@aztec/stdlib 5.0.0-nightly.20260707 → 5.0.0-nightly.20260708
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dest/block/attestation_info.d.ts +1 -1
- package/dest/block/attestation_info.d.ts.map +1 -1
- package/dest/block/attestation_info.js +7 -4
- package/dest/block/l2_block_source.d.ts +13 -2
- package/dest/block/l2_block_source.d.ts.map +1 -1
- package/dest/block/l2_block_source.js +5 -0
- package/dest/block/proposal/attestations_and_signers.d.ts +19 -1
- package/dest/block/proposal/attestations_and_signers.d.ts.map +1 -1
- package/dest/block/proposal/attestations_and_signers.js +37 -1
- package/dest/block/validate_block_result.d.ts +16 -1
- package/dest/block/validate_block_result.d.ts.map +1 -1
- package/dest/block/validate_block_result.js +18 -3
- package/dest/config/network-consensus-config.d.ts +1 -1
- package/dest/config/network-consensus-config.d.ts.map +1 -1
- package/dest/config/network-consensus-config.js +2 -10
- package/dest/database-version/version_manager.d.ts +18 -4
- package/dest/database-version/version_manager.d.ts.map +1 -1
- package/dest/database-version/version_manager.js +76 -6
- package/dest/ha-signing/config.d.ts +19 -5
- package/dest/ha-signing/config.d.ts.map +1 -1
- package/dest/ha-signing/config.js +9 -3
- package/dest/ha-signing/local_config.d.ts +10 -2
- package/dest/ha-signing/local_config.d.ts.map +1 -1
- package/dest/ha-signing/local_config.js +8 -2
- package/dest/interfaces/aztec-node-admin.d.ts +5 -2
- package/dest/interfaces/aztec-node-admin.d.ts.map +1 -1
- package/dest/interfaces/configs.d.ts +4 -1
- package/dest/interfaces/configs.d.ts.map +1 -1
- package/dest/interfaces/configs.js +1 -0
- package/dest/interfaces/validator.d.ts +7 -3
- package/dest/interfaces/validator.d.ts.map +1 -1
- package/dest/interfaces/world_state.d.ts +14 -1
- package/dest/interfaces/world_state.d.ts.map +1 -1
- package/dest/logs/app_tagging_secret.d.ts +6 -1
- package/dest/logs/app_tagging_secret.d.ts.map +1 -1
- package/dest/logs/app_tagging_secret.js +6 -0
- package/dest/logs/shared_secret_derivation.d.ts +9 -3
- package/dest/logs/shared_secret_derivation.d.ts.map +1 -1
- package/dest/logs/shared_secret_derivation.js +13 -6
- package/dest/p2p/signature_utils.d.ts +10 -1
- package/dest/p2p/signature_utils.d.ts.map +1 -1
- package/dest/p2p/signature_utils.js +9 -1
- package/package.json +8 -8
- package/src/block/attestation_info.ts +7 -2
- package/src/block/l2_block_source.ts +13 -2
- package/src/block/proposal/attestations_and_signers.ts +43 -1
- package/src/block/validate_block_result.ts +48 -2
- package/src/config/network-consensus-config.ts +2 -13
- package/src/database-version/version_manager.ts +96 -6
- package/src/ha-signing/config.ts +23 -5
- package/src/ha-signing/local_config.ts +20 -1
- package/src/interfaces/configs.ts +3 -0
- package/src/interfaces/world_state.ts +14 -0
- package/src/logs/app_tagging_secret.ts +12 -0
- package/src/logs/shared_secret_derivation.ts +17 -8
- package/src/p2p/signature_utils.ts +9 -0
|
@@ -1,4 +1,9 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import {
|
|
2
|
+
type ConfigMappingsType,
|
|
3
|
+
booleanConfigHelper,
|
|
4
|
+
getConfigFromMappings,
|
|
5
|
+
optionalNumberConfigHelper,
|
|
6
|
+
} from '@aztec/foundation/config';
|
|
2
7
|
import { zodFor } from '@aztec/foundation/schemas';
|
|
3
8
|
import { type DataStoreConfig, dataConfigMappings } from '@aztec/stdlib/kv-store';
|
|
4
9
|
|
|
@@ -17,6 +22,12 @@ export type LocalSignerConfig = BaseSignerConfig &
|
|
|
17
22
|
DataStoreConfig & {
|
|
18
23
|
/** Maximum size of the local signing-protection LMDB store in KB. Overwrites the general dataStoreMapSizeKb. */
|
|
19
24
|
signingProtectionMapSizeKb?: number;
|
|
25
|
+
/**
|
|
26
|
+
* Allow local signing protection to run against an ephemeral store when no data directory is set.
|
|
27
|
+
* Without this, a missing data directory fails startup, since ephemeral protection does not survive
|
|
28
|
+
* restarts. Intended for dev/test networks only; production validators must persist to disk.
|
|
29
|
+
*/
|
|
30
|
+
allowEphemeralSigningProtection?: boolean;
|
|
20
31
|
};
|
|
21
32
|
|
|
22
33
|
export const localSignerConfigMappings: ConfigMappingsType<LocalSignerConfig> = {
|
|
@@ -28,6 +39,13 @@ export const localSignerConfigMappings: ConfigMappingsType<LocalSignerConfig> =
|
|
|
28
39
|
'Maximum size of the local signing-protection LMDB store in KB. Overwrites the general dataStoreMapSizeKb.',
|
|
29
40
|
...optionalNumberConfigHelper(),
|
|
30
41
|
},
|
|
42
|
+
allowEphemeralSigningProtection: {
|
|
43
|
+
env: 'VALIDATOR_ALLOW_EPHEMERAL_SIGNING_PROTECTION',
|
|
44
|
+
description:
|
|
45
|
+
'Allow local signing protection to run against an ephemeral store when no data directory is set (dev/test only). ' +
|
|
46
|
+
'Ephemeral protection does not survive restarts, so this is unsafe for production validators.',
|
|
47
|
+
...booleanConfigHelper(false),
|
|
48
|
+
},
|
|
31
49
|
};
|
|
32
50
|
|
|
33
51
|
export const LocalSignerConfigSchema = zodFor<LocalSignerConfig>()(
|
|
@@ -35,6 +53,7 @@ export const LocalSignerConfigSchema = zodFor<LocalSignerConfig>()(
|
|
|
35
53
|
dataDirectory: z.string().optional(),
|
|
36
54
|
dataStoreMapSizeKb: z.number(),
|
|
37
55
|
signingProtectionMapSizeKb: z.number().optional(),
|
|
56
|
+
allowEphemeralSigningProtection: z.boolean().optional(),
|
|
38
57
|
}),
|
|
39
58
|
);
|
|
40
59
|
|
|
@@ -96,6 +96,8 @@ export interface SequencerConfig {
|
|
|
96
96
|
injectHighSValueAttestation?: boolean;
|
|
97
97
|
/** Inject an attestation with an unrecoverable signature (for testing only) */
|
|
98
98
|
injectUnrecoverableSignatureAttestation?: boolean;
|
|
99
|
+
/** Inject a non-proposer attestation slot in yParity (v ∈ {0, 1}) form in the packed L1 tuple (for testing only) */
|
|
100
|
+
injectYParityAttestation?: boolean;
|
|
99
101
|
/** Whether to run in fisherman mode: builds blocks on every slot for validation without publishing */
|
|
100
102
|
fishermanMode?: boolean;
|
|
101
103
|
/** Shuffle attestation ordering to create invalid ordering (for testing only) */
|
|
@@ -165,6 +167,7 @@ export const SequencerConfigSchema = zodFor<SequencerConfig>()(
|
|
|
165
167
|
injectFakeAttestation: z.boolean().optional(),
|
|
166
168
|
injectHighSValueAttestation: z.boolean().optional(),
|
|
167
169
|
injectUnrecoverableSignatureAttestation: z.boolean().optional(),
|
|
170
|
+
injectYParityAttestation: z.boolean().optional(),
|
|
168
171
|
fishermanMode: z.boolean().optional(),
|
|
169
172
|
shuffleAttestationOrdering: z.boolean().optional(),
|
|
170
173
|
blockDurationMs: z.number().positive().optional(),
|
|
@@ -65,6 +65,20 @@ export interface ReadonlyWorldStateAccess {
|
|
|
65
65
|
|
|
66
66
|
/** Defines the interface for a world state synchronizer. */
|
|
67
67
|
export interface WorldStateSynchronizer extends ReadonlyWorldStateAccess, ForkMerkleTreeOperations {
|
|
68
|
+
/**
|
|
69
|
+
* Returns a read handle to the world state at `blockNumber`, but only after verifying that the block at that
|
|
70
|
+
* height is on the fork identified by `blockHash`. This pins the returned view to a specific fork so a reorg
|
|
71
|
+
* that replaced the block at `blockNumber` cannot be served silently, closing the gap between resolving a query
|
|
72
|
+
* and reading its snapshot.
|
|
73
|
+
*
|
|
74
|
+
* Rejects if the block at `blockNumber` does not match `blockHash` (a reorg), or if the block's hash cannot be
|
|
75
|
+
* read from the requested view. Both are transient from a caller's perspective: re-resolving the query against
|
|
76
|
+
* the current chain and retrying may succeed or produce a more precise error. However, if the block's history
|
|
77
|
+
* has been pruned away (it predates the oldest historical block kept by world state), the rejection is terminal:
|
|
78
|
+
* retrying cannot bring the data back.
|
|
79
|
+
*/
|
|
80
|
+
getVerifiedSnapshot(blockNumber: BlockNumber, blockHash: BlockHash): Promise<MerkleTreeReadOperations>;
|
|
81
|
+
|
|
68
82
|
/** Starts the synchronizer. */
|
|
69
83
|
start(): Promise<void | PromiseWithResolvers<void>>;
|
|
70
84
|
|
|
@@ -56,6 +56,18 @@ export class AppTaggingSecret {
|
|
|
56
56
|
return new AppTaggingSecret(directionalAppTaggingSecret, app);
|
|
57
57
|
}
|
|
58
58
|
|
|
59
|
+
/**
|
|
60
|
+
* Derives the bare app-siloed tagging secret from a shared secret point via {@link appSiloEcdhSharedSecretPoint},
|
|
61
|
+
* under the given delivery-mode kind.
|
|
62
|
+
*/
|
|
63
|
+
static async computeAppSiloed(
|
|
64
|
+
taggingSecretPoint: Point,
|
|
65
|
+
app: AztecAddress,
|
|
66
|
+
kind: AppTaggingSecretKind,
|
|
67
|
+
): Promise<AppTaggingSecret> {
|
|
68
|
+
return new AppTaggingSecret(await appSiloEcdhSharedSecretPoint(taggingSecretPoint, app), app, kind);
|
|
69
|
+
}
|
|
70
|
+
|
|
59
71
|
/**
|
|
60
72
|
* Derives the tagging secret for `(externalAddress, recipient, app)` by performing an ECDH key exchange against
|
|
61
73
|
* `externalAddress` to obtain the shared point, then siloing and directing it via {@link computeDirectional}.
|
|
@@ -8,8 +8,22 @@ import type { AztecAddress } from '../aztec-address/index.js';
|
|
|
8
8
|
import type { PublicKey } from '../keys/public_key.js';
|
|
9
9
|
|
|
10
10
|
/**
|
|
11
|
-
* Derives
|
|
12
|
-
*
|
|
11
|
+
* Derives the raw ECDH shared secret point `S = secretKey * publicKey`.
|
|
12
|
+
*
|
|
13
|
+
* @throws If the publicKey is zero.
|
|
14
|
+
*/
|
|
15
|
+
export function deriveEcdhSharedSecretPoint(secretKey: GrumpkinScalar, publicKey: PublicKey): Promise<Point> {
|
|
16
|
+
if (publicKey.isZero()) {
|
|
17
|
+
throw new Error(
|
|
18
|
+
`Attempting to derive a shared secret with a zero public key. You have probably passed a zero public key in your Noir code somewhere thinking that the note won't be broadcast... but it was.`,
|
|
19
|
+
);
|
|
20
|
+
}
|
|
21
|
+
return Grumpkin.mul(publicKey, secretKey);
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
/**
|
|
25
|
+
* Derives an app-siloed ECDH shared secret from keys: ECDHs `S = secretKey * publicKey` via
|
|
26
|
+
* {@link deriveEcdhSharedSecretPoint}, then app-silos it via {@link appSiloEcdhSharedSecretPoint}.
|
|
13
27
|
*
|
|
14
28
|
* @param secretKey - The secret key used to derive shared secret.
|
|
15
29
|
* @param publicKey - The public key used to derive shared secret.
|
|
@@ -22,12 +36,7 @@ export async function appSiloEcdhSharedSecret(
|
|
|
22
36
|
publicKey: PublicKey,
|
|
23
37
|
contractAddress: AztecAddress,
|
|
24
38
|
): Promise<Fr> {
|
|
25
|
-
|
|
26
|
-
throw new Error(
|
|
27
|
-
`Attempting to derive a shared secret with a zero public key. You have probably passed a zero public key in your Noir code somewhere thinking that the note won't be broadcast... but it was.`,
|
|
28
|
-
);
|
|
29
|
-
}
|
|
30
|
-
const rawSharedSecret = await Grumpkin.mul(publicKey, secretKey);
|
|
39
|
+
const rawSharedSecret = await deriveEcdhSharedSecretPoint(secretKey, publicKey);
|
|
31
40
|
return appSiloEcdhSharedSecretPoint(rawSharedSecret, contractAddress);
|
|
32
41
|
}
|
|
33
42
|
|
|
@@ -112,6 +112,15 @@ export function getHashedSignaturePayloadTypedData(signable: Signable): Buffer32
|
|
|
112
112
|
return Buffer32.fromString(hashTypedData(getCoordinationSignatureTypedData(signable)));
|
|
113
113
|
}
|
|
114
114
|
|
|
115
|
+
/**
|
|
116
|
+
* Recovers the sender of a gossiped coordination message. Deliberately lenient (allowYParityAsV): a
|
|
117
|
+
* signature whose recovery byte is in yParity form (v ∈ {0, 1}) still resolves to its sender, so the P2P
|
|
118
|
+
* layer can attribute and accept it and then canonicalize on ingress (CheckpointAttestation.
|
|
119
|
+
* withNormalizedSignature, A-1351) before it reaches the L1 bundle. This is intentionally looser than
|
|
120
|
+
* on-chain checkpoint validation (getAttestationInfoFromPayload), which recovers strictly to mirror L1's
|
|
121
|
+
* ECDSA.recover — do not unify the two. These proposal/attestation signatures are P2P-only and never reach
|
|
122
|
+
* L1 verbatim, so leniency here cannot leak a non-canonical byte onto L1.
|
|
123
|
+
*/
|
|
115
124
|
export function recoverCoordinationSigner(signable: Signable, signature: Signature): EthAddress | undefined {
|
|
116
125
|
const digest = getHashedSignaturePayloadTypedData(signable);
|
|
117
126
|
return tryRecoverAddress(digest, signature, { allowYParityAsV: true });
|