-
Notifications
You must be signed in to change notification settings - Fork 268
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: private authwit with static call #7073
Conversation
This stack of pull requests is managed by Graphite. Learn more about stacking. Join @LHerskind and the rest of your teammates on Graphite |
Benchmark resultsMetrics with a significant change:
Detailed resultsAll benchmarks are run on txs on the This benchmark source data is available in JSON format on S3 here. Proof generationEach column represents the number of threads used in proof generation.
L2 block published to L1Each column represents the number of txs on an L2 block published to L1.
L2 chain processingEach column represents the number of blocks on the L2 chain where each block has 8 txs.
Circuits statsStats on running time and I/O sizes collected for every kernel circuit run across all benchmarks.
Stats on running time collected for app circuits
AVM SimulationTime to simulate various public functions in the AVM.
Public DB AccessTime to access various public DBs.
Tree insertion statsThe duration to insert a fixed batch of leaves into each tree type.
MiscellaneousTransaction sizes based on how many contract classes are registered in the tx.
Transaction size based on fee payment method | Metric | | |
23218fe
to
f2ecd5f
Compare
Docs PreviewHey there! 👋 You can check your preview at https://66754c4eedf85b5e85ad5b87--aztec-docs-dev.netlify.app |
aa134ab
to
11ab988
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. Feel free to merge once you address my nits
@@ -4,6 +4,8 @@ use dep::protocol_types::{ | |||
}; | |||
use crate::keys::constants::{NUM_KEY_TYPES, NULLIFIER_INDEX, INCOMING_INDEX, OUTGOING_INDEX}; | |||
|
|||
use dep::std::println; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
stale import
The `on_behalf_of` should assert that we are indeed authenticated and then emit a nullifier when we are spending the authwit to prevent replay attacks. | ||
If the return value is not as expected, we throw an error. | ||
This is to cover the case where the `on_behalf_of` might implemented some function with the same selector as the `spend_private_authwit` that could be used to authenticate unintentionally. | ||
This function will then make a to `on_behalf_of` to execute the `verify_private_authwit` function which validates that the call is authenticated. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function will then make a to `on_behalf_of` to execute the `verify_private_authwit` function which validates that the call is authenticated. | |
This function will then make a call to `on_behalf_of` to execute the `verify_private_authwit` function which validates that the call is authenticated. |
docs/docs/migration_notes.md
Outdated
|
||
The private authwit validation is now making a static call to the account contract instead of passing over control flow. This is to ensure that it cannot be used for re-entry. | ||
|
||
To make this change however, we cannot allow emitting a nullifying from the account contract, since that would break the static call. Instead, we will be changing the `verify_private_authwit` to a `verify_private_authwit` and in the `auth` library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside the `auth` library, the token contract don't need to change much. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To make this change however, we cannot allow emitting a nullifying from the account contract, since that would break the static call. Instead, we will be changing the `verify_private_authwit` to a `verify_private_authwit` and in the `auth` library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside the `auth` library, the token contract don't need to change much. | |
To make this change however, we cannot allow emitting a nullifier from the account contract, since that would break the static call. Instead, we will be changing the `spend_private_authwit` to a `verify_private_authwit` and in the `auth` library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside the `auth` library, the token contract doesn't need to change much. |
docs/docs/migration_notes.md
Outdated
|
||
There are also a few general changes to how authwits are generated, namely to more easily support the data required for a validity lookup now. Previously we could lookup the `message_hash` directly at the account contract, now we instead need to use the `inner_hash` and the contract of the consumer to figure out if it have already been emitted. | ||
|
||
A minor extension have been made to the authwit creations to make it easier specific a hash that needs to be signed with a specific caller, e.g., the `inner_hash` can be provided as `{consumer, inner_hash}` to the `createAuthWit` where it previously needed to do a couple of manual steps to compute the outer hash. The `computeOuterAuthWitHash` have been amde internal and the `computeAuthWitMessageHash` can instead be used to compute the values similarly to other authwit computations. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"to make it easier specific a hash that needs to be signed"
broken english here
* @param messageHashOrIntent - The message hash or the intent (caller and action) to approve | ||
* @param chainId - The chain id for the message, will default to the current chain id | ||
* @param version - The version for the message, will default to the current protocol version | ||
* @param messageHash - The message hash or the intent (caller and action) to approve |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This does not seem to support the intent anymore given that the accepted type is Fr or Buffer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah yes. This was the pain of needing both the wallet and the authwit provider to be happy 💀 Will fix.
|
||
if ('caller' in intent) { | ||
const action = intent.action instanceof ContractFunctionInteraction ? intent.action.request() : intent.action; | ||
// return computeAuthWitMessageHash(intent.caller, chainId, version, action); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
stale code?
@@ -38,11 +38,11 @@ describe('CompleteAddress', () => { | |||
// docs:start:instantiate-complete-address | |||
// Typically a recipient would share their complete address with the sender | |||
const completeAddressFromString = CompleteAddress.fromString( | |||
'0x09bc7031bb21627cce6aac1dc710ecc92acd8475149c530a4bb57df63d9d6fe902a9372135ce5b49b46102732fabd742c31642543396013dde5b460075864607264c605bc115c6cb92a4db0a6b893fd3777341078693d0af22e3ff53f4c2ee2a2fae73914fc50d325e2707a8e996f1ad498429f715f998225dc6bd2ede05aaee055ee137d28b634322e0ea98afc42dfc48833e8d2879c34d23d6d1d337069cca212af0f28b7865b339e202a0077fd3bd8dddc472d055945ad99c02dcccd28bb22bb3585fca3e5751c9913521a390458d63e4d9b292e4872582f3b13da214470c14083a4567cf4f1e92696e6c01923bc6a8b414159446268b12fe8669ce44f1f5196561aca6c654d2405a5653002cba5552b50b6ce1afc9515ed6682507abcb3010040d791aeb30138efc9c7d36b47684af2f26f686672448349f05934ae7bbbf', | |||
'0x1de12596818ab6bc3584b943f791b206ff588d3c307358ab6918f59ed7d381bc02a9372135ce5b49b46102732fabd742c31642543396013dde5b460075864607264c605bc115c6cb92a4db0a6b893fd3777341078693d0af22e3ff53f4c2ee2a2fae73914fc50d325e2707a8e996f1ad498429f715f998225dc6bd2ede05aaee055ee137d28b634322e0ea98afc42dfc48833e8d2879c34d23d6d1d337069cca212af0f28b7865b339e202a0077fd3bd8dddc472d055945ad99c02dcccd28bb22bb3585fca3e5751c9913521a390458d63e4d9b292e4872582f3b13da214470c14083a4567cf4f1e92696e6c01923bc6a8b414159446268b12fe8669ce44f1f5196561aca6c654d2405a5653002cba5552b50b6ce1afc9515ed6682507abcb3010040d791aeb30138efc9c7d36b47684af2f26f686672448349f05934ae7bbbf', | |||
); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What was the reason that this had to be changed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needed an extra generator for the authwit nullifier, and to make sure that it was nicely "aligned" I needed to shift other generator indexes by 1.
}); | ||
|
||
describe('Private', () => { | ||
describe('arbitrary data', () => { | ||
it('happy path', async () => { | ||
// What are we doing here: | ||
// 1. We compute an inner hash which is here just a hash of random data | ||
// 2. We then compute the other, which is binding it to a "caller", here the "auth" contract |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// 2. We then compute the other, which is binding it to a "caller", here the "auth" contract | |
// 2. We then compute the outer hash, which is binding it to a "caller" (here the "auth" contract) |
isValidInPrivate: false, | ||
isValidInPublic: false, | ||
}); | ||
|
||
const c = await SchnorrAccountContract.at(wallets[0].getAddress(), wallets[0]); | ||
await c.withWallet(wallets[1]).methods.spend_private_authwit(innerHash).send().wait(); | ||
// Consume the inner hash using the wallets[0] as the on behalf of. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// Consume the inner hash using the wallets[0] as the on behalf of. | |
// Consume the inner hash using the wallets[0] as the "on behalf of". |
wallets[0].getVersion(), | ||
l2Token.methods.burn_public(ownerAddress, withdrawAmount, nonce).request(), | ||
); | ||
await user1Wallet.setPublicAuthWit(burnMessageHash, true).send().wait(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not having the compute the message hash here "manually" is nice 👍
52e439d
to
79e9155
Compare
🤖 I have created a release *beep* *boop* --- <details><summary>aztec-package: 0.44.0</summary> ## [0.44.0](aztec-package-v0.43.0...aztec-package-v0.44.0) (2024-06-26) ### Features * Add OpenTelemetry to node ([#7102](#7102)) ([6bf2b72](6bf2b72)) * Devnet deployments ([#7024](#7024)) ([fa70876](fa70876)) * Track spans ([#7129](#7129)) ([924c3f8](924c3f8)) </details> <details><summary>barretenberg.js: 0.44.0</summary> ## [0.44.0](barretenberg.js-v0.43.0...barretenberg.js-v0.44.0) (2024-06-26) ### Bug Fixes * False decryption fix ([#7066](#7066)) ([48d9df4](48d9df4)) </details> <details><summary>aztec-packages: 0.44.0</summary> ## [0.44.0](aztec-packages-v0.43.0...aztec-packages-v0.44.0) (2024-06-26) ### ⚠ BREAKING CHANGES * make note_getter return BoundedVec instead of an Option array ([#7050](#7050)) * TXE ([#6985](#6985)) ### Features * Add macro impls for events ([#7081](#7081)) ([c13dd9f](c13dd9f)) * Add OpenTelemetry to node ([#7102](#7102)) ([6bf2b72](6bf2b72)) * Added prove_output_all flow for honk ([#6869](#6869)) ([7bd7c66](7bd7c66)) * **avm:** Add ECC ops to avm_proving_test ([#7058](#7058)) ([7f62a90](7f62a90)) * **avm:** Cpp msm changes ([#7056](#7056)) ([f9c8f20](f9c8f20)) * **avm:** Include bb-pilcom in monorepo ([#7098](#7098)) ([0442158](0442158)) * Constrain event encryption and unify note and event emit api ([#7171](#7171)) ([5c3772f](5c3772f)), closes [#7160](#7160) * Conventional lookups using log-deriv ([#7020](#7020)) ([6f1212f](6f1212f)) * Devnet deployments ([#7024](#7024)) ([fa70876](fa70876)) * Do not discard logs on revert since the kernel has pruned revertible logs. ([#7076](#7076)) ([366fb21](366fb21)), closes [#4712](#4712) * **docs:** Publish PDF of protocol specs + remove links to pages in item lists in protocol specs ([#6684](#6684)) ([367e3cf](367e3cf)) * Enable merge recursive verifier in Goblin recursive verifier ([#7182](#7182)) ([9b4f56c](9b4f56c)) * Flamegraph helper script ([#7077](#7077)) ([8630c8f](8630c8f)) * Full test skips public simulation ([#7186](#7186)) ([4c1997f](4c1997f)) * Make note_getter return BoundedVec instead of an Option array ([#7050](#7050)) ([f9ac0fc](f9ac0fc)) * **p2p:** More comprehensive peer management, dial retries, persistence fix ([#6953](#6953)) ([cdd1cbd](cdd1cbd)) * Private authwit with static call ([#7073](#7073)) ([9c52d47](9c52d47)) * Several updates in SMT verification module ([#7105](#7105)) ([41b21f1](41b21f1)) * Shplonk revival in ECCVM ([#7164](#7164)) ([34eb5a0](34eb5a0)) * Throwing errors in `BufferReader` when out of bounds ([#7149](#7149)) ([bf4a986](bf4a986)) * Track spans ([#7129](#7129)) ([924c3f8](924c3f8)) * TXE ([#6985](#6985)) ([109624f](109624f)) * TXE 2: Electric boogaloo ([#7154](#7154)) ([bb38246](bb38246)) ### Bug Fixes * **avm:** Fix unencryptedlog c++ deser ([#7194](#7194)) ([89a99af](89a99af)) * **avm:** Re-enable ext call test ([#7147](#7147)) ([33ccf1b](33ccf1b)) * **avm:** Reenable tag error sload ([#7153](#7153)) ([fd92d46](fd92d46)) * **avm:** Update codegen ([#7178](#7178)) ([1d29708](1d29708)) * Bug fixing bench prover test ([#7135](#7135)) ([13678be](13678be)), closes [#7080](#7080) * **ci:** Don't run npm_deploy l1-contracts ([#7187](#7187)) ([80d26d8](80d26d8)) * **ci:** Move osxcross from build image ([#7151](#7151)) ([7746363](7746363)) * Enable log filtering with the DEBUG variable ([#7150](#7150)) ([33798b6](33798b6)) * Export event selector and replace function selector with event selector where appropriate ([#7095](#7095)) ([fcc15fa](fcc15fa)), closes [#7089](#7089) * False decryption fix ([#7066](#7066)) ([48d9df4](48d9df4)) * Fix bug for a unit test in full proving mode repated to MSM ([#7104](#7104)) ([e37809b](e37809b)) ### Miscellaneous * `destroy_note(...)` optimization ([#7103](#7103)) ([0770011](0770011)) * Add avm team as codeowners to more repo files ([#7196](#7196)) ([9be0ad6](9be0ad6)) * **avm:** Remove avm prefix from pil and executor ([#7099](#7099)) ([b502fcd](b502fcd)) * **avm:** Renamings and comments ([#7128](#7128)) ([ed2f98e](ed2f98e)) * **avm:** Separate some fixed tables ([#7163](#7163)) ([1d4a9a2](1d4a9a2)) * **ci:** Add new e2e base target ([#7179](#7179)) ([26fc599](26fc599)) * Create workflow for full AVM tests ([#7051](#7051)) ([a0b9c4b](a0b9c4b)), closes [#6643](#6643) * **docs:** Fix migration notes ([#7195](#7195)) ([88efda0](88efda0)) * **docs:** Moving tutorials and quick starts around, spinning off codespaces page ([#6777](#6777)) ([1542fa6](1542fa6)) * Fix migration notes ([#7133](#7133)) ([14917d3](14917d3)) * Fix noir-projects dockerfile for CircleCI ([#7093](#7093)) ([52ce25d](52ce25d)) * Increase the timeout of the runner for full AVM workflow to 70 minutes ([#7183](#7183)) ([9aabc32](9aabc32)) * Indirects and read/write slices ([#7082](#7082)) ([d5e80ee](d5e80ee)) * Note hashes cleanup + optimization ([#7132](#7132)) ([edd6d3f](edd6d3f)) * Note hashing gate optimizations ([#7130](#7130)) ([81a2580](81a2580)) * **powdr:** Update to latest and add logging ([#7152](#7152)) ([f500f2e](f500f2e)) * Reads the return data ([#6669](#6669)) ([ef85542](ef85542)) * Refactor AVM simulator's side-effect tracing ([#7091](#7091)) ([9495413](9495413)) * Remove stray files ([#7158](#7158)) ([29398de](29398de)) * Remove unneeded public input folding ([#7094](#7094)) ([c30dc38](c30dc38)) * Replace relative paths to noir-protocol-circuits ([f7e4392](f7e4392)) * Replace relative paths to noir-protocol-circuits ([886f7b1](886f7b1)) * Replace relative paths to noir-protocol-circuits ([b1081f8](b1081f8)) * Replace relative paths to noir-protocol-circuits ([c0989eb](c0989eb)) * Replace relative paths to noir-protocol-circuits ([525bbe7](525bbe7)) * Replace relative paths to noir-protocol-circuits ([67bcd82](67bcd82)) * Take the PCS out of Zeromorph and refactor tests ([#7078](#7078)) ([e192678](e192678)) * Track avm proving time ([#7084](#7084)) ([59df722](59df722)) * Ultra flavor cleanup ([#7070](#7070)) ([77761c6](77761c6)) </details> <details><summary>barretenberg: 0.44.0</summary> ## [0.44.0](barretenberg-v0.43.0...barretenberg-v0.44.0) (2024-06-26) ### Features * Added prove_output_all flow for honk ([#6869](#6869)) ([7bd7c66](7bd7c66)) * **avm:** Add ECC ops to avm_proving_test ([#7058](#7058)) ([7f62a90](7f62a90)) * **avm:** Cpp msm changes ([#7056](#7056)) ([f9c8f20](f9c8f20)) * **avm:** Include bb-pilcom in monorepo ([#7098](#7098)) ([0442158](0442158)) * Conventional lookups using log-deriv ([#7020](#7020)) ([6f1212f](6f1212f)) * Enable merge recursive verifier in Goblin recursive verifier ([#7182](#7182)) ([9b4f56c](9b4f56c)) * Several updates in SMT verification module ([#7105](#7105)) ([41b21f1](41b21f1)) * Shplonk revival in ECCVM ([#7164](#7164)) ([34eb5a0](34eb5a0)) ### Bug Fixes * **avm:** Fix unencryptedlog c++ deser ([#7194](#7194)) ([89a99af](89a99af)) * **avm:** Re-enable ext call test ([#7147](#7147)) ([33ccf1b](33ccf1b)) * **avm:** Reenable tag error sload ([#7153](#7153)) ([fd92d46](fd92d46)) * **avm:** Update codegen ([#7178](#7178)) ([1d29708](1d29708)) * Bug fixing bench prover test ([#7135](#7135)) ([13678be](13678be)), closes [#7080](#7080) * Fix bug for a unit test in full proving mode repated to MSM ([#7104](#7104)) ([e37809b](e37809b)) ### Miscellaneous * **avm:** Remove avm prefix from pil and executor ([#7099](#7099)) ([b502fcd](b502fcd)) * **avm:** Renamings and comments ([#7128](#7128)) ([ed2f98e](ed2f98e)) * **avm:** Separate some fixed tables ([#7163](#7163)) ([1d4a9a2](1d4a9a2)) * Create workflow for full AVM tests ([#7051](#7051)) ([a0b9c4b](a0b9c4b)), closes [#6643](#6643) * Indirects and read/write slices ([#7082](#7082)) ([d5e80ee](d5e80ee)) * Reads the return data ([#6669](#6669)) ([ef85542](ef85542)) * Remove unneeded public input folding ([#7094](#7094)) ([c30dc38](c30dc38)) * Take the PCS out of Zeromorph and refactor tests ([#7078](#7078)) ([e192678](e192678)) * Ultra flavor cleanup ([#7070](#7070)) ([77761c6](77761c6)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
🤖 I have created a release *beep* *boop* --- <details><summary>aztec-package: 0.44.0</summary> ## [0.44.0](AztecProtocol/aztec-packages@aztec-package-v0.43.0...aztec-package-v0.44.0) (2024-06-26) ### Features * Add OpenTelemetry to node ([#7102](AztecProtocol/aztec-packages#7102)) ([6bf2b72](AztecProtocol/aztec-packages@6bf2b72)) * Devnet deployments ([#7024](AztecProtocol/aztec-packages#7024)) ([fa70876](AztecProtocol/aztec-packages@fa70876)) * Track spans ([#7129](AztecProtocol/aztec-packages#7129)) ([924c3f8](AztecProtocol/aztec-packages@924c3f8)) </details> <details><summary>barretenberg.js: 0.44.0</summary> ## [0.44.0](AztecProtocol/aztec-packages@barretenberg.js-v0.43.0...barretenberg.js-v0.44.0) (2024-06-26) ### Bug Fixes * False decryption fix ([#7066](AztecProtocol/aztec-packages#7066)) ([48d9df4](AztecProtocol/aztec-packages@48d9df4)) </details> <details><summary>aztec-packages: 0.44.0</summary> ## [0.44.0](AztecProtocol/aztec-packages@aztec-packages-v0.43.0...aztec-packages-v0.44.0) (2024-06-26) ### ⚠ BREAKING CHANGES * make note_getter return BoundedVec instead of an Option array ([#7050](AztecProtocol/aztec-packages#7050)) * TXE ([#6985](AztecProtocol/aztec-packages#6985)) ### Features * Add macro impls for events ([#7081](AztecProtocol/aztec-packages#7081)) ([c13dd9f](AztecProtocol/aztec-packages@c13dd9f)) * Add OpenTelemetry to node ([#7102](AztecProtocol/aztec-packages#7102)) ([6bf2b72](AztecProtocol/aztec-packages@6bf2b72)) * Added prove_output_all flow for honk ([#6869](AztecProtocol/aztec-packages#6869)) ([7bd7c66](AztecProtocol/aztec-packages@7bd7c66)) * **avm:** Add ECC ops to avm_proving_test ([#7058](AztecProtocol/aztec-packages#7058)) ([7f62a90](AztecProtocol/aztec-packages@7f62a90)) * **avm:** Cpp msm changes ([#7056](AztecProtocol/aztec-packages#7056)) ([f9c8f20](AztecProtocol/aztec-packages@f9c8f20)) * **avm:** Include bb-pilcom in monorepo ([#7098](AztecProtocol/aztec-packages#7098)) ([0442158](AztecProtocol/aztec-packages@0442158)) * Constrain event encryption and unify note and event emit api ([#7171](AztecProtocol/aztec-packages#7171)) ([5c3772f](AztecProtocol/aztec-packages@5c3772f)), closes [#7160](AztecProtocol/aztec-packages#7160) * Conventional lookups using log-deriv ([#7020](AztecProtocol/aztec-packages#7020)) ([6f1212f](AztecProtocol/aztec-packages@6f1212f)) * Devnet deployments ([#7024](AztecProtocol/aztec-packages#7024)) ([fa70876](AztecProtocol/aztec-packages@fa70876)) * Do not discard logs on revert since the kernel has pruned revertible logs. ([#7076](AztecProtocol/aztec-packages#7076)) ([366fb21](AztecProtocol/aztec-packages@366fb21)), closes [#4712](AztecProtocol/aztec-packages#4712) * **docs:** Publish PDF of protocol specs + remove links to pages in item lists in protocol specs ([#6684](AztecProtocol/aztec-packages#6684)) ([367e3cf](AztecProtocol/aztec-packages@367e3cf)) * Enable merge recursive verifier in Goblin recursive verifier ([#7182](AztecProtocol/aztec-packages#7182)) ([9b4f56c](AztecProtocol/aztec-packages@9b4f56c)) * Flamegraph helper script ([#7077](AztecProtocol/aztec-packages#7077)) ([8630c8f](AztecProtocol/aztec-packages@8630c8f)) * Full test skips public simulation ([#7186](AztecProtocol/aztec-packages#7186)) ([4c1997f](AztecProtocol/aztec-packages@4c1997f)) * Make note_getter return BoundedVec instead of an Option array ([#7050](AztecProtocol/aztec-packages#7050)) ([f9ac0fc](AztecProtocol/aztec-packages@f9ac0fc)) * **p2p:** More comprehensive peer management, dial retries, persistence fix ([#6953](AztecProtocol/aztec-packages#6953)) ([cdd1cbd](AztecProtocol/aztec-packages@cdd1cbd)) * Private authwit with static call ([#7073](AztecProtocol/aztec-packages#7073)) ([9c52d47](AztecProtocol/aztec-packages@9c52d47)) * Several updates in SMT verification module ([#7105](AztecProtocol/aztec-packages#7105)) ([41b21f1](AztecProtocol/aztec-packages@41b21f1)) * Shplonk revival in ECCVM ([#7164](AztecProtocol/aztec-packages#7164)) ([34eb5a0](AztecProtocol/aztec-packages@34eb5a0)) * Throwing errors in `BufferReader` when out of bounds ([#7149](AztecProtocol/aztec-packages#7149)) ([bf4a986](AztecProtocol/aztec-packages@bf4a986)) * Track spans ([#7129](AztecProtocol/aztec-packages#7129)) ([924c3f8](AztecProtocol/aztec-packages@924c3f8)) * TXE ([#6985](AztecProtocol/aztec-packages#6985)) ([109624f](AztecProtocol/aztec-packages@109624f)) * TXE 2: Electric boogaloo ([#7154](AztecProtocol/aztec-packages#7154)) ([bb38246](AztecProtocol/aztec-packages@bb38246)) ### Bug Fixes * **avm:** Fix unencryptedlog c++ deser ([#7194](AztecProtocol/aztec-packages#7194)) ([89a99af](AztecProtocol/aztec-packages@89a99af)) * **avm:** Re-enable ext call test ([#7147](AztecProtocol/aztec-packages#7147)) ([33ccf1b](AztecProtocol/aztec-packages@33ccf1b)) * **avm:** Reenable tag error sload ([#7153](AztecProtocol/aztec-packages#7153)) ([fd92d46](AztecProtocol/aztec-packages@fd92d46)) * **avm:** Update codegen ([#7178](AztecProtocol/aztec-packages#7178)) ([1d29708](AztecProtocol/aztec-packages@1d29708)) * Bug fixing bench prover test ([#7135](AztecProtocol/aztec-packages#7135)) ([13678be](AztecProtocol/aztec-packages@13678be)), closes [#7080](AztecProtocol/aztec-packages#7080) * **ci:** Don't run npm_deploy l1-contracts ([#7187](AztecProtocol/aztec-packages#7187)) ([80d26d8](AztecProtocol/aztec-packages@80d26d8)) * **ci:** Move osxcross from build image ([#7151](AztecProtocol/aztec-packages#7151)) ([7746363](AztecProtocol/aztec-packages@7746363)) * Enable log filtering with the DEBUG variable ([#7150](AztecProtocol/aztec-packages#7150)) ([33798b6](AztecProtocol/aztec-packages@33798b6)) * Export event selector and replace function selector with event selector where appropriate ([#7095](AztecProtocol/aztec-packages#7095)) ([fcc15fa](AztecProtocol/aztec-packages@fcc15fa)), closes [#7089](AztecProtocol/aztec-packages#7089) * False decryption fix ([#7066](AztecProtocol/aztec-packages#7066)) ([48d9df4](AztecProtocol/aztec-packages@48d9df4)) * Fix bug for a unit test in full proving mode repated to MSM ([#7104](AztecProtocol/aztec-packages#7104)) ([e37809b](AztecProtocol/aztec-packages@e37809b)) ### Miscellaneous * `destroy_note(...)` optimization ([#7103](AztecProtocol/aztec-packages#7103)) ([0770011](AztecProtocol/aztec-packages@0770011)) * Add avm team as codeowners to more repo files ([#7196](AztecProtocol/aztec-packages#7196)) ([9be0ad6](AztecProtocol/aztec-packages@9be0ad6)) * **avm:** Remove avm prefix from pil and executor ([#7099](AztecProtocol/aztec-packages#7099)) ([b502fcd](AztecProtocol/aztec-packages@b502fcd)) * **avm:** Renamings and comments ([#7128](AztecProtocol/aztec-packages#7128)) ([ed2f98e](AztecProtocol/aztec-packages@ed2f98e)) * **avm:** Separate some fixed tables ([#7163](AztecProtocol/aztec-packages#7163)) ([1d4a9a2](AztecProtocol/aztec-packages@1d4a9a2)) * **ci:** Add new e2e base target ([#7179](AztecProtocol/aztec-packages#7179)) ([26fc599](AztecProtocol/aztec-packages@26fc599)) * Create workflow for full AVM tests ([#7051](AztecProtocol/aztec-packages#7051)) ([a0b9c4b](AztecProtocol/aztec-packages@a0b9c4b)), closes [#6643](AztecProtocol/aztec-packages#6643) * **docs:** Fix migration notes ([#7195](AztecProtocol/aztec-packages#7195)) ([88efda0](AztecProtocol/aztec-packages@88efda0)) * **docs:** Moving tutorials and quick starts around, spinning off codespaces page ([#6777](AztecProtocol/aztec-packages#6777)) ([1542fa6](AztecProtocol/aztec-packages@1542fa6)) * Fix migration notes ([#7133](AztecProtocol/aztec-packages#7133)) ([14917d3](AztecProtocol/aztec-packages@14917d3)) * Fix noir-projects dockerfile for CircleCI ([#7093](AztecProtocol/aztec-packages#7093)) ([52ce25d](AztecProtocol/aztec-packages@52ce25d)) * Increase the timeout of the runner for full AVM workflow to 70 minutes ([#7183](AztecProtocol/aztec-packages#7183)) ([9aabc32](AztecProtocol/aztec-packages@9aabc32)) * Indirects and read/write slices ([#7082](AztecProtocol/aztec-packages#7082)) ([d5e80ee](AztecProtocol/aztec-packages@d5e80ee)) * Note hashes cleanup + optimization ([#7132](AztecProtocol/aztec-packages#7132)) ([edd6d3f](AztecProtocol/aztec-packages@edd6d3f)) * Note hashing gate optimizations ([#7130](AztecProtocol/aztec-packages#7130)) ([81a2580](AztecProtocol/aztec-packages@81a2580)) * **powdr:** Update to latest and add logging ([#7152](AztecProtocol/aztec-packages#7152)) ([f500f2e](AztecProtocol/aztec-packages@f500f2e)) * Reads the return data ([#6669](AztecProtocol/aztec-packages#6669)) ([ef85542](AztecProtocol/aztec-packages@ef85542)) * Refactor AVM simulator's side-effect tracing ([#7091](AztecProtocol/aztec-packages#7091)) ([9495413](AztecProtocol/aztec-packages@9495413)) * Remove stray files ([#7158](AztecProtocol/aztec-packages#7158)) ([29398de](AztecProtocol/aztec-packages@29398de)) * Remove unneeded public input folding ([#7094](AztecProtocol/aztec-packages#7094)) ([c30dc38](AztecProtocol/aztec-packages@c30dc38)) * Replace relative paths to noir-protocol-circuits ([f7e4392](AztecProtocol/aztec-packages@f7e4392)) * Replace relative paths to noir-protocol-circuits ([886f7b1](AztecProtocol/aztec-packages@886f7b1)) * Replace relative paths to noir-protocol-circuits ([b1081f8](AztecProtocol/aztec-packages@b1081f8)) * Replace relative paths to noir-protocol-circuits ([c0989eb](AztecProtocol/aztec-packages@c0989eb)) * Replace relative paths to noir-protocol-circuits ([525bbe7](AztecProtocol/aztec-packages@525bbe7)) * Replace relative paths to noir-protocol-circuits ([67bcd82](AztecProtocol/aztec-packages@67bcd82)) * Take the PCS out of Zeromorph and refactor tests ([#7078](AztecProtocol/aztec-packages#7078)) ([e192678](AztecProtocol/aztec-packages@e192678)) * Track avm proving time ([#7084](AztecProtocol/aztec-packages#7084)) ([59df722](AztecProtocol/aztec-packages@59df722)) * Ultra flavor cleanup ([#7070](AztecProtocol/aztec-packages#7070)) ([77761c6](AztecProtocol/aztec-packages@77761c6)) </details> <details><summary>barretenberg: 0.44.0</summary> ## [0.44.0](AztecProtocol/aztec-packages@barretenberg-v0.43.0...barretenberg-v0.44.0) (2024-06-26) ### Features * Added prove_output_all flow for honk ([#6869](AztecProtocol/aztec-packages#6869)) ([7bd7c66](AztecProtocol/aztec-packages@7bd7c66)) * **avm:** Add ECC ops to avm_proving_test ([#7058](AztecProtocol/aztec-packages#7058)) ([7f62a90](AztecProtocol/aztec-packages@7f62a90)) * **avm:** Cpp msm changes ([#7056](AztecProtocol/aztec-packages#7056)) ([f9c8f20](AztecProtocol/aztec-packages@f9c8f20)) * **avm:** Include bb-pilcom in monorepo ([#7098](AztecProtocol/aztec-packages#7098)) ([0442158](AztecProtocol/aztec-packages@0442158)) * Conventional lookups using log-deriv ([#7020](AztecProtocol/aztec-packages#7020)) ([6f1212f](AztecProtocol/aztec-packages@6f1212f)) * Enable merge recursive verifier in Goblin recursive verifier ([#7182](AztecProtocol/aztec-packages#7182)) ([9b4f56c](AztecProtocol/aztec-packages@9b4f56c)) * Several updates in SMT verification module ([#7105](AztecProtocol/aztec-packages#7105)) ([41b21f1](AztecProtocol/aztec-packages@41b21f1)) * Shplonk revival in ECCVM ([#7164](AztecProtocol/aztec-packages#7164)) ([34eb5a0](AztecProtocol/aztec-packages@34eb5a0)) ### Bug Fixes * **avm:** Fix unencryptedlog c++ deser ([#7194](AztecProtocol/aztec-packages#7194)) ([89a99af](AztecProtocol/aztec-packages@89a99af)) * **avm:** Re-enable ext call test ([#7147](AztecProtocol/aztec-packages#7147)) ([33ccf1b](AztecProtocol/aztec-packages@33ccf1b)) * **avm:** Reenable tag error sload ([#7153](AztecProtocol/aztec-packages#7153)) ([fd92d46](AztecProtocol/aztec-packages@fd92d46)) * **avm:** Update codegen ([#7178](AztecProtocol/aztec-packages#7178)) ([1d29708](AztecProtocol/aztec-packages@1d29708)) * Bug fixing bench prover test ([#7135](AztecProtocol/aztec-packages#7135)) ([13678be](AztecProtocol/aztec-packages@13678be)), closes [#7080](AztecProtocol/aztec-packages#7080) * Fix bug for a unit test in full proving mode repated to MSM ([#7104](AztecProtocol/aztec-packages#7104)) ([e37809b](AztecProtocol/aztec-packages@e37809b)) ### Miscellaneous * **avm:** Remove avm prefix from pil and executor ([#7099](AztecProtocol/aztec-packages#7099)) ([b502fcd](AztecProtocol/aztec-packages@b502fcd)) * **avm:** Renamings and comments ([#7128](AztecProtocol/aztec-packages#7128)) ([ed2f98e](AztecProtocol/aztec-packages@ed2f98e)) * **avm:** Separate some fixed tables ([#7163](AztecProtocol/aztec-packages#7163)) ([1d4a9a2](AztecProtocol/aztec-packages@1d4a9a2)) * Create workflow for full AVM tests ([#7051](AztecProtocol/aztec-packages#7051)) ([a0b9c4b](AztecProtocol/aztec-packages@a0b9c4b)), closes [#6643](AztecProtocol/aztec-packages#6643) * Indirects and read/write slices ([#7082](AztecProtocol/aztec-packages#7082)) ([d5e80ee](AztecProtocol/aztec-packages@d5e80ee)) * Reads the return data ([#6669](AztecProtocol/aztec-packages#6669)) ([ef85542](AztecProtocol/aztec-packages@ef85542)) * Remove unneeded public input folding ([#7094](AztecProtocol/aztec-packages#7094)) ([c30dc38](AztecProtocol/aztec-packages@c30dc38)) * Take the PCS out of Zeromorph and refactor tests ([#7078](AztecProtocol/aztec-packages#7078)) ([e192678](AztecProtocol/aztec-packages@e192678)) * Ultra flavor cleanup ([#7070](AztecProtocol/aztec-packages#7070)) ([77761c6](AztecProtocol/aztec-packages@77761c6)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Updates the private authwit to use static calls instead. Without this, it is possible to re-enter using the authwits which is horrible.
The private authwit validation is now making a static call to the account contract instead of passing over control flow. This is to ensure that it cannot be used for re-entry.
To make this change however, we cannot allow emitting a nullifying from the account contract, since that would break the static call. Instead, we will be changing the
verify_private_authwit
to averify_private_authwit
and in theauth
library emit the nullifier. This means that the "calling" contract will now be emitting the nullifier, and not the account. For example, for a token contract, the nullifier is now emitted by the token contract. However, as this is done inside theauth
library, the token contract don't need to change much.The biggest difference is related to "cancelling" an authwit. Since it is no longer in the account contract, you cannot just emit a nullifier from it anymore. Instead it must rely on the token contract providing functionality for cancelling.
There are also a few general changes to how authwits are generated, namely to more easily support the data required for a validity lookup now. Previously we could lookup the
message_hash
directly at the account contract, now we instead need to use theinner_hash
and the contract of the consumer to figure out if it have already been emitted.A minor extension have been made to the authwit creations to make it easier specific a hash that needs to be signed with a specific caller, e.g., the
inner_hash
can be provided as{consumer, inner_hash}
to thecreateAuthWit
where it previously needed to do a couple of manual steps to compute the outer hash. ThecomputeOuterAuthWitHash
have been amde internal and thecomputeAuthWitMessageHash
can instead be used to compute the values similarly to other authwit computations.If the wallet is used to compute the authwit, it will populate the chain id and version instead of requiring it to be provided by tha actor.