Merge branch 'master' into dan/auto-copy-box-artifacts

barretenberg/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/barretenberg
 	branch = master
-	commit = 4c74b0e241523a4d9669fe96280a6d6f6adb1912
-	parent = 5a1ad1f39c1bf9c3408bde6d9030113bf5bdd75e
+	commit = a635b1b79a02a6c57c67ce7ea9c94a3de274961f
+	parent = a91e9f18eb6615b4616bcc50d0b73cebde4a901e
 	method = merge
 	cmdver = 0.4.6

barretenberg/cpp/src/barretenberg/honk/transcript/transcript.hpp

@@ -71,32 +71,46 @@ template <typename FF> class BaseTranscript {
   private:
     static constexpr size_t MIN_BYTES_PER_CHALLENGE = 128 / 8; // 128 bit challenges
 
-    size_t round_number = 0;
+    size_t round_number = 0;        // current round for manifest
+    bool is_first_challenge = true; // indicates if this is the first challenge this transcript is generating
     std::array<uint8_t, HASH_OUTPUT_SIZE> previous_challenge_buffer{}; // default-initialized to zeros
     std::vector<uint8_t> current_round_data;
 
     // "Manifest" object that records a summary of the transcript interactions
     TranscriptManifest manifest;
 
     /**
-     * @brief Compute c_next = H( Compress(c_prev || round_buffer) )
-     *
+     * @brief Compute next challenge c_next = H( Compress(c_prev || round_buffer) )
+     * @details This function computes a new challenge for the current round using the previous challenge
+     * and the current round data, if they are exist. It clears the current_round_data if nonempty after
+     * computing the challenge to minimize how much we compress. It also sets previous_challenge_buffer
+     * to the current challenge buffer to set up next function call.
      * @return std::array<uint8_t, HASH_OUTPUT_SIZE>
      */
-    [[nodiscard]] std::array<uint8_t, HASH_OUTPUT_SIZE> get_next_challenge_buffer() const
+    [[nodiscard]] std::array<uint8_t, HASH_OUTPUT_SIZE> get_next_challenge_buffer()
     {
-        // Prevent challenge generation if nothing was sent by the prover.
-        ASSERT(!current_round_data.empty());
+        // Prevent challenge generation if this is the first challenge we're generating,
+        // AND nothing was sent by the prover.
+        if (is_first_challenge) {
+            ASSERT(!current_round_data.empty());
+        }
 
-        // concatenate the hash of the previous round (if not the first round) with the current round data.
+        // concatenate the previous challenge (if this is not the first challenge) with the current round data.
         // TODO(Adrian): Do we want to use a domain separator as the initial challenge buffer?
         // We could be cheeky and use the hash of the manifest as domain separator, which would prevent us from having
         // to domain separate all the data. (See https://safe-hash.dev)
         std::vector<uint8_t> full_buffer;
-        if (round_number > 0) {
+        if (!is_first_challenge) {
+            // if not the first challenge, we can use the previous_challenge_buffer
             full_buffer.insert(full_buffer.end(), previous_challenge_buffer.begin(), previous_challenge_buffer.end());
+        } else {
+            // Update is_first_challenge for the future
+            is_first_challenge = false;
+        }
+        if (!current_round_data.empty()) {
+            full_buffer.insert(full_buffer.end(), current_round_data.begin(), current_round_data.end());
+            current_round_data.clear(); // clear the round data buffer since it has been used
         }
-        full_buffer.insert(full_buffer.end(), current_round_data.begin(), current_round_data.end());
 
         // Pre-hash the full buffer to minimize the amount of data passed to the cryptographic hash function.
         // Only a collision-resistant hash-function like Pedersen is required for this step.
@@ -109,7 +123,8 @@ template <typename FF> class BaseTranscript {
 
         std::array<uint8_t, HASH_OUTPUT_SIZE> new_challenge_buffer;
         std::copy_n(base_hash.begin(), HASH_OUTPUT_SIZE, new_challenge_buffer.begin());
-
+        // update previous challenge buffer for next time we call this function
+        previous_challenge_buffer = new_challenge_buffer;
         return new_challenge_buffer;
     };
 
@@ -131,8 +146,11 @@ template <typename FF> class BaseTranscript {
   public:
     /**
      * @brief After all the prover messages have been sent, finalize the round by hashing all the data and then create
-     * the number of requested challenges which will be increasing powers of the first challenge.  Finally, reset the
-     * state in preparation for the next round.
+     * the number of requested challenges.
+     * @details Challenges are generated by iteratively hashing over the previous challenge, using
+     * get_next_challenge_buffer().
+     * TODO(#741): Optimizations for this function include generalizing type of hash, splitting hashes into
+     * multiple challenges.
      *
      * @param labels human-readable names for the challenges for the manifest
      * @return std::array<FF, num_challenges> challenges for this round.
@@ -145,26 +163,25 @@ template <typename FF> class BaseTranscript {
         manifest.add_challenge(round_number, labels...);
 
         // Compute the new challenge buffer from which we derive the challenges.
-        auto next_challenge_buffer = get_next_challenge_buffer();
 
         // Create challenges from bytes.
         std::array<FF, num_challenges> challenges{};
 
-        std::array<uint8_t, sizeof(FF)> field_element_buffer{};
-        std::copy_n(next_challenge_buffer.begin(), HASH_OUTPUT_SIZE, field_element_buffer.begin());
-
-        challenges[0] = from_buffer<FF>(field_element_buffer);
-
-        // TODO(#583): rework the transcript to have a better structure and be able to produce a variable amount of
-        // challenges that are not powers of each other
-        for (size_t i = 1; i < num_challenges; i++) {
-            challenges[i] = challenges[i - 1] * challenges[0];
+        // Generate the challenges by iteratively hashing over the previous challenge.
+        for (size_t i = 0; i < num_challenges; i++) {
+            auto next_challenge_buffer = get_next_challenge_buffer(); // get next challenge buffer
+            std::array<uint8_t, sizeof(FF)> field_element_buffer{};
+            // copy half of the hash to lower 128 bits of challenge
+            // Note: because of how read() from buffers to fields works (in field_declarations.hpp),
+            // we use the later half of the buffer
+            std::copy_n(next_challenge_buffer.begin(),
+                        HASH_OUTPUT_SIZE / 2,
+                        field_element_buffer.begin() + HASH_OUTPUT_SIZE / 2);
+            challenges[i] = from_buffer<FF>(field_element_buffer);
         }
 
         // Prepare for next round.
         ++round_number;
-        current_round_data.clear();
-        previous_challenge_buffer = next_challenge_buffer;
 
         return challenges;
     }

barretenberg/cpp/src/barretenberg/honk/transcript/transcript.test.cpp

@@ -139,8 +139,6 @@ TEST_F(UltraTranscriptTests, ProverManifestConsistency)
     auto manifest_expected = construct_ultra_honk_manifest(instance->proving_key->circuit_size);
     auto prover_manifest = prover.transcript.get_manifest();
     // Note: a manifest can be printed using manifest.print()
-    prover_manifest.print();
-    manifest_expected.print();
     for (size_t round = 0; round < manifest_expected.size(); ++round) {
         ASSERT_EQ(prover_manifest[round], manifest_expected[round]) << "Prover manifest discrepency in round " << round;
     }
@@ -171,9 +169,6 @@ TEST_F(UltraTranscriptTests, VerifierManifestConsistency)
     auto verifier = composer.create_verifier(instance);
     verifier.verify_proof(proof);
 
-    prover.transcript.print();
-    verifier.transcript.print();
-
     // Check consistency between the manifests generated by the prover and verifier
     auto prover_manifest = prover.transcript.get_manifest();
     auto verifier_manifest = verifier.transcript.get_manifest();
@@ -185,6 +180,30 @@ TEST_F(UltraTranscriptTests, VerifierManifestConsistency)
     }
 }
 
+/**
+ * @brief Check that multiple challenges can be generated and sanity check
+ * @details We generate 6 challenges that are each 128 bits, and check that they are not 0.
+ *
+ */
+TEST_F(UltraTranscriptTests, ChallengeGenerationTest)
+{
+    // initialized with random value sent to verifier
+    auto transcript = ProverTranscript<FF>::init_empty();
+    // test a bunch of challenges
+    auto challenges = transcript.get_challenges("a", "b", "c", "d", "e", "f");
+    // check they are not 0
+    for (size_t i = 0; i < challenges.size(); ++i) {
+        ASSERT_NE(challenges[i], 0) << "Challenge " << i << " is 0";
+    }
+    constexpr uint32_t random_val{ 17 }; // arbitrary
+    transcript.send_to_verifier("random val", random_val);
+    // test more challenges
+    auto [a, b, c] = transcript.get_challenges("a", "b", "c");
+    ASSERT_NE(a, 0) << "Challenge a is 0";
+    ASSERT_NE(b, 0) << "Challenge a is 0";
+    ASSERT_NE(b, 0) << "Challenge a is 0";
+}
+
 TEST_F(UltraTranscriptTests, FoldingManifestTest)
 {
     using Flavor = flavor::Ultra;
@@ -216,9 +235,6 @@ TEST_F(UltraTranscriptTests, FoldingManifestTest)
     auto prover_res = prover.fold_instances();
     verifier.fold_public_parameters(prover_res.folding_data);
 
-    prover.transcript.print();
-    verifier.transcript.print();
-
     // Check consistency between the manifests generated by the prover and verifier
     auto prover_manifest = prover.transcript.get_manifest();
     auto verifier_manifest = verifier.transcript.get_manifest();

build-system/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/build-system
 	branch = master
-	commit = 983c2a6858bcb1607bd05b6de467f925f57567f1
-	parent = fe4484a8b9eeb3c997650e94794b0db3b4f4e404
+	commit = 31b355e78cceb1094f4fde67459d6cabdbc077e7
+	parent = 68c1fab51e3a339032b719ce966ed34787f33dab
 	method = merge
 	cmdver = 0.4.6

docs/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/docs
 	branch = main
-	commit = 60cee89dc29293c6db4858e0751f7d8047ea82dc
-	parent = fe4484a8b9eeb3c997650e94794b0db3b4f4e404
+	commit = 2dcf08948bd56fa6bb673604b1c47099a5b2e2a5
+	parent = 68c1fab51e3a339032b719ce966ed34787f33dab
 	method = merge
 	cmdver = 0.4.6

yarn-project/acir-simulator/src/acvm/serialize.ts

@@ -2,6 +2,7 @@ import {
   CallContext,
   ContractDeploymentData,
   FunctionData,
+  GlobalVariables,
   HistoricBlockData,
   PrivateCallStackItem,
   PrivateCircuitPublicInputs,
@@ -33,12 +34,16 @@ function adaptBufferSize(originalBuf: Buffer) {
  * @param value - The value to convert.
  * @returns The ACVM field.
  */
-export function toACVMField(value: AztecAddress | EthAddress | Fr | Buffer | boolean | number | bigint): ACVMField {
+export function toACVMField(
+  value: AztecAddress | EthAddress | Fr | Buffer | boolean | number | bigint | ACVMField,
+): ACVMField {
   let buffer;
   if (Buffer.isBuffer(value)) {
     buffer = value;
   } else if (typeof value === 'boolean' || typeof value === 'number' || typeof value === 'bigint') {
     buffer = new Fr(value).toBuffer();
+  } else if (typeof value === 'string') {
+    buffer = Fr.fromString(value).toBuffer();
   } else {
     buffer = value.toBuffer();
   }
@@ -112,6 +117,20 @@ export function toACVMHistoricBlockData(historicBlockData: HistoricBlockData): A
   ];
 }
 
+/**
+ * Converts global variables into ACVM fields
+ * @param globalVariables - The global variables object to convert.
+ * @returns The ACVM fields
+ */
+export function toACVMGlobalVariables(globalVariables: GlobalVariables): ACVMField[] {
+  return [
+    toACVMField(globalVariables.chainId),
+    toACVMField(globalVariables.version),
+    toACVMField(globalVariables.blockNumber),
+    toACVMField(globalVariables.timestamp),
+  ];
+}
+
 /**
  * Converts the public inputs structure to ACVM fields.
  * @param publicInputs - The public inputs to convert.

yarn-project/acir-simulator/src/client/client_execution_context.ts

@@ -17,7 +17,13 @@ import { Fr, Point } from '@aztec/foundation/fields';
 import { createDebugLogger } from '@aztec/foundation/log';
 import { AuthWitness, FunctionL2Logs, NotePreimage, NoteSpendingInfo, UnencryptedL2Log } from '@aztec/types';
 
-import { NoteData, toACVMWitness } from '../acvm/index.js';
+import {
+  NoteData,
+  toACVMCallContext,
+  toACVMContractDeploymentData,
+  toACVMHistoricBlockData,
+  toACVMWitness,
+} from '../acvm/index.js';
 import { SideEffectCounter } from '../common/index.js';
 import { PackedArgsCache } from '../common/packed_args_cache.js';
 import { DBOracle } from './db_oracle.js';
@@ -83,22 +89,9 @@ export class ClientExecutionContext extends ViewDataOracle {
     const contractDeploymentData = this.txContext.contractDeploymentData;
 
     const fields = [
-      this.callContext.msgSender,
-      this.callContext.storageContractAddress,
-      this.callContext.portalContractAddress,
-      this.callContext.functionSelector.toField(),
-      this.callContext.isDelegateCall,
-      this.callContext.isStaticCall,
-      this.callContext.isContractDeployment,
-
-      ...this.historicBlockData.toArray(),
-
-      contractDeploymentData.deployerPublicKey.x,
-      contractDeploymentData.deployerPublicKey.y,
-      contractDeploymentData.constructorVkHash,
-      contractDeploymentData.functionTreeRoot,
-      contractDeploymentData.contractAddressSalt,
-      contractDeploymentData.portalContractAddress,
+      ...toACVMCallContext(this.callContext),
+      ...toACVMHistoricBlockData(this.historicBlockData),
+      ...toACVMContractDeploymentData(contractDeploymentData),
 
       this.txContext.chainId,
       this.txContext.version,

yarn-project/acir-simulator/src/public/public_execution_context.ts

@@ -5,7 +5,13 @@ import { Fr } from '@aztec/foundation/fields';
 import { createDebugLogger } from '@aztec/foundation/log';
 import { FunctionL2Logs, UnencryptedL2Log } from '@aztec/types';
 
-import { TypedOracle, toACVMWitness } from '../acvm/index.js';
+import {
+  TypedOracle,
+  toACVMCallContext,
+  toACVMGlobalVariables,
+  toACVMHistoricBlockData,
+  toACVMWitness,
+} from '../acvm/index.js';
 import { PackedArgsCache, SideEffectCounter } from '../common/index.js';
 import { CommitmentsDB, PublicContractsDB, PublicStateDB } from './db.js';
 import { PublicExecution, PublicExecutionResult } from './execution.js';
@@ -50,20 +56,9 @@ export class PublicExecutionContext extends TypedOracle {
   public getInitialWitness(witnessStartIndex = 1) {
     const { callContext, args } = this.execution;
     const fields = [
-      callContext.msgSender,
-      callContext.storageContractAddress,
-      callContext.portalContractAddress,
-      callContext.functionSelector.toField(),
-      callContext.isDelegateCall,
-      callContext.isStaticCall,
-      callContext.isContractDeployment,
-
-      ...this.historicBlockData.toArray(),
-
-      this.globalVariables.chainId,
-      this.globalVariables.version,
-      this.globalVariables.blockNumber,
-      this.globalVariables.timestamp,
+      ...toACVMCallContext(callContext),
+      ...toACVMHistoricBlockData(this.historicBlockData),
+      ...toACVMGlobalVariables(this.globalVariables),
 
       ...args,
     ];

yarn-project/aztec-nr/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/aztec-nr
 	branch = master
-	commit = c1c4151cb49a43e936d3373425b2c9d9276fa3ac
+	commit = 97da6f0e117115b91bcfb685a7b1f3a16f0110d9
 	method = merge
 	cmdver = 0.4.6
-	parent = fe4484a8b9eeb3c997650e94794b0db3b4f4e404
+	parent = 68c1fab51e3a339032b719ce966ed34787f33dab

yarn-project/aztec.js/src/account/contract/ecdsa_account_contract.ts

@@ -1,6 +1,6 @@
-import { Fr } from '@aztec/circuits.js';
 import { Ecdsa } from '@aztec/circuits.js/barretenberg';
 import { ContractAbi } from '@aztec/foundation/abi';
+import { Fr } from '@aztec/foundation/fields';
 import { AuthWitness, CompleteAddress } from '@aztec/types';
 
 import EcdsaAccountContractAbi from '../../abis/ecdsa_account_contract.json' assert { type: 'json' };

yarn-project/aztec.js/src/account/contract/schnorr_account_contract.ts

@@ -1,6 +1,6 @@
-import { Fr } from '@aztec/circuits.js';
 import { Schnorr } from '@aztec/circuits.js/barretenberg';
 import { ContractAbi } from '@aztec/foundation/abi';
+import { Fr } from '@aztec/foundation/fields';
 import { AuthWitness, CompleteAddress, GrumpkinPrivateKey } from '@aztec/types';
 
 import SchnorrAccountContractAbi from '../../abis/schnorr_account_contract.json' assert { type: 'json' };

yarn-project/aztec.js/src/account/contract/single_key_account_contract.ts

@@ -1,6 +1,7 @@
-import { Fr, PartialAddress } from '@aztec/circuits.js';
+import { PartialAddress } from '@aztec/circuits.js';
 import { Schnorr } from '@aztec/circuits.js/barretenberg';
 import { ContractAbi } from '@aztec/foundation/abi';
+import { Fr } from '@aztec/foundation/fields';
 import { AuthWitness, CompleteAddress, GrumpkinPrivateKey } from '@aztec/types';
 
 import SchnorrSingleKeyAccountContractAbi from '../../abis/schnorr_single_key_account_contract.json' assert { type: 'json' };

yarn-project/aztec.js/src/account/interface.ts

@@ -1,4 +1,4 @@
-import { Fr } from '@aztec/circuits.js';
+import { Fr } from '@aztec/foundation/fields';
 import { AuthWitness, CompleteAddress, FunctionCall, TxExecutionRequest } from '@aztec/types';
 
 // docs:start:account-interface

yarn-project/aztec.js/src/account/manager/index.ts

@@ -1,4 +1,5 @@
-import { Fr, PublicKey, getContractDeploymentInfo } from '@aztec/circuits.js';
+import { PublicKey, getContractDeploymentInfo } from '@aztec/circuits.js';
+import { Fr } from '@aztec/foundation/fields';
 import { CompleteAddress, GrumpkinPrivateKey, PXE } from '@aztec/types';
 
 import { AccountWallet, ContractDeployer, DeployMethod, WaitOpts, generatePublicKey } from '../../index.js';

yarn-project/aztec.js/src/sandbox/index.ts

@@ -1,4 +1,4 @@
-import { Fr, GrumpkinScalar } from '@aztec/circuits.js';
+import { Fr, GrumpkinScalar } from '@aztec/foundation/fields';
 import { sleep } from '@aztec/foundation/sleep';
 
 import zip from 'lodash.zip';

yarn-project/circuits.js/src/structs/kernel/previous_kernel_data.ts

@@ -1,9 +1,9 @@
+import { Fr } from '@aztec/foundation/fields';
 import { BufferReader, Tuple } from '@aztec/foundation/serialize';
 
 import { privateKernelDummyPreviousKernel } from '../../cbind/circuits.gen.js';
 import { CircuitsWasm, VK_TREE_HEIGHT, makeTuple } from '../../index.js';
 import { serializeToBuffer } from '../../utils/serialize.js';
-import { Fr } from '../index.js';
 import { Proof, makeEmptyProof } from '../proof.js';
 import { UInt32 } from '../shared.js';
 import { VerificationKey } from '../verification_key.js';