Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: private authwit with static call #7073

Merged
merged 8 commits into from
Jun 21, 2024

Conversation

LHerskind
Copy link
Contributor

@LHerskind LHerskind commented Jun 17, 2024

Updates the private authwit to use static calls instead. Without this, it is possible to re-enter using the authwits which is horrible.


The private authwit validation is now making a static call to the account contract instead of passing over control flow. This is to ensure that it cannot be used for re-entry.

To make this change however, we cannot allow emitting a nullifying from the account contract, since that would break the static call. Instead, we will be changing the verify_private_authwit to a verify_private_authwit and in the auth library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside the auth library, the token contract don't need to change much.

The biggest difference is related to "cancelling" an authwit. Since it is no longer in the account contract, you cannot just emit a nullifier from it anymore. Instead it must rely on the token contract providing functionality for cancelling.

There are also a few general changes to how authwits are generated, namely to more easily support the data required for a validity lookup now. Previously we could lookup the message_hash directly at the account contract, now we instead need to use the inner_hash and the contract of the consumer to figure out if it have already been emitted.

A minor extension have been made to the authwit creations to make it easier specific a hash that needs to be signed with a specific caller, e.g., the inner_hash can be provided as {consumer, inner_hash} to the createAuthWit where it previously needed to do a couple of manual steps to compute the outer hash. The computeOuterAuthWitHash have been amde internal and the computeAuthWitMessageHash can instead be used to compute the values similarly to other authwit computations.

const innerHash = computeInnerAuthWitHash([Fr.ZERO, functionSelector.toField(), entrypointPackedArgs.hash]);
-const outerHash = computeOuterAuthWitHash(
-    this.dappEntrypointAddress,
-    new Fr(this.chainId),
-    new Fr(this.version),
-    innerHash,
-);
+const outerHash = computeAuthWitMessageHash(
+    { consumer: this.dappEntrypointAddress, innerHash },
+    { chainId: new Fr(this.chainId), version: new Fr(this.version) },
+);

If the wallet is used to compute the authwit, it will populate the chain id and version instead of requiring it to be provided by tha actor.

const innerHash = computeInnerAuthWitHash([Fr.fromString('0xdead')]);
-const outerHash = computeOuterAuthWitHash(wallets[1].getAddress(), chainId, version, innerHash);
-const witness = await wallets[0].createAuthWit(outerHash);
+ const witness = await wallets[0].createAuthWit({ comsumer: accounts[1].address, inner_hash });

Copy link
Contributor Author

This stack of pull requests is managed by Graphite. Learn more about stacking.

Join @LHerskind and the rest of your teammates on Graphite Graphite

@LHerskind LHerskind changed the title feat: initial static call changes feat: private authwit with static call Jun 17, 2024
@AztecBot
Copy link
Collaborator

AztecBot commented Jun 17, 2024

Benchmark results

Metrics with a significant change:

  • avm_simulation_time_ms (Token:mint_public): 623 (+741%)
  • avm_simulation_time_ms (Token:assert_minter_and_mint): 74.5 (-66%)
  • protocol_circuit_witness_generation_time_in_ms (private-kernel-reset-small): 2,485 (+16%)
Detailed results

All benchmarks are run on txs on the Benchmarking contract on the repository. Each tx consists of a batch call to create_note and increment_balance, which guarantees that each tx has a private call, a nested private call, a public call, and a nested public call, as well as an emitted private note, an unencrypted log, and public storage read and write.

This benchmark source data is available in JSON format on S3 here.

Proof generation

Each column represents the number of threads used in proof generation.

Metric 1 threads 4 threads 16 threads 32 threads 64 threads
proof_construction_time_sha256_30_ms 11,493 (+1%) 3,113 (+1%) 1,702 (+8%) 1,426 (-10%) 1,455
proof_construction_time_sha256_100_ms 45,416 (+2%) 12,168 (+1%) 5,657 (-1%) 5,561 5,492
proof_construction_time_poseidon_hash_ms 79.0 (+1%) 34.0 34.0 57.0 (-2%) 87.0
proof_construction_time_poseidon_hash_30_ms 1,536 (+2%) 424 (+2%) 202 226 (+2%) 269 (+1%)
proof_construction_time_poseidon_hash_100_ms 5,815 (+2%) 1,592 (+1%) 728 (+1%) 775 805 (+1%)

L2 block published to L1

Each column represents the number of txs on an L2 block published to L1.

Metric 4 txs 8 txs 16 txs
l1_rollup_calldata_size_in_bytes 1,412 1,412 1,412
l1_rollup_calldata_gas 9,476 9,466 9,464
l1_rollup_execution_gas 610,297 610,287 610,285
l2_block_processing_time_in_ms 751 (+1%) 1,402 (+1%) 2,677 (+1%)
l2_block_building_time_in_ms 25,583 (+1%) 51,149 (+1%) 100,065 (+1%)
l2_block_rollup_simulation_time_in_ms 25,488 (+1%) 50,845 (+1%) 99,712 (+1%)
l2_block_public_tx_process_time_in_ms 21,887 (+1%) 47,060 95,982 (+1%)

L2 chain processing

Each column represents the number of blocks on the L2 chain where each block has 8 txs.

Metric 3 blocks 5 blocks
node_history_sync_time_in_ms 6,960 9,785
node_database_size_in_bytes 12,161,104 16,089,168
pxe_database_size_in_bytes 16,254 26,813

Circuits stats

Stats on running time and I/O sizes collected for every kernel circuit run across all benchmarks.

Circuit simulation_time_in_ms witness_generation_time_in_ms proving_time_in_ms input_size_in_bytes output_size_in_bytes proof_size_in_bytes num_public_inputs size_in_gates
private-kernel-init 130 (+1%) 501 12,379 (+3%) 20,634 67,190 92,352 2,819 524,288
private-kernel-inner 394 (+1%) 1,028 (-14%) 44,907 94,902 67,190 92,352 2,819 2,097,152
private-kernel-tail 371 1,856 45,960 99,121 71,733 14,912 399 2,097,152
base-parity 6.19 (-2%) 1,930 (-4%) 2,539 (-3%) 128 64.0 2,208 2.00 131,072
root-parity 49.3 47.8 (+1%) 33,570 (-2%) 27,100 64.0 2,720 18.0 2,097,152
base-rollup 7,923 4,384 71,978 170,330 756 3,648 47.0 4,194,304
root-rollup 112 62.6 (-3%) 19,361 (-1%) 25,309 620 3,456 41.0 1,048,576
public-kernel-setup 721 (-1%) 3,131 (-1%) 38,595 (-1%) 116,905 93,334 125,344 3,850 2,097,152
public-kernel-app-logic 615 4,189 (+1%) 40,259 (+1%) 116,905 93,334 125,344 3,850 2,097,152
public-kernel-tail 1,418 32,708 (+8%) 166,943 (+1%) 511,910 10,014 14,912 399 8,388,608
private-kernel-reset-small 595 (+1%) ⚠️ 2,485 (+16%) 41,634 (+2%) 123,313 67,190 92,352 2,819 2,097,152
public-kernel-teardown 616 4,206 (+1%) 40,534 116,905 93,334 125,344 3,850 2,097,152
merge-rollup 28.8 N/A N/A 16,542 756 N/A N/A N/A
private-kernel-tail-to-public N/A 7,172 (-1%) 84,650 N/A N/A 125,344 3,850 4,194,304

Stats on running time collected for app circuits

Function input_size_in_bytes output_size_in_bytes witness_generation_time_in_ms proof_size_in_bytes proving_time_in_ms size_in_gates num_public_inputs
ContractClassRegisterer:register 1,344 9,944 405 N/A N/A N/A N/A
ContractInstanceDeployer:deploy 1,408 9,944 40.7 N/A N/A N/A N/A
MultiCallEntrypoint:entrypoint 1,920 9,944 1,805 (+1%) N/A N/A N/A N/A
GasToken:deploy 1,376 9,944 980 N/A N/A N/A N/A
SchnorrAccount:constructor 1,312 9,944 1,463 (+1%) N/A N/A N/A N/A
SchnorrAccount:entrypoint 2,304 9,944 2,833 16,768 51,026 2,097,152 457
Token:privately_mint_private_note 1,280 9,944 1,736 N/A N/A N/A N/A
FPC:fee_entrypoint_public 1,344 9,944 374 (-6%) 16,768 10,619 (+3%) 524,288 457
Token:transfer 1,312 9,944 4,512 (-2%) 16,768 41,875 2,097,152 457
AuthRegistry:set_authorized (avm) 21,043 N/A N/A 87,200 1,720 (+7%) N/A N/A
Token:transfer_public (avm) 44,971 N/A N/A 87,865 4,120 (+1%) N/A N/A
AuthRegistry:consume (avm) 34,973 N/A N/A 87,616 2,864 N/A N/A
Benchmarking:create_note 1,344 9,944 1,400 (+1%) N/A N/A N/A N/A
SchnorrAccount:verify_private_authwit 1,280 9,944 73.6 N/A N/A N/A N/A
Token:unshield 1,376 9,944 3,584 N/A N/A N/A N/A
FPC:fee_entrypoint_private 1,376 9,944 4,521 N/A N/A N/A N/A

AVM Simulation

Time to simulate various public functions in the AVM.

Function time_ms bytecode_size_in_bytes
GasToken:_increase_public_balance 68.6 (+1%) 13,873
GasToken:set_portal 16.1 (-4%) 3,495
Token:constructor 93.2 (-3%) 24,207
FPC:constructor 62.8 (-1%) 13,893
GasToken:mint_public 53.3 (+1%) 10,241
Token:mint_public ⚠️ 623 (+741%) 19,216
Token:assert_minter_and_mint ⚠️ 74.5 (-66%) 13,034
AuthRegistry:set_authorized 32.8 7,869
FPC:prepare_fee 179 (+21%) 15,187
Token:transfer_public 37.7 (-8%) 31,425
FPC:pay_refund 123 (-6%) 20,080
Benchmarking:increment_balance 2,688 (+1%) 15,465
Token:_increase_public_balance 55.7 (-2%) 15,089
FPC:pay_refund_with_shielded_rebate 144 (+1%) 21,167

Public DB Access

Time to access various public DBs.

Function time_ms
get-nullifier-index 0.183 (+3%)

Tree insertion stats

The duration to insert a fixed batch of leaves into each tree type.

Metric 1 leaves 16 leaves 64 leaves 128 leaves 256 leaves 512 leaves 1024 leaves
batch_insert_into_append_only_tree_16_depth_ms 10.3 16.7 N/A N/A N/A N/A N/A
batch_insert_into_append_only_tree_16_depth_hash_count 16.8 31.7 N/A N/A N/A N/A N/A
batch_insert_into_append_only_tree_16_depth_hash_ms 0.598 0.515 N/A N/A N/A N/A N/A
batch_insert_into_append_only_tree_32_depth_ms N/A N/A 48.6 (+1%) 75.5 131 (+2%) 244 470 (+2%)
batch_insert_into_append_only_tree_32_depth_hash_count N/A N/A 95.9 159 287 543 1,055
batch_insert_into_append_only_tree_32_depth_hash_ms N/A N/A 0.497 (+1%) 0.464 0.449 (+1%) 0.442 0.439 (+2%)
batch_insert_into_indexed_tree_20_depth_ms N/A N/A 59.4 (-2%) 111 (+1%) 181 (+1%) 351 690 (+1%)
batch_insert_into_indexed_tree_20_depth_hash_count N/A N/A 109 207 355 691 1,363
batch_insert_into_indexed_tree_20_depth_hash_ms N/A N/A 0.503 (-2%) 0.499 (+1%) 0.481 (+1%) 0.475 0.474 (+1%)
batch_insert_into_indexed_tree_40_depth_ms N/A N/A 72.6 N/A N/A N/A N/A
batch_insert_into_indexed_tree_40_depth_hash_count N/A N/A 133 N/A N/A N/A N/A
batch_insert_into_indexed_tree_40_depth_hash_ms N/A N/A 0.518 (+1%) N/A N/A N/A N/A

Miscellaneous

Transaction sizes based on how many contract classes are registered in the tx.

Metric 0 registered classes 1 registered classes
tx_size_in_bytes 85,672 670,983

Transaction size based on fee payment method

| Metric | |
| - | |

@LHerskind LHerskind force-pushed the lh/static-call-private-authwit branch 3 times, most recently from 23218fe to f2ecd5f Compare June 18, 2024 16:41
@AztecBot
Copy link
Collaborator

AztecBot commented Jun 18, 2024

Docs Preview

Hey there! 👋 You can check your preview at https://66754c4eedf85b5e85ad5b87--aztec-docs-dev.netlify.app

@LHerskind LHerskind force-pushed the lh/static-call-private-authwit branch 2 times, most recently from aa134ab to 11ab988 Compare June 19, 2024 11:54
@LHerskind LHerskind marked this pull request as ready for review June 19, 2024 15:28
@LHerskind LHerskind requested a review from benesjan June 19, 2024 15:28
Copy link
Contributor

@benesjan benesjan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Feel free to merge once you address my nits

@@ -4,6 +4,8 @@ use dep::protocol_types::{
};
use crate::keys::constants::{NUM_KEY_TYPES, NULLIFIER_INDEX, INCOMING_INDEX, OUTGOING_INDEX};

use dep::std::println;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

stale import

The `on_behalf_of` should assert that we are indeed authenticated and then emit a nullifier when we are spending the authwit to prevent replay attacks.
If the return value is not as expected, we throw an error.
This is to cover the case where the `on_behalf_of` might implemented some function with the same selector as the `spend_private_authwit` that could be used to authenticate unintentionally.
This function will then make a to `on_behalf_of` to execute the `verify_private_authwit` function which validates that the call is authenticated.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
This function will then make a to `on_behalf_of` to execute the `verify_private_authwit` function which validates that the call is authenticated.
This function will then make a call to `on_behalf_of` to execute the `verify_private_authwit` function which validates that the call is authenticated.


The private authwit validation is now making a static call to the account contract instead of passing over control flow. This is to ensure that it cannot be used for re-entry.

To make this change however, we cannot allow emitting a nullifying from the account contract, since that would break the static call. Instead, we will be changing the `verify_private_authwit` to a `verify_private_authwit` and in the `auth` library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside the `auth` library, the token contract don't need to change much.
Copy link
Contributor

@benesjan benesjan Jun 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
To make this change however, we cannot allow emitting a nullifying from the account contract, since that would break the static call. Instead, we will be changing the `verify_private_authwit` to a `verify_private_authwit` and in the `auth` library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside the `auth` library, the token contract don't need to change much.
To make this change however, we cannot allow emitting a nullifier from the account contract, since that would break the static call. Instead, we will be changing the `spend_private_authwit` to a `verify_private_authwit` and in the `auth` library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside the `auth` library, the token contract doesn't need to change much.


There are also a few general changes to how authwits are generated, namely to more easily support the data required for a validity lookup now. Previously we could lookup the `message_hash` directly at the account contract, now we instead need to use the `inner_hash` and the contract of the consumer to figure out if it have already been emitted.

A minor extension have been made to the authwit creations to make it easier specific a hash that needs to be signed with a specific caller, e.g., the `inner_hash` can be provided as `{consumer, inner_hash}` to the `createAuthWit` where it previously needed to do a couple of manual steps to compute the outer hash. The `computeOuterAuthWitHash` have been amde internal and the `computeAuthWitMessageHash` can instead be used to compute the values similarly to other authwit computations.
Copy link
Contributor

@benesjan benesjan Jun 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"to make it easier specific a hash that needs to be signed"

broken english here

* @param messageHashOrIntent - The message hash or the intent (caller and action) to approve
* @param chainId - The chain id for the message, will default to the current chain id
* @param version - The version for the message, will default to the current protocol version
* @param messageHash - The message hash or the intent (caller and action) to approve
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does not seem to support the intent anymore given that the accepted type is Fr or Buffer.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yes. This was the pain of needing both the wallet and the authwit provider to be happy 💀 Will fix.


if ('caller' in intent) {
const action = intent.action instanceof ContractFunctionInteraction ? intent.action.request() : intent.action;
// return computeAuthWitMessageHash(intent.caller, chainId, version, action);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

stale code?

@@ -38,11 +38,11 @@ describe('CompleteAddress', () => {
// docs:start:instantiate-complete-address
// Typically a recipient would share their complete address with the sender
const completeAddressFromString = CompleteAddress.fromString(
'0x09bc7031bb21627cce6aac1dc710ecc92acd8475149c530a4bb57df63d9d6fe902a9372135ce5b49b46102732fabd742c31642543396013dde5b460075864607264c605bc115c6cb92a4db0a6b893fd3777341078693d0af22e3ff53f4c2ee2a2fae73914fc50d325e2707a8e996f1ad498429f715f998225dc6bd2ede05aaee055ee137d28b634322e0ea98afc42dfc48833e8d2879c34d23d6d1d337069cca212af0f28b7865b339e202a0077fd3bd8dddc472d055945ad99c02dcccd28bb22bb3585fca3e5751c9913521a390458d63e4d9b292e4872582f3b13da214470c14083a4567cf4f1e92696e6c01923bc6a8b414159446268b12fe8669ce44f1f5196561aca6c654d2405a5653002cba5552b50b6ce1afc9515ed6682507abcb3010040d791aeb30138efc9c7d36b47684af2f26f686672448349f05934ae7bbbf',
'0x1de12596818ab6bc3584b943f791b206ff588d3c307358ab6918f59ed7d381bc02a9372135ce5b49b46102732fabd742c31642543396013dde5b460075864607264c605bc115c6cb92a4db0a6b893fd3777341078693d0af22e3ff53f4c2ee2a2fae73914fc50d325e2707a8e996f1ad498429f715f998225dc6bd2ede05aaee055ee137d28b634322e0ea98afc42dfc48833e8d2879c34d23d6d1d337069cca212af0f28b7865b339e202a0077fd3bd8dddc472d055945ad99c02dcccd28bb22bb3585fca3e5751c9913521a390458d63e4d9b292e4872582f3b13da214470c14083a4567cf4f1e92696e6c01923bc6a8b414159446268b12fe8669ce44f1f5196561aca6c654d2405a5653002cba5552b50b6ce1afc9515ed6682507abcb3010040d791aeb30138efc9c7d36b47684af2f26f686672448349f05934ae7bbbf',
);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What was the reason that this had to be changed?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needed an extra generator for the authwit nullifier, and to make sure that it was nicely "aligned" I needed to shift other generator indexes by 1.

});

describe('Private', () => {
describe('arbitrary data', () => {
it('happy path', async () => {
// What are we doing here:
// 1. We compute an inner hash which is here just a hash of random data
// 2. We then compute the other, which is binding it to a "caller", here the "auth" contract
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// 2. We then compute the other, which is binding it to a "caller", here the "auth" contract
// 2. We then compute the outer hash, which is binding it to a "caller" (here the "auth" contract)

isValidInPrivate: false,
isValidInPublic: false,
});

const c = await SchnorrAccountContract.at(wallets[0].getAddress(), wallets[0]);
await c.withWallet(wallets[1]).methods.spend_private_authwit(innerHash).send().wait();
// Consume the inner hash using the wallets[0] as the on behalf of.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Consume the inner hash using the wallets[0] as the on behalf of.
// Consume the inner hash using the wallets[0] as the "on behalf of".

wallets[0].getVersion(),
l2Token.methods.burn_public(ownerAddress, withdrawAmount, nonce).request(),
);
await user1Wallet.setPublicAuthWit(burnMessageHash, true).send().wait();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not having the compute the message hash here "manually" is nice 👍

@LHerskind LHerskind force-pushed the lh/static-call-private-authwit branch from 52e439d to 79e9155 Compare June 21, 2024 09:31
@LHerskind LHerskind merged commit 9c52d47 into master Jun 21, 2024
90 checks passed
@LHerskind LHerskind deleted the lh/static-call-private-authwit branch June 21, 2024 11:06
sirasistant pushed a commit that referenced this pull request Jun 26, 2024
🤖 I have created a release *beep* *boop*
---


<details><summary>aztec-package: 0.44.0</summary>

##
[0.44.0](aztec-package-v0.43.0...aztec-package-v0.44.0)
(2024-06-26)


### Features

* Add OpenTelemetry to node
([#7102](#7102))
([6bf2b72](6bf2b72))
* Devnet deployments
([#7024](#7024))
([fa70876](fa70876))
* Track spans
([#7129](#7129))
([924c3f8](924c3f8))
</details>

<details><summary>barretenberg.js: 0.44.0</summary>

##
[0.44.0](barretenberg.js-v0.43.0...barretenberg.js-v0.44.0)
(2024-06-26)


### Bug Fixes

* False decryption fix
([#7066](#7066))
([48d9df4](48d9df4))
</details>

<details><summary>aztec-packages: 0.44.0</summary>

##
[0.44.0](aztec-packages-v0.43.0...aztec-packages-v0.44.0)
(2024-06-26)


### ⚠ BREAKING CHANGES

* make note_getter return BoundedVec instead of an Option array
([#7050](#7050))
* TXE
([#6985](#6985))

### Features

* Add macro impls for events
([#7081](#7081))
([c13dd9f](c13dd9f))
* Add OpenTelemetry to node
([#7102](#7102))
([6bf2b72](6bf2b72))
* Added prove_output_all flow for honk
([#6869](#6869))
([7bd7c66](7bd7c66))
* **avm:** Add ECC ops to avm_proving_test
([#7058](#7058))
([7f62a90](7f62a90))
* **avm:** Cpp msm changes
([#7056](#7056))
([f9c8f20](f9c8f20))
* **avm:** Include bb-pilcom in monorepo
([#7098](#7098))
([0442158](0442158))
* Constrain event encryption and unify note and event emit api
([#7171](#7171))
([5c3772f](5c3772f)),
closes
[#7160](#7160)
* Conventional lookups using log-deriv
([#7020](#7020))
([6f1212f](6f1212f))
* Devnet deployments
([#7024](#7024))
([fa70876](fa70876))
* Do not discard logs on revert since the kernel has pruned revertible
logs.
([#7076](#7076))
([366fb21](366fb21)),
closes
[#4712](#4712)
* **docs:** Publish PDF of protocol specs + remove links to pages in
item lists in protocol specs
([#6684](#6684))
([367e3cf](367e3cf))
* Enable merge recursive verifier in Goblin recursive verifier
([#7182](#7182))
([9b4f56c](9b4f56c))
* Flamegraph helper script
([#7077](#7077))
([8630c8f](8630c8f))
* Full test skips public simulation
([#7186](#7186))
([4c1997f](4c1997f))
* Make note_getter return BoundedVec instead of an Option array
([#7050](#7050))
([f9ac0fc](f9ac0fc))
* **p2p:** More comprehensive peer management, dial retries, persistence
fix
([#6953](#6953))
([cdd1cbd](cdd1cbd))
* Private authwit with static call
([#7073](#7073))
([9c52d47](9c52d47))
* Several updates in SMT verification module
([#7105](#7105))
([41b21f1](41b21f1))
* Shplonk revival in ECCVM
([#7164](#7164))
([34eb5a0](34eb5a0))
* Throwing errors in `BufferReader` when out of bounds
([#7149](#7149))
([bf4a986](bf4a986))
* Track spans
([#7129](#7129))
([924c3f8](924c3f8))
* TXE
([#6985](#6985))
([109624f](109624f))
* TXE 2: Electric boogaloo
([#7154](#7154))
([bb38246](bb38246))


### Bug Fixes

* **avm:** Fix unencryptedlog c++ deser
([#7194](#7194))
([89a99af](89a99af))
* **avm:** Re-enable ext call test
([#7147](#7147))
([33ccf1b](33ccf1b))
* **avm:** Reenable tag error sload
([#7153](#7153))
([fd92d46](fd92d46))
* **avm:** Update codegen
([#7178](#7178))
([1d29708](1d29708))
* Bug fixing bench prover test
([#7135](#7135))
([13678be](13678be)),
closes
[#7080](#7080)
* **ci:** Don't run npm_deploy l1-contracts
([#7187](#7187))
([80d26d8](80d26d8))
* **ci:** Move osxcross from build image
([#7151](#7151))
([7746363](7746363))
* Enable log filtering with the DEBUG variable
([#7150](#7150))
([33798b6](33798b6))
* Export event selector and replace function selector with event
selector where appropriate
([#7095](#7095))
([fcc15fa](fcc15fa)),
closes
[#7089](#7089)
* False decryption fix
([#7066](#7066))
([48d9df4](48d9df4))
* Fix bug for a unit test in full proving mode repated to MSM
([#7104](#7104))
([e37809b](e37809b))


### Miscellaneous

* `destroy_note(...)` optimization
([#7103](#7103))
([0770011](0770011))
* Add avm team as codeowners to more repo files
([#7196](#7196))
([9be0ad6](9be0ad6))
* **avm:** Remove avm prefix from pil and executor
([#7099](#7099))
([b502fcd](b502fcd))
* **avm:** Renamings and comments
([#7128](#7128))
([ed2f98e](ed2f98e))
* **avm:** Separate some fixed tables
([#7163](#7163))
([1d4a9a2](1d4a9a2))
* **ci:** Add new e2e base target
([#7179](#7179))
([26fc599](26fc599))
* Create workflow for full AVM tests
([#7051](#7051))
([a0b9c4b](a0b9c4b)),
closes
[#6643](#6643)
* **docs:** Fix migration notes
([#7195](#7195))
([88efda0](88efda0))
* **docs:** Moving tutorials and quick starts around, spinning off
codespaces page
([#6777](#6777))
([1542fa6](1542fa6))
* Fix migration notes
([#7133](#7133))
([14917d3](14917d3))
* Fix noir-projects dockerfile for CircleCI
([#7093](#7093))
([52ce25d](52ce25d))
* Increase the timeout of the runner for full AVM workflow to 70 minutes
([#7183](#7183))
([9aabc32](9aabc32))
* Indirects and read/write slices
([#7082](#7082))
([d5e80ee](d5e80ee))
* Note hashes cleanup + optimization
([#7132](#7132))
([edd6d3f](edd6d3f))
* Note hashing gate optimizations
([#7130](#7130))
([81a2580](81a2580))
* **powdr:** Update to latest and add logging
([#7152](#7152))
([f500f2e](f500f2e))
* Reads the return data
([#6669](#6669))
([ef85542](ef85542))
* Refactor AVM simulator's side-effect tracing
([#7091](#7091))
([9495413](9495413))
* Remove stray files
([#7158](#7158))
([29398de](29398de))
* Remove unneeded public input folding
([#7094](#7094))
([c30dc38](c30dc38))
* Replace relative paths to noir-protocol-circuits
([f7e4392](f7e4392))
* Replace relative paths to noir-protocol-circuits
([886f7b1](886f7b1))
* Replace relative paths to noir-protocol-circuits
([b1081f8](b1081f8))
* Replace relative paths to noir-protocol-circuits
([c0989eb](c0989eb))
* Replace relative paths to noir-protocol-circuits
([525bbe7](525bbe7))
* Replace relative paths to noir-protocol-circuits
([67bcd82](67bcd82))
* Take the PCS out of Zeromorph and refactor tests
([#7078](#7078))
([e192678](e192678))
* Track avm proving time
([#7084](#7084))
([59df722](59df722))
* Ultra flavor cleanup
([#7070](#7070))
([77761c6](77761c6))
</details>

<details><summary>barretenberg: 0.44.0</summary>

##
[0.44.0](barretenberg-v0.43.0...barretenberg-v0.44.0)
(2024-06-26)


### Features

* Added prove_output_all flow for honk
([#6869](#6869))
([7bd7c66](7bd7c66))
* **avm:** Add ECC ops to avm_proving_test
([#7058](#7058))
([7f62a90](7f62a90))
* **avm:** Cpp msm changes
([#7056](#7056))
([f9c8f20](f9c8f20))
* **avm:** Include bb-pilcom in monorepo
([#7098](#7098))
([0442158](0442158))
* Conventional lookups using log-deriv
([#7020](#7020))
([6f1212f](6f1212f))
* Enable merge recursive verifier in Goblin recursive verifier
([#7182](#7182))
([9b4f56c](9b4f56c))
* Several updates in SMT verification module
([#7105](#7105))
([41b21f1](41b21f1))
* Shplonk revival in ECCVM
([#7164](#7164))
([34eb5a0](34eb5a0))


### Bug Fixes

* **avm:** Fix unencryptedlog c++ deser
([#7194](#7194))
([89a99af](89a99af))
* **avm:** Re-enable ext call test
([#7147](#7147))
([33ccf1b](33ccf1b))
* **avm:** Reenable tag error sload
([#7153](#7153))
([fd92d46](fd92d46))
* **avm:** Update codegen
([#7178](#7178))
([1d29708](1d29708))
* Bug fixing bench prover test
([#7135](#7135))
([13678be](13678be)),
closes
[#7080](#7080)
* Fix bug for a unit test in full proving mode repated to MSM
([#7104](#7104))
([e37809b](e37809b))


### Miscellaneous

* **avm:** Remove avm prefix from pil and executor
([#7099](#7099))
([b502fcd](b502fcd))
* **avm:** Renamings and comments
([#7128](#7128))
([ed2f98e](ed2f98e))
* **avm:** Separate some fixed tables
([#7163](#7163))
([1d4a9a2](1d4a9a2))
* Create workflow for full AVM tests
([#7051](#7051))
([a0b9c4b](a0b9c4b)),
closes
[#6643](#6643)
* Indirects and read/write slices
([#7082](#7082))
([d5e80ee](d5e80ee))
* Reads the return data
([#6669](#6669))
([ef85542](ef85542))
* Remove unneeded public input folding
([#7094](#7094))
([c30dc38](c30dc38))
* Take the PCS out of Zeromorph and refactor tests
([#7078](#7078))
([e192678](e192678))
* Ultra flavor cleanup
([#7070](#7070))
([77761c6](77761c6))
</details>

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
AztecBot added a commit to AztecProtocol/barretenberg that referenced this pull request Jun 27, 2024
🤖 I have created a release *beep* *boop*
---


<details><summary>aztec-package: 0.44.0</summary>

##
[0.44.0](AztecProtocol/aztec-packages@aztec-package-v0.43.0...aztec-package-v0.44.0)
(2024-06-26)


### Features

* Add OpenTelemetry to node
([#7102](AztecProtocol/aztec-packages#7102))
([6bf2b72](AztecProtocol/aztec-packages@6bf2b72))
* Devnet deployments
([#7024](AztecProtocol/aztec-packages#7024))
([fa70876](AztecProtocol/aztec-packages@fa70876))
* Track spans
([#7129](AztecProtocol/aztec-packages#7129))
([924c3f8](AztecProtocol/aztec-packages@924c3f8))
</details>

<details><summary>barretenberg.js: 0.44.0</summary>

##
[0.44.0](AztecProtocol/aztec-packages@barretenberg.js-v0.43.0...barretenberg.js-v0.44.0)
(2024-06-26)


### Bug Fixes

* False decryption fix
([#7066](AztecProtocol/aztec-packages#7066))
([48d9df4](AztecProtocol/aztec-packages@48d9df4))
</details>

<details><summary>aztec-packages: 0.44.0</summary>

##
[0.44.0](AztecProtocol/aztec-packages@aztec-packages-v0.43.0...aztec-packages-v0.44.0)
(2024-06-26)


### ⚠ BREAKING CHANGES

* make note_getter return BoundedVec instead of an Option array
([#7050](AztecProtocol/aztec-packages#7050))
* TXE
([#6985](AztecProtocol/aztec-packages#6985))

### Features

* Add macro impls for events
([#7081](AztecProtocol/aztec-packages#7081))
([c13dd9f](AztecProtocol/aztec-packages@c13dd9f))
* Add OpenTelemetry to node
([#7102](AztecProtocol/aztec-packages#7102))
([6bf2b72](AztecProtocol/aztec-packages@6bf2b72))
* Added prove_output_all flow for honk
([#6869](AztecProtocol/aztec-packages#6869))
([7bd7c66](AztecProtocol/aztec-packages@7bd7c66))
* **avm:** Add ECC ops to avm_proving_test
([#7058](AztecProtocol/aztec-packages#7058))
([7f62a90](AztecProtocol/aztec-packages@7f62a90))
* **avm:** Cpp msm changes
([#7056](AztecProtocol/aztec-packages#7056))
([f9c8f20](AztecProtocol/aztec-packages@f9c8f20))
* **avm:** Include bb-pilcom in monorepo
([#7098](AztecProtocol/aztec-packages#7098))
([0442158](AztecProtocol/aztec-packages@0442158))
* Constrain event encryption and unify note and event emit api
([#7171](AztecProtocol/aztec-packages#7171))
([5c3772f](AztecProtocol/aztec-packages@5c3772f)),
closes
[#7160](AztecProtocol/aztec-packages#7160)
* Conventional lookups using log-deriv
([#7020](AztecProtocol/aztec-packages#7020))
([6f1212f](AztecProtocol/aztec-packages@6f1212f))
* Devnet deployments
([#7024](AztecProtocol/aztec-packages#7024))
([fa70876](AztecProtocol/aztec-packages@fa70876))
* Do not discard logs on revert since the kernel has pruned revertible
logs.
([#7076](AztecProtocol/aztec-packages#7076))
([366fb21](AztecProtocol/aztec-packages@366fb21)),
closes
[#4712](AztecProtocol/aztec-packages#4712)
* **docs:** Publish PDF of protocol specs + remove links to pages in
item lists in protocol specs
([#6684](AztecProtocol/aztec-packages#6684))
([367e3cf](AztecProtocol/aztec-packages@367e3cf))
* Enable merge recursive verifier in Goblin recursive verifier
([#7182](AztecProtocol/aztec-packages#7182))
([9b4f56c](AztecProtocol/aztec-packages@9b4f56c))
* Flamegraph helper script
([#7077](AztecProtocol/aztec-packages#7077))
([8630c8f](AztecProtocol/aztec-packages@8630c8f))
* Full test skips public simulation
([#7186](AztecProtocol/aztec-packages#7186))
([4c1997f](AztecProtocol/aztec-packages@4c1997f))
* Make note_getter return BoundedVec instead of an Option array
([#7050](AztecProtocol/aztec-packages#7050))
([f9ac0fc](AztecProtocol/aztec-packages@f9ac0fc))
* **p2p:** More comprehensive peer management, dial retries, persistence
fix
([#6953](AztecProtocol/aztec-packages#6953))
([cdd1cbd](AztecProtocol/aztec-packages@cdd1cbd))
* Private authwit with static call
([#7073](AztecProtocol/aztec-packages#7073))
([9c52d47](AztecProtocol/aztec-packages@9c52d47))
* Several updates in SMT verification module
([#7105](AztecProtocol/aztec-packages#7105))
([41b21f1](AztecProtocol/aztec-packages@41b21f1))
* Shplonk revival in ECCVM
([#7164](AztecProtocol/aztec-packages#7164))
([34eb5a0](AztecProtocol/aztec-packages@34eb5a0))
* Throwing errors in `BufferReader` when out of bounds
([#7149](AztecProtocol/aztec-packages#7149))
([bf4a986](AztecProtocol/aztec-packages@bf4a986))
* Track spans
([#7129](AztecProtocol/aztec-packages#7129))
([924c3f8](AztecProtocol/aztec-packages@924c3f8))
* TXE
([#6985](AztecProtocol/aztec-packages#6985))
([109624f](AztecProtocol/aztec-packages@109624f))
* TXE 2: Electric boogaloo
([#7154](AztecProtocol/aztec-packages#7154))
([bb38246](AztecProtocol/aztec-packages@bb38246))


### Bug Fixes

* **avm:** Fix unencryptedlog c++ deser
([#7194](AztecProtocol/aztec-packages#7194))
([89a99af](AztecProtocol/aztec-packages@89a99af))
* **avm:** Re-enable ext call test
([#7147](AztecProtocol/aztec-packages#7147))
([33ccf1b](AztecProtocol/aztec-packages@33ccf1b))
* **avm:** Reenable tag error sload
([#7153](AztecProtocol/aztec-packages#7153))
([fd92d46](AztecProtocol/aztec-packages@fd92d46))
* **avm:** Update codegen
([#7178](AztecProtocol/aztec-packages#7178))
([1d29708](AztecProtocol/aztec-packages@1d29708))
* Bug fixing bench prover test
([#7135](AztecProtocol/aztec-packages#7135))
([13678be](AztecProtocol/aztec-packages@13678be)),
closes
[#7080](AztecProtocol/aztec-packages#7080)
* **ci:** Don't run npm_deploy l1-contracts
([#7187](AztecProtocol/aztec-packages#7187))
([80d26d8](AztecProtocol/aztec-packages@80d26d8))
* **ci:** Move osxcross from build image
([#7151](AztecProtocol/aztec-packages#7151))
([7746363](AztecProtocol/aztec-packages@7746363))
* Enable log filtering with the DEBUG variable
([#7150](AztecProtocol/aztec-packages#7150))
([33798b6](AztecProtocol/aztec-packages@33798b6))
* Export event selector and replace function selector with event
selector where appropriate
([#7095](AztecProtocol/aztec-packages#7095))
([fcc15fa](AztecProtocol/aztec-packages@fcc15fa)),
closes
[#7089](AztecProtocol/aztec-packages#7089)
* False decryption fix
([#7066](AztecProtocol/aztec-packages#7066))
([48d9df4](AztecProtocol/aztec-packages@48d9df4))
* Fix bug for a unit test in full proving mode repated to MSM
([#7104](AztecProtocol/aztec-packages#7104))
([e37809b](AztecProtocol/aztec-packages@e37809b))


### Miscellaneous

* `destroy_note(...)` optimization
([#7103](AztecProtocol/aztec-packages#7103))
([0770011](AztecProtocol/aztec-packages@0770011))
* Add avm team as codeowners to more repo files
([#7196](AztecProtocol/aztec-packages#7196))
([9be0ad6](AztecProtocol/aztec-packages@9be0ad6))
* **avm:** Remove avm prefix from pil and executor
([#7099](AztecProtocol/aztec-packages#7099))
([b502fcd](AztecProtocol/aztec-packages@b502fcd))
* **avm:** Renamings and comments
([#7128](AztecProtocol/aztec-packages#7128))
([ed2f98e](AztecProtocol/aztec-packages@ed2f98e))
* **avm:** Separate some fixed tables
([#7163](AztecProtocol/aztec-packages#7163))
([1d4a9a2](AztecProtocol/aztec-packages@1d4a9a2))
* **ci:** Add new e2e base target
([#7179](AztecProtocol/aztec-packages#7179))
([26fc599](AztecProtocol/aztec-packages@26fc599))
* Create workflow for full AVM tests
([#7051](AztecProtocol/aztec-packages#7051))
([a0b9c4b](AztecProtocol/aztec-packages@a0b9c4b)),
closes
[#6643](AztecProtocol/aztec-packages#6643)
* **docs:** Fix migration notes
([#7195](AztecProtocol/aztec-packages#7195))
([88efda0](AztecProtocol/aztec-packages@88efda0))
* **docs:** Moving tutorials and quick starts around, spinning off
codespaces page
([#6777](AztecProtocol/aztec-packages#6777))
([1542fa6](AztecProtocol/aztec-packages@1542fa6))
* Fix migration notes
([#7133](AztecProtocol/aztec-packages#7133))
([14917d3](AztecProtocol/aztec-packages@14917d3))
* Fix noir-projects dockerfile for CircleCI
([#7093](AztecProtocol/aztec-packages#7093))
([52ce25d](AztecProtocol/aztec-packages@52ce25d))
* Increase the timeout of the runner for full AVM workflow to 70 minutes
([#7183](AztecProtocol/aztec-packages#7183))
([9aabc32](AztecProtocol/aztec-packages@9aabc32))
* Indirects and read/write slices
([#7082](AztecProtocol/aztec-packages#7082))
([d5e80ee](AztecProtocol/aztec-packages@d5e80ee))
* Note hashes cleanup + optimization
([#7132](AztecProtocol/aztec-packages#7132))
([edd6d3f](AztecProtocol/aztec-packages@edd6d3f))
* Note hashing gate optimizations
([#7130](AztecProtocol/aztec-packages#7130))
([81a2580](AztecProtocol/aztec-packages@81a2580))
* **powdr:** Update to latest and add logging
([#7152](AztecProtocol/aztec-packages#7152))
([f500f2e](AztecProtocol/aztec-packages@f500f2e))
* Reads the return data
([#6669](AztecProtocol/aztec-packages#6669))
([ef85542](AztecProtocol/aztec-packages@ef85542))
* Refactor AVM simulator's side-effect tracing
([#7091](AztecProtocol/aztec-packages#7091))
([9495413](AztecProtocol/aztec-packages@9495413))
* Remove stray files
([#7158](AztecProtocol/aztec-packages#7158))
([29398de](AztecProtocol/aztec-packages@29398de))
* Remove unneeded public input folding
([#7094](AztecProtocol/aztec-packages#7094))
([c30dc38](AztecProtocol/aztec-packages@c30dc38))
* Replace relative paths to noir-protocol-circuits
([f7e4392](AztecProtocol/aztec-packages@f7e4392))
* Replace relative paths to noir-protocol-circuits
([886f7b1](AztecProtocol/aztec-packages@886f7b1))
* Replace relative paths to noir-protocol-circuits
([b1081f8](AztecProtocol/aztec-packages@b1081f8))
* Replace relative paths to noir-protocol-circuits
([c0989eb](AztecProtocol/aztec-packages@c0989eb))
* Replace relative paths to noir-protocol-circuits
([525bbe7](AztecProtocol/aztec-packages@525bbe7))
* Replace relative paths to noir-protocol-circuits
([67bcd82](AztecProtocol/aztec-packages@67bcd82))
* Take the PCS out of Zeromorph and refactor tests
([#7078](AztecProtocol/aztec-packages#7078))
([e192678](AztecProtocol/aztec-packages@e192678))
* Track avm proving time
([#7084](AztecProtocol/aztec-packages#7084))
([59df722](AztecProtocol/aztec-packages@59df722))
* Ultra flavor cleanup
([#7070](AztecProtocol/aztec-packages#7070))
([77761c6](AztecProtocol/aztec-packages@77761c6))
</details>

<details><summary>barretenberg: 0.44.0</summary>

##
[0.44.0](AztecProtocol/aztec-packages@barretenberg-v0.43.0...barretenberg-v0.44.0)
(2024-06-26)


### Features

* Added prove_output_all flow for honk
([#6869](AztecProtocol/aztec-packages#6869))
([7bd7c66](AztecProtocol/aztec-packages@7bd7c66))
* **avm:** Add ECC ops to avm_proving_test
([#7058](AztecProtocol/aztec-packages#7058))
([7f62a90](AztecProtocol/aztec-packages@7f62a90))
* **avm:** Cpp msm changes
([#7056](AztecProtocol/aztec-packages#7056))
([f9c8f20](AztecProtocol/aztec-packages@f9c8f20))
* **avm:** Include bb-pilcom in monorepo
([#7098](AztecProtocol/aztec-packages#7098))
([0442158](AztecProtocol/aztec-packages@0442158))
* Conventional lookups using log-deriv
([#7020](AztecProtocol/aztec-packages#7020))
([6f1212f](AztecProtocol/aztec-packages@6f1212f))
* Enable merge recursive verifier in Goblin recursive verifier
([#7182](AztecProtocol/aztec-packages#7182))
([9b4f56c](AztecProtocol/aztec-packages@9b4f56c))
* Several updates in SMT verification module
([#7105](AztecProtocol/aztec-packages#7105))
([41b21f1](AztecProtocol/aztec-packages@41b21f1))
* Shplonk revival in ECCVM
([#7164](AztecProtocol/aztec-packages#7164))
([34eb5a0](AztecProtocol/aztec-packages@34eb5a0))


### Bug Fixes

* **avm:** Fix unencryptedlog c++ deser
([#7194](AztecProtocol/aztec-packages#7194))
([89a99af](AztecProtocol/aztec-packages@89a99af))
* **avm:** Re-enable ext call test
([#7147](AztecProtocol/aztec-packages#7147))
([33ccf1b](AztecProtocol/aztec-packages@33ccf1b))
* **avm:** Reenable tag error sload
([#7153](AztecProtocol/aztec-packages#7153))
([fd92d46](AztecProtocol/aztec-packages@fd92d46))
* **avm:** Update codegen
([#7178](AztecProtocol/aztec-packages#7178))
([1d29708](AztecProtocol/aztec-packages@1d29708))
* Bug fixing bench prover test
([#7135](AztecProtocol/aztec-packages#7135))
([13678be](AztecProtocol/aztec-packages@13678be)),
closes
[#7080](AztecProtocol/aztec-packages#7080)
* Fix bug for a unit test in full proving mode repated to MSM
([#7104](AztecProtocol/aztec-packages#7104))
([e37809b](AztecProtocol/aztec-packages@e37809b))


### Miscellaneous

* **avm:** Remove avm prefix from pil and executor
([#7099](AztecProtocol/aztec-packages#7099))
([b502fcd](AztecProtocol/aztec-packages@b502fcd))
* **avm:** Renamings and comments
([#7128](AztecProtocol/aztec-packages#7128))
([ed2f98e](AztecProtocol/aztec-packages@ed2f98e))
* **avm:** Separate some fixed tables
([#7163](AztecProtocol/aztec-packages#7163))
([1d4a9a2](AztecProtocol/aztec-packages@1d4a9a2))
* Create workflow for full AVM tests
([#7051](AztecProtocol/aztec-packages#7051))
([a0b9c4b](AztecProtocol/aztec-packages@a0b9c4b)),
closes
[#6643](AztecProtocol/aztec-packages#6643)
* Indirects and read/write slices
([#7082](AztecProtocol/aztec-packages#7082))
([d5e80ee](AztecProtocol/aztec-packages@d5e80ee))
* Reads the return data
([#6669](AztecProtocol/aztec-packages#6669))
([ef85542](AztecProtocol/aztec-packages@ef85542))
* Remove unneeded public input folding
([#7094](AztecProtocol/aztec-packages#7094))
([c30dc38](AztecProtocol/aztec-packages@c30dc38))
* Take the PCS out of Zeromorph and refactor tests
([#7078](AztecProtocol/aztec-packages#7078))
([e192678](AztecProtocol/aztec-packages@e192678))
* Ultra flavor cleanup
([#7070](AztecProtocol/aztec-packages#7070))
([77761c6](AztecProtocol/aztec-packages@77761c6))
</details>

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants