Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Private refunds #7226

Merged
merged 6 commits into from
Jul 2, 2024
Merged

feat: Private refunds #7226

merged 6 commits into from
Jul 2, 2024

Conversation

just-mitch
Copy link
Collaborator

@just-mitch just-mitch commented Jun 27, 2024

This PR creates a new token contract and fee payment contract that support private refunds.

I.e. Alice pays Bob in private notes, and receives refunds in private notes within the same transaction.

This is a massive improvement over the existing PrivateFeePaymentMethod which uses an un/shield flow, which puts Alice in a never-ending loop of refunding refunds.

Note I suspect we will want to:

  1. consolidate this token/fpc, and the other token/fpc
  2. and/or create a more general pattern for this type of homomorphic operation

but the exact way forward there is not clear to me yet.

This PR also shows off some of the ugly things we need to do to get this working, like:

  • storing notes as a set to avoid mixing in the owner's address when computing the note hash
  • storing raw npk hashes in the contracts
  • needing to use to_unconstrained to get private balances

This PR also fixes two bugs:

  • supporting transactions that only have public teardown
  • validation of complete addresses that did not have public keys associated with their deployment

This PR also has the TXE charge nominal TX fees, and basic support for a teardown function.

Side note, see https://hackmd.io/NUfIc2LJRlqL0-myhij3KQ for a cost analysis (in terms of TXEffects byte size) for different fee payment methods.

In conclusion

I vote to merge the PR roughly as is and start the discussion on how to clean the stuff up that we hate, but if someone has strong negative reactions, I'm definitely open to hearing which parts we want to tease out into individual PRs.

@just-mitch just-mitch changed the title Private refunds feat: Private refunds Jun 27, 2024
@AztecBot
Copy link
Collaborator

AztecBot commented Jun 27, 2024

Benchmark results

Metrics with a significant change:

  • proof_construction_time_sha256_30_ms (16): 1,516 (-18%)
  • avm_simulation_time_ms (Token:mint_public): 586 (+710%)
  • avm_simulation_time_ms (Token:assert_minter_and_mint): 80.9 (-63%)
  • protocol_circuit_witness_generation_time_in_ms (private-kernel-tail-to-public): 8,600 (+24%)
Detailed results

All benchmarks are run on txs on the Benchmarking contract on the repository. Each tx consists of a batch call to create_note and increment_balance, which guarantees that each tx has a private call, a nested private call, a public call, and a nested public call, as well as an emitted private note, an unencrypted log, and public storage read and write.

This benchmark source data is available in JSON format on S3 here.

Proof generation

Each column represents the number of threads used in proof generation.

Metric 1 threads 4 threads 16 threads 32 threads 64 threads
proof_construction_time_sha256_30_ms 11,694 (-3%) 3,149 (-2%) ⚠️ 1,516 (-18%) 1,563 (-4%) 1,521 (-3%)
proof_construction_time_sha256_100_ms 43,788 (-2%) 11,756 (-2%) 5,422 (-2%) 5,400 (-2%) 5,342 (-2%)
proof_construction_time_poseidon_hash_ms 78.0 (-2%) 34.0 (-3%) 34.0 (-3%) 58.0 (-2%) 87.0 (-1%)
proof_construction_time_poseidon_hash_30_ms 1,556 (-1%) 414 (-2%) 200 (-1%) 224 (-3%) 267 (-1%)
proof_construction_time_poseidon_hash_100_ms 5,724 (-3%) 1,568 (-2%) 720 (-2%) 776 (-1%) 789 (-2%)

L2 block published to L1

Each column represents the number of txs on an L2 block published to L1.

Metric 4 txs 8 txs 16 txs
l1_rollup_calldata_size_in_bytes 1,412 1,412 1,412
l1_rollup_calldata_gas 9,452 9,462 9,464
l1_rollup_execution_gas 611,191 611,352 611,505
l2_block_processing_time_in_ms 767 (-2%) 1,449 (+2%) 2,704 (-3%)
l2_block_building_time_in_ms 24,710 (-6%) 50,183 (+2%) 97,023 (-6%)
l2_block_rollup_simulation_time_in_ms 24,710 (-6%) 50,182 (+2%) 97,022 (-6%)
l2_block_public_tx_process_time_in_ms 21,217 (-7%) 46,406 (+2%) 93,374 (-6%)

L2 chain processing

Each column represents the number of blocks on the L2 chain where each block has 8 txs.

Metric 3 blocks 5 blocks
node_history_sync_time_in_ms 7,186 (+2%) 10,141 (+2%)
node_database_size_in_bytes 12,251,216 16,166,992
pxe_database_size_in_bytes 16,254 26,813

Circuits stats

Stats on running time and I/O sizes collected for every kernel circuit run across all benchmarks.

Circuit simulation_time_in_ms witness_generation_time_in_ms proving_time_in_ms input_size_in_bytes output_size_in_bytes proof_size_in_bytes num_public_inputs size_in_gates
private-kernel-init 116 526 (+15%) 12,768 (-4%) 20,634 67,190 92,352 2,819 524,288
private-kernel-inner 361 (-1%) 1,107 (+3%) 49,359 (+1%) 94,902 67,190 92,352 2,819 2,097,152
private-kernel-tail 303 (-1%) 1,698 (-4%) 48,267 (-1%) 99,121 71,733 14,912 399 2,097,152
base-parity 6.59 (+5%) 1,791 (-1%) 2,689 (-5%) 128 64.0 2,208 2.00 131,072
root-parity 49.1 (-2%) 71.4 (-5%) 42,171 (+2%) 27,100 64.0 2,720 18.0 2,097,152
base-rollup 7,793 (-1%) 4,898 (-2%) 85,328 170,330 728 3,648 47.0 4,194,304
root-rollup 110 (-2%) 82.4 (-10%) 22,850 (-3%) 25,253 620 3,456 41.0 1,048,576
public-kernel-setup 626 (-2%) 3,672 (-3%) 45,211 116,905 93,334 125,344 3,850 2,097,152
public-kernel-app-logic 590 (-2%) 4,703 (-2%) 46,901 (-4%) 116,905 93,334 125,344 3,850 2,097,152
public-kernel-tail 1,393 (-1%) 38,570 (-1%) 190,090 (+3%) 511,910 10,014 14,912 399 8,388,608
private-kernel-reset-small 554 (-1%) 2,040 (+4%) 47,988 (+1%) 123,313 67,190 92,352 2,819 2,097,152
public-kernel-teardown 567 (-1%) 4,712 (-3%) 47,232 (-2%) 116,905 93,334 125,344 3,850 2,097,152
merge-rollup 29.5 (-1%) N/A N/A 16,486 728 N/A N/A N/A
private-kernel-tail-to-public N/A ⚠️ 8,600 (+24%) 95,595 N/A N/A 125,344 3,850 4,194,304

Stats on running time collected for app circuits

Function input_size_in_bytes output_size_in_bytes witness_generation_time_in_ms proof_size_in_bytes proving_time_in_ms size_in_gates num_public_inputs
ContractClassRegisterer:register 1,344 9,944 408 (-2%) N/A N/A N/A N/A
ContractInstanceDeployer:deploy 1,408 9,944 39.5 (-1%) N/A N/A N/A N/A
MultiCallEntrypoint:entrypoint 1,920 9,944 1,302 (-1%) N/A N/A N/A N/A
GasToken:deploy 1,376 9,944 941 (-2%) N/A N/A N/A N/A
SchnorrAccount:constructor 1,312 9,944 487 (-2%) N/A N/A N/A N/A
SchnorrAccount:entrypoint 2,304 9,944 1,891 16,768 56,080 (+1%) 2,097,152 457
Token:privately_mint_private_note 1,280 9,944 636 (-1%) N/A N/A N/A N/A
FPC:fee_entrypoint_public 1,344 9,944 298 (-3%) 16,768 11,171 (-3%) 524,288 457
Token:transfer 1,312 9,944 2,899 16,768 22,619 1,048,576 457
AuthRegistry:set_authorized (avm) 20,954 N/A N/A 94,336 1,319 (-8%) N/A N/A
FPC:prepare_fee (avm) 28,396 N/A N/A 94,400 2,991 (-6%) N/A N/A
Token:transfer_public (avm) 44,612 N/A N/A 94,400 3,980 (-2%) N/A N/A
AuthRegistry:consume (avm) 34,832 N/A N/A 94,336 2,963 (-1%) N/A N/A
FPC:pay_refund (avm) 38,561 N/A N/A 94,368 24,576 (+3%) N/A N/A
Benchmarking:create_note 1,344 9,944 488 N/A N/A N/A N/A
SchnorrAccount:verify_private_authwit 1,280 9,944 72.3 N/A N/A N/A N/A
Token:unshield 1,376 9,944 2,700 N/A N/A N/A N/A
FPC:fee_entrypoint_private 1,376 9,944 3,508 (+1%) N/A N/A N/A N/A

AVM Simulation

Time to simulate various public functions in the AVM.

Function time_ms bytecode_size_in_bytes
GasToken:_increase_public_balance 65.3 (-19%) 13,790
GasToken:set_portal 18.7 (-1%) 3,305
Token:constructor 96.7 (-2%) 23,658
FPC:constructor 62.2 (-2%) 13,592
GasToken:mint_public 51.4 10,158
Token:mint_public ⚠️ 586 (+710%) 19,000
Token:assert_minter_and_mint ⚠️ 80.9 (-63%) 12,891
AuthRegistry:set_authorized 31.5 (-5%) 7,812
FPC:prepare_fee 128 (-4%) 15,062
Token:transfer_public 55.7 (-23%) 31,184
FPC:pay_refund 146 (-1%) 25,260
Benchmarking:increment_balance 2,643 (-1%) 15,233
Token:_increase_public_balance 56.5 (+1%) 14,972
FPC:pay_refund_with_shielded_rebate 140 (-23%) 26,347

Public DB Access

Time to access various public DBs.

Function time_ms
get-nullifier-index 0.160 (-1%)

Tree insertion stats

The duration to insert a fixed batch of leaves into each tree type.

Metric 1 leaves 16 leaves 64 leaves 128 leaves 256 leaves 512 leaves 1024 leaves
batch_insert_into_append_only_tree_16_depth_ms 10.4 (-1%) 16.8 (-1%) N/A N/A N/A N/A N/A
batch_insert_into_append_only_tree_16_depth_hash_count 16.8 31.7 N/A N/A N/A N/A N/A
batch_insert_into_append_only_tree_16_depth_hash_ms 0.603 (-1%) 0.516 (-1%) N/A N/A N/A N/A N/A
batch_insert_into_append_only_tree_32_depth_ms N/A N/A 48.8 (-1%) 77.0 (-1%) 137 251 (+2%) 472 (-4%)
batch_insert_into_append_only_tree_32_depth_hash_count N/A N/A 95.9 159 287 543 1,055
batch_insert_into_append_only_tree_32_depth_hash_ms N/A N/A 0.497 (-1%) 0.473 (-1%) 0.469 0.454 (+2%) 0.441 (-4%)
batch_insert_into_indexed_tree_20_depth_ms N/A N/A 60.0 (-1%) 113 (-1%) 183 (-4%) 362 (+2%) 695 (-4%)
batch_insert_into_indexed_tree_20_depth_hash_count N/A N/A 109 207 355 691 1,363
batch_insert_into_indexed_tree_20_depth_hash_ms N/A N/A 0.506 (-1%) 0.508 (-1%) 0.484 (-4%) 0.489 (+2%) 0.476 (-4%)
batch_insert_into_indexed_tree_40_depth_ms N/A N/A 73.7 N/A N/A N/A N/A
batch_insert_into_indexed_tree_40_depth_hash_count N/A N/A 133 N/A N/A N/A N/A
batch_insert_into_indexed_tree_40_depth_hash_ms N/A N/A 0.524 N/A N/A N/A N/A

Miscellaneous

Transaction sizes based on how many contract classes are registered in the tx.

Metric 0 registered classes 1 registered classes
tx_size_in_bytes 85,707 670,983

Transaction size based on fee payment method

| Metric | |
| - | |

@just-mitch just-mitch marked this pull request as ready for review June 28, 2024 20:00
Copy link
Collaborator

@spalladino spalladino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome PR @just-mitch!! Left a bunch of comments, but none that cannot be addressed in a subsequent PR.

Main thing I'd like to discuss about the overall design is whether we can decouple partial notes from fee refunds. In other words: having the token contract expose primitives "setup partial note" and "complete partial note" (the latter accepting a value as opposed to using the tx fee), and have the FPC orchestrate the whole thing. Seems like we'd need a new note type PartialTokenNoteAwaitingToBeCompleted to be set during "setup partial note" and to be consumed in "complete", so the caller can't just supply any values they wish, right?

use dep::aztec::context::interface::PublicContextInterface;

pub fn calculate_fee<TPublicContext>(_context: TPublicContext) -> U128 where TPublicContext: PublicContextInterface {
U128::from_integer(1)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not use context.transaction_fee here?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah this is dead code. Not called. I will remove it.

Comment on lines +23 to +24
// convince the FPC we are not cheating
context.push_new_nullifier(nonce, 0);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure I understood: why does this convince the FPC we are not cheating?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also: should we mix the nonce with the msg.sender before emitting it as a nullifier? I'm worried a user could abuse it to invalidate another user's txs.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suppose user chooses nonce of 42, and the amount due to the FPC is 100.

Then if user chooses a nonce of 42 again, then it will create a duplicate note if the amount due to the FPC is the same.

For that reason I think we ought not mix the nonce with the msg.sender, since we would want the other user's tx to be invalidated for the same reason.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it. Still, it feels risky to have a nullifier purely controlled by the caller. What if we mixed msg_sender with the nonce both for this nullifier and for the nonce we pass onto the token contract?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we could do that, but from the protocol perspective, the nullifier will be siloed to this contract instance, so no risk there, and from the FPC's perspective, it wants to do absolutely as little as possible.

That said, I also have a somewhat icky feeling about this. Can you think of any attack or exploit that could come from it? It would be helpful to understand if this type of pattern is "safe" generally, even if it feels risky.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah duh yes snooping the mempool would do it. Nice one! So I think then we don't need to mix in the sender, but we do need to encrypt the nonce when we emit it.

In this PR I just fixed the privacy leak which Lasse and Santiago spotted by introducing the second randomness value (computed by hashing the first one) and emitting as unencrypted log only the second value which should reliably prevent the front-running attack (basically the same solution as what Mitch described in the edit).

Copy link
Contributor

@benesjan benesjan Jul 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suppose user chooses nonce of 42, and the amount due to the FPC is 100.

Then if user chooses a nonce of 42 again, then it will create a duplicate note if the amount due to the FPC is the same.

For that reason I think we ought not mix the nonce with the msg.sender, since we would want the other user's tx to be invalidated for the same reason.

Do I understand this correctly that this is only a problem because we do not yet inject nonces to public note hashes (issue here)? If we had the nonces there I think there should be no issue with duplicate notes.

If this is the case I would prioritize finishing tackling that issue.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@benesjan I think that the original issue raised by Palla has already been fixed by emitting the hash of the user's randomness as the unencrypted log. But I think that if we injected nonces into public notes, we might be able to get away with not pushing the nullifier of the user's randomness (since that was originally done to convince the FPC that its note would have a unique preimage/image). Thought I'm not sure in that case how the FPC/user recover the nonce that gets injected?

Copy link
Contributor

@benesjan benesjan Jul 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool cool.

I am just working on storage slot as point PR and with that we'll be able to fix the remaining vulnerabilities (#7323 and #7324). Once that is done the note hash will be siloed to user address by the contract. At that point the severity of the attack of re-using randomness (assuming we remove pushing the nullifier) drops from an attacker potentially preventing someone else from spending their notes (by emitting the same note and then spending it) to a user potentially losing money if they are stupid and use the same randomness twice.

We should protect users against stupidity so it makes sense to prioritize tackling public note hash nonce.

Once we have that implemented we can safely drop emitting the nullifier. This is super nice because we want to hyper-optimize these functions since it's a cost which I assume will be part of all the txs.

Will take a note to do that once all the pieces are in place.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just nuked the nullifier in this PR as it's no longer needed.


#[aztec(private)]
fn fund_transaction_privately(amount: Field, asset: AztecAddress, nonce: Field) {
assert(asset == storage.other_asset.read_private());
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why pass the asset as an argument at all?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The thinking here is the same as the existing FPC- this FPC could be used with a whitelist of supported underlying tokens.

Comment on lines +840 to +846
// Definitely not right, in that the teardown should always be last.
// But useful for executing flows.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd push for fixing this ASAP since it's a very unexpected behaviour for a dev testing via the txe.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah agreed. I don't know enough about the TXE design to know how this ought to be done, since it needs to have an understanding of the TX lifecycle.

Comment on lines 201 to 203
// `3` is the storage slot of the balances
context.push_new_note_hash(pedersen_hash([3, note_hashes[0]], GENERATOR_INDEX__INNER_NOTE_HASH));
context.push_new_note_hash(pedersen_hash([3, note_hashes[1]], GENERATOR_INDEX__INNER_NOTE_HASH));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI I think you can do sth like PrivateToken::storage().balances.slot to avoid hardcoding the slot

);
let token_contract = env.deploy("@aztec/noir-contracts.js/PrivateToken").with_public_initializer(initializer_call_interface);
let token_contract_address = token_contract.to_address();
env.advance_block_by(6);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this for getting the pubkeys into the registry?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep!

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was any change from the original needed?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Original maintains
map: Map<AztecAddress, PrivateSet<T, Context>, Context>

this has
map: PrivateSet<T, Context>

The reason is that if we were to use Map<AztecAddress, ...> the address would get mixed in when computing the storage slots for notes. So back in PrivateToken::complete_refund we would need the aztec address of the note recipient in order to correctly emit the note hash.

So the functions below are slightly different to compensate for that, and we have to do funky things with to_unconstrained below. I owe @nventuro an issue documenting this.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to know. Still, it seems that it should be fine for all practical purposes, right?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I think so.

Comment on lines 25 to 26
// allow the FPC to reconstruct their fee note
context.emit_unencrypted_log(nonce);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI Lasse is removing this method from context given it's a privacy footgun.

@LHerskind seeing as it is needed in more than one place, should we instead keep it but rename it to something like "dangerously_privacy_leaking_emit_unencrypted_log" to be clear about its implications?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lol at dangerously... We could also emit it as encrypted, but since the FPC is paying for this, and I don't think they care if nonce is revealed, they would prefer it to be unencrypted.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment on lines +136 to +151
let sponsored_user_point = multi_scalar_mul(
[G1, G1, G1],
[EmbeddedCurveScalar {
lo: sponsored_user_lo,
hi: sponsored_user_hi
},
EmbeddedCurveScalar {
lo: funded_amount_lo,
hi: funded_amount_hi
},
EmbeddedCurveScalar {
lo: refund_nonce_lo,
hi: refund_nonce_hi
}]
);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this lead to a privacy leak? Let's assume we have an FPC that's used for a specific set of apps (eg swaps), that have a well-known gas cost, so the set of possible funded_amounts is known. The refund_nonce is known as well since it's emitted unencrypted by the FPC. So an attacker could brute-force user npk_ms fetched from the keys registry to try and recompute this sponsored_user_point (which is visible as part of the public call) and thus detect the tx sender.

Could we patch this by adding another value used for randomness that does not get publicly broadcasted?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes! @LHerskind had the same suggestion on the thread in show-and-tell. Alice supplies a nonce that gets emitted as a nullifier for the FPC and another that gets used for herself.

@just-mitch just-mitch merged commit 6fafff6 into master Jul 2, 2024
91 checks passed
@just-mitch just-mitch deleted the private-refunds branch July 2, 2024 12:45
rahul-kothari pushed a commit that referenced this pull request Jul 2, 2024
🤖 I have created a release *beep* *boop*
---


<details><summary>aztec-package: 0.45.0</summary>

##
[0.45.0](aztec-package-v0.44.0...aztec-package-v0.45.0)
(2024-07-02)


### Bug Fixes

* Devnet deployment issues
([#7197](#7197))
([9cf4904](9cf4904))
</details>

<details><summary>barretenberg.js: 0.45.0</summary>

##
[0.45.0](barretenberg.js-v0.44.0...barretenberg.js-v0.45.0)
(2024-07-02)


### Miscellaneous

* **barretenberg.js:** Synchronize aztec-packages versions
</details>

<details><summary>aztec-packages: 0.45.0</summary>

##
[0.45.0](aztec-packages-v0.44.0...aztec-packages-v0.45.0)
(2024-07-02)


### ⚠ BREAKING CHANGES

* error on too large integer value
(noir-lang/noir#5371)
* rename struct-specific TypeDefinition -> StructDefinition
(noir-lang/noir#5356)
* extend storage read oracle to receive address and block number
([#7243](#7243))
* split storage access oracles
([#7237](#7237))
* remove `dep::` prefix (noir-lang/noir#4946)

### Features

* `mod.nr` entrypoint (noir-lang/noir#5039)
([bb5cbab](bb5cbab))
* `static_assert` builtin (noir-lang/noir#5342)
([eb9e9f6](eb9e9f6))
* Add `map`, `fold`, `reduce`, `any`, and `all` for slices
(noir-lang/noir#5331)
([f2abb4e](f2abb4e))
* Add `set` and `set_unchecked` methods to `Vec` and `BoundedVec`
(noir-lang/noir#5241)
([ed815a3](ed815a3))
* Add BoundedVec::map (noir-lang/noir#5250)
([ed815a3](ed815a3))
* Add fuzzer for Noir programs
(noir-lang/noir#5251)
([ed815a3](ed815a3))
* Add new lenses for encryted notes
([#7238](#7238))
([c07cf2c](c07cf2c))
* Add outgoing keys support to getEvents
([#7239](#7239))
([77c304e](77c304e))
* Add support for wildcard types
(noir-lang/noir#5275)
([ed815a3](ed815a3))
* **avm:** Calldata gadget preliminaries
([#7227](#7227))
([79e8588](79e8588))
* Build simple dictionary from inspecting ACIR program
(noir-lang/noir#5264)
([ed815a3](ed815a3))
* Constant Honk proof sizes
([#6954](#6954))
([17c8d3a](17c8d3a))
* Disable nargo color output if stderr is tty
(noir-lang/noir#5346)
([eb9e9f6](eb9e9f6))
* **docs:** Macros explainer
([#7172](#7172))
([bb2ebfc](bb2ebfc))
* Error on too large integer value
(noir-lang/noir#5371)
([bb5cbab](bb5cbab))
* Example of private token transfer event
([#7242](#7242))
([99ce26f](99ce26f))
* **experimental:** Implement macro calls & splicing into `Expr` values
(noir-lang/noir#5203)
([ed815a3](ed815a3))
* Extend storage read oracle to receive address and block number
([#7243](#7243))
([153b201](153b201))
* **frontend:** Explicit numeric generics and type kinds
(noir-lang/noir#5155)
([f2abb4e](f2abb4e))
* **frontend:** Where clause on impl
(noir-lang/noir#5320)
([f2abb4e](f2abb4e))
* Function selector opcode in AVM
([#7244](#7244))
([dde47e9](dde47e9))
* Implement comptime support for `array_len` builtin
(noir-lang/noir#5272)
([ed815a3](ed815a3))
* Implement comptime support for `as_slice` builtin
(noir-lang/noir#5276)
([ed815a3](ed815a3))
* Insert trait impls into the program from type annotations
(noir-lang/noir#5327)
([f2abb4e](f2abb4e))
* Let `should_fail_with` check that the failure reason contains the
expected message (noir-lang/noir#5319)
([f2abb4e](f2abb4e))
* Make macros operate on token streams instead of AST nodes
(noir-lang/noir#5301)
([ed815a3](ed815a3))
* Private refunds
([#7226](#7226))
([6fafff6](6fafff6))
* Remove `dep::` prefix (noir-lang/noir#4946)
([ed815a3](ed815a3))
* Remove event selector in logs from public context
([#7192](#7192))
([646d45a](646d45a))
* Rename struct-specific TypeDefinition -&gt; StructDefinition
(noir-lang/noir#5356)
([bb5cbab](bb5cbab))
* Run `comptime` code from annotations on a type definition
(noir-lang/noir#5256)
([ed815a3](ed815a3))
* Split storage access oracles
([#7237](#7237))
([51f7d65](51f7d65))
* **stdlib:** Update stdlib to use explicit numeric generics
(noir-lang/noir#5306)
([f2abb4e](f2abb4e))
* Store shared mutable hash
([#7169](#7169))
([868606e](868606e))
* Sync from aztec-packages (noir-lang/noir#5242)
([ed815a3](ed815a3))
* Sync from aztec-packages (noir-lang/noir#5340)
([f2abb4e](f2abb4e))
* Sync from aztec-packages (noir-lang/noir#5347)
([eb9e9f6](eb9e9f6))
* Sync from aztec-packages (noir-lang/noir#5377)
([bb5cbab](bb5cbab))
* Unconstrained variants for event emission
([#7251](#7251))
([6d093e3](6d093e3))
* Unify unencrypted log emission and decoding
([#7232](#7232))
([354dba2](354dba2))
* Update rebuild script
([#7225](#7225))
([af59247](af59247))
* Use runtime loops for brillig array initialization
(noir-lang/noir#5243)
([f2abb4e](f2abb4e))
* Wonky rollups
([#7189](#7189))
([1de3746](1de3746))


### Bug Fixes

* Add more thorough check for whether a type is valid when passing it
from constrained code to unconstrained code
(noir-lang/noir#5009)
([ed815a3](ed815a3))
* Add support for nested arrays returned by oracles
(noir-lang/noir#5132)
([ed815a3](ed815a3))
* Address compiler warnings coming from stdlib
(noir-lang/noir#5351)
([eb9e9f6](eb9e9f6))
* Avoid duplicating constant arrays
(noir-lang/noir#5287)
([ed815a3](ed815a3))
* Avoid panic in type system
(noir-lang/noir#5332)
([f2abb4e](f2abb4e))
* Avoid unnecessarily splitting expressions with multiplication terms
with a shared term (noir-lang/noir#5291)
([ed815a3](ed815a3))
* Benchmark prover e2e test with proving
([#7175](#7175))
([431c14c](431c14c))
* Devnet deployment issues
([#7197](#7197))
([9cf4904](9cf4904))
* Disable `if` optimization
(noir-lang/noir#5240)
([ed815a3](ed815a3))
* **docs:** Historical reference library updates
([#7166](#7166))
([b3409c4](b3409c4))
* Don't benchmark the "prove" command as it doesn't exist anymore
(noir-lang/noir#5323)
([f2abb4e](f2abb4e))
* Don't lazily elaborate functions
(noir-lang/noir#5282)
([ed815a3](ed815a3))
* **elaborator:** Fix duplicate methods error
(noir-lang/noir#5225)
([ed815a3](ed815a3))
* **elaborator:** Fix regression introduced by lazy-global changes
(noir-lang/noir#5223)
([ed815a3](ed815a3))
* Error when a local function is called in a comptime context
(noir-lang/noir#5334)
([f2abb4e](f2abb4e))
* Fix authwit package
([#7204](#7204))
([98ccd41](98ccd41))
* Fix incorrect return type being applied to stdlib functions
`modulus_be_bytes()`, `modulus_be_bits()`, etc.
(noir-lang/noir#5278)
([ed815a3](ed815a3))
* Fix tokenization of unquoted types in macros
(noir-lang/noir#5326)
([f2abb4e](f2abb4e))
* Fix usage of `#[abi(tag)]` attribute with elaborator
(noir-lang/noir#5298)
([f2abb4e](f2abb4e))
* Handle struct with nested arrays in oracle return values
(noir-lang/noir#5244)
([ed815a3](ed815a3))
* Ignore calls to `Intrinsic::AsWitness` during brillig codegen
(noir-lang/noir#5350)
([eb9e9f6](eb9e9f6))
* Implement generic functions in the interpreter
(noir-lang/noir#5330)
([f2abb4e](f2abb4e))
* **nargo_fmt:** Account for spaces before the generic list of a
function (noir-lang/noir#5303)
([ed815a3](ed815a3))
* Replace panic in monomorphization with an error
(noir-lang/noir#5305)
([ed815a3](ed815a3))
* Reran pil-&gt;cpp codegen & encode_and_encrypt_event_with_randomness
fix
([#7247](#7247))
([fa15a45](fa15a45))
* Runtime brillig bigint id assignment
(noir-lang/noir#5369)
([bb5cbab](bb5cbab))
* Skip emission of brillig calls which will never be executed
(noir-lang/noir#5314)
([ed815a3](ed815a3))
* TS LSP being slow
([#7181](#7181))
([e934e87](e934e87))
* Update `in_contract` flag before handling function metadata in
elaborator (noir-lang/noir#5292)
([ed815a3](ed815a3))
* Use proper serialization in `AbiValue`
(noir-lang/noir#5270)
([ed815a3](ed815a3))


### Miscellaneous

* `static_assert` error message fix and split into is-dynamic and
is-false (noir-lang/noir#5353)
([eb9e9f6](eb9e9f6))
* Add back Pedersen blackbox functions (revert PR 5221)
(noir-lang/noir#5318)
([ed815a3](ed815a3))
* Add log_hash as input in log emission in private context
([#7249](#7249))
([8b3dfe9](8b3dfe9))
* Add no predicate to poseidon2
(noir-lang/noir#5252)
([ed815a3](ed815a3))
* Add no-predicate to hash implementations
(noir-lang/noir#5253)
([ed815a3](ed815a3))
* Add property tests for ABI encoding
(noir-lang/noir#5216)
([ed815a3](ed815a3))
* Address TODO in `compat.nr`
(noir-lang/noir#5339)
([f2abb4e](f2abb4e))
* **avm-transpiler:** Better error messages
([#7217](#7217))
([27051ad](27051ad))
* **avm:** Remove trailing minus zero in codegen
([#7185](#7185))
([f3c8166](f3c8166))
* Avoid building contracts when producing gates report
([#7136](#7136))
([25507e6](25507e6))
* Bump `bb` to 0.43.0 (noir-lang/noir#5321)
([f2abb4e](f2abb4e))
* Bundle SSA Evaluator Options
(noir-lang/noir#5317)
([ed815a3](ed815a3))
* **ci:** Trigger a noir sync every morning at 8am
([#7280](#7280))
([412c016](412c016))
* Copy across typo PR script from aztec-packages
(noir-lang/noir#5235)
([ed815a3](ed815a3))
* Create separate crate just for noir artifacts
(noir-lang/noir#5162)
([ed815a3](ed815a3))
* **docs:** Fixing trailing slash issue
(noir-lang/noir#5233)
([ed815a3](ed815a3))
* Fix examples (noir-lang/noir#5357)
([eb9e9f6](eb9e9f6))
* Fix migration notes
([#7279](#7279))
([51d93eb](51d93eb))
* Fix negative tests in AVM circuit for context input lookups
([#7261](#7261))
([ad2f654](ad2f654))
* Fixing all relative paths
(noir-lang/noir#5220)
([ed815a3](ed815a3))
* Generate PIL constants from via constants gen
([#7258](#7258))
([244ef7e](244ef7e))
* Gets rid of unencrypted emit in private_context
([#7236](#7236))
([3e6d88e](3e6d88e))
* Improve authwit comments/docs
([#7180](#7180))
([051ab9e](051ab9e))
* Misc cleanup in simulator
([#7203](#7203))
([eb00830](eb00830))
* Optimize the elaborator (noir-lang/noir#5230)
([ed815a3](ed815a3))
* Parse macros (noir-lang/noir#5229)
([ed815a3](ed815a3))
* Pedersen commitment in Noir
(noir-lang/noir#5221)
([ed815a3](ed815a3))
* Pedersen hash in Noir (noir-lang/noir#5217)
([ed815a3](ed815a3))
* Private tail circuits
([#7148](#7148))
([9e67e7d](9e67e7d))
* Pull out change to expression splitting from sync PR
([#7215](#7215))
([b4f50a5](b4f50a5))
* Pull out foreign call nested array changes
([#7216](#7216))
([1faaaf5](1faaaf5))
* Pull out
noir-lang/noir[#5120](#5120)
([#7205](#7205))
([c5dc094](c5dc094))
* Pull out pedersen generator builtin from sync PR
([#7210](#7210))
([412f02e](412f02e))
* Pull out SSA changes from sync PR
([#7209](#7209))
([141e137](141e137))
* Push code related to ABI gen into `noirc_driver`
(noir-lang/noir#5218)
([ed815a3](ed815a3))
* Redo typo PR by dropbigfish
(noir-lang/noir#5234)
([ed815a3](ed815a3))
* Refactor test case generation in build.rs
(noir-lang/noir#5280)
([ed815a3](ed815a3))
* Release Noir(0.31.0) (noir-lang/noir#5166)
([ed815a3](ed815a3))
* Remove `is_unconstrained_fn` field from elaborator
(noir-lang/noir#5335)
([f2abb4e](f2abb4e))
* Remove 4738 ref
([#7254](#7254))
([97d997c](97d997c))
* Remove a log file
([#7201](#7201))
([83bb218](83bb218))
* Remove commented code
([#7231](#7231))
([2740d60](2740d60))
* Remove panic for unimplemented trait dispatch
(noir-lang/noir#5329)
([f2abb4e](f2abb4e))
* Replace `is_bn254` implementation to not rely on truncation of
literals (noir-lang/noir#5247)
([ed815a3](ed815a3))
* Replace `regression_5202` with more manageably sized program
(noir-lang/noir#5345)
([eb9e9f6](eb9e9f6))
* Replace cached `in_contract` with `in_contract()` method
(noir-lang/noir#5324)
([f2abb4e](f2abb4e))
* Replace logical operators with bitwise in `DebugToString`
(noir-lang/noir#5236)
([ed815a3](ed815a3))
* Replace relative paths to noir-protocol-circuits
([e83b07b](e83b07b))
* Replace relative paths to noir-protocol-circuits
([eca8587](eca8587))
* Replace relative paths to noir-protocol-circuits
([b9ddf43](b9ddf43))
* Replace relative paths to noir-protocol-circuits
([6f817e8](6f817e8))
* Replace relative paths to noir-protocol-circuits
([f9bf0a4](f9bf0a4))
* Replicate
noir-lang/noir[#4946](#4946)
([#7202](#7202))
([b5c07d8](b5c07d8))
* Simplify compilation flow to write to file immediately
(noir-lang/noir#5265)
([ed815a3](ed815a3))
* Split off fuzzer, abi changes and `noirc_artifacts` from sync
([#7208](#7208))
([255d752](255d752))
* Thread generics through ACIR/brillig gen
(noir-lang/noir#5120)
([ed815a3](ed815a3))
* Use `push_err` more in elaborator
(noir-lang/noir#5336)
([f2abb4e](f2abb4e))
* Use options.limit as upper limit for note-getter loop
([#7253](#7253))
([8ff669b](8ff669b))
* Use prefix op_ for every instruction in avm_trace.hpp
([#7214](#7214))
([7ed7558](7ed7558))
* Use the elaborator by default
(noir-lang/noir#5246)
([ed815a3](ed815a3))
</details>

<details><summary>barretenberg: 0.45.0</summary>

##
[0.45.0](barretenberg-v0.44.0...barretenberg-v0.45.0)
(2024-07-02)


### Features

* **avm:** Calldata gadget preliminaries
([#7227](#7227))
([79e8588](79e8588))
* Constant Honk proof sizes
([#6954](#6954))
([17c8d3a](17c8d3a))
* Function selector opcode in AVM
([#7244](#7244))
([dde47e9](dde47e9))
* Update rebuild script
([#7225](#7225))
([af59247](af59247))


### Bug Fixes

* Benchmark prover e2e test with proving
([#7175](#7175))
([431c14c](431c14c))
* Reran pil-&gt;cpp codegen & encode_and_encrypt_event_with_randomness
fix
([#7247](#7247))
([fa15a45](fa15a45))


### Miscellaneous

* **avm:** Remove trailing minus zero in codegen
([#7185](#7185))
([f3c8166](f3c8166))
* Fix negative tests in AVM circuit for context input lookups
([#7261](#7261))
([ad2f654](ad2f654))
* Generate PIL constants from via constants gen
([#7258](#7258))
([244ef7e](244ef7e))
* Use prefix op_ for every instruction in avm_trace.hpp
([#7214](#7214))
([7ed7558](7ed7558))
</details>

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
AztecBot added a commit to AztecProtocol/barretenberg that referenced this pull request Jul 3, 2024
🤖 I have created a release *beep* *boop*
---


<details><summary>aztec-package: 0.45.0</summary>

##
[0.45.0](AztecProtocol/aztec-packages@aztec-package-v0.44.0...aztec-package-v0.45.0)
(2024-07-02)


### Bug Fixes

* Devnet deployment issues
([#7197](AztecProtocol/aztec-packages#7197))
([9cf4904](AztecProtocol/aztec-packages@9cf4904))
</details>

<details><summary>barretenberg.js: 0.45.0</summary>

##
[0.45.0](AztecProtocol/aztec-packages@barretenberg.js-v0.44.0...barretenberg.js-v0.45.0)
(2024-07-02)


### Miscellaneous

* **barretenberg.js:** Synchronize aztec-packages versions
</details>

<details><summary>aztec-packages: 0.45.0</summary>

##
[0.45.0](AztecProtocol/aztec-packages@aztec-packages-v0.44.0...aztec-packages-v0.45.0)
(2024-07-02)


### ⚠ BREAKING CHANGES

* error on too large integer value
(noir-lang/noir#5371)
* rename struct-specific TypeDefinition -> StructDefinition
(noir-lang/noir#5356)
* extend storage read oracle to receive address and block number
([#7243](AztecProtocol/aztec-packages#7243))
* split storage access oracles
([#7237](AztecProtocol/aztec-packages#7237))
* remove `dep::` prefix (noir-lang/noir#4946)

### Features

* `mod.nr` entrypoint (noir-lang/noir#5039)
([bb5cbab](AztecProtocol/aztec-packages@bb5cbab))
* `static_assert` builtin (noir-lang/noir#5342)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* Add `map`, `fold`, `reduce`, `any`, and `all` for slices
(noir-lang/noir#5331)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Add `set` and `set_unchecked` methods to `Vec` and `BoundedVec`
(noir-lang/noir#5241)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Add BoundedVec::map (noir-lang/noir#5250)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Add fuzzer for Noir programs
(noir-lang/noir#5251)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Add new lenses for encryted notes
([#7238](AztecProtocol/aztec-packages#7238))
([c07cf2c](AztecProtocol/aztec-packages@c07cf2c))
* Add outgoing keys support to getEvents
([#7239](AztecProtocol/aztec-packages#7239))
([77c304e](AztecProtocol/aztec-packages@77c304e))
* Add support for wildcard types
(noir-lang/noir#5275)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* **avm:** Calldata gadget preliminaries
([#7227](AztecProtocol/aztec-packages#7227))
([79e8588](AztecProtocol/aztec-packages@79e8588))
* Build simple dictionary from inspecting ACIR program
(noir-lang/noir#5264)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Constant Honk proof sizes
([#6954](AztecProtocol/aztec-packages#6954))
([17c8d3a](AztecProtocol/aztec-packages@17c8d3a))
* Disable nargo color output if stderr is tty
(noir-lang/noir#5346)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* **docs:** Macros explainer
([#7172](AztecProtocol/aztec-packages#7172))
([bb2ebfc](AztecProtocol/aztec-packages@bb2ebfc))
* Error on too large integer value
(noir-lang/noir#5371)
([bb5cbab](AztecProtocol/aztec-packages@bb5cbab))
* Example of private token transfer event
([#7242](AztecProtocol/aztec-packages#7242))
([99ce26f](AztecProtocol/aztec-packages@99ce26f))
* **experimental:** Implement macro calls & splicing into `Expr` values
(noir-lang/noir#5203)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Extend storage read oracle to receive address and block number
([#7243](AztecProtocol/aztec-packages#7243))
([153b201](AztecProtocol/aztec-packages@153b201))
* **frontend:** Explicit numeric generics and type kinds
(noir-lang/noir#5155)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* **frontend:** Where clause on impl
(noir-lang/noir#5320)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Function selector opcode in AVM
([#7244](AztecProtocol/aztec-packages#7244))
([dde47e9](AztecProtocol/aztec-packages@dde47e9))
* Implement comptime support for `array_len` builtin
(noir-lang/noir#5272)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Implement comptime support for `as_slice` builtin
(noir-lang/noir#5276)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Insert trait impls into the program from type annotations
(noir-lang/noir#5327)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Let `should_fail_with` check that the failure reason contains the
expected message (noir-lang/noir#5319)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Make macros operate on token streams instead of AST nodes
(noir-lang/noir#5301)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Private refunds
([#7226](AztecProtocol/aztec-packages#7226))
([6fafff6](AztecProtocol/aztec-packages@6fafff6))
* Remove `dep::` prefix (noir-lang/noir#4946)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Remove event selector in logs from public context
([#7192](AztecProtocol/aztec-packages#7192))
([646d45a](AztecProtocol/aztec-packages@646d45a))
* Rename struct-specific TypeDefinition -&gt; StructDefinition
(noir-lang/noir#5356)
([bb5cbab](AztecProtocol/aztec-packages@bb5cbab))
* Run `comptime` code from annotations on a type definition
(noir-lang/noir#5256)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Split storage access oracles
([#7237](AztecProtocol/aztec-packages#7237))
([51f7d65](AztecProtocol/aztec-packages@51f7d65))
* **stdlib:** Update stdlib to use explicit numeric generics
(noir-lang/noir#5306)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Store shared mutable hash
([#7169](AztecProtocol/aztec-packages#7169))
([868606e](AztecProtocol/aztec-packages@868606e))
* Sync from aztec-packages (noir-lang/noir#5242)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Sync from aztec-packages (noir-lang/noir#5340)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Sync from aztec-packages (noir-lang/noir#5347)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* Sync from aztec-packages (noir-lang/noir#5377)
([bb5cbab](AztecProtocol/aztec-packages@bb5cbab))
* Unconstrained variants for event emission
([#7251](AztecProtocol/aztec-packages#7251))
([6d093e3](AztecProtocol/aztec-packages@6d093e3))
* Unify unencrypted log emission and decoding
([#7232](AztecProtocol/aztec-packages#7232))
([354dba2](AztecProtocol/aztec-packages@354dba2))
* Update rebuild script
([#7225](AztecProtocol/aztec-packages#7225))
([af59247](AztecProtocol/aztec-packages@af59247))
* Use runtime loops for brillig array initialization
(noir-lang/noir#5243)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Wonky rollups
([#7189](AztecProtocol/aztec-packages#7189))
([1de3746](AztecProtocol/aztec-packages@1de3746))


### Bug Fixes

* Add more thorough check for whether a type is valid when passing it
from constrained code to unconstrained code
(noir-lang/noir#5009)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Add support for nested arrays returned by oracles
(noir-lang/noir#5132)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Address compiler warnings coming from stdlib
(noir-lang/noir#5351)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* Avoid duplicating constant arrays
(noir-lang/noir#5287)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Avoid panic in type system
(noir-lang/noir#5332)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Avoid unnecessarily splitting expressions with multiplication terms
with a shared term (noir-lang/noir#5291)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Benchmark prover e2e test with proving
([#7175](AztecProtocol/aztec-packages#7175))
([431c14c](AztecProtocol/aztec-packages@431c14c))
* Devnet deployment issues
([#7197](AztecProtocol/aztec-packages#7197))
([9cf4904](AztecProtocol/aztec-packages@9cf4904))
* Disable `if` optimization
(noir-lang/noir#5240)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* **docs:** Historical reference library updates
([#7166](AztecProtocol/aztec-packages#7166))
([b3409c4](AztecProtocol/aztec-packages@b3409c4))
* Don't benchmark the "prove" command as it doesn't exist anymore
(noir-lang/noir#5323)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Don't lazily elaborate functions
(noir-lang/noir#5282)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* **elaborator:** Fix duplicate methods error
(noir-lang/noir#5225)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* **elaborator:** Fix regression introduced by lazy-global changes
(noir-lang/noir#5223)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Error when a local function is called in a comptime context
(noir-lang/noir#5334)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Fix authwit package
([#7204](AztecProtocol/aztec-packages#7204))
([98ccd41](AztecProtocol/aztec-packages@98ccd41))
* Fix incorrect return type being applied to stdlib functions
`modulus_be_bytes()`, `modulus_be_bits()`, etc.
(noir-lang/noir#5278)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Fix tokenization of unquoted types in macros
(noir-lang/noir#5326)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Fix usage of `#[abi(tag)]` attribute with elaborator
(noir-lang/noir#5298)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Handle struct with nested arrays in oracle return values
(noir-lang/noir#5244)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Ignore calls to `Intrinsic::AsWitness` during brillig codegen
(noir-lang/noir#5350)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* Implement generic functions in the interpreter
(noir-lang/noir#5330)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* **nargo_fmt:** Account for spaces before the generic list of a
function (noir-lang/noir#5303)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Replace panic in monomorphization with an error
(noir-lang/noir#5305)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Reran pil-&gt;cpp codegen & encode_and_encrypt_event_with_randomness
fix
([#7247](AztecProtocol/aztec-packages#7247))
([fa15a45](AztecProtocol/aztec-packages@fa15a45))
* Runtime brillig bigint id assignment
(noir-lang/noir#5369)
([bb5cbab](AztecProtocol/aztec-packages@bb5cbab))
* Skip emission of brillig calls which will never be executed
(noir-lang/noir#5314)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* TS LSP being slow
([#7181](AztecProtocol/aztec-packages#7181))
([e934e87](AztecProtocol/aztec-packages@e934e87))
* Update `in_contract` flag before handling function metadata in
elaborator (noir-lang/noir#5292)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Use proper serialization in `AbiValue`
(noir-lang/noir#5270)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))


### Miscellaneous

* `static_assert` error message fix and split into is-dynamic and
is-false (noir-lang/noir#5353)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* Add back Pedersen blackbox functions (revert PR 5221)
(noir-lang/noir#5318)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Add log_hash as input in log emission in private context
([#7249](AztecProtocol/aztec-packages#7249))
([8b3dfe9](AztecProtocol/aztec-packages@8b3dfe9))
* Add no predicate to poseidon2
(noir-lang/noir#5252)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Add no-predicate to hash implementations
(noir-lang/noir#5253)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Add property tests for ABI encoding
(noir-lang/noir#5216)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Address TODO in `compat.nr`
(noir-lang/noir#5339)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* **avm-transpiler:** Better error messages
([#7217](AztecProtocol/aztec-packages#7217))
([27051ad](AztecProtocol/aztec-packages@27051ad))
* **avm:** Remove trailing minus zero in codegen
([#7185](AztecProtocol/aztec-packages#7185))
([f3c8166](AztecProtocol/aztec-packages@f3c8166))
* Avoid building contracts when producing gates report
([#7136](AztecProtocol/aztec-packages#7136))
([25507e6](AztecProtocol/aztec-packages@25507e6))
* Bump `bb` to 0.43.0 (noir-lang/noir#5321)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Bundle SSA Evaluator Options
(noir-lang/noir#5317)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* **ci:** Trigger a noir sync every morning at 8am
([#7280](AztecProtocol/aztec-packages#7280))
([412c016](AztecProtocol/aztec-packages@412c016))
* Copy across typo PR script from aztec-packages
(noir-lang/noir#5235)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Create separate crate just for noir artifacts
(noir-lang/noir#5162)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* **docs:** Fixing trailing slash issue
(noir-lang/noir#5233)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Fix examples (noir-lang/noir#5357)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* Fix migration notes
([#7279](AztecProtocol/aztec-packages#7279))
([51d93eb](AztecProtocol/aztec-packages@51d93eb))
* Fix negative tests in AVM circuit for context input lookups
([#7261](AztecProtocol/aztec-packages#7261))
([ad2f654](AztecProtocol/aztec-packages@ad2f654))
* Fixing all relative paths
(noir-lang/noir#5220)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Generate PIL constants from via constants gen
([#7258](AztecProtocol/aztec-packages#7258))
([244ef7e](AztecProtocol/aztec-packages@244ef7e))
* Gets rid of unencrypted emit in private_context
([#7236](AztecProtocol/aztec-packages#7236))
([3e6d88e](AztecProtocol/aztec-packages@3e6d88e))
* Improve authwit comments/docs
([#7180](AztecProtocol/aztec-packages#7180))
([051ab9e](AztecProtocol/aztec-packages@051ab9e))
* Misc cleanup in simulator
([#7203](AztecProtocol/aztec-packages#7203))
([eb00830](AztecProtocol/aztec-packages@eb00830))
* Optimize the elaborator (noir-lang/noir#5230)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Parse macros (noir-lang/noir#5229)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Pedersen commitment in Noir
(noir-lang/noir#5221)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Pedersen hash in Noir (noir-lang/noir#5217)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Private tail circuits
([#7148](AztecProtocol/aztec-packages#7148))
([9e67e7d](AztecProtocol/aztec-packages@9e67e7d))
* Pull out change to expression splitting from sync PR
([#7215](AztecProtocol/aztec-packages#7215))
([b4f50a5](AztecProtocol/aztec-packages@b4f50a5))
* Pull out foreign call nested array changes
([#7216](AztecProtocol/aztec-packages#7216))
([1faaaf5](AztecProtocol/aztec-packages@1faaaf5))
* Pull out
noir-lang/noir[#5120](AztecProtocol/aztec-packages#5120)
([#7205](AztecProtocol/aztec-packages#7205))
([c5dc094](AztecProtocol/aztec-packages@c5dc094))
* Pull out pedersen generator builtin from sync PR
([#7210](AztecProtocol/aztec-packages#7210))
([412f02e](AztecProtocol/aztec-packages@412f02e))
* Pull out SSA changes from sync PR
([#7209](AztecProtocol/aztec-packages#7209))
([141e137](AztecProtocol/aztec-packages@141e137))
* Push code related to ABI gen into `noirc_driver`
(noir-lang/noir#5218)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Redo typo PR by dropbigfish
(noir-lang/noir#5234)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Refactor test case generation in build.rs
(noir-lang/noir#5280)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Release Noir(0.31.0) (noir-lang/noir#5166)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Remove `is_unconstrained_fn` field from elaborator
(noir-lang/noir#5335)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Remove 4738 ref
([#7254](AztecProtocol/aztec-packages#7254))
([97d997c](AztecProtocol/aztec-packages@97d997c))
* Remove a log file
([#7201](AztecProtocol/aztec-packages#7201))
([83bb218](AztecProtocol/aztec-packages@83bb218))
* Remove commented code
([#7231](AztecProtocol/aztec-packages#7231))
([2740d60](AztecProtocol/aztec-packages@2740d60))
* Remove panic for unimplemented trait dispatch
(noir-lang/noir#5329)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Replace `is_bn254` implementation to not rely on truncation of
literals (noir-lang/noir#5247)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Replace `regression_5202` with more manageably sized program
(noir-lang/noir#5345)
([eb9e9f6](AztecProtocol/aztec-packages@eb9e9f6))
* Replace cached `in_contract` with `in_contract()` method
(noir-lang/noir#5324)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Replace logical operators with bitwise in `DebugToString`
(noir-lang/noir#5236)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Replace relative paths to noir-protocol-circuits
([e83b07b](AztecProtocol/aztec-packages@e83b07b))
* Replace relative paths to noir-protocol-circuits
([eca8587](AztecProtocol/aztec-packages@eca8587))
* Replace relative paths to noir-protocol-circuits
([b9ddf43](AztecProtocol/aztec-packages@b9ddf43))
* Replace relative paths to noir-protocol-circuits
([6f817e8](AztecProtocol/aztec-packages@6f817e8))
* Replace relative paths to noir-protocol-circuits
([f9bf0a4](AztecProtocol/aztec-packages@f9bf0a4))
* Replicate
noir-lang/noir[#4946](AztecProtocol/aztec-packages#4946)
([#7202](AztecProtocol/aztec-packages#7202))
([b5c07d8](AztecProtocol/aztec-packages@b5c07d8))
* Simplify compilation flow to write to file immediately
(noir-lang/noir#5265)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Split off fuzzer, abi changes and `noirc_artifacts` from sync
([#7208](AztecProtocol/aztec-packages#7208))
([255d752](AztecProtocol/aztec-packages@255d752))
* Thread generics through ACIR/brillig gen
(noir-lang/noir#5120)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
* Use `push_err` more in elaborator
(noir-lang/noir#5336)
([f2abb4e](AztecProtocol/aztec-packages@f2abb4e))
* Use options.limit as upper limit for note-getter loop
([#7253](AztecProtocol/aztec-packages#7253))
([8ff669b](AztecProtocol/aztec-packages@8ff669b))
* Use prefix op_ for every instruction in avm_trace.hpp
([#7214](AztecProtocol/aztec-packages#7214))
([7ed7558](AztecProtocol/aztec-packages@7ed7558))
* Use the elaborator by default
(noir-lang/noir#5246)
([ed815a3](AztecProtocol/aztec-packages@ed815a3))
</details>

<details><summary>barretenberg: 0.45.0</summary>

##
[0.45.0](AztecProtocol/aztec-packages@barretenberg-v0.44.0...barretenberg-v0.45.0)
(2024-07-02)


### Features

* **avm:** Calldata gadget preliminaries
([#7227](AztecProtocol/aztec-packages#7227))
([79e8588](AztecProtocol/aztec-packages@79e8588))
* Constant Honk proof sizes
([#6954](AztecProtocol/aztec-packages#6954))
([17c8d3a](AztecProtocol/aztec-packages@17c8d3a))
* Function selector opcode in AVM
([#7244](AztecProtocol/aztec-packages#7244))
([dde47e9](AztecProtocol/aztec-packages@dde47e9))
* Update rebuild script
([#7225](AztecProtocol/aztec-packages#7225))
([af59247](AztecProtocol/aztec-packages@af59247))


### Bug Fixes

* Benchmark prover e2e test with proving
([#7175](AztecProtocol/aztec-packages#7175))
([431c14c](AztecProtocol/aztec-packages@431c14c))
* Reran pil-&gt;cpp codegen & encode_and_encrypt_event_with_randomness
fix
([#7247](AztecProtocol/aztec-packages#7247))
([fa15a45](AztecProtocol/aztec-packages@fa15a45))


### Miscellaneous

* **avm:** Remove trailing minus zero in codegen
([#7185](AztecProtocol/aztec-packages#7185))
([f3c8166](AztecProtocol/aztec-packages@f3c8166))
* Fix negative tests in AVM circuit for context input lookups
([#7261](AztecProtocol/aztec-packages#7261))
([ad2f654](AztecProtocol/aztec-packages@ad2f654))
* Generate PIL constants from via constants gen
([#7258](AztecProtocol/aztec-packages#7258))
([244ef7e](AztecProtocol/aztec-packages@244ef7e))
* Use prefix op_ for every instruction in avm_trace.hpp
([#7214](AztecProtocol/aztec-packages#7214))
([7ed7558](AztecProtocol/aztec-packages@7ed7558))
</details>

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
),
);

await expectMapping(t.gasBalances, [privateFPC.address], [InitialPrivateFPCGas - tx.transactionFee!]);
Copy link
Contributor

@benesjan benesjan Jul 4, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I might be retarded but I feel like functions like expectMapping and then having complex types like export type BalancesFn = ReturnType<typeof getBalancesFn>; in tests just makes it all hard to read.

Also not following the convention of using first capital letter for classes and not for variables in InitialPrivateFPCGas doesn't help.

it('can do private payments and refunds', async () => {
const bobKeyHash = t.bobWallet.getCompleteAddress().publicKeys.masterNullifierPublicKey.hash();
const rebateNonce = new Fr(42);
const tx = await privateToken.methods
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we submit this tx just to get the tx fee? And if yes is it because we have a guarantee of the fee being constant between txs?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe it is submitted so we can test the refund flow. If we didn't submit it, the public execution that creates the refund wouldn't run.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, got it. Will add a comment there. Thank you 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants