secret';
|
|
27
|
+
/** The raw (un-siloed) shared secret point to derive the tag from. */
|
|
28
|
+
secret: Point;
|
|
29
|
+
};
|
|
30
|
+
|
|
31
|
+
/** Information about the message delivery requesting a tagging secret strategy. */
|
|
32
|
+
export type TaggingSecretStrategyRequest = {
|
|
33
|
+
contractAddress: AztecAddress;
|
|
34
|
+
/**
|
|
35
|
+
* The contract class ID of the executing contract, so wallets can apply class-level (not just per-address) policy.
|
|
36
|
+
*/
|
|
37
|
+
contractClassId: Fr;
|
|
38
|
+
sender: AztecAddress;
|
|
39
|
+
recipient: AztecAddress;
|
|
40
|
+
deliveryMode: AppTaggingSecretKind;
|
|
41
|
+
};
|
|
42
|
+
|
|
43
|
+
/**
|
|
44
|
+
* Hook returning the {@link TaggingSecretStrategy} for an outgoing message.
|
|
45
|
+
*/
|
|
46
|
+
export type ResolveTaggingSecretStrategy = (request: TaggingSecretStrategyRequest) => Promise<TaggingSecretStrategy>;
|
package/src/logs/log_service.ts
CHANGED
|
@@ -1,20 +1,29 @@
|
|
|
1
|
+
import { PRIVATE_LOG_CIPHERTEXT_LEN } from '@aztec/constants';
|
|
1
2
|
import type { BlockNumber } from '@aztec/foundation/branded-types';
|
|
3
|
+
import type { GrumpkinScalar, Point } from '@aztec/foundation/curves/grumpkin';
|
|
2
4
|
import { type Logger, type LoggerBindings, createLogger } from '@aztec/foundation/log';
|
|
3
5
|
import type { KeyStore } from '@aztec/key-store';
|
|
4
6
|
import { AztecAddress } from '@aztec/stdlib/aztec-address';
|
|
5
7
|
import type { BlockHash, L2TipsProvider } from '@aztec/stdlib/block';
|
|
8
|
+
import type { CompleteAddress } from '@aztec/stdlib/contract';
|
|
6
9
|
import type { AztecNode } from '@aztec/stdlib/interfaces/server';
|
|
7
|
-
import {
|
|
10
|
+
import {
|
|
11
|
+
AppTaggingSecret,
|
|
12
|
+
type LogResult,
|
|
13
|
+
type PendingTaggedLog,
|
|
14
|
+
SiloedTag,
|
|
15
|
+
computeSharedTaggingSecret,
|
|
16
|
+
} from '@aztec/stdlib/logs';
|
|
8
17
|
import type { BlockHeader } from '@aztec/stdlib/tx';
|
|
9
18
|
|
|
10
19
|
import {
|
|
11
20
|
type LogRetrievalRequest,
|
|
12
21
|
LogSource,
|
|
13
22
|
} from '../contract_function_simulator/noir-structs/log_retrieval_request.js';
|
|
14
|
-
import { LogRetrievalResponse } from '../contract_function_simulator/noir-structs/log_retrieval_response.js';
|
|
23
|
+
import type { LogRetrievalResponse } from '../contract_function_simulator/noir-structs/log_retrieval_response.js';
|
|
15
24
|
import { AddressStore } from '../storage/address_store/address_store.js';
|
|
16
25
|
import type { RecipientTaggingStore } from '../storage/tagging_store/recipient_tagging_store.js';
|
|
17
|
-
import type {
|
|
26
|
+
import type { TaggingSecretSourcesStore } from '../storage/tagging_store/tagging_secret_sources_store.js';
|
|
18
27
|
import {
|
|
19
28
|
getAllPrivateLogsByTags,
|
|
20
29
|
getAllPublicLogsByTagsFromContract,
|
|
@@ -34,7 +43,7 @@ export class LogService {
|
|
|
34
43
|
private readonly l2TipsStore: L2TipsProvider,
|
|
35
44
|
private readonly keyStore: KeyStore,
|
|
36
45
|
private readonly recipientTaggingStore: RecipientTaggingStore,
|
|
37
|
-
private readonly
|
|
46
|
+
private readonly taggingSecretSourcesStore: TaggingSecretSourcesStore,
|
|
38
47
|
private readonly addressStore: AddressStore,
|
|
39
48
|
private readonly jobId: string,
|
|
40
49
|
bindings?: LoggerBindings,
|
|
@@ -139,12 +148,14 @@ export class LogService {
|
|
|
139
148
|
): Map<RangeKey, { fromBlock?: BlockNumber; toBlock?: BlockNumber; entries: typeof entries }> {
|
|
140
149
|
const groups = new Map<RangeKey, { fromBlock?: BlockNumber; toBlock?: BlockNumber; entries: typeof entries }>();
|
|
141
150
|
for (const entry of entries) {
|
|
142
|
-
const
|
|
151
|
+
const fromBlock = entry.request.fromBlock.value;
|
|
152
|
+
const toBlock = entry.request.toBlock.value;
|
|
153
|
+
const key = rangeKey(fromBlock, toBlock);
|
|
143
154
|
const existing = groups.get(key);
|
|
144
155
|
if (existing) {
|
|
145
156
|
existing.entries.push(entry);
|
|
146
157
|
} else {
|
|
147
|
-
groups.set(key, { fromBlock
|
|
158
|
+
groups.set(key, { fromBlock, toBlock, entries: [entry] });
|
|
148
159
|
}
|
|
149
160
|
}
|
|
150
161
|
return groups;
|
|
@@ -158,12 +169,14 @@ export class LogService {
|
|
|
158
169
|
if (nullifiers.length === 0) {
|
|
159
170
|
throw new Error(`Log for tx ${log.txHash} returned no nullifiers from the node`);
|
|
160
171
|
}
|
|
161
|
-
return
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
172
|
+
return {
|
|
173
|
+
// Skip the tag, and clip to the wire cap: public logs can exceed PRIVATE_LOG_CIPHERTEXT_LEN, which is the fixed
|
|
174
|
+
// size of the oracle's BoundedVec slot. A no-op for private logs, which are already within the cap.
|
|
175
|
+
logPayload: log.logData.slice(1, 1 + PRIVATE_LOG_CIPHERTEXT_LEN),
|
|
176
|
+
txHash: log.txHash,
|
|
177
|
+
uniqueNoteHashesInTx: noteHashes,
|
|
178
|
+
firstNullifierInTx: nullifiers[0],
|
|
179
|
+
};
|
|
167
180
|
}
|
|
168
181
|
|
|
169
182
|
public async fetchTaggedLogs(
|
|
@@ -171,12 +184,20 @@ export class LogService {
|
|
|
171
184
|
recipient: AztecAddress,
|
|
172
185
|
providedSecrets: AppTaggingSecret[],
|
|
173
186
|
): Promise<PendingTaggedLog[]> {
|
|
174
|
-
this.log.verbose(
|
|
187
|
+
this.log.verbose(
|
|
188
|
+
`Fetching tagged logs for contract ${contractAddress.toString()} and recipient ${recipient.toString()}`,
|
|
189
|
+
);
|
|
175
190
|
|
|
176
191
|
const l2Tips = await this.l2TipsStore.getL2Tips();
|
|
177
|
-
|
|
178
|
-
// enumerate
|
|
179
|
-
|
|
192
|
+
|
|
193
|
+
// Secrets PXE can enumerate for this recipient (senders via ECDH + pre-shared store secrets), plus any the app
|
|
194
|
+
// supplies explicitly for secrets PXE cannot enumerate itself (e.g. handshake-derived ones). The latter arrive
|
|
195
|
+
// already computed and are searched even when the recipient's account is unknown locally, since they need no ECDH.
|
|
196
|
+
const combinedSecrets = [...(await this.#getPointDerivedSecrets(contractAddress, recipient)), ...providedSecrets];
|
|
197
|
+
|
|
198
|
+
// These sources can overlap (a sender that is also a PXE account, or a pre-shared secret that coincides with a
|
|
199
|
+
// sender-derived one), so we deduplicate the combined set.
|
|
200
|
+
const secrets = Array.from(new Map(combinedSecrets.map(secret => [secret.toString(), secret])).values());
|
|
180
201
|
|
|
181
202
|
const logs = await syncTaggedPrivateLogs(
|
|
182
203
|
secrets,
|
|
@@ -193,44 +214,57 @@ export class LogService {
|
|
|
193
214
|
if (nullifiers.length === 0) {
|
|
194
215
|
throw new Error(`Log for tx ${log.txHash} returned no nullifiers from the node`);
|
|
195
216
|
}
|
|
196
|
-
return
|
|
217
|
+
return {
|
|
218
|
+
log: log.logData,
|
|
219
|
+
context: { txHash: log.txHash, uniqueNoteHashesInTx: noteHashes, firstNullifierInTx: nullifiers[0] },
|
|
220
|
+
};
|
|
197
221
|
});
|
|
198
222
|
}
|
|
199
223
|
|
|
200
|
-
|
|
224
|
+
/**
|
|
225
|
+
* Computes the tagging secrets PXE can enumerate for a recipient: one per known sender (via ECDH) plus any
|
|
226
|
+
* pre-shared secret points registered directly for the recipient, each siloed to `contractAddress` and directed to
|
|
227
|
+
* `recipient`. These require knowing the recipient's address preimage and keys, so returns an empty array when those
|
|
228
|
+
* are unavailable. App-supplied secrets (e.g. handshake-derived) are handled separately by the caller and do not go
|
|
229
|
+
* through here.
|
|
230
|
+
*/
|
|
231
|
+
async #getPointDerivedSecrets(contractAddress: AztecAddress, recipient: AztecAddress): Promise<AppTaggingSecret[]> {
|
|
201
232
|
const recipientCompleteAddress = await this.addressStore.getCompleteAddress(recipient);
|
|
202
|
-
if (!recipientCompleteAddress) {
|
|
233
|
+
if (!recipientCompleteAddress || !(await this.keyStore.hasAccount(recipient))) {
|
|
234
|
+
this.log.warn(
|
|
235
|
+
`Skipping sender-derived tag retrieval for ${recipient.toString()} due to unknown address preimage`,
|
|
236
|
+
);
|
|
203
237
|
return [];
|
|
204
238
|
}
|
|
205
239
|
const recipientIvsk = await this.keyStore.getMasterIncomingViewingSecretKey(recipient);
|
|
206
240
|
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
241
|
+
const points = [
|
|
242
|
+
...(await this.#getSecretsForSenders(recipientCompleteAddress, recipientIvsk)),
|
|
243
|
+
...(await this.taggingSecretSourcesStore.getSharedSecretsForRecipient(recipient)),
|
|
244
|
+
];
|
|
245
|
+
return Promise.all(points.map(secret => AppTaggingSecret.compute(secret, contractAddress, recipient)));
|
|
246
|
+
}
|
|
210
247
|
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
248
|
+
async #getSecretsForSenders(
|
|
249
|
+
recipientCompleteAddress: CompleteAddress,
|
|
250
|
+
recipientIvsk: GrumpkinScalar,
|
|
251
|
+
): Promise<Point[]> {
|
|
252
|
+
// We implicitly add all PXE accounts as senders, this helps us decrypt tags on notes that we send to ourselves
|
|
253
|
+
// (recipient = us, sender = us).
|
|
254
|
+
const allSenders = [...(await this.taggingSecretSourcesStore.getSenders()), ...(await this.keyStore.getAccounts())];
|
|
215
255
|
|
|
216
256
|
return Promise.all(
|
|
217
|
-
|
|
218
|
-
const
|
|
219
|
-
recipientCompleteAddress,
|
|
220
|
-
recipientIvsk,
|
|
221
|
-
sender,
|
|
222
|
-
contractAddress,
|
|
223
|
-
recipient,
|
|
224
|
-
);
|
|
257
|
+
allSenders.map(async sender => {
|
|
258
|
+
const taggingSecretPoint = await computeSharedTaggingSecret(recipientCompleteAddress, recipientIvsk, sender);
|
|
225
259
|
|
|
226
|
-
if (!
|
|
227
|
-
// Note that all senders originate from either the
|
|
260
|
+
if (!taggingSecretPoint) {
|
|
261
|
+
// Note that all senders originate from either the TaggingSecretSourcesStore or the KeyStore.
|
|
228
262
|
throw new Error(
|
|
229
263
|
`Failed to compute a tagging secret for sender ${sender} - this implies this is an invalid address, which should not happen as they have been previously registered in PXE.`,
|
|
230
264
|
);
|
|
231
265
|
}
|
|
232
266
|
|
|
233
|
-
return
|
|
267
|
+
return taggingSecretPoint;
|
|
234
268
|
}),
|
|
235
269
|
);
|
|
236
270
|
}
|
|
@@ -1,21 +1,22 @@
|
|
|
1
1
|
import { uniqueBy } from '@aztec/foundation/collection';
|
|
2
2
|
import { Fr } from '@aztec/foundation/curves/bn254';
|
|
3
3
|
import type { AztecNode } from '@aztec/stdlib/interfaces/server';
|
|
4
|
-
import { MessageContext } from '@aztec/stdlib/logs';
|
|
5
4
|
import { type IndexedTxEffect, TxHash } from '@aztec/stdlib/tx';
|
|
6
5
|
|
|
7
|
-
|
|
8
|
-
|
|
6
|
+
import { ResolvedTx } from '../contract_function_simulator/noir-structs/resolved_tx.js';
|
|
7
|
+
|
|
8
|
+
/** Resolves transaction hashes into their on-chain context (note hashes, first nullifier, and mined block). */
|
|
9
|
+
export class TxResolverService {
|
|
9
10
|
constructor(private readonly aztecNode: AztecNode) {}
|
|
10
11
|
|
|
11
12
|
/**
|
|
12
|
-
* Resolves a list of tx hashes into their
|
|
13
|
+
* Resolves a list of tx hashes into their on-chain context.
|
|
13
14
|
*
|
|
14
|
-
* For each tx hash, looks up the corresponding tx effect and extracts the note hashes
|
|
15
|
-
*
|
|
16
|
-
*
|
|
15
|
+
* For each tx hash, looks up the corresponding tx effect and extracts the note hashes, first nullifier, and the
|
|
16
|
+
* number and hash of the block it was mined in. Returns `null` for tx hashes that are zero, not yet available, or in
|
|
17
|
+
* blocks beyond the anchor block.
|
|
17
18
|
*/
|
|
18
|
-
async
|
|
19
|
+
async resolveTxs(txHashes: Fr[], anchorBlockNumber: number): Promise<(ResolvedTx | null)[]> {
|
|
19
20
|
const nonZeroTxHashes = txHashes.filter(h => !h.isZero()).map(h => TxHash.fromField(h));
|
|
20
21
|
const uniqueTxHashes = uniqueBy(nonZeroTxHashes, h => h.toString());
|
|
21
22
|
const fetched = await Promise.all(
|
|
@@ -56,7 +57,13 @@ export class MessageContextService {
|
|
|
56
57
|
throw new Error(`Tx effect for ${txHash} has no nullifiers`);
|
|
57
58
|
}
|
|
58
59
|
|
|
59
|
-
return new
|
|
60
|
+
return new ResolvedTx(
|
|
61
|
+
data.txHash,
|
|
62
|
+
data.noteHashes,
|
|
63
|
+
data.nullifiers[0],
|
|
64
|
+
txEffect.l2BlockNumber,
|
|
65
|
+
txEffect.l2BlockHash.toFr(),
|
|
66
|
+
);
|
|
60
67
|
});
|
|
61
68
|
}
|
|
62
69
|
}
|
package/src/oracle_version.ts
CHANGED
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
/// used to provide helpful error messages if a contract calls an oracle that doesn't exist. We don't throw immediately
|
|
11
11
|
/// if AZTEC_NR_MINOR > PXE_MINOR because if a contract is updated to use a newer Aztec.nr dependency without actually
|
|
12
12
|
/// using any of the new oracles then there is no reason to throw.
|
|
13
|
-
export const ORACLE_VERSION_MAJOR =
|
|
13
|
+
export const ORACLE_VERSION_MAJOR = 30;
|
|
14
14
|
export const ORACLE_VERSION_MINOR = 1;
|
|
15
15
|
|
|
16
16
|
/// This hash is computed from the `ORACLE_REGISTRY` declaration (each oracle's name, ordered parameter names and
|
|
@@ -19,4 +19,4 @@ export const ORACLE_VERSION_MINOR = 1;
|
|
|
19
19
|
/// - increment only `ORACLE_VERSION_MINOR` if the change is additive (a new oracle was added).
|
|
20
20
|
///
|
|
21
21
|
/// These constants must be kept in sync between this file and `noir-projects/aztec-nr/aztec/src/oracle/version.nr`.
|
|
22
|
-
export const ORACLE_INTERFACE_HASH = '
|
|
22
|
+
export const ORACLE_INTERFACE_HASH = '2a441f29ab01b252bc74b91b07fc2514891c28bffdfa0042d80494271b75edee';
|
|
@@ -36,7 +36,7 @@ import { PrivateLog } from '@aztec/stdlib/logs';
|
|
|
36
36
|
import { PrivateCallExecutionResult } from '@aztec/stdlib/tx';
|
|
37
37
|
import { VerificationKeyData } from '@aztec/stdlib/vks';
|
|
38
38
|
|
|
39
|
-
const DEFAULT_CONTRACT_ADDRESS = AztecAddress.
|
|
39
|
+
const DEFAULT_CONTRACT_ADDRESS = AztecAddress.fromBigIntUnsafe(987654n);
|
|
40
40
|
|
|
41
41
|
/**
|
|
42
42
|
* Builds a ClaimedLengthArray from a list of items, padding to the required size.
|