Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add decrypt oracle call #9371

Closed
Tracked by #9119
nventuro opened this issue Oct 23, 2024 · 0 comments · Fixed by #9623
Closed
Tracked by #9119

Add decrypt oracle call #9371

nventuro opened this issue Oct 23, 2024 · 0 comments · Fixed by #9623
Assignees
@Thunkar
Labels
C-pxe Component: PXE (Private eXecution Envrionment) team-fairies Nico's team

Comments

@nventuro
Copy link
Contributor

nventuro commented Oct 23, 2024
edited
Loading

We're currently performing decryption deep inside PXE as part of the trial-decrypt note discovery brute force process. We need to expose this behavior all the way to an oracle call so that contract code can attempt note payload decryption on its own, without having to reveal the private keys to the circuit.

As per #8969, notes are encrypted with the following shared secret:

let S: Point = (h + ivsk) * Epk;

h + ivsk is secret information that cannot be passed to any app and cannot leave PXE, which is why this oracle call exists. We'll send PXE the encrypted payload along with Epk, and it will return an option of a decrypted message. Note that PXE must not throw if decryption fails, since the Noir code will need to deal with failed decryption on its own.
@nventuro nventuro mentioned this issue Oct 23, 2024
Open
@nventuro nventuro added C-pxe Component: PXE (Private eXecution Envrionment) team-fairies Nico's team labels Oct 23, 2024
@github-project-automation github-project-automation bot moved this to Todo in A3 Oct 28, 2024
@Thunkar Thunkar mentioned this issue Oct 31, 2024
Merged
@Thunkar Thunkar self-assigned this Nov 5, 2024
@Thunkar Thunkar closed this as completed in 2fcf94e Nov 7, 2024
@github-project-automation github-project-automation bot moved this from Todo to Done in A3 Nov 7, 2024
AztecBot pushed a commit to AztecProtocol/aztec-nr that referenced this issue Nov 8, 2024
@Thunkar @nventuro @AztecBot
feat: process tagged logs (#9623)
487f7e9 
Closes: AztecProtocol/aztec-packages#9371
AztecProtocol/aztec-packages#9370
AztecProtocol/aztec-packages#9372

Blindly moves the logic in `note_processor.ts` to the
`simulator_oracle`, so retrieved logs can be processed and injected in
PXE's db. This approach has several problems:

- We have to trigger a process from an oracle, but the thing itself
requires a simulator to call `compute_note_hash_and_nullifier`. This
either implies moving lot of stuff into `client_execution_context`
(namely, the key store), or a chicken and egg problem with
`simulator_oracle` (we need a simulator in the oracle that is provided
to a simulator). Right now a very ugly solution is adopted,
instantiating a new simulator in place.
- ~~Are deferred notes even necessary now?~~ No, will be removed in
AztecProtocol/aztec-packages#9575
- Is there an alternative to passing the the `dataStartIndexForTx` all
the way from the node to compute the note index? (this is not too bad
IMO)
- Can the logic in the processor be simplified?
- Is there a better place to put this code that still allows us to
initiate the process from `aztec.nr`?

---------

Co-authored-by: Nicolás Venturo <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Thunkar Thunkar

Labels
C-pxe Component: PXE (Private eXecution Envrionment) team-fairies Nico's team
Projects
A3
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: process tagged logs AztecProtocol/aztec-packages
2 participants
@nventuro @Thunkar