@aztec/stdlib 5.0.0-nightly.20260706 → 5.0.0-nightly.20260708

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (72) hide show
  1. package/dest/block/attestation_info.d.ts +1 -1
  2. package/dest/block/attestation_info.d.ts.map +1 -1
  3. package/dest/block/attestation_info.js +7 -4
  4. package/dest/block/l2_block_source.d.ts +13 -2
  5. package/dest/block/l2_block_source.d.ts.map +1 -1
  6. package/dest/block/l2_block_source.js +5 -0
  7. package/dest/block/proposal/attestations_and_signers.d.ts +19 -1
  8. package/dest/block/proposal/attestations_and_signers.d.ts.map +1 -1
  9. package/dest/block/proposal/attestations_and_signers.js +37 -1
  10. package/dest/block/validate_block_result.d.ts +16 -1
  11. package/dest/block/validate_block_result.d.ts.map +1 -1
  12. package/dest/block/validate_block_result.js +18 -3
  13. package/dest/config/network-consensus-config.d.ts +1 -1
  14. package/dest/config/network-consensus-config.d.ts.map +1 -1
  15. package/dest/config/network-consensus-config.js +2 -10
  16. package/dest/database-version/version_manager.d.ts +18 -4
  17. package/dest/database-version/version_manager.d.ts.map +1 -1
  18. package/dest/database-version/version_manager.js +76 -6
  19. package/dest/ha-signing/config.d.ts +19 -5
  20. package/dest/ha-signing/config.d.ts.map +1 -1
  21. package/dest/ha-signing/config.js +9 -3
  22. package/dest/ha-signing/local_config.d.ts +10 -2
  23. package/dest/ha-signing/local_config.d.ts.map +1 -1
  24. package/dest/ha-signing/local_config.js +8 -2
  25. package/dest/interfaces/aztec-node-admin.d.ts +5 -2
  26. package/dest/interfaces/aztec-node-admin.d.ts.map +1 -1
  27. package/dest/interfaces/configs.d.ts +4 -1
  28. package/dest/interfaces/configs.d.ts.map +1 -1
  29. package/dest/interfaces/configs.js +1 -0
  30. package/dest/interfaces/validator.d.ts +7 -3
  31. package/dest/interfaces/validator.d.ts.map +1 -1
  32. package/dest/interfaces/world_state.d.ts +14 -1
  33. package/dest/interfaces/world_state.d.ts.map +1 -1
  34. package/dest/keys/derivation.d.ts +1 -2
  35. package/dest/keys/derivation.d.ts.map +1 -1
  36. package/dest/keys/derivation.js +0 -7
  37. package/dest/logs/app_tagging_secret.d.ts +6 -1
  38. package/dest/logs/app_tagging_secret.d.ts.map +1 -1
  39. package/dest/logs/app_tagging_secret.js +6 -0
  40. package/dest/logs/index.d.ts +1 -3
  41. package/dest/logs/index.d.ts.map +1 -1
  42. package/dest/logs/index.js +0 -2
  43. package/dest/logs/shared_secret_derivation.d.ts +9 -3
  44. package/dest/logs/shared_secret_derivation.d.ts.map +1 -1
  45. package/dest/logs/shared_secret_derivation.js +13 -6
  46. package/dest/p2p/signature_utils.d.ts +10 -1
  47. package/dest/p2p/signature_utils.d.ts.map +1 -1
  48. package/dest/p2p/signature_utils.js +9 -1
  49. package/package.json +8 -8
  50. package/src/block/attestation_info.ts +7 -2
  51. package/src/block/l2_block_source.ts +13 -2
  52. package/src/block/proposal/attestations_and_signers.ts +43 -1
  53. package/src/block/validate_block_result.ts +48 -2
  54. package/src/config/network-consensus-config.ts +2 -13
  55. package/src/database-version/version_manager.ts +96 -6
  56. package/src/ha-signing/config.ts +23 -5
  57. package/src/ha-signing/local_config.ts +20 -1
  58. package/src/interfaces/configs.ts +3 -0
  59. package/src/interfaces/world_state.ts +14 -0
  60. package/src/keys/derivation.ts +0 -5
  61. package/src/logs/app_tagging_secret.ts +12 -0
  62. package/src/logs/index.ts +0 -2
  63. package/src/logs/shared_secret_derivation.ts +17 -8
  64. package/src/p2p/signature_utils.ts +9 -0
  65. package/dest/logs/message_context.d.ts +0 -17
  66. package/dest/logs/message_context.d.ts.map +0 -1
  67. package/dest/logs/message_context.js +0 -9
  68. package/dest/logs/pending_tagged_log.d.ts +0 -11
  69. package/dest/logs/pending_tagged_log.d.ts.map +0 -1
  70. package/dest/logs/pending_tagged_log.js +0 -4
  71. package/src/logs/message_context.ts +0 -18
  72. package/src/logs/pending_tagged_log.ts +0 -12
@@ -6,11 +6,20 @@ import { join } from 'path';
6
6
 
7
7
  import { DatabaseVersion } from './database_version.js';
8
8
 
9
- export type DatabaseVersionManagerFs = Pick<typeof fs, 'readFile' | 'writeFile' | 'rm' | 'mkdir'>;
9
+ export type DatabaseVersionManagerFs = Pick<typeof fs, 'readFile' | 'rm' | 'mkdir' | 'rename' | 'open'>;
10
10
 
11
11
  export const DATABASE_VERSION_FILE_NAME = 'db_version';
12
12
  export type SchemaVersionMismatchPolicy = 'reset' | 'throw';
13
13
 
14
+ /**
15
+ * How to react when the version file exists but cannot be read (permissions, IO error, truncation).
16
+ * `'reset'` (default) treats the store as unversioned and lets the reset path run — safe for stores
17
+ * where an empty state is legitimate. `'throw'` refuses to open, leaving data untouched — required
18
+ * for protection stores (e.g. signing protection) that must never be silently wiped by a transient
19
+ * filesystem error. A genuinely missing file (ENOENT) is a first boot and is never affected by this.
20
+ */
21
+ export type VersionFileReadFailurePolicy = 'reset' | 'throw';
22
+
14
23
  export type DatabaseVersionManagerOptions<T> = {
15
24
  schemaVersion: number;
16
25
  rollupAddress: EthAddress;
@@ -18,6 +27,7 @@ export type DatabaseVersionManagerOptions<T> = {
18
27
  onOpen: (dataDir: string) => Promise<T>;
19
28
  onUpgrade?: (dataDir: string, currentVersion: number, latestVersion: number) => Promise<void>;
20
29
  schemaVersionMismatchPolicy?: SchemaVersionMismatchPolicy;
30
+ versionFileReadFailurePolicy?: VersionFileReadFailurePolicy;
21
31
  fileSystem?: DatabaseVersionManagerFs;
22
32
  log?: Logger;
23
33
  };
@@ -37,6 +47,7 @@ export class DatabaseVersionManager<T> {
37
47
  private onOpen: (dataDir: string) => Promise<T>;
38
48
  private onUpgrade?: (dataDir: string, currentVersion: number, latestVersion: number) => Promise<void>;
39
49
  private schemaVersionMismatchPolicy: SchemaVersionMismatchPolicy;
50
+ private versionFileReadFailurePolicy: VersionFileReadFailurePolicy;
40
51
  private fileSystem: DatabaseVersionManagerFs;
41
52
  private log: Logger;
42
53
 
@@ -47,8 +58,11 @@ export class DatabaseVersionManager<T> {
47
58
  * @param rollupAddress - The rollup contract address
48
59
  * @param dataDirectory - The directory where version information will be stored
49
60
  * @param onOpen - A callback to the open the database at the given location
50
- * @param onUpgrade - An optional callback to upgrade the database before opening. If not provided it will reset the database
61
+ * @param onUpgrade - An optional callback to upgrade the database before opening. If not provided it will reset the
62
+ * database. Must be idempotent: since the version marker is written only after a successful open, a crash after
63
+ * onUpgrade but before the marker is written re-runs onUpgrade on the next start.
51
64
  * @param schemaVersionMismatchPolicy - Whether schema mismatches should reset data or throw
65
+ * @param versionFileReadFailurePolicy - Whether an unreadable (non-missing) version file should reset data or throw
52
66
  * @param fileSystem - An interface to access the filesystem
53
67
  * @param log - Optional custom logger
54
68
  * @param options - Configuration options
@@ -60,6 +74,7 @@ export class DatabaseVersionManager<T> {
60
74
  onOpen,
61
75
  onUpgrade,
62
76
  schemaVersionMismatchPolicy = 'reset',
77
+ versionFileReadFailurePolicy = 'reset',
63
78
  fileSystem = fs,
64
79
  log = createLogger(`foundation:version-manager`),
65
80
  }: DatabaseVersionManagerOptions<T>) {
@@ -74,13 +89,40 @@ export class DatabaseVersionManager<T> {
74
89
  this.onOpen = onOpen;
75
90
  this.onUpgrade = onUpgrade;
76
91
  this.schemaVersionMismatchPolicy = schemaVersionMismatchPolicy;
92
+ this.versionFileReadFailurePolicy = versionFileReadFailurePolicy;
77
93
  this.fileSystem = fileSystem;
78
94
  this.log = log;
79
95
  }
80
96
 
81
97
  static async writeVersion(version: DatabaseVersion, dataDir: string, fileSystem: DatabaseVersionManagerFs = fs) {
82
98
  await fileSystem.mkdir(dataDir, { recursive: true });
83
- return fileSystem.writeFile(join(dataDir, DatabaseVersionManager.VERSION_FILE), version.toBuffer());
99
+ const finalPath = join(dataDir, DatabaseVersionManager.VERSION_FILE);
100
+ const tmpPath = `${finalPath}.tmp`;
101
+
102
+ // Atomic durable write: fill a temp file, fsync it, then rename it into place. The marker only
103
+ // becomes visible under its final name once its bytes are durably on disk, so a crash mid-write
104
+ // can never leave a "valid" version file sitting over an empty or partially-populated data dir.
105
+ const handle = await fileSystem.open(tmpPath, 'w');
106
+ try {
107
+ await handle.writeFile(version.toBuffer());
108
+ await handle.sync();
109
+ } finally {
110
+ await handle.close();
111
+ }
112
+ await fileSystem.rename(tmpPath, finalPath);
113
+
114
+ // Best-effort fsync of the containing directory so the rename itself survives a crash. Not all
115
+ // filesystems support directory fsync, so a failure here is non-fatal.
116
+ try {
117
+ const dirHandle = await fileSystem.open(dataDir, 'r');
118
+ try {
119
+ await dirHandle.sync();
120
+ } finally {
121
+ await dirHandle.close();
122
+ }
123
+ } catch {
124
+ // directory fsync is best-effort
125
+ }
84
126
  }
85
127
 
86
128
  /**
@@ -105,6 +147,17 @@ export class DatabaseVersionManager<T> {
105
147
  storedVersion = DatabaseVersion.empty();
106
148
  // only turn off these logs if the data dir didn't exist before
107
149
  shouldLogDataReset = false;
150
+ } else if (this.versionFileReadFailurePolicy === 'throw') {
151
+ // The version file exists but could not be read/parsed (permissions, IO error, truncation).
152
+ // Treating this as "unversioned" would reset the data directory, silently wiping a store that
153
+ // must fail closed. Refuse to open instead, leaving the data untouched for the operator.
154
+ const code = (err as Error & { code?: string })?.code;
155
+ const message = err instanceof Error ? err.message : String(err);
156
+ throw new Error(
157
+ `Failed to read database version file at ${this.versionFile} (${code ?? 'unknown error'}: ${message}). ` +
158
+ `Refusing to open the database; data was NOT reset. Resolve the underlying filesystem error and retry.`,
159
+ { cause: err },
160
+ );
108
161
  } else {
109
162
  this.log.warn(`Failed to read stored version information: ${err}. Defaulting to empty version`);
110
163
  storedVersion = DatabaseVersion.empty();
@@ -159,10 +212,47 @@ export class DatabaseVersionManager<T> {
159
212
  await this.resetDataDirectory();
160
213
  }
161
214
 
162
- // Write the current version to disk
163
- await this.writeVersion();
215
+ // Open the database first, then record the version marker. Writing the marker only after a
216
+ // successful open makes it a post-commit record: if the process crashes between the reset and a
217
+ // durable open, no marker is left behind, so the next startup re-runs the reset instead of
218
+ // trusting a marker that sits over empty or partially-initialized data.
219
+ const instance = await this.onOpen(this.dataDirectory);
164
220
 
165
- return [await this.onOpen(this.dataDirectory), needsReset];
221
+ // Only (re)write the marker when it would actually change — first boot, reset, or upgrade. On a
222
+ // normal boot it already matches, so skipping avoids an unnecessary fsync (and the directory
223
+ // write permission the temp-file+rename needs) and, more importantly, any window where a
224
+ // marker-write failure would orphan the database we just opened.
225
+ if (!storedVersion.equals(this.currentVersion)) {
226
+ try {
227
+ await this.writeVersion();
228
+ } catch (err) {
229
+ // The database opened but recording the marker failed; close the freshly opened instance so
230
+ // we do not leak its file handles / locks before propagating the failure.
231
+ await this.closeQuietly(instance);
232
+ throw err;
233
+ }
234
+ }
235
+
236
+ return [instance, needsReset];
237
+ }
238
+
239
+ /**
240
+ * Best-effort close of a just-opened database instance, used to avoid leaking handles/locks when a
241
+ * post-open step fails. Swallows close errors so the original failure is the one that propagates.
242
+ */
243
+ private async closeQuietly(instance: T): Promise<void> {
244
+ const closable = instance as
245
+ | { close?: () => Promise<void> | void; [Symbol.asyncDispose]?: () => Promise<void> }
246
+ | undefined;
247
+ const dispose = closable?.close ?? closable?.[Symbol.asyncDispose];
248
+ if (typeof dispose !== 'function') {
249
+ return;
250
+ }
251
+ try {
252
+ await dispose.call(closable);
253
+ } catch (err) {
254
+ this.log.warn(`Failed to close database after version-write failure: ${err}`);
255
+ }
166
256
  }
167
257
 
168
258
  /**
@@ -25,8 +25,20 @@ export type BaseSignerConfig = {
25
25
  nodeId: string;
26
26
  /** How long to wait between polls when a duty is being signed (ms) */
27
27
  pollingIntervalMs: number;
28
- /** Maximum time to wait for a duty being signed to complete (ms) */
29
- signingTimeoutMs: number;
28
+ /**
29
+ * How long (ms) to wait for a peer node's in-progress signing before giving up and treating the
30
+ * duty as already handled. This is the cross-node wait/poll timeout, distinct from
31
+ * signerCallTimeoutMs (the hard upper bound on this node's own signer call).
32
+ */
33
+ peerSigningTimeoutMs: number;
34
+ /**
35
+ * Hard upper bound (ms) on a single signer call made by this node. If the (possibly remote)
36
+ * signer does not return within this time, the call is aborted, the duty lock is released, and
37
+ * signing fails so it can be safely retried. The effective value is clamped to
38
+ * maxStuckDutiesAgeMs / 2 at construction, so a slow signer's lock is always released before
39
+ * stuck-duty cleanup could reclaim it. Defaults to 30_000 when unset.
40
+ */
41
+ signerCallTimeoutMs?: number;
30
42
  /** Maximum age of a stuck duty in ms (defaults to 2x hardcoded Aztec slot duration if not set) */
31
43
  maxStuckDutiesAgeMs?: number;
32
44
  /** Optional: clean up old duties after this many hours (disabled if not set) */
@@ -44,11 +56,16 @@ export const baseSignerConfigMappings: ConfigMappingsType<BaseSignerConfig> = {
44
56
  description: 'The number of ms to wait between polls when a duty is being signed',
45
57
  ...numberConfigHelper(100),
46
58
  },
47
- signingTimeoutMs: {
59
+ peerSigningTimeoutMs: {
48
60
  env: 'VALIDATOR_HA_SIGNING_TIMEOUT_MS',
49
- description: 'The maximum time to wait for a duty being signed to complete',
61
+ description: "How long to wait for a peer node's in-progress signing before giving up",
50
62
  ...numberConfigHelper(3_000),
51
63
  },
64
+ signerCallTimeoutMs: {
65
+ env: 'VALIDATOR_SIGNER_CALL_TIMEOUT_MS',
66
+ description: 'Hard upper bound in ms on a single signer call before it is aborted (default 30000)',
67
+ ...numberConfigHelper(30_000),
68
+ },
52
69
  maxStuckDutiesAgeMs: {
53
70
  env: 'VALIDATOR_HA_MAX_STUCK_DUTIES_AGE_MS',
54
71
  description: 'The maximum age of a stuck duty in ms (defaults to 2x Aztec slot duration)',
@@ -65,7 +82,8 @@ export const baseSignerConfigMappings: ConfigMappingsType<BaseSignerConfig> = {
65
82
  export const BaseSignerConfigSchema = z.object({
66
83
  nodeId: z.string(),
67
84
  pollingIntervalMs: z.number().min(0),
68
- signingTimeoutMs: z.number().min(0),
85
+ peerSigningTimeoutMs: z.number().min(0),
86
+ signerCallTimeoutMs: z.number().min(0).optional(),
69
87
  maxStuckDutiesAgeMs: z.number().min(0).optional(),
70
88
  cleanupOldDutiesAfterHours: z.number().min(0).optional(),
71
89
  ...pickL1ContractAddressesSchema('rollupAddress'),
@@ -1,4 +1,9 @@
1
- import { type ConfigMappingsType, getConfigFromMappings, optionalNumberConfigHelper } from '@aztec/foundation/config';
1
+ import {
2
+ type ConfigMappingsType,
3
+ booleanConfigHelper,
4
+ getConfigFromMappings,
5
+ optionalNumberConfigHelper,
6
+ } from '@aztec/foundation/config';
2
7
  import { zodFor } from '@aztec/foundation/schemas';
3
8
  import { type DataStoreConfig, dataConfigMappings } from '@aztec/stdlib/kv-store';
4
9
 
@@ -17,6 +22,12 @@ export type LocalSignerConfig = BaseSignerConfig &
17
22
  DataStoreConfig & {
18
23
  /** Maximum size of the local signing-protection LMDB store in KB. Overwrites the general dataStoreMapSizeKb. */
19
24
  signingProtectionMapSizeKb?: number;
25
+ /**
26
+ * Allow local signing protection to run against an ephemeral store when no data directory is set.
27
+ * Without this, a missing data directory fails startup, since ephemeral protection does not survive
28
+ * restarts. Intended for dev/test networks only; production validators must persist to disk.
29
+ */
30
+ allowEphemeralSigningProtection?: boolean;
20
31
  };
21
32
 
22
33
  export const localSignerConfigMappings: ConfigMappingsType<LocalSignerConfig> = {
@@ -28,6 +39,13 @@ export const localSignerConfigMappings: ConfigMappingsType<LocalSignerConfig> =
28
39
  'Maximum size of the local signing-protection LMDB store in KB. Overwrites the general dataStoreMapSizeKb.',
29
40
  ...optionalNumberConfigHelper(),
30
41
  },
42
+ allowEphemeralSigningProtection: {
43
+ env: 'VALIDATOR_ALLOW_EPHEMERAL_SIGNING_PROTECTION',
44
+ description:
45
+ 'Allow local signing protection to run against an ephemeral store when no data directory is set (dev/test only). ' +
46
+ 'Ephemeral protection does not survive restarts, so this is unsafe for production validators.',
47
+ ...booleanConfigHelper(false),
48
+ },
31
49
  };
32
50
 
33
51
  export const LocalSignerConfigSchema = zodFor<LocalSignerConfig>()(
@@ -35,6 +53,7 @@ export const LocalSignerConfigSchema = zodFor<LocalSignerConfig>()(
35
53
  dataDirectory: z.string().optional(),
36
54
  dataStoreMapSizeKb: z.number(),
37
55
  signingProtectionMapSizeKb: z.number().optional(),
56
+ allowEphemeralSigningProtection: z.boolean().optional(),
38
57
  }),
39
58
  );
40
59
 
@@ -96,6 +96,8 @@ export interface SequencerConfig {
96
96
  injectHighSValueAttestation?: boolean;
97
97
  /** Inject an attestation with an unrecoverable signature (for testing only) */
98
98
  injectUnrecoverableSignatureAttestation?: boolean;
99
+ /** Inject a non-proposer attestation slot in yParity (v ∈ {0, 1}) form in the packed L1 tuple (for testing only) */
100
+ injectYParityAttestation?: boolean;
99
101
  /** Whether to run in fisherman mode: builds blocks on every slot for validation without publishing */
100
102
  fishermanMode?: boolean;
101
103
  /** Shuffle attestation ordering to create invalid ordering (for testing only) */
@@ -165,6 +167,7 @@ export const SequencerConfigSchema = zodFor<SequencerConfig>()(
165
167
  injectFakeAttestation: z.boolean().optional(),
166
168
  injectHighSValueAttestation: z.boolean().optional(),
167
169
  injectUnrecoverableSignatureAttestation: z.boolean().optional(),
170
+ injectYParityAttestation: z.boolean().optional(),
168
171
  fishermanMode: z.boolean().optional(),
169
172
  shuffleAttestationOrdering: z.boolean().optional(),
170
173
  blockDurationMs: z.number().positive().optional(),
@@ -65,6 +65,20 @@ export interface ReadonlyWorldStateAccess {
65
65
 
66
66
  /** Defines the interface for a world state synchronizer. */
67
67
  export interface WorldStateSynchronizer extends ReadonlyWorldStateAccess, ForkMerkleTreeOperations {
68
+ /**
69
+ * Returns a read handle to the world state at `blockNumber`, but only after verifying that the block at that
70
+ * height is on the fork identified by `blockHash`. This pins the returned view to a specific fork so a reorg
71
+ * that replaced the block at `blockNumber` cannot be served silently, closing the gap between resolving a query
72
+ * and reading its snapshot.
73
+ *
74
+ * Rejects if the block at `blockNumber` does not match `blockHash` (a reorg), or if the block's hash cannot be
75
+ * read from the requested view. Both are transient from a caller's perspective: re-resolving the query against
76
+ * the current chain and retrying may succeed or produce a more precise error. However, if the block's history
77
+ * has been pruned away (it predates the oldest historical block kept by world state), the rejection is terminal:
78
+ * retrying cannot bring the data back.
79
+ */
80
+ getVerifiedSnapshot(blockNumber: BlockNumber, blockHash: BlockHash): Promise<MerkleTreeReadOperations>;
81
+
68
82
  /** Starts the synchronizer. */
69
83
  start(): Promise<void | PromiseWithResolvers<void>>;
70
84
 
@@ -50,11 +50,6 @@ export function deriveMasterFallbackSecretKey(secretKey: Fr): GrumpkinScalar {
50
50
  return sha512ToGrumpkinScalar([secretKey, DomainSeparator.FBSK_M]);
51
51
  }
52
52
 
53
- export function deriveSigningKey(secretKey: Fr): GrumpkinScalar {
54
- // TODO(#5837): come up with a standard signing key derivation scheme instead of using ivsk_m as signing keys here
55
- return sha512ToGrumpkinScalar([secretKey, DomainSeparator.IVSK_M]);
56
- }
57
-
58
53
  export function computePreaddress(publicKeysHash: Fr, partialAddress: Fr) {
59
54
  return poseidon2HashWithSeparator([publicKeysHash, partialAddress], DomainSeparator.CONTRACT_ADDRESS_V2);
60
55
  }
@@ -56,6 +56,18 @@ export class AppTaggingSecret {
56
56
  return new AppTaggingSecret(directionalAppTaggingSecret, app);
57
57
  }
58
58
 
59
+ /**
60
+ * Derives the bare app-siloed tagging secret from a shared secret point via {@link appSiloEcdhSharedSecretPoint},
61
+ * under the given delivery-mode kind.
62
+ */
63
+ static async computeAppSiloed(
64
+ taggingSecretPoint: Point,
65
+ app: AztecAddress,
66
+ kind: AppTaggingSecretKind,
67
+ ): Promise<AppTaggingSecret> {
68
+ return new AppTaggingSecret(await appSiloEcdhSharedSecretPoint(taggingSecretPoint, app), app, kind);
69
+ }
70
+
59
71
  /**
60
72
  * Derives the tagging secret for `(externalAddress, recipient, app)` by performing an ECDH key exchange against
61
73
  * `externalAddress` to obtain the shared point, then siloing and directing it via {@link computeDirectional}.
package/src/logs/index.ts CHANGED
@@ -5,13 +5,11 @@ export * from './tagging_index_range.js';
5
5
  export * from './contract_class_log.js';
6
6
  export * from './public_log.js';
7
7
  export * from './private_log.js';
8
- export * from './pending_tagged_log.js';
9
8
  export * from './log_result.js';
10
9
  export * from './log_cursor.js';
11
10
  export * from './logs_query.js';
12
11
  export * from './query_all_logs_by_tags.js';
13
12
  export * from './shared_secret_derivation.js';
14
- export * from './message_context.js';
15
13
  export * from './debug_log.js';
16
14
  export * from './debug_log_store.js';
17
15
  export * from './tag.js';
@@ -8,8 +8,22 @@ import type { AztecAddress } from '../aztec-address/index.js';
8
8
  import type { PublicKey } from '../keys/public_key.js';
9
9
 
10
10
  /**
11
- * Derives an app-siloed ECDH shared secret from keys: ECDHs `S = secretKey * publicKey`, then app-silos it via
12
- * {@link appSiloEcdhSharedSecretPoint}.
11
+ * Derives the raw ECDH shared secret point `S = secretKey * publicKey`.
12
+ *
13
+ * @throws If the publicKey is zero.
14
+ */
15
+ export function deriveEcdhSharedSecretPoint(secretKey: GrumpkinScalar, publicKey: PublicKey): Promise<Point> {
16
+ if (publicKey.isZero()) {
17
+ throw new Error(
18
+ `Attempting to derive a shared secret with a zero public key. You have probably passed a zero public key in your Noir code somewhere thinking that the note won't be broadcast... but it was.`,
19
+ );
20
+ }
21
+ return Grumpkin.mul(publicKey, secretKey);
22
+ }
23
+
24
+ /**
25
+ * Derives an app-siloed ECDH shared secret from keys: ECDHs `S = secretKey * publicKey` via
26
+ * {@link deriveEcdhSharedSecretPoint}, then app-silos it via {@link appSiloEcdhSharedSecretPoint}.
13
27
  *
14
28
  * @param secretKey - The secret key used to derive shared secret.
15
29
  * @param publicKey - The public key used to derive shared secret.
@@ -22,12 +36,7 @@ export async function appSiloEcdhSharedSecret(
22
36
  publicKey: PublicKey,
23
37
  contractAddress: AztecAddress,
24
38
  ): Promise<Fr> {
25
- if (publicKey.isZero()) {
26
- throw new Error(
27
- `Attempting to derive a shared secret with a zero public key. You have probably passed a zero public key in your Noir code somewhere thinking that the note won't be broadcast... but it was.`,
28
- );
29
- }
30
- const rawSharedSecret = await Grumpkin.mul(publicKey, secretKey);
39
+ const rawSharedSecret = await deriveEcdhSharedSecretPoint(secretKey, publicKey);
31
40
  return appSiloEcdhSharedSecretPoint(rawSharedSecret, contractAddress);
32
41
  }
33
42
 
@@ -112,6 +112,15 @@ export function getHashedSignaturePayloadTypedData(signable: Signable): Buffer32
112
112
  return Buffer32.fromString(hashTypedData(getCoordinationSignatureTypedData(signable)));
113
113
  }
114
114
 
115
+ /**
116
+ * Recovers the sender of a gossiped coordination message. Deliberately lenient (allowYParityAsV): a
117
+ * signature whose recovery byte is in yParity form (v ∈ {0, 1}) still resolves to its sender, so the P2P
118
+ * layer can attribute and accept it and then canonicalize on ingress (CheckpointAttestation.
119
+ * withNormalizedSignature, A-1351) before it reaches the L1 bundle. This is intentionally looser than
120
+ * on-chain checkpoint validation (getAttestationInfoFromPayload), which recovers strictly to mirror L1's
121
+ * ECDSA.recover — do not unify the two. These proposal/attestation signatures are P2P-only and never reach
122
+ * L1 verbatim, so leniency here cannot leak a non-canonical byte onto L1.
123
+ */
115
124
  export function recoverCoordinationSigner(signable: Signable, signature: Signature): EthAddress | undefined {
116
125
  const digest = getHashedSignaturePayloadTypedData(signable);
117
126
  return tryRecoverAddress(digest, signature, { allowYParityAsV: true });
@@ -1,17 +0,0 @@
1
- import type { Fr } from '@aztec/foundation/curves/bn254';
2
- import type { TxHash } from '../tx/tx_hash.js';
3
- /**
4
- * Additional information needed to process a message.
5
- *
6
- * All messages exist in the context of a transaction, and information about that transaction is typically required
7
- * in order to perform validation, store results, etc. For example, messages containing notes require knowledge of note
8
- * hashes and the first nullifier in order to find the note's nonce.
9
- *
10
- * A TS version of `message_context.nr`.
11
- */
12
- export type MessageContext = {
13
- txHash: TxHash;
14
- uniqueNoteHashesInTx: Fr[];
15
- firstNullifierInTx: Fr;
16
- };
17
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWVzc2FnZV9jb250ZXh0LmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvbG9ncy9tZXNzYWdlX2NvbnRleHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsRUFBRSxFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFFekQsT0FBTyxLQUFLLEVBQUUsTUFBTSxFQUFFLE1BQU0sa0JBQWtCLENBQUM7QUFFL0M7Ozs7Ozs7O0dBUUc7QUFDSCxNQUFNLE1BQU0sY0FBYyxHQUFHO0lBQzNCLE1BQU0sRUFBRSxNQUFNLENBQUM7SUFDZixvQkFBb0IsRUFBRSxFQUFFLEVBQUUsQ0FBQztJQUMzQixrQkFBa0IsRUFBRSxFQUFFLENBQUM7Q0FDeEIsQ0FBQyJ9
@@ -1 +0,0 @@
1
- {"version":3,"file":"message_context.d.ts","sourceRoot":"","sources":["../../src/logs/message_context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AAEzD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAE/C;;;;;;;;GAQG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,oBAAoB,EAAE,EAAE,EAAE,CAAC;IAC3B,kBAAkB,EAAE,EAAE,CAAC;CACxB,CAAC"}
@@ -1,9 +0,0 @@
1
- /**
2
- * Additional information needed to process a message.
3
- *
4
- * All messages exist in the context of a transaction, and information about that transaction is typically required
5
- * in order to perform validation, store results, etc. For example, messages containing notes require knowledge of note
6
- * hashes and the first nullifier in order to find the note's nonce.
7
- *
8
- * A TS version of `message_context.nr`.
9
- */ export { };
@@ -1,11 +0,0 @@
1
- import type { Fr } from '@aztec/foundation/curves/bn254';
2
- import type { MessageContext } from './message_context.js';
3
- /**
4
- * Represents a pending tagged log as it is stored in the pending tagged log array to which the fetchTaggedLogs oracle
5
- * inserts found private logs. A TS version of `pending_tagged_log.nr`.
6
- */
7
- export type PendingTaggedLog = {
8
- log: Fr[];
9
- context: MessageContext;
10
- };
11
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGVuZGluZ190YWdnZWRfbG9nLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvbG9ncy9wZW5kaW5nX3RhZ2dlZF9sb2cudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsRUFBRSxFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFFekQsT0FBTyxLQUFLLEVBQUUsY0FBYyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFFM0Q7OztHQUdHO0FBQ0gsTUFBTSxNQUFNLGdCQUFnQixHQUFHO0lBQzdCLEdBQUcsRUFBRSxFQUFFLEVBQUUsQ0FBQztJQUNWLE9BQU8sRUFBRSxjQUFjLENBQUM7Q0FDekIsQ0FBQyJ9
@@ -1 +0,0 @@
1
- {"version":3,"file":"pending_tagged_log.d.ts","sourceRoot":"","sources":["../../src/logs/pending_tagged_log.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AAEzD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAE3D;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,EAAE,EAAE,CAAC;IACV,OAAO,EAAE,cAAc,CAAC;CACzB,CAAC"}
@@ -1,4 +0,0 @@
1
- /**
2
- * Represents a pending tagged log as it is stored in the pending tagged log array to which the fetchTaggedLogs oracle
3
- * inserts found private logs. A TS version of `pending_tagged_log.nr`.
4
- */ export { };
@@ -1,18 +0,0 @@
1
- import type { Fr } from '@aztec/foundation/curves/bn254';
2
-
3
- import type { TxHash } from '../tx/tx_hash.js';
4
-
5
- /**
6
- * Additional information needed to process a message.
7
- *
8
- * All messages exist in the context of a transaction, and information about that transaction is typically required
9
- * in order to perform validation, store results, etc. For example, messages containing notes require knowledge of note
10
- * hashes and the first nullifier in order to find the note's nonce.
11
- *
12
- * A TS version of `message_context.nr`.
13
- */
14
- export type MessageContext = {
15
- txHash: TxHash;
16
- uniqueNoteHashesInTx: Fr[];
17
- firstNullifierInTx: Fr;
18
- };
@@ -1,12 +0,0 @@
1
- import type { Fr } from '@aztec/foundation/curves/bn254';
2
-
3
- import type { MessageContext } from './message_context.js';
4
-
5
- /**
6
- * Represents a pending tagged log as it is stored in the pending tagged log array to which the fetchTaggedLogs oracle
7
- * inserts found private logs. A TS version of `pending_tagged_log.nr`.
8
- */
9
- export type PendingTaggedLog = {
10
- log: Fr[];
11
- context: MessageContext;
12
- };