feat: constraining note owner #1896
Conversation
benesjan
force-pushed
the
janb/constraining-note-owner
branch
2 times, most recently
from
2d88bf2 to
9d3329c
Compare
benesjan
force-pushed
the
janb/constraining-note-owner
branch
4 times, most recently
from
689d8e8 to
1d1d5de
Compare
There was a problem hiding this comment.
Looks good @benesjan, but I'd move the constrain to within the get_secret_key call. Not only to remove code duplication, but I think it's good practice if we can expose to the user functions that already constrain their result (like we're doing with get_public_key) so they don't have to it themselves and risk forgetting it.
That aside, I also wanted to ask: why flipping secret's high and low in this PR? I believe we usually go big-endian, which would mean serialising high first, right?
|
Thank you for the review @spalladino .
Great idea. Will address.
I initially followed the big endian but then @kevaundray flipped it here so I flipped it in aztec-packages as well so that it's consistent. I guess in crypto they are used to having it like that. |
I can open up an issue to make barretenberg use little endian everywhere, because I believe in some places it may use little endian and in others it will use big endian (There might be reason for this -- haven't checked) |
benesjan
force-pushed
the
janb/constraining-note-owner
branch
2 times, most recently
from
42bed94 to
ec36e8e
Compare
| unconstrained fn get_secret_key(owner: Field) -> dep::std::grumpkin_scalar::GrumpkinScalar { |
There was a problem hiding this comment.
Heads up that all this logic is within an unconstrained function, meaning the assertions will not be enforced by the circuit (I'm wondering if this should be a compile error?). You probably want an unconstrained function that just wraps the oracle call, and then a non-unconstrained one that calls get_public_key, computes it from the secret, and runs the assertion (like in get_public_key.nr).
benesjan
force-pushed
the
janb/constraining-note-owner
branch
from
99d218d to
805d9fc
Compare
benesjan
force-pushed
the
janb/constraining-note-owner
branch
from
8ff6e57 to
389787c
Compare
benesjan
force-pushed
the
janb/constraining-note-owner
branch
from
389787c to
9e2e8b9
Compare
🤖 I have created a release *beep* *boop* --- <details><summary>aztec-packages: 0.7.3</summary> ## [0.7.3](aztec-packages-v0.7.2...aztec-packages-v0.7.3) (2023-09-15) ### Features * Constraining note owner ([#1896](#1896)) ([cb25bc9](cb25bc9)), closes [#1817](#1817) ### Bug Fixes * **build:** Navigate to correct directory for publishing ([#2318](#2318)) ([f555356](f555356)) * Use bool for set_minter ([#2313](#2313)) ([5b18f9e](5b18f9e)) </details> <details><summary>barretenberg.js: 0.7.3</summary> ## [0.7.3](barretenberg.js-v0.7.2...barretenberg.js-v0.7.3) (2023-09-15) ### Miscellaneous * **barretenberg.js:** Synchronize aztec-packages versions </details> <details><summary>barretenberg: 0.7.3</summary> ## [0.7.3](barretenberg-v0.7.2...barretenberg-v0.7.3) (2023-09-15) ### Miscellaneous * **barretenberg:** Synchronize aztec-packages versions </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Fixes #1817
Checklist:
Remove the checklist to signal you've completed it. Enable auto-merge if the PR is ready to merge.