@aztec/stdlib 0.0.1-commit.8f9871590 → 0.0.1-commit.9117c5f5a

package/src/kernel/private_circuit_public_inputs.ts

@@ -21,7 +21,7 @@ import {
 } from '@aztec/foundation/serialize';
 import type { FieldsOf } from '@aztec/foundation/types';
 
-import { KeyValidationRequestAndGenerator } from '../kernel/hints/key_validation_request_and_generator.js';
+import { KeyValidationRequestAndSeparator } from '../kernel/hints/key_validation_request_and_separator.js';
 import { CountedLogHash } from '../kernel/log_hash.js';
 import { PrivateCallRequest } from '../kernel/private_call_request.js';
 import { PrivateLogData } from '../kernel/private_log_data.js';
@@ -106,10 +106,10 @@ export class PrivateCircuitPublicInputs {
      */
     public nullifierReadRequests: ClaimedLengthArray<ScopedReadRequest, typeof MAX_NULLIFIER_READ_REQUESTS_PER_CALL>,
     /**
-     * Key validation requests and generators created by the corresponding function call.
+     * Key validation requests and separators created by the corresponding function call.
      */
-    public keyValidationRequestsAndGenerators: ClaimedLengthArray<
-      KeyValidationRequestAndGenerator,
+    public keyValidationRequestsAndSeparators: ClaimedLengthArray<
+      KeyValidationRequestAndSeparator,
       typeof MAX_KEY_VALIDATION_REQUESTS_PER_CALL
     >,
     /**
@@ -178,7 +178,7 @@ export class PrivateCircuitPublicInputs {
       reader.readObject(ClaimedLengthArrayFromBuffer(ScopedReadRequest, MAX_NOTE_HASH_READ_REQUESTS_PER_CALL)),
       reader.readObject(ClaimedLengthArrayFromBuffer(ScopedReadRequest, MAX_NULLIFIER_READ_REQUESTS_PER_CALL)),
       reader.readObject(
-        ClaimedLengthArrayFromBuffer(KeyValidationRequestAndGenerator, MAX_KEY_VALIDATION_REQUESTS_PER_CALL),
+        ClaimedLengthArrayFromBuffer(KeyValidationRequestAndSeparator, MAX_KEY_VALIDATION_REQUESTS_PER_CALL),
       ),
       reader.readObject(ClaimedLengthArrayFromBuffer(PrivateCallRequest, MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL)),
       reader.readObject(ClaimedLengthArrayFromBuffer(CountedPublicCallRequest, MAX_ENQUEUED_CALLS_PER_CALL)),
@@ -209,7 +209,7 @@ export class PrivateCircuitPublicInputs {
       reader.readObject(ClaimedLengthArrayFromFields(ScopedReadRequest, MAX_NOTE_HASH_READ_REQUESTS_PER_CALL)),
       reader.readObject(ClaimedLengthArrayFromFields(ScopedReadRequest, MAX_NULLIFIER_READ_REQUESTS_PER_CALL)),
       reader.readObject(
-        ClaimedLengthArrayFromFields(KeyValidationRequestAndGenerator, MAX_KEY_VALIDATION_REQUESTS_PER_CALL),
+        ClaimedLengthArrayFromFields(KeyValidationRequestAndSeparator, MAX_KEY_VALIDATION_REQUESTS_PER_CALL),
       ),
       reader.readObject(ClaimedLengthArrayFromFields(PrivateCallRequest, MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL)),
       reader.readObject(ClaimedLengthArrayFromFields(CountedPublicCallRequest, MAX_ENQUEUED_CALLS_PER_CALL)),
@@ -242,7 +242,7 @@ export class PrivateCircuitPublicInputs {
       Fr.ZERO,
       ClaimedLengthArray.empty(ScopedReadRequest, MAX_NOTE_HASH_READ_REQUESTS_PER_CALL),
       ClaimedLengthArray.empty(ScopedReadRequest, MAX_NULLIFIER_READ_REQUESTS_PER_CALL),
-      ClaimedLengthArray.empty(KeyValidationRequestAndGenerator, MAX_KEY_VALIDATION_REQUESTS_PER_CALL),
+      ClaimedLengthArray.empty(KeyValidationRequestAndSeparator, MAX_KEY_VALIDATION_REQUESTS_PER_CALL),
       ClaimedLengthArray.empty(PrivateCallRequest, MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL),
       ClaimedLengthArray.empty(CountedPublicCallRequest, MAX_ENQUEUED_CALLS_PER_CALL),
       PublicCallRequest.empty(),
@@ -270,7 +270,7 @@ export class PrivateCircuitPublicInputs {
       this.expectedRevertibleSideEffectCounter.isZero() &&
       this.noteHashReadRequests.isEmpty() &&
       this.nullifierReadRequests.isEmpty() &&
-      this.keyValidationRequestsAndGenerators.isEmpty() &&
+      this.keyValidationRequestsAndSeparators.isEmpty() &&
       this.privateCallRequests.isEmpty() &&
       this.publicCallRequests.isEmpty() &&
       this.publicTeardownCallRequest.isEmpty() &&
@@ -303,7 +303,7 @@ export class PrivateCircuitPublicInputs {
       fields.expectedRevertibleSideEffectCounter,
       fields.noteHashReadRequests,
       fields.nullifierReadRequests,
-      fields.keyValidationRequestsAndGenerators,
+      fields.keyValidationRequestsAndSeparators,
       fields.privateCallRequests,
       fields.publicCallRequests,
       fields.publicTeardownCallRequest,
@@ -337,7 +337,7 @@ export class PrivateCircuitPublicInputs {
       this.expectedRevertibleSideEffectCounter,
       this.noteHashReadRequests,
       this.nullifierReadRequests,
-      this.keyValidationRequestsAndGenerators,
+      this.keyValidationRequestsAndSeparators,
       this.privateCallRequests,
       this.publicCallRequests,
       this.publicTeardownCallRequest,

package/src/kernel/private_to_public_kernel_circuit_public_inputs.ts

@@ -1,4 +1,4 @@
-import { GeneratorIndex, PRIVATE_TO_PUBLIC_KERNEL_CIRCUIT_PUBLIC_INPUTS_LENGTH } from '@aztec/constants';
+import { DomainSeparator, PRIVATE_TO_PUBLIC_KERNEL_CIRCUIT_PUBLIC_INPUTS_LENGTH } from '@aztec/constants';
 import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
 import type { Fr } from '@aztec/foundation/curves/bn254';
 import { bufferSchemaFor } from '@aztec/foundation/schemas';
@@ -92,7 +92,7 @@ export class PrivateToPublicKernelCircuitPublicInputs {
   }
 
   hash() {
-    return poseidon2HashWithSeparator(this.toFields(), GeneratorIndex.PUBLIC_TX_HASH);
+    return poseidon2HashWithSeparator(this.toFields(), DomainSeparator.PUBLIC_TX_HASH);
   }
 
   toJSON() {

package/src/kernel/private_to_rollup_kernel_circuit_public_inputs.ts

@@ -1,4 +1,4 @@
-import { GeneratorIndex, PRIVATE_TO_ROLLUP_KERNEL_CIRCUIT_PUBLIC_INPUTS_LENGTH } from '@aztec/constants';
+import { DomainSeparator, PRIVATE_TO_ROLLUP_KERNEL_CIRCUIT_PUBLIC_INPUTS_LENGTH } from '@aztec/constants';
 import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
 import type { Fr } from '@aztec/foundation/curves/bn254';
 import { bufferSchemaFor } from '@aztec/foundation/schemas';
@@ -113,6 +113,6 @@ export class PrivateToRollupKernelCircuitPublicInputs {
   }
 
   hash() {
-    return poseidon2HashWithSeparator(this.toFields(), GeneratorIndex.PRIVATE_TX_HASH);
+    return poseidon2HashWithSeparator(this.toFields(), DomainSeparator.PRIVATE_TX_HASH);
   }
 }

package/src/kernel/private_validation_requests.ts

@@ -8,7 +8,7 @@ import { bufferToHex, hexToBuffer } from '@aztec/foundation/string';
 
 import { inspect } from 'util';
 
-import { ScopedKeyValidationRequestAndGenerator } from '../kernel/hints/scoped_key_validation_request_and_generator.js';
+import { ScopedKeyValidationRequestAndSeparator } from '../kernel/hints/scoped_key_validation_request_and_separator.js';
 import { ClaimedLengthArray, ClaimedLengthArrayFromBuffer } from './claimed_length_array.js';
 import { ScopedReadRequest } from './hints/read_request.js';
 
@@ -28,8 +28,8 @@ export class PrivateValidationRequests {
     /**
      * All the key validation requests made in this transaction.
      */
-    public scopedKeyValidationRequestsAndGenerators: ClaimedLengthArray<
-      ScopedKeyValidationRequestAndGenerator,
+    public scopedKeyValidationRequestsAndSeparators: ClaimedLengthArray<
+      ScopedKeyValidationRequestAndSeparator,
       typeof MAX_KEY_VALIDATION_REQUESTS_PER_TX
     >,
   ) {}
@@ -38,7 +38,7 @@ export class PrivateValidationRequests {
     return (
       this.noteHashReadRequests.getSize() +
       this.nullifierReadRequests.getSize() +
-      this.scopedKeyValidationRequestsAndGenerators.getSize()
+      this.scopedKeyValidationRequestsAndSeparators.getSize()
     );
   }
 
@@ -46,7 +46,7 @@ export class PrivateValidationRequests {
     return serializeToBuffer(
       this.noteHashReadRequests,
       this.nullifierReadRequests,
-      this.scopedKeyValidationRequestsAndGenerators,
+      this.scopedKeyValidationRequestsAndSeparators,
     );
   }
 
@@ -65,7 +65,7 @@ export class PrivateValidationRequests {
       reader.readObject(ClaimedLengthArrayFromBuffer(ScopedReadRequest, MAX_NOTE_HASH_READ_REQUESTS_PER_TX)),
       reader.readObject(ClaimedLengthArrayFromBuffer(ScopedReadRequest, MAX_NULLIFIER_READ_REQUESTS_PER_TX)),
       reader.readObject(
-        ClaimedLengthArrayFromBuffer(ScopedKeyValidationRequestAndGenerator, MAX_KEY_VALIDATION_REQUESTS_PER_TX),
+        ClaimedLengthArrayFromBuffer(ScopedKeyValidationRequestAndSeparator, MAX_KEY_VALIDATION_REQUESTS_PER_TX),
       ),
     );
   }
@@ -83,7 +83,7 @@ export class PrivateValidationRequests {
     return new PrivateValidationRequests(
       ClaimedLengthArray.empty(ScopedReadRequest, MAX_NOTE_HASH_READ_REQUESTS_PER_TX),
       ClaimedLengthArray.empty(ScopedReadRequest, MAX_NULLIFIER_READ_REQUESTS_PER_TX),
-      ClaimedLengthArray.empty(ScopedKeyValidationRequestAndGenerator, MAX_KEY_VALIDATION_REQUESTS_PER_TX),
+      ClaimedLengthArray.empty(ScopedKeyValidationRequestAndSeparator, MAX_KEY_VALIDATION_REQUESTS_PER_TX),
     );
   }
 
@@ -91,7 +91,7 @@ export class PrivateValidationRequests {
     return `PrivateValidationRequests {
   noteHashReadRequests: ${inspect(this.noteHashReadRequests)},
   nullifierReadRequests: ${inspect(this.nullifierReadRequests)},
-  scopedKeyValidationRequestsAndGenerators: ${inspect(this.scopedKeyValidationRequestsAndGenerators)},
+  scopedKeyValidationRequestsAndSeparators: ${inspect(this.scopedKeyValidationRequestsAndSeparators)},
   `;
   }
 }

package/src/keys/derivation.ts

@@ -1,4 +1,4 @@
-import { GeneratorIndex } from '@aztec/constants';
+import { DomainSeparator } from '@aztec/constants';
 import { Grumpkin } from '@aztec/foundation/crypto/grumpkin';
 import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
 import { sha512ToGrumpkinScalar } from '@aztec/foundation/crypto/sha512';
@@ -27,29 +27,29 @@ export async function computeOvskApp(ovsk: GrumpkinScalar, app: AztecAddress): P
 }
 
 export function deriveMasterNullifierHidingKey(secretKey: Fr): GrumpkinScalar {
-  return sha512ToGrumpkinScalar([secretKey, GeneratorIndex.NHK_M]);
+  return sha512ToGrumpkinScalar([secretKey, DomainSeparator.NHK_M]);
 }
 
 export function deriveMasterIncomingViewingSecretKey(secretKey: Fr): GrumpkinScalar {
-  return sha512ToGrumpkinScalar([secretKey, GeneratorIndex.IVSK_M]);
+  return sha512ToGrumpkinScalar([secretKey, DomainSeparator.IVSK_M]);
 }
 
 export function deriveMasterOutgoingViewingSecretKey(secretKey: Fr): GrumpkinScalar {
-  return sha512ToGrumpkinScalar([secretKey, GeneratorIndex.OVSK_M]);
+  return sha512ToGrumpkinScalar([secretKey, DomainSeparator.OVSK_M]);
 }
 
 export function deriveSigningKey(secretKey: Fr): GrumpkinScalar {
   // TODO(#5837): come up with a standard signing key derivation scheme instead of using ivsk_m as signing keys here
-  return sha512ToGrumpkinScalar([secretKey, GeneratorIndex.IVSK_M]);
+  return sha512ToGrumpkinScalar([secretKey, DomainSeparator.IVSK_M]);
 }
 
 export function computePreaddress(publicKeysHash: Fr, partialAddress: Fr) {
-  return poseidon2HashWithSeparator([publicKeysHash, partialAddress], GeneratorIndex.CONTRACT_ADDRESS_V1);
+  return poseidon2HashWithSeparator([publicKeysHash, partialAddress], DomainSeparator.CONTRACT_ADDRESS_V1);
 }
 
 export async function computeAddress(publicKeys: PublicKeys, partialAddress: Fr): Promise<AztecAddress> {
   // Given public keys and a partial address, we can compute our address in the following steps.
-  // 1. preaddress = poseidon2([publicKeysHash, partialAddress], GeneratorIndex.CONTRACT_ADDRESS_V1);
+  // 1. preaddress = poseidon2([publicKeysHash, partialAddress], DomainSeparator.CONTRACT_ADDRESS_V1);
   // 2. addressPoint = (preaddress * G) + ivpk_m
   // 3. address = addressPoint.x
   const preaddress = await computePreaddress(await publicKeys.hash(), partialAddress);
@@ -98,7 +98,7 @@ export async function deriveKeys(secretKey: Fr) {
   const masterNullifierHidingKey = deriveMasterNullifierHidingKey(secretKey);
   const masterIncomingViewingSecretKey = deriveMasterIncomingViewingSecretKey(secretKey);
   const masterOutgoingViewingSecretKey = deriveMasterOutgoingViewingSecretKey(secretKey);
-  const masterTaggingSecretKey = sha512ToGrumpkinScalar([secretKey, GeneratorIndex.TSK_M]);
+  const masterTaggingSecretKey = sha512ToGrumpkinScalar([secretKey, DomainSeparator.TSK_M]);
 
   // Then we derive master public keys
   const masterNullifierPublicKey = await derivePublicKeyFromSecretKey(masterNullifierHidingKey);

package/src/keys/key_types.ts

@@ -1,5 +1,9 @@
-import type { GeneratorIndex } from '@aztec/constants';
+import type { DomainSeparator } from '@aztec/constants';
 
-export type KeyGenerator = GeneratorIndex.NHK_M | GeneratorIndex.IVSK_M | GeneratorIndex.OVSK_M | GeneratorIndex.TSK_M;
+export type KeyGenerator =
+  | DomainSeparator.NHK_M
+  | DomainSeparator.IVSK_M
+  | DomainSeparator.OVSK_M
+  | DomainSeparator.TSK_M;
 export type KeyPrefix = 'n' | 'iv' | 'ov' | 't';
 export const KEY_PREFIXES: KeyPrefix[] = ['n', 'iv', 'ov', 't'];

package/src/keys/public_keys.ts

@@ -7,7 +7,7 @@ import {
   DEFAULT_OVPK_M_Y,
   DEFAULT_TPK_M_X,
   DEFAULT_TPK_M_Y,
-  GeneratorIndex,
+  DomainSeparator,
 } from '@aztec/constants';
 import { poseidon2HashWithSeparator } from '@aztec/foundation/crypto/poseidon';
 import { Fr } from '@aztec/foundation/curves/bn254';
@@ -82,7 +82,7 @@ export class PublicKeys {
             this.masterOutgoingViewingPublicKey,
             this.masterTaggingPublicKey,
           ],
-          GeneratorIndex.PUBLIC_KEYS_HASH,
+          DomainSeparator.PUBLIC_KEYS_HASH,
         );
   }
 

package/src/keys/utils.ts

@@ -1,13 +1,13 @@
-import { GeneratorIndex } from '@aztec/constants';
+import { DomainSeparator } from '@aztec/constants';
 
 import type { KeyGenerator, KeyPrefix } from './key_types.js';
 
 export function getKeyGenerator(prefix: KeyPrefix): KeyGenerator {
   const map: Record<KeyPrefix, KeyGenerator> = {
-    n: GeneratorIndex.NHK_M,
-    iv: GeneratorIndex.IVSK_M,
-    ov: GeneratorIndex.OVSK_M,
-    t: GeneratorIndex.TSK_M,
+    n: DomainSeparator.NHK_M,
+    iv: DomainSeparator.IVSK_M,
+    ov: DomainSeparator.OVSK_M,
+    t: DomainSeparator.TSK_M,
   };
   return map[prefix];
 }

package/src/logs/debug_log_store.ts

@@ -0,0 +1,54 @@
+import type { TxReceipt } from '../tx/tx_receipt.js';
+import type { DebugLog } from './debug_log.js';
+
+/**
+ * Store for debug logs emitted by public functions during transaction execution.
+ *
+ * Uses the Null Object pattern: production code uses NullDebugLogStore (no-op), while test mode uses
+ * InMemoryDebugLogStore (stores and serves logs).
+ */
+export interface DebugLogStore {
+  /** Store debug logs for a processed transaction. */
+  storeLogs(txHash: string, logs: DebugLog[]): void;
+  /** Decorate a TxReceipt with any stored debug logs for the given tx. */
+  decorateReceiptWithLogs(txHash: string, receipt: TxReceipt): void;
+  /** Whether debug log collection is enabled. */
+  readonly isEnabled: boolean;
+}
+
+/** No-op implementation for production mode. */
+export class NullDebugLogStore implements DebugLogStore {
+  storeLogs(_txHash: string, _logs: DebugLog[]): void {
+    return;
+  }
+  decorateReceiptWithLogs(_txHash: string, _receipt: TxReceipt): void {
+    return;
+  }
+  get isEnabled(): boolean {
+    return false;
+  }
+}
+
+/** In-memory implementation for test mode that stores and serves debug logs. */
+export class InMemoryDebugLogStore implements DebugLogStore {
+  private map = new Map<string, DebugLog[]>();
+
+  storeLogs(txHash: string, logs: DebugLog[]): void {
+    if (logs.length > 0) {
+      this.map.set(txHash, logs);
+    }
+  }
+
+  decorateReceiptWithLogs(txHash: string, receipt: TxReceipt): void {
+    if (receipt.isMined()) {
+      const debugLogs = this.map.get(txHash);
+      if (debugLogs) {
+        receipt.debugLogs = debugLogs;
+      }
+    }
+  }
+
+  get isEnabled(): boolean {
+    return true;
+  }
+}

package/src/logs/{directional_app_tagging_secret.ts → extended_directional_app_tagging_secret.ts}

@@ -5,22 +5,28 @@ import type { Point } from '@aztec/foundation/curves/grumpkin';
 
 import { z } from 'zod';
 
-import type { AztecAddress } from '../aztec-address/index.js';
+import { AztecAddress } from '../aztec-address/index.js';
 import type { CompleteAddress } from '../contract/complete_address.js';
 import { computeAddressSecret, computePreaddress } from '../keys/derivation.js';
 
 /**
- * Directional application tagging secret used for log tagging.
+ * Extended directional application tagging secret used for log tagging.
  *
- * "Directional" because the derived secret is bound to the recipient
- * address: A→B differs from B→A even with the same participants and app.
+ * "Extended" because it bundles the directional app tagging secret with the app (contract) address. This bundling was
+ * done because where this type is used we commonly need access to both the secret and the address.
  *
- * Note: It's a bit unfortunate that this type resides in `stdlib` as the rest of the tagging functionality resides
- * in `pxe/src/tagging`. We need to use this type in `PreTag` that in turn is used by other types
- * in stdlib hence there doesn't seem to be a good way around this.
+ * "Directional" because the derived secret is bound to the recipient address: A→B differs from B→A even with the same
+ * participants and app.
+ *
+ * Note: It's a bit unfortunate that this type resides in `stdlib` as the rest of the tagging functionality resides in
+ * `pxe/src/tagging`. We need to use this type in `PreTag` that in turn is used by other types in stdlib hence there
+ * doesn't seem to be a good way around this.
  */
-export class DirectionalAppTaggingSecret {
-  private constructor(public readonly value: Fr) {}
+export class ExtendedDirectionalAppTaggingSecret {
+  private constructor(
+    public readonly secret: Fr,
+    public readonly app: AztecAddress,
+  ) {}
 
   /**
    * Derives shared tagging secret and from that, the app address and recipient derives the directional app tagging
@@ -39,20 +45,21 @@ export class DirectionalAppTaggingSecret {
     externalAddress: AztecAddress,
     app: AztecAddress,
     recipient: AztecAddress,
-  ): Promise<DirectionalAppTaggingSecret> {
+  ): Promise<ExtendedDirectionalAppTaggingSecret> {
     const taggingSecretPoint = await computeSharedTaggingSecret(localAddress, localIvsk, externalAddress);
     const appTaggingSecret = await poseidon2Hash([taggingSecretPoint.x, taggingSecretPoint.y, app]);
     const directionalAppTaggingSecret = await poseidon2Hash([appTaggingSecret, recipient]);
 
-    return new DirectionalAppTaggingSecret(directionalAppTaggingSecret);
+    return new ExtendedDirectionalAppTaggingSecret(directionalAppTaggingSecret, app);
   }
 
   toString(): string {
-    return this.value.toString();
+    return `${this.secret.toString()}:${this.app.toString()}`;
   }
 
-  static fromString(str: string): DirectionalAppTaggingSecret {
-    return new DirectionalAppTaggingSecret(Fr.fromString(str));
+  static fromString(str: string): ExtendedDirectionalAppTaggingSecret {
+    const [secretStr, appStr] = str.split(':');
+    return new ExtendedDirectionalAppTaggingSecret(Fr.fromString(secretStr), AztecAddress.fromString(appStr));
   }
 }
 
@@ -74,6 +81,7 @@ async function computeSharedTaggingSecret(
   return Grumpkin.mul(externalAddressPoint, await computeAddressSecret(knownPreaddress, localIvsk));
 }
 
-export const DirectionalAppTaggingSecretSchema = z.object({
-  value: Fr.schema,
+export const ExtendedDirectionalAppTaggingSecretSchema = z.object({
+  secret: Fr.schema,
+  app: AztecAddress.schema,
 });

package/src/logs/index.ts

@@ -1,4 +1,4 @@
-export * from './directional_app_tagging_secret.js';
+export * from './extended_directional_app_tagging_secret.js';
 export * from './pre_tag.js';
 export * from './contract_class_log.js';
 export * from './public_log.js';
@@ -12,5 +12,6 @@ export * from './shared_secret_derivation.js';
 export * from './tx_scoped_l2_log.js';
 export * from './message_context.js';
 export * from './debug_log.js';
+export * from './debug_log_store.js';
 export * from './tag.js';
 export * from './siloed_tag.js';

package/src/logs/pre_tag.ts

@@ -3,9 +3,9 @@ import { schemas } from '@aztec/foundation/schemas';
 import { z } from 'zod';
 
 import {
-  type DirectionalAppTaggingSecret,
-  DirectionalAppTaggingSecretSchema,
-} from './directional_app_tagging_secret.js';
+  type ExtendedDirectionalAppTaggingSecret,
+  ExtendedDirectionalAppTaggingSecretSchema,
+} from './extended_directional_app_tagging_secret.js';
 
 /**
  * Represents a preimage of a private log tag (see `Tag` in `pxe/src/tagging`).
@@ -15,11 +15,11 @@ import {
  * around this.
  */
 export type PreTag = {
-  secret: DirectionalAppTaggingSecret;
+  extendedSecret: ExtendedDirectionalAppTaggingSecret;
   index: number;
 };
 
 export const PreTagSchema = z.object({
-  secret: DirectionalAppTaggingSecretSchema,
+  extendedSecret: ExtendedDirectionalAppTaggingSecretSchema,
   index: schemas.Integer,
 });

package/src/logs/siloed_tag.ts

@@ -4,7 +4,8 @@ import type { ZodFor } from '@aztec/foundation/schemas';
 import type { AztecAddress } from '../aztec-address/index.js';
 import { computeSiloedPrivateLogFirstField } from '../hash/hash.js';
 import { schemas } from '../schemas/schemas.js';
-import type { Tag } from './tag.js';
+import type { PreTag } from './pre_tag.js';
+import { Tag } from './tag.js';
 
 /* eslint-disable @typescript-eslint/no-unsafe-declaration-merging */
 
@@ -21,7 +22,12 @@ export interface SiloedTag {
 export class SiloedTag {
   constructor(public readonly value: Fr) {}
 
-  static async compute(tag: Tag, app: AztecAddress): Promise<SiloedTag> {
+  static async compute(preTag: PreTag): Promise<SiloedTag> {
+    const tag = await Tag.compute(preTag);
+    return SiloedTag.computeFromTagAndApp(tag, preTag.extendedSecret.app);
+  }
+
+  static async computeFromTagAndApp(tag: Tag, app: AztecAddress): Promise<SiloedTag> {
     const siloedTag = await computeSiloedPrivateLogFirstField(app, tag.value);
     return new SiloedTag(siloedTag);
   }

package/src/logs/tag.ts

@@ -20,7 +20,7 @@ export class Tag {
   constructor(public readonly value: Fr) {}
 
   static async compute(preTag: PreTag): Promise<Tag> {
-    const tag = await poseidon2Hash([preTag.secret.value, preTag.index]);
+    const tag = await poseidon2Hash([preTag.extendedSecret.secret, preTag.index]);
     return new Tag(tag);
   }
 

package/src/p2p/attestation_utils.ts

@@ -33,3 +33,59 @@ export function orderAttestations(
 
   return orderedAttestations;
 }
+
+/**
+ * Trims attestations to the minimum required number to save L1 calldata gas.
+ * Each signature costs 65 bytes of calldata vs 20 bytes for just an address.
+ *
+ * Priority order for keeping attestations:
+ * 1. The proposer's attestation (required by L1 contract - MissingProposerSignature revert)
+ * 2. Attestations from the local node's validator keys
+ * 3. Remaining attestations filled to reach the required count
+ */
+export function trimAttestations(
+  attestations: CheckpointAttestation[],
+  required: number,
+  proposerAddress: EthAddress,
+  localAddresses: EthAddress[],
+): CheckpointAttestation[] {
+  if (attestations.length <= required) {
+    return attestations;
+  }
+
+  const proposerAttestation: CheckpointAttestation[] = [];
+  const localAttestations: CheckpointAttestation[] = [];
+  const otherAttestations: CheckpointAttestation[] = [];
+
+  for (const attestation of attestations) {
+    const sender = attestation.getSender();
+    if (!sender) {
+      continue;
+    }
+    if (sender.equals(proposerAddress)) {
+      proposerAttestation.push(attestation);
+    } else if (localAddresses.some(addr => addr.equals(sender))) {
+      localAttestations.push(attestation);
+    } else {
+      otherAttestations.push(attestation);
+    }
+  }
+
+  const result: CheckpointAttestation[] = [...proposerAttestation];
+
+  for (const att of localAttestations) {
+    if (result.length >= required) {
+      break;
+    }
+    result.push(att);
+  }
+
+  for (const att of otherAttestations) {
+    if (result.length >= required) {
+      break;
+    }
+    result.push(att);
+  }
+
+  return result;
+}

package/src/p2p/block_proposal.ts

@@ -6,11 +6,11 @@ import { Fr } from '@aztec/foundation/curves/bn254';
 import type { EthAddress } from '@aztec/foundation/eth-address';
 import { Signature } from '@aztec/foundation/eth-signature';
 import { BufferReader, serializeToBuffer } from '@aztec/foundation/serialize';
-import { DutyType, type SigningContext } from '@aztec/validator-ha-signer/types';
 
 import type { L2Block } from '../block/l2_block.js';
 import type { L2BlockInfo } from '../block/l2_block_info.js';
 import { MAX_TXS_PER_BLOCK } from '../deserialization/index.js';
+import { DutyType, type SigningContext } from '../ha-signing/index.js';
 import { BlockHeader } from '../tx/block_header.js';
 import { TxHash } from '../tx/index.js';
 import type { Tx } from '../tx/tx.js';
@@ -56,8 +56,6 @@ export class BlockProposal extends Gossipable {
     /** The per-block header containing block state and global variables */
     public readonly blockHeader: BlockHeader,
 
-    // TODO(palla/mbps): Is this really needed? Can we just derive it from the indexWithinCheckpoint of the parent block and the slot number?
-    // See the block-proposal-handler, we have a lot of extra validations to check this is correct, so maybe we can avoid storing it here.
     /** Index of this block within the checkpoint (0-indexed) */
     public readonly indexWithinCheckpoint: IndexWithinCheckpoint,
 

package/src/p2p/checkpoint_proposal.ts

@@ -6,10 +6,10 @@ import { Fr } from '@aztec/foundation/curves/bn254';
 import type { EthAddress } from '@aztec/foundation/eth-address';
 import { Signature } from '@aztec/foundation/eth-signature';
 import { BufferReader, serializeSignedBigInt, serializeToBuffer } from '@aztec/foundation/serialize';
-import { DutyType, type SigningContext } from '@aztec/validator-ha-signer/types';
 
 import type { L2BlockInfo } from '../block/l2_block_info.js';
 import { MAX_TXS_PER_BLOCK } from '../deserialization/index.js';
+import { DutyType, type SigningContext } from '../ha-signing/index.js';
 import { CheckpointHeader } from '../rollup/checkpoint_header.js';
 import { BlockHeader } from '../tx/block_header.js';
 import { TxHash } from '../tx/index.js';

package/src/p2p/client_type.ts

@@ -1,6 +0,0 @@
-export enum P2PClientType {
-  // Full p2p clients will subscribe to all gossip topics
-  Full,
-  // Prove p2p clients will only subscribe to transaction and proving topics
-  Prover,
-}

package/src/p2p/index.ts

@@ -8,7 +8,6 @@ export * from './interface.js';
 export * from './signature_utils.js';
 export * from './signed_txs.js';
 export * from './topic_type.js';
-export * from './client_type.js';
 export * from './message_validator.js';
 export * from './peer_error.js';
 export * from './constants.js';

package/src/p2p/topic_type.ts

@@ -1,5 +1,3 @@
-import { P2PClientType } from './client_type.js';
-
 /**
  * Creates the topic channel identifier string from a given topic type
  */
@@ -27,19 +25,14 @@ export enum TopicType {
   checkpoint_attestation = 'checkpoint_attestation',
 }
 
-export function getTopicTypeForClientType(clientType: P2PClientType) {
-  if (clientType === P2PClientType.Full) {
-    return [TopicType.tx, TopicType.block_proposal, TopicType.checkpoint_proposal, TopicType.checkpoint_attestation];
-  } else if (clientType === P2PClientType.Prover) {
-    return [TopicType.tx, TopicType.block_proposal, TopicType.checkpoint_proposal];
-  } else {
-    const _: never = clientType;
-    return [TopicType.tx];
-  }
-}
-
-export function getTopicsForClientAndConfig(clientType: P2PClientType, disableTransactions: boolean) {
-  const topics = getTopicTypeForClientType(clientType);
+/** Returns all gossip topics, optionally filtering out transactions. */
+export function getTopicsForConfig(disableTransactions: boolean) {
+  const topics = [
+    TopicType.tx,
+    TopicType.block_proposal,
+    TopicType.checkpoint_proposal,
+    TopicType.checkpoint_attestation,
+  ];
   if (disableTransactions) {
     return topics.filter(topic => topic !== TopicType.tx);
   }

package/src/rollup/checkpoint_header.ts

@@ -19,8 +19,8 @@ import type { UInt64 } from '../types/shared.js';
 
 /**
  * Header of a checkpoint. A checkpoint is a collection of blocks submitted to L1 all within the same slot.
- * TODO(palla/mbps): Should this include chainId and version as well? Is this used just in circuits?
- * TODO(palla/mbps): What about CheckpointNumber?
+ * This header is verified as-is in the rollup circuits, posted to the L1 rollup contract, stored in the archiver,
+ * and exposed via the Aztec Node API. See `CheckpointData` for a struct that includes the header plus extra metadata.
  */
 export class CheckpointHeader {
   constructor(