Merge branch 'master' into ek/refactor/unify-zero-empty-to-default

barretenberg/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/barretenberg
 	branch = master
-	commit = a58c46fc8c87db58aa091d9752640f5b5087ade5
-	parent = a4d4ee8dc927cf7f8b09013c72a5b4cc4bf86075
+	commit = 8afbd6d42c6f63e3e47761fde5cd2d8baebb9f04
+	parent = a18288d9b8f3057b9e79362d922da656dacf22a9
 	method = merge
 	cmdver = 0.4.6

barretenberg/cpp/src/barretenberg/client_ivc/client_ivc.test.cpp

@@ -38,14 +38,20 @@ class ClientIVCTests : public ::testing::Test {
 
     /**
      * @brief Construct mock circuit with arithmetic gates and goblin ops
-     * @details Currently default sized to 2^16 to match kernel. (Note: op gates will bump size to next power of
-     2)
+     * @details Currently default sized to 2^16 to match kernel. (Note: dummy op gates added to avoid non-zero
+     * polynomials will bump size to next power of 2)
      *
      */
     static Builder create_mock_circuit(ClientIVC& ivc, size_t log2_num_gates = 15)
     {
         Builder circuit{ ivc.goblin.op_queue };
         MockCircuits::construct_arithmetic_circuit(circuit, log2_num_gates);
+
+        // TODO(https://github.com/AztecProtocol/barretenberg/issues/911): We require goblin ops to be added to the
+        // function circuit because we cannot support zero commtiments. While the builder handles this at
+        // finalisation stage via the add_gates_to_ensure_all_polys_are_non_zero function for other UGH
+        // circuits (where we don't explicitly need to add goblin ops), in ClientIVC merge proving happens prior to
+        // folding where the absense of goblin ecc ops will result in zero commitments.
         MockCircuits::construct_goblin_ecc_op_circuit(circuit);
         return circuit;
     }

barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_format.cpp

@@ -247,10 +247,6 @@ GoblinUltraCircuitBuilder create_circuit(const AcirFormat& constraint_system,
     bool has_valid_witness_assignments = !witness.empty();
     acir_format::build_constraints(builder, constraint_system, has_valid_witness_assignments);
 
-    // TODO(https://github.com/AztecProtocol/barretenberg/issues/817): Add some arbitrary op gates to ensure the
-    // associated polynomials are non-zero and to give ECCVM and Translator some ECC ops to process.
-    MockCircuits::construct_goblin_ecc_op_circuit(builder);
-
     return builder;
 };
 

barretenberg/cpp/src/barretenberg/dsl/acir_proofs/goblin_acir_composer.cpp

@@ -17,7 +17,7 @@ void GoblinAcirComposer::create_circuit(acir_format::AcirFormat& constraint_syst
     acir_format::build_constraints(builder_, constraint_system, true);
 
     // TODO(https://github.com/AztecProtocol/barretenberg/issues/817): Add some arbitrary op gates to ensure the
-    // associated polynomials are non-zero and to give ECCVM and Translator some ECC ops to process.
+    //  to give ECCVM and Translator some ECC ops to process.
     MockCircuits::construct_goblin_ecc_op_circuit(builder_);
 }
 

barretenberg/cpp/src/barretenberg/goblin/goblin_recursion.test.cpp

@@ -45,7 +45,8 @@ TEST_F(GoblinRecursionTests, Vanilla)
     size_t NUM_CIRCUITS = 2;
     for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) {
 
-        // Construct and accumulate a mock function circuit
+        // Construct and accumulate a mock function circuit containing both arbitrary arithmetic gates and goblin
+        // ecc op gates to make it a meaningful test
         GoblinUltraCircuitBuilder function_circuit{ goblin.op_queue };
         MockCircuits::construct_arithmetic_circuit(function_circuit, /*target_log2_dyadic_size=*/8);
         MockCircuits::construct_goblin_ecc_op_circuit(function_circuit);

barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp

@@ -70,9 +70,11 @@ class GoblinMockCircuits {
         stdlib::generate_ecdsa_verification_test_circuit(builder, NUM_ITERATIONS); // min gates: ~41k
         stdlib::generate_merkle_membership_test_circuit(builder, NUM_ITERATIONS);  // min gates: ~29k
 
-        // Note: its not clear whether goblin ops will be supported for function circuits initially but currently
-        // UGH can only be used if some op gates are included so for now we'll assume each function circuit has
-        // some.
+        // TODO(https://github.com/AztecProtocol/barretenberg/issues/911): We require goblin ops to be added to the
+        // function circuit because we cannot support zero commtiments. While the builder handles this at
+        // ProverInstance creation stage via the add_gates_to_ensure_all_polys_are_non_zero function for other UGH
+        // circuits (where we don't explicitly need to add goblin ops), in ClientIVC merge proving happens prior to
+        // folding where the absense of goblin ecc ops will result in zero commitments.
         MockCircuits::construct_goblin_ecc_op_circuit(builder);
     }
 

barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/goblin_ultra_circuit_builder.cpp

@@ -82,6 +82,10 @@ template <typename FF> void GoblinUltraCircuitBuilder_<FF>::add_gates_to_ensure_
     // dummy gate to be read into by previous poseidon internal gate via shifts
     this->create_dummy_gate(
         this->blocks.poseidon_internal, this->zero_idx, this->zero_idx, this->zero_idx, this->zero_idx);
+
+    // add dummy mul accum op and an equality op
+    this->queue_ecc_mul_accum(bb::g1::affine_element::one() * FF::random_element(), FF::random_element());
+    this->queue_ecc_eq();
 }
 
 /**

barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mock_circuits.hpp

@@ -62,16 +62,15 @@ class MockCircuits {
     }
 
     /**
-     * @brief Populate a builder with some arbitrary goblinized ECC ops
+     * @brief Populate a builder with some arbitrary goblinized ECC ops, one of each type
      *
      * @param builder
      */
     static void construct_goblin_ecc_op_circuit(GoblinUltraCircuitBuilder& builder)
     {
-        // Add a mul accum op and an equality op
-        auto point = Point::one() * FF::random_element();
-        auto scalar = FF::random_element();
-        builder.queue_ecc_mul_accum(point, scalar);
+        // Add a mul accum op, an add accum op and an equality op
+        builder.queue_ecc_add_accum(Point::one() * FF::random_element());
+        builder.queue_ecc_mul_accum(Point::one() * FF::random_element(), FF::random_element());
         builder.queue_ecc_eq();
     }
 };

noir-projects/aztec-nr/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/aztec-nr
 	branch = master
-	commit = 07332f6ce49d75b3d4186de8edee2610fae3cbaf
+	commit = 485393ab11218b3f1d785728a92fd3e8e1ea4978
 	method = merge
 	cmdver = 0.4.6
-	parent = f4c6b299253c0bdd3c2a41bd79e1c0d2ed226409
+	parent = 52be8932695ae9864e9a78597f716b81c388ca1c

noir-projects/aztec-nr/authwit/src/account.nr

@@ -1,6 +1,6 @@
 use dep::aztec::context::{PrivateContext, PublicContext, Context};
 use dep::aztec::state_vars::{Map, PublicMutable};
-use dep::aztec::protocol_types::{address::AztecAddress, abis::function_selector::FunctionSelector, hash::{pedersen_hash}};
+use dep::aztec::protocol_types::{address::AztecAddress, abis::function_selector::FunctionSelector, hash::pedersen_hash};
 
 use crate::entrypoint::{app::AppPayload, fee::FeePayload};
 use crate::auth::{IS_VALID_SELECTOR, compute_outer_authwit_hash};
@@ -76,7 +76,12 @@ impl AccountActions {
         // The `inner_hash` is "siloed" with the `msg_sender` to ensure that only it can 
         // consume the message.
         // This ensures that contracts cannot consume messages that are not intended for them.
-        let message_hash = compute_outer_authwit_hash(context.msg_sender(), context.chain_id(), context.version(), inner_hash);
+        let message_hash = compute_outer_authwit_hash(
+            context.msg_sender(),
+            context.chain_id(),
+            context.version(),
+            inner_hash
+        );
         let valid_fn = self.is_valid_impl;
         assert(valid_fn(context, message_hash) == true, "Message not authorized by account");
         context.push_new_nullifier(message_hash, 0);
@@ -90,7 +95,12 @@ impl AccountActions {
         // The `inner_hash` is "siloed" with the `msg_sender` to ensure that only it can 
         // consume the message.
         // This ensures that contracts cannot consume messages that are not intended for them.
-        let message_hash = compute_outer_authwit_hash(context.msg_sender(), context.chain_id(), context.version(), inner_hash);
+        let message_hash = compute_outer_authwit_hash(
+            context.msg_sender(),
+            context.chain_id(),
+            context.version(),
+            inner_hash
+        );
         let is_valid = self.approved_action.at(message_hash).read();
         assert(is_valid == true, "Message not authorized by account");
         context.push_new_nullifier(message_hash, 0);

noir-projects/aztec-nr/aztec/src/context/inputs/private_context_inputs.nr

@@ -1,7 +1,4 @@
-use dep::protocol_types::{
-    abis::call_context::CallContext,
-    header::Header
-};
+use dep::protocol_types::{abis::call_context::CallContext, header::Header};
 use crate::context::globals::private_global_variables::PrivateGlobalVariables;
 
 // PrivateContextInputs are expected to be provided to each private function

noir-projects/aztec-nr/aztec/src/context/public_context.nr

@@ -15,7 +15,8 @@ use dep::protocol_types::{
     MAX_NEW_NOTE_HASHES_PER_CALL, MAX_NEW_L2_TO_L1_MSGS_PER_CALL, MAX_NEW_NULLIFIERS_PER_CALL,
     MAX_PUBLIC_CALL_STACK_LENGTH_PER_CALL, MAX_PUBLIC_DATA_READS_PER_CALL,
     MAX_PUBLIC_DATA_UPDATE_REQUESTS_PER_CALL, MAX_NOTE_HASH_READ_REQUESTS_PER_CALL,
-    MAX_NULLIFIER_READ_REQUESTS_PER_CALL, MAX_NULLIFIER_NON_EXISTENT_READ_REQUESTS_PER_CALL, RETURN_VALUES_LENGTH
+    MAX_NULLIFIER_READ_REQUESTS_PER_CALL, MAX_NULLIFIER_NON_EXISTENT_READ_REQUESTS_PER_CALL,
+    RETURN_VALUES_LENGTH
 },
     contrakt::{storage_read::StorageRead, storage_update_request::StorageUpdateRequest},
     hash::hash_args_array, header::Header, messaging::l2_to_l1_message::L2ToL1Message,

noir-projects/aztec-nr/aztec/src/deploy.nr

@@ -8,7 +8,9 @@ pub fn deploy_contract(context: &mut PrivateContext, target: AztecAddress) {
 
     let universal_deploy = is_default(instance.deployer);
     if !universal_deploy {
-        assert(instance.deployer == context.this_address(), "Deployer address does not match current address");
+        assert(
+            instance.deployer == context.this_address(), "Deployer address does not match current address"
+        );
     }
 
     // Adapted from noir-contracts/contracts/contract_instance_deployer_contract/src/interface/ContractInstanceDeployer.nr

noir-projects/aztec-nr/aztec/src/history/contract_inclusion.nr

@@ -1,61 +1,48 @@
 use dep::protocol_types::{
-    address::{AztecAddress, EthAddress}, 
-    contract_class_id::ContractClassId,
-    grumpkin_point::GrumpkinPoint,
-    hash::silo_nullifier,
-    constants::DEPLOYER_CONTRACT_ADDRESS
+    address::{AztecAddress, EthAddress}, contract_class_id::ContractClassId,
+    grumpkin_point::GrumpkinPoint, hash::silo_nullifier, constants::DEPLOYER_CONTRACT_ADDRESS
 };
 use dep::std::merkle::compute_merkle_root;
 
 use crate::{
     context::PrivateContext,
     history::{
-        nullifier_inclusion::prove_nullifier_inclusion_at,
-        nullifier_non_inclusion::prove_nullifier_not_included_at,
-    }
+    nullifier_inclusion::prove_nullifier_inclusion_at,
+    nullifier_non_inclusion::prove_nullifier_not_included_at
+}
 };
 
-pub fn prove_contract_deployment_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_deployment_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute deployment nullifier
-    let nullifier = silo_nullifier(AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS), contract_address.to_field());
+    let nullifier = silo_nullifier(
+        AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS),
+        contract_address.to_field()
+    );
 
     // Prove its inclusion
     prove_nullifier_inclusion_at(nullifier, block_number, context);
 }
 
-pub fn prove_contract_non_deployment_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_non_deployment_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute deployment nullifier
-    let nullifier = silo_nullifier(AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS), contract_address.to_field());
+    let nullifier = silo_nullifier(
+        AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS),
+        contract_address.to_field()
+    );
 
     // Prove its non-inclusion
     prove_nullifier_not_included_at(nullifier, block_number, context);
 }
 
-pub fn prove_contract_initialization_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_initialization_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute initialization nullifier
     let nullifier = silo_nullifier(contract_address, contract_address.to_field());
 
     // Prove its inclusion
     prove_nullifier_inclusion_at(nullifier, block_number, context);
 }
 
-pub fn prove_contract_non_initialization_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_non_initialization_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute initialization nullifier
     let nullifier = silo_nullifier(contract_address, contract_address.to_field());
 

noir-projects/aztec-nr/aztec/src/initializer.nr

@@ -1,14 +1,12 @@
 use dep::protocol_types::{
-    hash::{silo_nullifier, pedersen_hash},
-    constants::GENERATOR_INDEX__CONSTRUCTOR,
-    abis::function_selector::FunctionSelector,
-    traits::is_default,
+    hash::{silo_nullifier, pedersen_hash}, constants::GENERATOR_INDEX__CONSTRUCTOR,
+    abis::function_selector::FunctionSelector, traits::is_default,
 };
 
 use crate::{
     context::{PrivateContext, PublicContext, ContextInterface},
     oracle::get_contract_instance::get_contract_instance,
-    history::nullifier_inclusion::prove_nullifier_inclusion,
+    history::nullifier_inclusion::prove_nullifier_inclusion
 };
 
 pub fn mark_as_initialized<TContext>(context: &mut TContext) where TContext: ContextInterface {
@@ -34,13 +32,16 @@ pub fn compute_unsiloed_contract_initialization_nullifier<TContext>(context: TCo
 }
 
 pub fn assert_initialization_matches_address_preimage<TContext>(context: TContext) where TContext: ContextInterface {
-    let address = context.this_address(); 
+    let address = context.this_address();
     let instance = get_contract_instance(address);
     let expected_init = compute_initialization_hash(context.selector(), context.get_args_hash());
     assert(instance.initialization_hash == expected_init, "Initialization hash does not match");
     assert(is_default(instance.deployer) | (instance.deployer == context.msg_sender()), "Initializer address is not the contract deployer");
 }
 
 pub fn compute_initialization_hash(init_selector: FunctionSelector, init_args_hash: Field) -> Field {
-    pedersen_hash([init_selector.to_field(), init_args_hash], GENERATOR_INDEX__CONSTRUCTOR)
-}
+    pedersen_hash(
+        [init_selector.to_field(), init_args_hash],
+        GENERATOR_INDEX__CONSTRUCTOR
+    )
+}

noir-projects/aztec-nr/aztec/src/messaging.nr

@@ -16,7 +16,14 @@ pub fn process_l1_to_l2_message(
     secret: Field
 ) -> Field {
     let secret_hash = compute_secret_hash(secret);
-    let message_hash = compute_message_hash(portal_contract_address, chain_id, storage_contract_address, version, content, secret_hash);
+    let message_hash = compute_message_hash(
+        portal_contract_address,
+        chain_id,
+        storage_contract_address,
+        version,
+        content,
+        secret_hash
+    );
 
     let returned_message = get_l1_to_l2_membership_witness(storage_contract_address, message_hash, secret);
     let leaf_index = returned_message[0];

noir-projects/aztec-nr/aztec/src/oracle/enqueue_public_function_call.nr

@@ -1,6 +1,5 @@
 use dep::protocol_types::{
-    abis::function_selector::FunctionSelector, 
-    address::AztecAddress, 
+    abis::function_selector::FunctionSelector, address::AztecAddress,
     constants::ENQUEUE_PUBLIC_FUNCTION_CALL_RETURN_LENGTH
 };
 

noir-projects/aztec-nr/aztec/src/oracle/get_l1_to_l2_membership_witness.nr

@@ -1,12 +1,17 @@
-use dep::protocol_types::{
-    address::AztecAddress,
-    constants::L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH,
-};
+use dep::protocol_types::{address::AztecAddress, constants::L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH};
 
 // Obtains membership witness (index and sibling path) for a message in the L1 to L2 message tree.
 #[oracle(getL1ToL2MembershipWitness)]
-fn get_l1_to_l2_membership_witness_oracle(_contract_address: AztecAddress, _message_hash: Field, _secret: Field) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {}
+fn get_l1_to_l2_membership_witness_oracle(
+    _contract_address: AztecAddress,
+    _message_hash: Field,
+    _secret: Field
+) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {}
 
-unconstrained pub fn get_l1_to_l2_membership_witness(contract_address: AztecAddress, message_hash: Field, secret: Field) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {
+unconstrained pub fn get_l1_to_l2_membership_witness(
+    contract_address: AztecAddress,
+    message_hash: Field,
+    secret: Field
+) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {
     get_l1_to_l2_membership_witness_oracle(contract_address, message_hash, secret)
 }

noir-projects/aztec-nr/aztec/src/oracle/logs.nr

@@ -17,13 +17,13 @@ unconstrained pub fn emit_encrypted_log<N>(
     encryption_pub_key: GrumpkinPoint,
     preimage: [Field; N]
 ) -> Field {
-        emit_encrypted_log_oracle(
-            contract_address,
-            storage_slot,
-            note_type_id,
-            encryption_pub_key,
-            preimage
-        )
+    emit_encrypted_log_oracle(
+        contract_address,
+        storage_slot,
+        note_type_id,
+        encryption_pub_key,
+        preimage
+    )
 }
 
 #[oracle(emitUnencryptedLog)]

noir-projects/aztec-nr/aztec/src/oracle/unsafe_rand.nr

@@ -1,7 +1,6 @@
 #[oracle(getRandomField)]
 fn rand_oracle() -> Field {}
 
-
 // Called `unsafe_rand` because we do not constrain in circuit that we are dealing with an actual random value.
 // Instead we just trust our PXE.
 unconstrained pub fn unsafe_rand() -> Field {

noir-projects/aztec-nr/aztec/src/state_vars/map.nr

@@ -1,5 +1,5 @@
 use crate::context::{PrivateContext, PublicContext, Context};
-use dep::protocol_types::{hash::pedersen_hash, traits::{ToField}};
+use dep::protocol_types::{hash::pedersen_hash, traits::ToField};
 use crate::state_vars::storage::Storage;
 
 // docs:start:map

noir-projects/aztec-nr/aztec/src/state_vars/private_immutable.nr

@@ -1,4 +1,4 @@
-use dep::protocol_types::{address::AztecAddress, constants::{GENERATOR_INDEX__INITIALIZATION_NULLIFIER}, hash::pedersen_hash};
+use dep::protocol_types::{address::AztecAddress, constants::GENERATOR_INDEX__INITIALIZATION_NULLIFIER, hash::pedersen_hash};
 
 use crate::context::{PrivateContext, Context};
 use crate::note::{

noir-projects/aztec-nr/aztec/src/state_vars/private_mutable.nr

@@ -1,4 +1,4 @@
-use dep::protocol_types::{address::AztecAddress, constants::{GENERATOR_INDEX__INITIALIZATION_NULLIFIER}, hash::pedersen_hash};
+use dep::protocol_types::{address::AztecAddress, constants::GENERATOR_INDEX__INITIALIZATION_NULLIFIER, hash::pedersen_hash};
 
 use crate::context::{PrivateContext, PublicContext, Context};
 use crate::note::{