@aztec/simulator 0.56.0 → 0.58.0

package/src/avm/opcodes/misc.ts

@@ -15,10 +15,10 @@ export class DebugLog extends Instruction {
   static readonly wireFormat: OperandType[] = [
     OperandType.UINT8, // Opcode
     OperandType.UINT8, // Indirect
-    OperandType.UINT32, // message memory address
-    OperandType.UINT32, // message size
-    OperandType.UINT32, // fields memory address
-    OperandType.UINT32, // fields size address
+    OperandType.UINT16, // message memory address
+    OperandType.UINT16, // message size
+    OperandType.UINT16, // fields memory address
+    OperandType.UINT16, // fields size address
   ];
 
   constructor(
@@ -33,17 +33,15 @@ export class DebugLog extends Instruction {
 
   public async execute(context: AvmContext): Promise<void> {
     const memory = context.machineState.memory.track(this.type);
-    const [messageOffset, fieldsOffset, fieldsSizeOffset] = Addressing.fromWire(this.indirect).resolve(
-      [this.messageOffset, this.fieldsOffset, this.fieldsSizeOffset],
-      memory,
-    );
+    const operands = [this.messageOffset, this.fieldsOffset, this.fieldsSizeOffset];
+    const addressing = Addressing.fromWire(this.indirect, operands.length);
+    const [messageOffset, fieldsOffset, fieldsSizeOffset] = addressing.resolve(operands, memory);
 
     const fieldsSize = memory.get(fieldsSizeOffset).toNumber();
     memory.checkTagsRange(TypeTag.UINT8, messageOffset, this.messageSize);
     memory.checkTagsRange(TypeTag.FIELD, fieldsOffset, fieldsSize);
 
-    const memoryOperations = { reads: 1 + fieldsSize + this.messageSize, writes: 0, indirect: this.indirect };
-    context.machineState.consumeGas(this.gasCost(memoryOperations));
+    context.machineState.consumeGas(this.gasCost());
 
     const rawMessage = memory.getSlice(messageOffset, this.messageSize);
     const fields = memory.getSlice(fieldsOffset, fieldsSize);
@@ -57,7 +55,7 @@ export class DebugLog extends Instruction {
 
     DebugLog.logger.verbose(formattedStr);
 
-    memory.assert(memoryOperations);
+    memory.assert({ reads: 1 + fieldsSize + this.messageSize, addressing });
     context.machineState.incrementPc();
   }
 }

package/src/avm/opcodes/multi_scalar_mul.ts

@@ -16,10 +16,10 @@ export class MultiScalarMul extends Instruction {
   static readonly wireFormat: OperandType[] = [
     OperandType.UINT8 /* opcode */,
     OperandType.UINT8 /* indirect */,
-    OperandType.UINT32 /* points vector offset */,
-    OperandType.UINT32 /* scalars vector offset */,
-    OperandType.UINT32 /* output offset (fixed triplet) */,
-    OperandType.UINT32 /* points length offset */,
+    OperandType.UINT16 /* points vector offset */,
+    OperandType.UINT16 /* scalars vector offset */,
+    OperandType.UINT16 /* output offset (fixed triplet) */,
+    OperandType.UINT16 /* points length offset */,
   ];
 
   constructor(
@@ -35,15 +35,14 @@ export class MultiScalarMul extends Instruction {
   public async execute(context: AvmContext): Promise<void> {
     const memory = context.machineState.memory.track(this.type);
     // Resolve indirects
-    const [pointsOffset, scalarsOffset, outputOffset] = Addressing.fromWire(this.indirect).resolve(
-      [this.pointsOffset, this.scalarsOffset, this.outputOffset],
-      memory,
-    );
+    const operands = [this.pointsOffset, this.scalarsOffset, this.outputOffset, this.pointsLengthOffset];
+    const addressing = Addressing.fromWire(this.indirect, operands.length);
+    const [pointsOffset, scalarsOffset, outputOffset, pointsLengthOffset] = addressing.resolve(operands, memory);
 
     // Length of the points vector should be U32
-    memory.checkTag(TypeTag.UINT32, this.pointsLengthOffset);
+    memory.checkTag(TypeTag.UINT32, pointsLengthOffset);
     // Get the size of the unrolled (x, y , inf) points vector
-    const pointsReadLength = memory.get(this.pointsLengthOffset).toNumber();
+    const pointsReadLength = memory.get(pointsLengthOffset).toNumber();
     if (pointsReadLength % 3 !== 0) {
       throw new InstructionExecutionError(`Points vector offset should be a multiple of 3, was ${pointsReadLength}`);
     }
@@ -62,13 +61,7 @@ export class MultiScalarMul extends Instruction {
 
     // The size of the scalars vector is twice the NUMBER of points because of the scalar limb decomposition
     const scalarReadLength = numPoints * 2;
-    // Consume gas prior to performing work
-    const memoryOperations = {
-      reads: 1 + pointsReadLength + scalarReadLength /* points and scalars */,
-      writes: 3 /* output triplet */,
-      indirect: this.indirect,
-    };
-    context.machineState.consumeGas(this.gasCost({ ...memoryOperations, dynMultiplier: pointsReadLength }));
+    context.machineState.consumeGas(this.gasCost(pointsReadLength));
     // Get the unrolled scalar (lo & hi) representing the scalars
     const scalarsVector = memory.getSlice(scalarsOffset, scalarReadLength);
     memory.checkTagsRange(TypeTag.FIELD, scalarsOffset, scalarReadLength);
@@ -76,10 +69,8 @@ export class MultiScalarMul extends Instruction {
     // Now we need to reconstruct the points and scalars into something we can operate on.
     const grumpkinPoints: Point[] = [];
     for (let i = 0; i < numPoints; i++) {
-      const p: Point = new Point(pointsVector[3 * i].toFr(), pointsVector[3 * i + 1].toFr(), false);
-      // Include this later when we have a standard for representing infinity
-      // const isInf = pointsVector[i + 2].toBoolean();
-
+      const isInf = pointsVector[3 * i + 2].toNumber() === 1;
+      const p: Point = new Point(pointsVector[3 * i].toFr(), pointsVector[3 * i + 1].toFr(), isInf);
       if (!p.isOnGrumpkin()) {
         throw new InstructionExecutionError(`Point ${p.toString()} is not on the curve.`);
       }
@@ -100,15 +91,29 @@ export class MultiScalarMul extends Instruction {
     const [firstBaseScalarPair, ...rest]: Array<[Point, Fq]> = grumpkinPoints.map((p, idx) => [p, scalarFqVector[idx]]);
     // Fold the points and scalars into a single point
     // We have to ensure get the first point, since the identity element (point at infinity) isn't quite working in ts
-    const outputPoint = rest.reduce(
-      (acc, curr) => grumpkin.add(acc, grumpkin.mul(curr[0], curr[1])),
-      grumpkin.mul(firstBaseScalarPair[0], firstBaseScalarPair[1]),
-    );
+    const outputPoint = rest.reduce((acc, curr) => {
+      if (curr[1] === Fq.ZERO) {
+        // If we multiply by 0, the result will the point at infinity - so we ignore it
+        return acc;
+      } else if (curr[0].inf) {
+        // If we multiply the point at infinity by a scalar, it's still the point at infinity
+        return acc;
+      } else if (acc.inf) {
+        // If we accumulator is the point at infinity, we can just return the current point
+        return curr[0];
+      } else {
+        return grumpkin.add(acc, grumpkin.mul(curr[0], curr[1]));
+      }
+    }, grumpkin.mul(firstBaseScalarPair[0], firstBaseScalarPair[1]));
     const output = outputPoint.toFields().map(f => new Field(f));
 
     memory.setSlice(outputOffset, output);
 
-    memory.assert(memoryOperations);
+    memory.assert({
+      reads: 1 + pointsReadLength + scalarReadLength /* points and scalars */,
+      writes: 3 /* output triplet */,
+      addressing,
+    });
     context.machineState.incrementPc();
   }
 }

package/src/avm/opcodes/storage.ts

@@ -10,8 +10,8 @@ abstract class BaseStorageInstruction extends Instruction {
   public static readonly wireFormat: OperandType[] = [
     OperandType.UINT8,
     OperandType.UINT8,
-    OperandType.UINT32,
-    OperandType.UINT32,
+    OperandType.UINT16,
+    OperandType.UINT16,
   ];
 
   constructor(protected indirect: number, protected aOffset: number, protected bOffset: number) {
@@ -32,11 +32,12 @@ export class SStore extends BaseStorageInstruction {
       throw new StaticCallAlterationError();
     }
 
-    const memoryOperations = { reads: 2, indirect: this.indirect };
     const memory = context.machineState.memory.track(this.type);
-    context.machineState.consumeGas(this.gasCost({ ...memoryOperations }));
+    context.machineState.consumeGas(this.gasCost());
 
-    const [srcOffset, slotOffset] = Addressing.fromWire(this.indirect).resolve([this.aOffset, this.bOffset], memory);
+    const operands = [this.aOffset, this.bOffset];
+    const addressing = Addressing.fromWire(this.indirect, operands.length);
+    const [srcOffset, slotOffset] = addressing.resolve(operands, memory);
     memory.checkTag(TypeTag.FIELD, slotOffset);
     memory.checkTag(TypeTag.FIELD, srcOffset);
 
@@ -44,7 +45,7 @@ export class SStore extends BaseStorageInstruction {
     const value = memory.get(srcOffset).toFr();
     context.persistableState.writeStorage(context.environment.storageAddress, slot, value);
 
-    memory.assert(memoryOperations);
+    memory.assert({ reads: 2, addressing });
     context.machineState.incrementPc();
   }
 }
@@ -58,11 +59,12 @@ export class SLoad extends BaseStorageInstruction {
   }
 
   public async execute(context: AvmContext): Promise<void> {
-    const memoryOperations = { writes: 1, reads: 1, indirect: this.indirect };
     const memory = context.machineState.memory.track(this.type);
-    context.machineState.consumeGas(this.gasCost({ ...memoryOperations }));
+    context.machineState.consumeGas(this.gasCost());
 
-    const [slotOffset, dstOffset] = Addressing.fromWire(this.indirect).resolve([this.aOffset, this.bOffset], memory);
+    const operands = [this.aOffset, this.bOffset];
+    const addressing = Addressing.fromWire(this.indirect, operands.length);
+    const [slotOffset, dstOffset] = addressing.resolve(operands, memory);
     memory.checkTag(TypeTag.FIELD, slotOffset);
 
     const slot = memory.get(slotOffset).toFr();
@@ -70,6 +72,6 @@ export class SLoad extends BaseStorageInstruction {
     memory.set(dstOffset, new Field(value));
 
     context.machineState.incrementPc();
-    memory.assert(memoryOperations);
+    memory.assert({ writes: 1, reads: 1, addressing });
   }
 }

package/src/avm/serialization/bytecode_serialization.ts

@@ -1,7 +1,6 @@
 import {
   Add,
   And,
-  CMov,
   Call,
   CalldataCopy,
   Cast,
@@ -114,7 +113,6 @@ const INSTRUCTION_SET = () =>
     [Opcode.SET_FF, Set.as(Set.wireFormatFF).deserialize],
     [Opcode.MOV_8, Mov.as(Mov.wireFormat8).deserialize],
     [Opcode.MOV_16, Mov.as(Mov.wireFormat16).deserialize],
-    [CMov.opcode, Instruction.deserialize.bind(CMov)],
 
     // World State
     [SLoad.opcode, Instruction.deserialize.bind(SLoad)], // Public Storage

package/src/avm/serialization/instruction_serialization.ts

@@ -55,7 +55,6 @@ export enum Opcode {
   SET_FF,
   MOV_8,
   MOV_16,
-  CMOV,
   // World state
   SLOAD,
   SSTORE,
@@ -94,7 +93,6 @@ export enum Opcode {
 // Note that cpp code introduced an additional enum value TAG to express the instruction tag. In TS,
 // this one is parsed as UINT8.
 export enum OperandType {
-  UINT1,
   UINT8,
   UINT16,
   UINT32,
@@ -108,7 +106,6 @@ type OperandWriter = (value: any) => void;
 
 // Specifies how to read and write each operand type.
 const OPERAND_SPEC = new Map<OperandType, [number, () => OperandNativeType, OperandWriter]>([
-  [OperandType.UINT1, [1, Buffer.prototype.readUint8, Buffer.prototype.writeUint8]],
   [OperandType.UINT8, [1, Buffer.prototype.readUint8, Buffer.prototype.writeUint8]],
   [OperandType.UINT16, [2, Buffer.prototype.readUint16BE, Buffer.prototype.writeUint16BE]],
   [OperandType.UINT32, [4, Buffer.prototype.readUint32BE, Buffer.prototype.writeUint32BE]],
@@ -161,7 +158,7 @@ function writeBigInt128BE(this: Buffer, value: bigint): void {
  */
 export function deserialize(cursor: BufferCursor | Buffer, operands: OperandType[]): (number | bigint)[] {
   const argValues = [];
-  if (cursor instanceof Buffer) {
+  if (Buffer.isBuffer(cursor)) {
     cursor = new BufferCursor(cursor);
   }
 

package/src/avm/test_utils.ts

@@ -1,5 +1,4 @@
-import { Fr } from '@aztec/circuits.js';
-import { type ContractInstanceWithAddress } from '@aztec/types/contracts';
+import { type ContractInstanceWithAddress, Fr } from '@aztec/circuits.js';
 
 import { type jest } from '@jest/globals';
 import { mock } from 'jest-mock-extended';

package/src/client/client_execution_context.ts

@@ -1,50 +1,38 @@
 import {
   type AuthWitness,
   type AztecNode,
+  CountedLog,
+  CountedNoteLog,
+  CountedPublicExecutionRequest,
   EncryptedL2Log,
   EncryptedL2NoteLog,
-  Event,
-  L1EventPayload,
-  L1NotePayload,
   Note,
+  NoteAndSlot,
   type NoteStatus,
+  type PrivateExecutionResult,
   PublicExecutionRequest,
-  TaggedLog,
   type UnencryptedL2Log,
 } from '@aztec/circuit-types';
 import {
   CallContext,
   FunctionSelector,
   type Header,
-  type KeyValidationRequest,
+  PRIVATE_CONTEXT_INPUTS_LENGTH,
+  PUBLIC_DISPATCH_SELECTOR,
   PrivateContextInputs,
   type TxContext,
 } from '@aztec/circuits.js';
-import { Aes128 } from '@aztec/circuits.js/barretenberg';
 import { computeUniqueNoteHash, siloNoteHash } from '@aztec/circuits.js/hash';
-import {
-  EventSelector,
-  type FunctionAbi,
-  type FunctionArtifact,
-  type NoteSelector,
-  countArgumentsSize,
-} from '@aztec/foundation/abi';
+import { type FunctionAbi, type FunctionArtifact, type NoteSelector, countArgumentsSize } from '@aztec/foundation/abi';
 import { type AztecAddress } from '@aztec/foundation/aztec-address';
 import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto';
-import { Fr, GrumpkinScalar, type Point } from '@aztec/foundation/fields';
+import { Fr } from '@aztec/foundation/fields';
 import { applyStringFormatting, createDebugLogger } from '@aztec/foundation/log';
 
 import { type NoteData, toACVMWitness } from '../acvm/index.js';
 import { type PackedValuesCache } from '../common/packed_values_cache.js';
 import { type DBOracle } from './db_oracle.js';
 import { type ExecutionNoteCache } from './execution_note_cache.js';
-import {
-  CountedLog,
-  CountedNoteLog,
-  CountedPublicExecutionRequest,
-  type ExecutionResult,
-  type NoteAndSlot,
-} from './execution_result.js';
 import { pickNotes } from './pick_notes.js';
 import { executePrivateFunction } from './private_execution.js';
 import { ViewDataOracle } from './view_data_oracle.js';
@@ -75,7 +63,7 @@ export class ClientExecutionContext extends ViewDataOracle {
   private noteEncryptedLogs: CountedNoteLog[] = [];
   private encryptedLogs: CountedLog<EncryptedL2Log>[] = [];
   private unencryptedLogs: CountedLog<UnencryptedL2Log>[] = [];
-  private nestedExecutions: ExecutionResult[] = [];
+  private nestedExecutions: PrivateExecutionResult[] = [];
   private enqueuedPublicFunctionCalls: CountedPublicExecutionRequest[] = [];
   private publicTeardownFunctionCall: PublicExecutionRequest = PublicExecutionRequest.empty();
 
@@ -121,8 +109,12 @@ export class ClientExecutionContext extends ViewDataOracle {
       this.txContext,
       this.sideEffectCounter,
     );
+    const privateContextInputsAsFields = privateContextInputs.toFields();
+    if (privateContextInputsAsFields.length !== PRIVATE_CONTEXT_INPUTS_LENGTH) {
+      throw new Error('Invalid private context inputs size');
+    }
 
-    const fields = [...privateContextInputs.toFields(), ...args];
+    const fields = [...privateContextInputsAsFields, ...args];
     return toACVMWitness(0, fields);
   }
 
@@ -314,11 +306,7 @@ export class ClientExecutionContext extends ViewDataOracle {
       },
       counter,
     );
-    this.newNotes.push({
-      storageSlot,
-      noteTypeId,
-      note,
-    });
+    this.newNotes.push(new NoteAndSlot(note, storageSlot, noteTypeId));
   }
 
   /**
@@ -373,62 +361,6 @@ export class ClientExecutionContext extends ViewDataOracle {
     this.noteEncryptedLogs.push(encryptedLog);
   }
 
-  /**
-   * Encrypt an event
-   * @param contractAddress - The contract emitting the encrypted event.
-   * @param randomness - A value used to mask the contract address we are siloing with.
-   * @param eventTypeId - The type ID of the event (function selector).
-   * @param ovKeys - The outgoing viewing keys to use to encrypt.
-   * @param ivpkM - The master incoming viewing public key.
-   * @param recipient - The recipient of the encrypted event log.
-   * @param preimage - The event preimage.
-   */
-  public override computeEncryptedEventLog(
-    contractAddress: AztecAddress,
-    randomness: Fr,
-    eventTypeId: Fr,
-    ovKeys: KeyValidationRequest,
-    ivpkM: Point,
-    recipient: AztecAddress,
-    preimage: Fr[],
-  ) {
-    const event = new Event(preimage);
-    const l1EventPayload = new L1EventPayload(event, contractAddress, randomness, EventSelector.fromField(eventTypeId));
-    const taggedEvent = new TaggedLog(l1EventPayload);
-
-    const ephSk = GrumpkinScalar.random();
-
-    return taggedEvent.encrypt(ephSk, recipient, ivpkM, ovKeys);
-  }
-
-  /**
-   * Encrypt a note
-   * @param contractAddress - The contract address of the note.
-   * @param storageSlot - The storage slot the note is at.
-   * @param noteTypeId - The type ID of the note.
-   * @param ovKeys - The outgoing viewing keys to use to encrypt.
-   * @param ivpkM - The master incoming viewing public key.
-   * @param recipient - The recipient of the encrypted note log.
-   * @param preimage - The note preimage.
-   */
-  public override computeEncryptedNoteLog(
-    contractAddress: AztecAddress,
-    storageSlot: Fr,
-    noteTypeId: NoteSelector,
-    ovKeys: KeyValidationRequest,
-    ivpkM: Point,
-    recipient: AztecAddress,
-    preimage: Fr[],
-  ) {
-    const note = new Note(preimage);
-    const l1NotePayload = new L1NotePayload(note, contractAddress, storageSlot, noteTypeId);
-    const taggedNote = new TaggedLog(l1NotePayload);
-
-    const ephSk = GrumpkinScalar.random();
-
-    return taggedNote.encrypt(ephSk, recipient, ivpkM, ovKeys);
-  }
-
   /**
    * Emit an unencrypted log.
    * @param log - The unencrypted log to be emitted.
@@ -457,7 +389,7 @@ export class ClientExecutionContext extends ViewDataOracle {
     return Fr.fromBuffer(log.hash());
   }
 
-  #checkValidStaticCall(childExecutionResult: ExecutionResult) {
+  #checkValidStaticCall(childExecutionResult: PrivateExecutionResult) {
     if (
       childExecutionResult.callStackItem.publicInputs.noteHashes.some(item => !item.isEmpty()) ||
       childExecutionResult.callStackItem.publicInputs.nullifiers.some(item => !item.isEmpty()) ||
@@ -568,7 +500,7 @@ export class ClientExecutionContext extends ViewDataOracle {
     const args = this.packedValuesCache.unpack(argsHash);
 
     this.log.verbose(
-      `Created PublicExecutionRequest of type [${callType}], side-effect counter [${sideEffectCounter}] to ${targetContractAddress}:${functionSelector}(${targetArtifact.name})`,
+      `Created PublicExecutionRequest to ${targetArtifact.name}@${targetContractAddress}, of type [${callType}], side-effect counter [${sideEffectCounter}]`,
     );
 
     const request = PublicExecutionRequest.from({
@@ -602,16 +534,27 @@ export class ClientExecutionContext extends ViewDataOracle {
     sideEffectCounter: number,
     isStaticCall: boolean,
     isDelegateCall: boolean,
-  ) {
+  ): Promise<Fr> {
+    // TODO(https://github.com/AztecProtocol/aztec-packages/issues/8985): Fix this.
+    // WARNING: This is insecure and should be temporary!
+    // The oracle repacks the arguments and returns a new args_hash.
+    // new_args = [selector, ...old_args], so as to make it suitable to call the public dispatch function.
+    // We don't validate or compute it in the circuit because a) it's harder to do with slices, and
+    // b) this is only temporary.
+    const newArgsHash = this.packedValuesCache.pack([
+      functionSelector.toField(),
+      ...this.packedValuesCache.unpack(argsHash),
+    ]);
     await this.createPublicExecutionRequest(
       'enqueued',
       targetContractAddress,
-      functionSelector,
-      argsHash,
+      FunctionSelector.fromField(new Fr(PUBLIC_DISPATCH_SELECTOR)),
+      newArgsHash,
       sideEffectCounter,
       isStaticCall,
       isDelegateCall,
     );
+    return newArgsHash;
   }
 
   /**
@@ -632,16 +575,27 @@ export class ClientExecutionContext extends ViewDataOracle {
     sideEffectCounter: number,
     isStaticCall: boolean,
     isDelegateCall: boolean,
-  ) {
+  ): Promise<Fr> {
+    // TODO(https://github.com/AztecProtocol/aztec-packages/issues/8985): Fix this.
+    // WARNING: This is insecure and should be temporary!
+    // The oracle repacks the arguments and returns a new args_hash.
+    // new_args = [selector, ...old_args], so as to make it suitable to call the public dispatch function.
+    // We don't validate or compute it in the circuit because a) it's harder to do with slices, and
+    // b) this is only temporary.
+    const newArgsHash = this.packedValuesCache.pack([
+      functionSelector.toField(),
+      ...this.packedValuesCache.unpack(argsHash),
+    ]);
     await this.createPublicExecutionRequest(
       'teardown',
       targetContractAddress,
-      functionSelector,
-      argsHash,
+      FunctionSelector.fromField(new Fr(PUBLIC_DISPATCH_SELECTOR)),
+      newArgsHash,
       sideEffectCounter,
       isStaticCall,
       isDelegateCall,
     );
+    return newArgsHash;
   }
 
   public override notifySetMinRevertibleSideEffectCounter(minRevertibleSideEffectCounter: number): void {
@@ -698,11 +652,6 @@ export class ClientExecutionContext extends ViewDataOracle {
     return values;
   }
 
-  public override aes128Encrypt(input: Buffer, initializationVector: Buffer, key: Buffer): Buffer {
-    const aes128 = new Aes128();
-    return aes128.encryptBufferCBC(input, initializationVector, key);
-  }
-
   public override debugLog(message: string, fields: Fr[]) {
     this.log.verbose(`debug_log ${applyStringFormatting(message, fields)}`);
   }

package/src/client/db_oracle.ts

@@ -5,11 +5,15 @@ import {
   type NullifierMembershipWitness,
   type PublicDataWitness,
 } from '@aztec/circuit-types';
-import { type CompleteAddress, type Header, type KeyValidationRequest } from '@aztec/circuits.js';
+import {
+  type CompleteAddress,
+  type ContractInstance,
+  type Header,
+  type KeyValidationRequest,
+} from '@aztec/circuits.js';
 import { type FunctionArtifact, type FunctionSelector } from '@aztec/foundation/abi';
 import { type AztecAddress } from '@aztec/foundation/aztec-address';
 import { type Fr } from '@aztec/foundation/fields';
-import { type ContractInstance } from '@aztec/types/contracts';
 
 import { type NoteData } from '../acvm/index.js';
 import { type CommitmentsDB } from '../public/db_interfaces.js';

package/src/client/index.ts

@@ -1,5 +1,5 @@
 export * from './simulator.js';
 export * from './db_oracle.js';
-export * from './execution_result.js';
 export * from './pick_notes.js';
 export * from './execution_note_cache.js';
+export { extractPrivateCircuitPublicInputs } from './private_execution.js';

package/src/client/private_execution.ts

@@ -1,15 +1,22 @@
+import { PrivateExecutionResult } from '@aztec/circuit-types';
 import { type CircuitWitnessGenerationStats } from '@aztec/circuit-types/stats';
-import { Fr, FunctionData, PrivateCallStackItem, PrivateCircuitPublicInputs } from '@aztec/circuits.js';
-import type { FunctionArtifact, FunctionSelector } from '@aztec/foundation/abi';
+import {
+  Fr,
+  FunctionData,
+  PRIVATE_CIRCUIT_PUBLIC_INPUTS_LENGTH,
+  PRIVATE_CONTEXT_INPUTS_LENGTH,
+  PrivateCallStackItem,
+  PrivateCircuitPublicInputs,
+} from '@aztec/circuits.js';
+import { type FunctionArtifact, type FunctionSelector, countArgumentsSize } from '@aztec/foundation/abi';
 import { type AztecAddress } from '@aztec/foundation/aztec-address';
 import { createDebugLogger } from '@aztec/foundation/log';
 import { Timer } from '@aztec/foundation/timer';
 
-import { witnessMapToFields } from '../acvm/deserialize.js';
-import { Oracle, acvm, extractCallStack } from '../acvm/index.js';
+import { fromACVMField, witnessMapToFields } from '../acvm/deserialize.js';
+import { type ACVMWitness, Oracle, acvm, extractCallStack } from '../acvm/index.js';
 import { ExecutionError } from '../common/errors.js';
 import { type ClientExecutionContext } from './client_execution_context.js';
-import { type ExecutionResult } from './execution_result.js';
 
 /**
  * Execute a private function and return the execution result.
@@ -19,10 +26,10 @@ export async function executePrivateFunction(
   artifact: FunctionArtifact,
   contractAddress: AztecAddress,
   functionSelector: FunctionSelector,
-  log = createDebugLogger('aztec:simulator:secret_execution'),
-): Promise<ExecutionResult> {
+  log = createDebugLogger('aztec:simulator:private_execution'),
+): Promise<PrivateExecutionResult> {
   const functionName = await context.getDebugFunctionName();
-  log.verbose(`Executing external function ${contractAddress}:${functionSelector}(${functionName})`);
+  log.verbose(`Executing external function ${functionName}@${contractAddress}`);
   const acir = artifact.bytecode;
   const initialWitness = context.getInitialWitness(artifact);
   const acvmCallback = new Oracle(context);
@@ -40,8 +47,7 @@ export async function executePrivateFunction(
   });
   const duration = timer.ms();
   const partialWitness = acirExecutionResult.partialWitness;
-  const returnWitness = witnessMapToFields(acirExecutionResult.returnWitness);
-  const publicInputs = PrivateCircuitPublicInputs.fromFields(returnWitness);
+  const publicInputs = extractPrivateCircuitPublicInputs(artifact, partialWitness);
 
   // TODO (alexg) estimate this size
   const initialWitnessSize = witnessMapToFields(initialWitness).length * Fr.SIZE_IN_BYTES;
@@ -75,20 +81,44 @@ export async function executePrivateFunction(
 
   log.debug(`Returning from call to ${contractAddress.toString()}:${functionSelector}`);
 
-  return {
+  return new PrivateExecutionResult(
     acir,
+    Buffer.from(artifact.verificationKey!, 'hex'),
     partialWitness,
     callStackItem,
-    returnValues: rawReturnValues,
     noteHashLeafIndexMap,
     newNotes,
     noteHashNullifierCounterMap,
-    vk: Buffer.from(artifact.verificationKey!, 'hex'),
+    rawReturnValues,
     nestedExecutions,
     enqueuedPublicFunctionCalls,
-    noteEncryptedLogs,
     publicTeardownFunctionCall,
+    noteEncryptedLogs,
     encryptedLogs,
     unencryptedLogs,
-  };
+  );
+}
+
+/**
+ * Get the private circuit public inputs from the partial witness.
+ * @param artifact - The function artifact
+ * @param partialWitness - The partial witness, result of simulating the function.
+ * @returns - The public inputs.
+ */
+export function extractPrivateCircuitPublicInputs(
+  artifact: FunctionArtifact,
+  partialWitness: ACVMWitness,
+): PrivateCircuitPublicInputs {
+  const parametersSize = countArgumentsSize(artifact) + PRIVATE_CONTEXT_INPUTS_LENGTH;
+  const returnsSize = PRIVATE_CIRCUIT_PUBLIC_INPUTS_LENGTH;
+  const returnData = [];
+  // Return values always appear in the witness after arguments.
+  for (let i = parametersSize; i < parametersSize + returnsSize; i++) {
+    const returnedField = partialWitness.get(i);
+    if (returnedField === undefined) {
+      throw new Error(`Missing return value for index ${i}`);
+    }
+    returnData.push(fromACVMField(returnedField));
+  }
+  return PrivateCircuitPublicInputs.fromFields(returnData);
 }

package/src/client/simulator.ts

@@ -1,4 +1,4 @@
-import { type AztecNode, type FunctionCall, type Note, type TxExecutionRequest } from '@aztec/circuit-types';
+import type { AztecNode, FunctionCall, Note, PrivateExecutionResult, TxExecutionRequest } from '@aztec/circuit-types';
 import { CallContext } from '@aztec/circuits.js';
 import {
   type ArrayType,
@@ -17,7 +17,6 @@ import { PackedValuesCache } from '../common/packed_values_cache.js';
 import { ClientExecutionContext } from './client_execution_context.js';
 import { type DBOracle } from './db_oracle.js';
 import { ExecutionNoteCache } from './execution_note_cache.js';
-import { type ExecutionResult } from './execution_result.js';
 import { executePrivateFunction } from './private_execution.js';
 import { executeUnconstrainedFunction } from './unconstrained_execution.js';
 import { ViewDataOracle } from './view_data_oracle.js';
@@ -47,7 +46,7 @@ export class AcirSimulator {
     contractAddress: AztecAddress,
     msgSender = AztecAddress.fromField(Fr.MAX_FIELD_VALUE),
     scopes?: AztecAddress[],
-  ): Promise<ExecutionResult> {
+  ): Promise<PrivateExecutionResult> {
     if (entryPointArtifact.functionType !== FunctionType.PRIVATE) {
       throw new Error(`Cannot run ${entryPointArtifact.functionType} function as private`);
     }