@aztec/pxe 5.0.0-rc.1 → 5.0.0-rc.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (218) hide show
  1. package/dest/block_synchronizer/block_stream_source.d.ts +5 -5
  2. package/dest/block_synchronizer/block_stream_source.d.ts.map +1 -1
  3. package/dest/block_synchronizer/block_stream_source.js +4 -29
  4. package/dest/block_synchronizer/block_synchronizer.d.ts +13 -11
  5. package/dest/block_synchronizer/block_synchronizer.d.ts.map +1 -1
  6. package/dest/block_synchronizer/block_synchronizer.js +43 -15
  7. package/dest/config/index.d.ts +2 -1
  8. package/dest/config/index.d.ts.map +1 -1
  9. package/dest/config/index.js +1 -0
  10. package/dest/contract_function_simulator/contract_function_simulator.d.ts +11 -16
  11. package/dest/contract_function_simulator/contract_function_simulator.d.ts.map +1 -1
  12. package/dest/contract_function_simulator/contract_function_simulator.js +22 -18
  13. package/dest/contract_function_simulator/index.d.ts +15 -9
  14. package/dest/contract_function_simulator/index.d.ts.map +1 -1
  15. package/dest/contract_function_simulator/index.js +3 -7
  16. package/dest/contract_function_simulator/noir-structs/bounded_vec.d.ts +8 -27
  17. package/dest/contract_function_simulator/noir-structs/bounded_vec.d.ts.map +1 -1
  18. package/dest/contract_function_simulator/noir-structs/bounded_vec.js +8 -23
  19. package/dest/contract_function_simulator/noir-structs/contract_class_log_data.d.ts +9 -0
  20. package/dest/contract_function_simulator/noir-structs/contract_class_log_data.d.ts.map +1 -0
  21. package/dest/contract_function_simulator/noir-structs/contract_class_log_data.js +1 -0
  22. package/dest/contract_function_simulator/noir-structs/embedded_curve_point.d.ts +7 -0
  23. package/dest/contract_function_simulator/noir-structs/embedded_curve_point.d.ts.map +1 -0
  24. package/dest/contract_function_simulator/noir-structs/embedded_curve_point.js +1 -0
  25. package/dest/contract_function_simulator/noir-structs/event_validation_request.js +1 -1
  26. package/dest/contract_function_simulator/noir-structs/fact.d.ts +16 -0
  27. package/dest/contract_function_simulator/noir-structs/fact.d.ts.map +1 -0
  28. package/dest/contract_function_simulator/noir-structs/fact.js +6 -0
  29. package/dest/contract_function_simulator/noir-structs/fact_collection.d.ts +27 -0
  30. package/dest/contract_function_simulator/noir-structs/fact_collection.d.ts.map +1 -0
  31. package/dest/contract_function_simulator/noir-structs/fact_collection.js +29 -0
  32. package/dest/contract_function_simulator/noir-structs/log_retrieval_request.d.ts +11 -12
  33. package/dest/contract_function_simulator/noir-structs/log_retrieval_request.d.ts.map +1 -1
  34. package/dest/contract_function_simulator/noir-structs/log_retrieval_request.js +6 -49
  35. package/dest/contract_function_simulator/noir-structs/log_retrieval_response.d.ts +4 -8
  36. package/dest/contract_function_simulator/noir-structs/log_retrieval_response.d.ts.map +1 -1
  37. package/dest/contract_function_simulator/noir-structs/log_retrieval_response.js +1 -60
  38. package/dest/contract_function_simulator/noir-structs/note_validation_request.js +2 -2
  39. package/dest/contract_function_simulator/noir-structs/option.d.ts +9 -11
  40. package/dest/contract_function_simulator/noir-structs/option.d.ts.map +1 -1
  41. package/dest/contract_function_simulator/noir-structs/option.js +18 -13
  42. package/dest/contract_function_simulator/noir-structs/origin_block.d.ts +11 -0
  43. package/dest/contract_function_simulator/noir-structs/origin_block.d.ts.map +1 -0
  44. package/dest/contract_function_simulator/noir-structs/origin_block.js +5 -0
  45. package/dest/contract_function_simulator/noir-structs/provided_secret.d.ts +5 -8
  46. package/dest/contract_function_simulator/noir-structs/provided_secret.d.ts.map +1 -1
  47. package/dest/contract_function_simulator/noir-structs/provided_secret.js +1 -14
  48. package/dest/contract_function_simulator/noir-structs/resolved_tagging_strategy.d.ts +21 -0
  49. package/dest/contract_function_simulator/noir-structs/resolved_tagging_strategy.d.ts.map +1 -0
  50. package/dest/contract_function_simulator/noir-structs/resolved_tagging_strategy.js +33 -0
  51. package/dest/contract_function_simulator/noir-structs/resolved_tx.d.ts +21 -0
  52. package/dest/contract_function_simulator/noir-structs/resolved_tx.d.ts.map +1 -0
  53. package/dest/contract_function_simulator/noir-structs/resolved_tx.js +50 -0
  54. package/dest/contract_function_simulator/noir-structs/tx_effect_data.d.ts +14 -0
  55. package/dest/contract_function_simulator/noir-structs/tx_effect_data.d.ts.map +1 -0
  56. package/dest/contract_function_simulator/noir-structs/tx_effect_data.js +5 -0
  57. package/dest/contract_function_simulator/noir-structs/utility_context.d.ts +6 -11
  58. package/dest/contract_function_simulator/noir-structs/utility_context.d.ts.map +1 -1
  59. package/dest/contract_function_simulator/noir-structs/utility_context.js +1 -20
  60. package/dest/contract_function_simulator/oracle/message_load_oracle_inputs.d.ts +3 -14
  61. package/dest/contract_function_simulator/oracle/message_load_oracle_inputs.d.ts.map +1 -1
  62. package/dest/contract_function_simulator/oracle/message_load_oracle_inputs.js +1 -24
  63. package/dest/contract_function_simulator/oracle/oracle_registry.d.ts +81 -6
  64. package/dest/contract_function_simulator/oracle/oracle_registry.d.ts.map +1 -1
  65. package/dest/contract_function_simulator/oracle/oracle_registry.js +128 -9
  66. package/dest/contract_function_simulator/oracle/oracle_type_mappings.d.ts +80 -36
  67. package/dest/contract_function_simulator/oracle/oracle_type_mappings.d.ts.map +1 -1
  68. package/dest/contract_function_simulator/oracle/oracle_type_mappings.js +926 -264
  69. package/dest/contract_function_simulator/oracle/private_execution_oracle.d.ts +13 -8
  70. package/dest/contract_function_simulator/oracle/private_execution_oracle.d.ts.map +1 -1
  71. package/dest/contract_function_simulator/oracle/private_execution_oracle.js +80 -11
  72. package/dest/contract_function_simulator/oracle/utility_execution_oracle.d.ts +46 -20
  73. package/dest/contract_function_simulator/oracle/utility_execution_oracle.d.ts.map +1 -1
  74. package/dest/contract_function_simulator/oracle/utility_execution_oracle.js +119 -55
  75. package/dest/contract_sync/helpers.d.ts +7 -6
  76. package/dest/contract_sync/helpers.d.ts.map +1 -1
  77. package/dest/contract_sync/helpers.js +11 -16
  78. package/dest/entrypoints/client/bundle/utils.d.ts +1 -1
  79. package/dest/entrypoints/client/bundle/utils.d.ts.map +1 -1
  80. package/dest/entrypoints/client/bundle/utils.js +1 -0
  81. package/dest/entrypoints/client/lazy/utils.d.ts +1 -1
  82. package/dest/entrypoints/client/lazy/utils.d.ts.map +1 -1
  83. package/dest/entrypoints/client/lazy/utils.js +1 -0
  84. package/dest/entrypoints/pxe_creation_options.d.ts +8 -2
  85. package/dest/entrypoints/pxe_creation_options.d.ts.map +1 -1
  86. package/dest/entrypoints/server/index.d.ts +1 -2
  87. package/dest/entrypoints/server/index.d.ts.map +1 -1
  88. package/dest/entrypoints/server/index.js +0 -1
  89. package/dest/entrypoints/server/utils.d.ts +1 -1
  90. package/dest/entrypoints/server/utils.d.ts.map +1 -1
  91. package/dest/entrypoints/server/utils.js +3 -1
  92. package/dest/error_enriching.js +1 -1
  93. package/dest/hooks/execution_hooks.d.ts +16 -7
  94. package/dest/hooks/execution_hooks.d.ts.map +1 -1
  95. package/dest/hooks/execution_hooks.js +3 -3
  96. package/dest/hooks/index.d.ts +3 -3
  97. package/dest/hooks/index.d.ts.map +1 -1
  98. package/dest/hooks/resolve_tagging_secret_strategy.d.ts +41 -0
  99. package/dest/hooks/resolve_tagging_secret_strategy.d.ts.map +1 -0
  100. package/dest/hooks/resolve_tagging_secret_strategy.js +3 -0
  101. package/dest/logs/log_service.d.ts +6 -6
  102. package/dest/logs/log_service.d.ts.map +1 -1
  103. package/dest/logs/log_service.js +62 -28
  104. package/dest/messages/tx_resolver_service.d.ts +17 -0
  105. package/dest/messages/tx_resolver_service.d.ts.map +1 -0
  106. package/dest/messages/{message_context_service.js → tx_resolver_service.js} +8 -8
  107. package/dest/oracle_version.d.ts +2 -2
  108. package/dest/oracle_version.js +2 -2
  109. package/dest/private_kernel/hints/test_utils.js +1 -1
  110. package/dest/pxe.d.ts +46 -19
  111. package/dest/pxe.d.ts.map +1 -1
  112. package/dest/pxe.js +104 -52
  113. package/dest/storage/allowed_scopes.d.ts +6 -0
  114. package/dest/storage/allowed_scopes.d.ts.map +1 -0
  115. package/dest/storage/allowed_scopes.js +7 -0
  116. package/dest/storage/backwards_compatibility_tests/schema_tests.d.ts +1 -1
  117. package/dest/storage/backwards_compatibility_tests/schema_tests.d.ts.map +1 -1
  118. package/dest/storage/backwards_compatibility_tests/schema_tests.js +86 -33
  119. package/dest/storage/capsule_store/capsule_service.d.ts +1 -1
  120. package/dest/storage/capsule_store/capsule_service.d.ts.map +1 -1
  121. package/dest/storage/capsule_store/capsule_service.js +6 -9
  122. package/dest/storage/contract_store/contract_store.js +2 -2
  123. package/dest/storage/fact_store/fact_service.d.ts +20 -0
  124. package/dest/storage/fact_store/fact_service.d.ts.map +1 -0
  125. package/dest/storage/fact_store/fact_service.js +30 -0
  126. package/dest/storage/fact_store/fact_store.d.ts +95 -0
  127. package/dest/storage/fact_store/fact_store.d.ts.map +1 -0
  128. package/dest/storage/fact_store/fact_store.js +408 -0
  129. package/dest/storage/fact_store/fact_store_keys.d.ts +34 -0
  130. package/dest/storage/fact_store/fact_store_keys.d.ts.map +1 -0
  131. package/dest/storage/fact_store/fact_store_keys.js +50 -0
  132. package/dest/storage/fact_store/index.d.ts +5 -0
  133. package/dest/storage/fact_store/index.d.ts.map +1 -0
  134. package/dest/storage/fact_store/index.js +3 -0
  135. package/dest/storage/fact_store/stored_fact.d.ts +32 -0
  136. package/dest/storage/fact_store/stored_fact.d.ts.map +1 -0
  137. package/dest/storage/fact_store/stored_fact.js +64 -0
  138. package/dest/storage/index.d.ts +2 -1
  139. package/dest/storage/index.d.ts.map +1 -1
  140. package/dest/storage/index.js +1 -0
  141. package/dest/storage/metadata.d.ts +1 -1
  142. package/dest/storage/metadata.js +1 -1
  143. package/dest/storage/open_pxe_stores.d.ts +5 -3
  144. package/dest/storage/open_pxe_stores.d.ts.map +1 -1
  145. package/dest/storage/open_pxe_stores.js +5 -3
  146. package/dest/storage/tagging_store/index.d.ts +2 -2
  147. package/dest/storage/tagging_store/index.d.ts.map +1 -1
  148. package/dest/storage/tagging_store/index.js +1 -1
  149. package/dest/storage/tagging_store/tagging_secret_sources_store.d.ts +40 -0
  150. package/dest/storage/tagging_store/tagging_secret_sources_store.d.ts.map +1 -0
  151. package/dest/storage/tagging_store/tagging_secret_sources_store.js +92 -0
  152. package/package.json +17 -17
  153. package/src/block_synchronizer/block_stream_source.ts +6 -45
  154. package/src/block_synchronizer/block_synchronizer.ts +56 -23
  155. package/src/config/index.ts +1 -0
  156. package/src/contract_function_simulator/contract_function_simulator.ts +32 -31
  157. package/src/contract_function_simulator/index.ts +17 -8
  158. package/src/contract_function_simulator/noir-structs/bounded_vec.ts +12 -24
  159. package/src/contract_function_simulator/noir-structs/contract_class_log_data.ts +9 -0
  160. package/src/contract_function_simulator/noir-structs/embedded_curve_point.ts +4 -0
  161. package/src/contract_function_simulator/noir-structs/event_validation_request.ts +1 -1
  162. package/src/contract_function_simulator/noir-structs/fact.ts +13 -0
  163. package/src/contract_function_simulator/noir-structs/fact_collection.ts +59 -0
  164. package/src/contract_function_simulator/noir-structs/log_retrieval_request.ts +20 -46
  165. package/src/contract_function_simulator/noir-structs/log_retrieval_response.ts +7 -60
  166. package/src/contract_function_simulator/noir-structs/note_validation_request.ts +2 -2
  167. package/src/contract_function_simulator/noir-structs/option.ts +17 -11
  168. package/src/contract_function_simulator/noir-structs/origin_block.ts +8 -0
  169. package/src/contract_function_simulator/noir-structs/provided_secret.ts +3 -14
  170. package/src/contract_function_simulator/noir-structs/resolved_tagging_strategy.ts +45 -0
  171. package/src/contract_function_simulator/noir-structs/resolved_tx.ts +53 -0
  172. package/src/contract_function_simulator/noir-structs/tx_effect_data.ts +15 -0
  173. package/src/contract_function_simulator/noir-structs/utility_context.ts +5 -17
  174. package/src/contract_function_simulator/oracle/message_load_oracle_inputs.ts +6 -21
  175. package/src/contract_function_simulator/oracle/oracle_registry.ts +87 -79
  176. package/src/contract_function_simulator/oracle/oracle_type_mappings.ts +641 -247
  177. package/src/contract_function_simulator/oracle/private_execution_oracle.ts +94 -14
  178. package/src/contract_function_simulator/oracle/utility_execution_oracle.ts +206 -66
  179. package/src/contract_sync/helpers.ts +11 -18
  180. package/src/entrypoints/client/bundle/utils.ts +1 -0
  181. package/src/entrypoints/client/lazy/utils.ts +1 -0
  182. package/src/entrypoints/pxe_creation_options.ts +7 -1
  183. package/src/entrypoints/server/index.ts +0 -1
  184. package/src/entrypoints/server/utils.ts +3 -1
  185. package/src/error_enriching.ts +1 -1
  186. package/src/hooks/execution_hooks.ts +17 -8
  187. package/src/hooks/index.ts +6 -2
  188. package/src/hooks/resolve_tagging_secret_strategy.ts +46 -0
  189. package/src/logs/log_service.ts +71 -37
  190. package/src/messages/{message_context_service.ts → tx_resolver_service.ts} +16 -9
  191. package/src/oracle_version.ts +2 -2
  192. package/src/private_kernel/hints/test_utils.ts +1 -1
  193. package/src/pxe.ts +150 -54
  194. package/src/storage/allowed_scopes.ts +14 -0
  195. package/src/storage/backwards_compatibility_tests/__snapshots__/FactStore.json +40 -0
  196. package/src/storage/backwards_compatibility_tests/__snapshots__/L2TipsKVStore.json +1 -1
  197. package/src/storage/backwards_compatibility_tests/__snapshots__/TaggingSecretSourcesStore.json +30 -0
  198. package/src/storage/backwards_compatibility_tests/__snapshots__/opened_stores.json +21 -5
  199. package/src/storage/backwards_compatibility_tests/schema_tests.ts +88 -33
  200. package/src/storage/capsule_store/capsule_service.ts +8 -13
  201. package/src/storage/contract_store/contract_store.ts +2 -2
  202. package/src/storage/fact_store/fact_service.ts +45 -0
  203. package/src/storage/fact_store/fact_store.ts +487 -0
  204. package/src/storage/fact_store/fact_store_keys.ts +75 -0
  205. package/src/storage/fact_store/index.ts +4 -0
  206. package/src/storage/fact_store/stored_fact.ts +80 -0
  207. package/src/storage/index.ts +1 -0
  208. package/src/storage/metadata.ts +1 -1
  209. package/src/storage/open_pxe_stores.ts +6 -3
  210. package/src/storage/tagging_store/index.ts +1 -1
  211. package/src/storage/tagging_store/tagging_secret_sources_store.ts +117 -0
  212. package/dest/messages/message_context_service.d.ts +0 -17
  213. package/dest/messages/message_context_service.d.ts.map +0 -1
  214. package/dest/storage/tagging_store/sender_address_book_store.d.ts +0 -14
  215. package/dest/storage/tagging_store/sender_address_book_store.d.ts.map +0 -1
  216. package/dest/storage/tagging_store/sender_address_book_store.js +0 -36
  217. package/src/storage/backwards_compatibility_tests/__snapshots__/SenderAddressBookStore.json +0 -16
  218. package/src/storage/tagging_store/sender_address_book_store.ts +0 -48
@@ -1,16 +1,17 @@
1
1
  import type { AuthorizeUtilityCall } from './authorize_utility_call.js';
2
+ import type { ResolveTaggingSecretStrategy } from './resolve_tagging_secret_strategy.js';
2
3
 
3
4
  /**
4
- * Hooks that PXE invokes during client-side simulation to gate operations that the protocol
5
+ * Hooks that PXE invokes during client-side simulation to gate or steer operations that the protocol
5
6
  * does not restrict on its own. They give the wallet a chance to apply custom policies (e.g.
6
7
  * prompting the user, consulting a dynamic allowlist, or inspecting call arguments) before the
7
- * execution proceeds.
8
+ * execution proceeds. All hooks are optional, and when a hook is absent PXE applies a safe default.
8
9
  *
9
10
  * For example, {@link authorizeUtilityCall} is called whenever a utility function makes a cross-contract call. A call
10
11
  * made by a malicious contract could leak private information, so the hook lets the wallet decide, per-call, whether
11
12
  * to allow it. A static allowlist would not work here because neither the app nor the wallet can predict ahead of
12
13
  * time which contracts will be invoked during execution. Calls to standard contracts (such as the HandshakeRegistry)
13
- * bypass this hook and are always authorized.
14
+ * bypass this hook and are always authorized. When the hook is absent, cross-contract utility calls are denied.
14
15
  *
15
16
  * Note: hooks are unrelated to authentication witnesses (authwits). Authwits are an on-chain
16
17
  * mechanism where a contract verifies that a caller was authorized by a specific account; hooks
@@ -27,22 +28,30 @@ import type { AuthorizeUtilityCall } from './authorize_utility_call.js';
27
28
  * ? { authorized: true }
28
29
  * : { authorized: false, reason: 'Unknown target' };
29
30
  * },
31
+ * // When there's no established way to reach the recipient, fall back to a non-interactive handshake.
32
+ * resolveTaggingSecretStrategy: async () => ({ type: 'non-interactive-handshake' }),
30
33
  * },
31
34
  * });
32
35
  * ```
33
36
  */
34
37
  export interface ExecutionHooks {
35
- /** Called when a contract attempts a cross-contract utility call. */
36
- authorizeUtilityCall: AuthorizeUtilityCall;
38
+ /** Called when a contract attempts a cross-contract utility call. Calls are denied when absent. */
39
+ authorizeUtilityCall?: AuthorizeUtilityCall;
40
+ /**
41
+ * Resolves a message's tagging secret when none is already established for the sender/recipient pair, letting the
42
+ * wallet apply per-recipient policy. PXE applies a privacy-safe default when absent.
43
+ * See {@link ResolveTaggingSecretStrategy} for the request shape and defaults.
44
+ */
45
+ resolveTaggingSecretStrategy?: ResolveTaggingSecretStrategy;
37
46
  }
38
47
 
39
48
  /**
40
49
  * Builds an {@link ExecutionHooks} from individually-constructed hook callbacks. Returns `undefined`
41
50
  * when every field is absent, so callers can unconditionally pass the result as `hooks`.
42
51
  */
43
- export function composeHooks(partial: Partial<ExecutionHooks>): ExecutionHooks | undefined {
44
- if (Object.values(partial).every(v => v === undefined)) {
52
+ export function composeHooks(hooks: ExecutionHooks): ExecutionHooks | undefined {
53
+ if (Object.values(hooks).every(v => v === undefined)) {
45
54
  return undefined;
46
55
  }
47
- return partial as ExecutionHooks;
56
+ return hooks;
48
57
  }
@@ -3,5 +3,9 @@ export type {
3
3
  UtilityCallAuthorizationRequest,
4
4
  UtilityCallAuthorizationResponse,
5
5
  } from './authorize_utility_call.js';
6
- export type { ExecutionHooks } from './execution_hooks.js';
7
- export { composeHooks } from './execution_hooks.js';
6
+ export { type ExecutionHooks, composeHooks } from './execution_hooks.js';
7
+ export {
8
+ type ResolveTaggingSecretStrategy,
9
+ type TaggingSecretStrategy,
10
+ type TaggingSecretStrategyRequest,
11
+ } from './resolve_tagging_secret_strategy.js';
@@ -0,0 +1,46 @@
1
+ import type { Fr } from '@aztec/foundation/curves/bn254';
2
+ import type { Point } from '@aztec/foundation/curves/grumpkin';
3
+ import type { AztecAddress } from '@aztec/stdlib/aztec-address';
4
+ import type { AppTaggingSecretKind } from '@aztec/stdlib/logs';
5
+
6
+ /**
7
+ * How a message's tagging secret is chosen: the wallet's strategy, returned by the `resolveTaggingSecretStrategy` hook
8
+ * when no onchain handshake has been registered for the sender/recipient pair. This is intent (plus, for an arbitrary
9
+ * secret, the raw material); PXE resolves it into the secret it hands the contract.
10
+ */
11
+ export type TaggingSecretStrategy =
12
+ | {
13
+ /** Establish a fresh non-interactive handshake via the onchain registry; reveals the recipient onchain. */
14
+ type: 'non-interactive-handshake';
15
+ }
16
+ | {
17
+ /** Derive the secret from the sender's and recipient's address keys via ECDH. PXE computes and silos it. */
18
+ type: 'address-derived';
19
+ }
20
+ | {
21
+ /**
22
+ * A raw shared secret point the two parties already share offchain (e.g. coordinated out-of-band), supplied by
23
+ * the wallet. PXE app-silos it before use. Only sound for unconstrained delivery, since nothing onchain proves
24
+ * the recipient knows it.
25
+ */
26
+ type: 'arbitrary-secret';
27
+ /** The raw (un-siloed) shared secret point to derive the tag from. */
28
+ secret: Point;
29
+ };
30
+
31
+ /** Information about the message delivery requesting a tagging secret strategy. */
32
+ export type TaggingSecretStrategyRequest = {
33
+ contractAddress: AztecAddress;
34
+ /**
35
+ * The contract class ID of the executing contract, so wallets can apply class-level (not just per-address) policy.
36
+ */
37
+ contractClassId: Fr;
38
+ sender: AztecAddress;
39
+ recipient: AztecAddress;
40
+ deliveryMode: AppTaggingSecretKind;
41
+ };
42
+
43
+ /**
44
+ * Hook returning the {@link TaggingSecretStrategy} for an outgoing message.
45
+ */
46
+ export type ResolveTaggingSecretStrategy = (request: TaggingSecretStrategyRequest) => Promise<TaggingSecretStrategy>;
@@ -1,20 +1,29 @@
1
+ import { PRIVATE_LOG_CIPHERTEXT_LEN } from '@aztec/constants';
1
2
  import type { BlockNumber } from '@aztec/foundation/branded-types';
3
+ import type { GrumpkinScalar, Point } from '@aztec/foundation/curves/grumpkin';
2
4
  import { type Logger, type LoggerBindings, createLogger } from '@aztec/foundation/log';
3
5
  import type { KeyStore } from '@aztec/key-store';
4
6
  import { AztecAddress } from '@aztec/stdlib/aztec-address';
5
7
  import type { BlockHash, L2TipsProvider } from '@aztec/stdlib/block';
8
+ import type { CompleteAddress } from '@aztec/stdlib/contract';
6
9
  import type { AztecNode } from '@aztec/stdlib/interfaces/server';
7
- import { AppTaggingSecret, type LogResult, PendingTaggedLog, SiloedTag } from '@aztec/stdlib/logs';
10
+ import {
11
+ AppTaggingSecret,
12
+ type LogResult,
13
+ type PendingTaggedLog,
14
+ SiloedTag,
15
+ computeSharedTaggingSecret,
16
+ } from '@aztec/stdlib/logs';
8
17
  import type { BlockHeader } from '@aztec/stdlib/tx';
9
18
 
10
19
  import {
11
20
  type LogRetrievalRequest,
12
21
  LogSource,
13
22
  } from '../contract_function_simulator/noir-structs/log_retrieval_request.js';
14
- import { LogRetrievalResponse } from '../contract_function_simulator/noir-structs/log_retrieval_response.js';
23
+ import type { LogRetrievalResponse } from '../contract_function_simulator/noir-structs/log_retrieval_response.js';
15
24
  import { AddressStore } from '../storage/address_store/address_store.js';
16
25
  import type { RecipientTaggingStore } from '../storage/tagging_store/recipient_tagging_store.js';
17
- import type { SenderAddressBookStore } from '../storage/tagging_store/sender_address_book_store.js';
26
+ import type { TaggingSecretSourcesStore } from '../storage/tagging_store/tagging_secret_sources_store.js';
18
27
  import {
19
28
  getAllPrivateLogsByTags,
20
29
  getAllPublicLogsByTagsFromContract,
@@ -34,7 +43,7 @@ export class LogService {
34
43
  private readonly l2TipsStore: L2TipsProvider,
35
44
  private readonly keyStore: KeyStore,
36
45
  private readonly recipientTaggingStore: RecipientTaggingStore,
37
- private readonly senderAddressBookStore: SenderAddressBookStore,
46
+ private readonly taggingSecretSourcesStore: TaggingSecretSourcesStore,
38
47
  private readonly addressStore: AddressStore,
39
48
  private readonly jobId: string,
40
49
  bindings?: LoggerBindings,
@@ -139,12 +148,14 @@ export class LogService {
139
148
  ): Map<RangeKey, { fromBlock?: BlockNumber; toBlock?: BlockNumber; entries: typeof entries }> {
140
149
  const groups = new Map<RangeKey, { fromBlock?: BlockNumber; toBlock?: BlockNumber; entries: typeof entries }>();
141
150
  for (const entry of entries) {
142
- const key = rangeKey(entry.request.fromBlock, entry.request.toBlock);
151
+ const fromBlock = entry.request.fromBlock.value;
152
+ const toBlock = entry.request.toBlock.value;
153
+ const key = rangeKey(fromBlock, toBlock);
143
154
  const existing = groups.get(key);
144
155
  if (existing) {
145
156
  existing.entries.push(entry);
146
157
  } else {
147
- groups.set(key, { fromBlock: entry.request.fromBlock, toBlock: entry.request.toBlock, entries: [entry] });
158
+ groups.set(key, { fromBlock, toBlock, entries: [entry] });
148
159
  }
149
160
  }
150
161
  return groups;
@@ -158,12 +169,14 @@ export class LogService {
158
169
  if (nullifiers.length === 0) {
159
170
  throw new Error(`Log for tx ${log.txHash} returned no nullifiers from the node`);
160
171
  }
161
- return new LogRetrievalResponse(
162
- log.logData.slice(1), // Skip the tag
163
- log.txHash,
164
- noteHashes,
165
- nullifiers[0],
166
- );
172
+ return {
173
+ // Skip the tag, and clip to the wire cap: public logs can exceed PRIVATE_LOG_CIPHERTEXT_LEN, which is the fixed
174
+ // size of the oracle's BoundedVec slot. A no-op for private logs, which are already within the cap.
175
+ logPayload: log.logData.slice(1, 1 + PRIVATE_LOG_CIPHERTEXT_LEN),
176
+ txHash: log.txHash,
177
+ uniqueNoteHashesInTx: noteHashes,
178
+ firstNullifierInTx: nullifiers[0],
179
+ };
167
180
  }
168
181
 
169
182
  public async fetchTaggedLogs(
@@ -171,12 +184,20 @@ export class LogService {
171
184
  recipient: AztecAddress,
172
185
  providedSecrets: AppTaggingSecret[],
173
186
  ): Promise<PendingTaggedLog[]> {
174
- this.log.verbose(`Fetching tagged logs for ${contractAddress.toString()}`);
187
+ this.log.verbose(
188
+ `Fetching tagged logs for contract ${contractAddress.toString()} and recipient ${recipient.toString()}`,
189
+ );
175
190
 
176
191
  const l2Tips = await this.l2TipsStore.getL2Tips();
177
- // The secrets PXE derives or stores internally, plus any the app supplies explicitly for secrets PXE cannot
178
- // enumerate itself (e.g. handshake-derived ones).
179
- const secrets = [...(await this.#getSecretsForSenders(contractAddress, recipient)), ...providedSecrets];
192
+
193
+ // Secrets PXE can enumerate for this recipient (senders via ECDH + pre-shared store secrets), plus any the app
194
+ // supplies explicitly for secrets PXE cannot enumerate itself (e.g. handshake-derived ones). The latter arrive
195
+ // already computed and are searched even when the recipient's account is unknown locally, since they need no ECDH.
196
+ const combinedSecrets = [...(await this.#getPointDerivedSecrets(contractAddress, recipient)), ...providedSecrets];
197
+
198
+ // These sources can overlap (a sender that is also a PXE account, or a pre-shared secret that coincides with a
199
+ // sender-derived one), so we deduplicate the combined set.
200
+ const secrets = Array.from(new Map(combinedSecrets.map(secret => [secret.toString(), secret])).values());
180
201
 
181
202
  const logs = await syncTaggedPrivateLogs(
182
203
  secrets,
@@ -193,44 +214,57 @@ export class LogService {
193
214
  if (nullifiers.length === 0) {
194
215
  throw new Error(`Log for tx ${log.txHash} returned no nullifiers from the node`);
195
216
  }
196
- return new PendingTaggedLog(log.logData, log.txHash, noteHashes, nullifiers[0]);
217
+ return {
218
+ log: log.logData,
219
+ context: { txHash: log.txHash, uniqueNoteHashesInTx: noteHashes, firstNullifierInTx: nullifiers[0] },
220
+ };
197
221
  });
198
222
  }
199
223
 
200
- async #getSecretsForSenders(contractAddress: AztecAddress, recipient: AztecAddress): Promise<AppTaggingSecret[]> {
224
+ /**
225
+ * Computes the tagging secrets PXE can enumerate for a recipient: one per known sender (via ECDH) plus any
226
+ * pre-shared secret points registered directly for the recipient, each siloed to `contractAddress` and directed to
227
+ * `recipient`. These require knowing the recipient's address preimage and keys, so returns an empty array when those
228
+ * are unavailable. App-supplied secrets (e.g. handshake-derived) are handled separately by the caller and do not go
229
+ * through here.
230
+ */
231
+ async #getPointDerivedSecrets(contractAddress: AztecAddress, recipient: AztecAddress): Promise<AppTaggingSecret[]> {
201
232
  const recipientCompleteAddress = await this.addressStore.getCompleteAddress(recipient);
202
- if (!recipientCompleteAddress) {
233
+ if (!recipientCompleteAddress || !(await this.keyStore.hasAccount(recipient))) {
234
+ this.log.warn(
235
+ `Skipping sender-derived tag retrieval for ${recipient.toString()} due to unknown address preimage`,
236
+ );
203
237
  return [];
204
238
  }
205
239
  const recipientIvsk = await this.keyStore.getMasterIncomingViewingSecretKey(recipient);
206
240
 
207
- // We implicitly add all PXE accounts as senders, this helps us find tagged logs with messages that are sent to a
208
- // local account (recipient = us, sender = us)
209
- const allSenders = [...(await this.senderAddressBookStore.getSenders()), ...(await this.keyStore.getAccounts())];
241
+ const points = [
242
+ ...(await this.#getSecretsForSenders(recipientCompleteAddress, recipientIvsk)),
243
+ ...(await this.taggingSecretSourcesStore.getSharedSecretsForRecipient(recipient)),
244
+ ];
245
+ return Promise.all(points.map(secret => AppTaggingSecret.compute(secret, contractAddress, recipient)));
246
+ }
210
247
 
211
- // We deduplicate the senders by adding them to a set and then converting the set back to an array
212
- const deduplicatedSenders = Array.from(new Set(allSenders.map(sender => sender.toString()))).map(sender =>
213
- AztecAddress.fromString(sender),
214
- );
248
+ async #getSecretsForSenders(
249
+ recipientCompleteAddress: CompleteAddress,
250
+ recipientIvsk: GrumpkinScalar,
251
+ ): Promise<Point[]> {
252
+ // We implicitly add all PXE accounts as senders, this helps us decrypt tags on notes that we send to ourselves
253
+ // (recipient = us, sender = us).
254
+ const allSenders = [...(await this.taggingSecretSourcesStore.getSenders()), ...(await this.keyStore.getAccounts())];
215
255
 
216
256
  return Promise.all(
217
- deduplicatedSenders.map(async sender => {
218
- const secret = await AppTaggingSecret.computeUnconstrained(
219
- recipientCompleteAddress,
220
- recipientIvsk,
221
- sender,
222
- contractAddress,
223
- recipient,
224
- );
257
+ allSenders.map(async sender => {
258
+ const taggingSecretPoint = await computeSharedTaggingSecret(recipientCompleteAddress, recipientIvsk, sender);
225
259
 
226
- if (!secret) {
227
- // Note that all senders originate from either the SenderAddressBookStore or the KeyStore.
260
+ if (!taggingSecretPoint) {
261
+ // Note that all senders originate from either the TaggingSecretSourcesStore or the KeyStore.
228
262
  throw new Error(
229
263
  `Failed to compute a tagging secret for sender ${sender} - this implies this is an invalid address, which should not happen as they have been previously registered in PXE.`,
230
264
  );
231
265
  }
232
266
 
233
- return secret;
267
+ return taggingSecretPoint;
234
268
  }),
235
269
  );
236
270
  }
@@ -1,21 +1,22 @@
1
1
  import { uniqueBy } from '@aztec/foundation/collection';
2
2
  import { Fr } from '@aztec/foundation/curves/bn254';
3
3
  import type { AztecNode } from '@aztec/stdlib/interfaces/server';
4
- import { MessageContext } from '@aztec/stdlib/logs';
5
4
  import { type IndexedTxEffect, TxHash } from '@aztec/stdlib/tx';
6
5
 
7
- /** Resolves transaction hashes into the context needed to process messages. */
8
- export class MessageContextService {
6
+ import { ResolvedTx } from '../contract_function_simulator/noir-structs/resolved_tx.js';
7
+
8
+ /** Resolves transaction hashes into their on-chain context (note hashes, first nullifier, and mined block). */
9
+ export class TxResolverService {
9
10
  constructor(private readonly aztecNode: AztecNode) {}
10
11
 
11
12
  /**
12
- * Resolves a list of tx hashes into their message contexts.
13
+ * Resolves a list of tx hashes into their on-chain context.
13
14
  *
14
- * For each tx hash, looks up the corresponding tx effect and extracts the note hashes and first nullifier needed to
15
- * process messages that originated from that transaction. Returns `null` for tx hashes that are zero, not yet
16
- * available, or in blocks beyond the anchor block.
15
+ * For each tx hash, looks up the corresponding tx effect and extracts the note hashes, first nullifier, and the
16
+ * number and hash of the block it was mined in. Returns `null` for tx hashes that are zero, not yet available, or in
17
+ * blocks beyond the anchor block.
17
18
  */
18
- async getMessageContextsByTxHash(txHashes: Fr[], anchorBlockNumber: number): Promise<(MessageContext | null)[]> {
19
+ async resolveTxs(txHashes: Fr[], anchorBlockNumber: number): Promise<(ResolvedTx | null)[]> {
19
20
  const nonZeroTxHashes = txHashes.filter(h => !h.isZero()).map(h => TxHash.fromField(h));
20
21
  const uniqueTxHashes = uniqueBy(nonZeroTxHashes, h => h.toString());
21
22
  const fetched = await Promise.all(
@@ -56,7 +57,13 @@ export class MessageContextService {
56
57
  throw new Error(`Tx effect for ${txHash} has no nullifiers`);
57
58
  }
58
59
 
59
- return new MessageContext(data.txHash, data.noteHashes, data.nullifiers[0]);
60
+ return new ResolvedTx(
61
+ data.txHash,
62
+ data.noteHashes,
63
+ data.nullifiers[0],
64
+ txEffect.l2BlockNumber,
65
+ txEffect.l2BlockHash.toFr(),
66
+ );
60
67
  });
61
68
  }
62
69
  }
@@ -10,7 +10,7 @@
10
10
  /// used to provide helpful error messages if a contract calls an oracle that doesn't exist. We don't throw immediately
11
11
  /// if AZTEC_NR_MINOR > PXE_MINOR because if a contract is updated to use a newer Aztec.nr dependency without actually
12
12
  /// using any of the new oracles then there is no reason to throw.
13
- export const ORACLE_VERSION_MAJOR = 29;
13
+ export const ORACLE_VERSION_MAJOR = 30;
14
14
  export const ORACLE_VERSION_MINOR = 1;
15
15
 
16
16
  /// This hash is computed from the `ORACLE_REGISTRY` declaration (each oracle's name, ordered parameter names and
@@ -19,4 +19,4 @@ export const ORACLE_VERSION_MINOR = 1;
19
19
  /// - increment only `ORACLE_VERSION_MINOR` if the change is additive (a new oracle was added).
20
20
  ///
21
21
  /// These constants must be kept in sync between this file and `noir-projects/aztec-nr/aztec/src/oracle/version.nr`.
22
- export const ORACLE_INTERFACE_HASH = 'f5cd3321b32371186f30dfd11b246946fb425cadffb8e6564b897d5184e43fe9';
22
+ export const ORACLE_INTERFACE_HASH = '2a441f29ab01b252bc74b91b07fc2514891c28bffdfa0042d80494271b75edee';
@@ -36,7 +36,7 @@ import { PrivateLog } from '@aztec/stdlib/logs';
36
36
  import { PrivateCallExecutionResult } from '@aztec/stdlib/tx';
37
37
  import { VerificationKeyData } from '@aztec/stdlib/vks';
38
38
 
39
- const DEFAULT_CONTRACT_ADDRESS = AztecAddress.fromBigInt(987654n);
39
+ const DEFAULT_CONTRACT_ADDRESS = AztecAddress.fromBigIntUnsafe(987654n);
40
40
 
41
41
  /**
42
42
  * Builds a ClaimedLengthArray from a list of items, padding to the required size.