Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider typing unfinalized partial notes #7585

Closed
nventuro opened this issue Jul 23, 2024 · 0 comments · Fixed by #7742
Closed

Consider typing unfinalized partial notes #7585

nventuro opened this issue Jul 23, 2024 · 0 comments · Fixed by #7742
Assignees
@benesjan

Comments

@nventuro
Copy link
Contributor

Once we can represent private storage slots using points (#7437), we'll be able to provide proper support for partial notes (as was attempted in #7226). This involves combining multiple values into a Grumpkin Point so that we can later leverage fully homomorphic encryption in public.

For example, if we have a ValueNote with value, randomness and npk in a Map<AztecAddress, PrivateSet<ValueNote>>, then we may want to privately commit to the recipient address (and hence storage slot), randomness and npk, while still being able to modify the value in public:

point = storage_slot * g0 + value * g1 + randomness * g2 + npk * g3

Since points are fairly arbitrary, we could represent this in a data structure that knows about the generators and provides proper functions to alter the hidden contents:

impl ValueNote {
  fn new(storage_slot, value, randomness, npk) -> Self { ... }

  // privately commit into a hidden point, which can be made public
  fn to_hidden_point(self) -> ValueNoteHiddenPoint {
    ValueNoteHiddenPoint::new(self.storage_slot * g0 + self.value * g1 + self.randomness * g2 + self.npk * g3)
  }
}

struct ValueNoteHiddenPoint {
  inner: GrumpkinPoint
}

impl ValueNoteHiddenPoint {
  fn new(point: GrumpkinPoint) -> Self { Self { inner: point } }

  // Alter the hidden value contents, can be done in public
  fn add_value(self, amount: Field) -> Self {
     // Note that we use the same generator for value as when creating the hidden point
     self.inner + value * g1
  }

  // Drop the point into a Field, which we can use as we used the old note hash and e.g. pass it to the kernels
  fn finalize(self) -> Field {
    self.inner.x 
  }
}

When creating partial notes we'd do to_hidden_point (or to_partial_note or whatever), which'd then be passed to public and finalize'd there. If creating the note fully in private we'd need to use the exact same hashing and not e.g. pedersen (because notes created in private and finalized in public should be indistinguishable), and we'd do to_hidden_point().finalize(), or maybe ValueNote would have a finalize helper fn that does this.

Modeling this intermediate value in this way would I think greatly reduce the room for error, and provide a lot of clarity regarding what a partial note is, how it is used, what operations can be done with it, and the different stages it goes through (private as struct -> optionally public as hidden point -> finalized as field).

to_hidden_point and add_value need to be kept in sync to use the same generators. There is no reason why we would not be able to eventually autogenerate them.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@benesjan benesjan

Labels
None yet
Projects
A3
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: typing unfinalized partial notes AztecProtocol/aztec-packages
2 participants
@nventuro @benesjan