fix: Check mod in field construction and remove buffer representation (#19198)

Ensures that the field modulus is not exceeded during field
construction, and removes the duplicate representation for fields.

Supersedes #19090

Author: spalladino

yarn-project/cli/src/cmds/validator_keys/valkeys.test.ts

@@ -383,7 +383,7 @@ describe('validator keys utilities', () => {
           count: 2,
           publisherCount: 1,
           mnemonic: TEST_MNEMONIC,
-          feeRecipient: ('0x' + '44'.repeat(32)) as unknown as AztecAddress,
+          feeRecipient: ('0x' + '04'.repeat(32)) as unknown as AztecAddress,
         },
         log,
       );
@@ -409,7 +409,7 @@ describe('validator keys utilities', () => {
             publisherCount: 0,
             // no mnemonic on purpose
             remoteSigner: 'http://localhost:9000',
-            feeRecipient: ('0x' + '55'.repeat(32)) as unknown as AztecAddress,
+            feeRecipient: ('0x' + '05'.repeat(32)) as unknown as AztecAddress,
           },
           log,
         ),
@@ -429,7 +429,7 @@ describe('validator keys utilities', () => {
           mnemonic: TEST_MNEMONIC,
           password: '',
           encryptedKeystoreDir: tmp,
-          feeRecipient: ('0x' + '77'.repeat(32)) as unknown as AztecAddress,
+          feeRecipient: ('0x' + '07'.repeat(32)) as unknown as AztecAddress,
         },
         log,
       );
@@ -459,7 +459,7 @@ describe('validator keys utilities', () => {
           mnemonic: TEST_MNEMONIC,
           password,
           encryptedKeystoreDir: tmp,
-          feeRecipient: ('0x' + 'ee'.repeat(32)) as unknown as AztecAddress,
+          feeRecipient: ('0x' + '0e'.repeat(32)) as unknown as AztecAddress,
         },
         log,
       );
@@ -507,7 +507,7 @@ describe('validator keys utilities', () => {
           count: 1,
           publishers: [publisherKey],
           mnemonic: TEST_MNEMONIC,
-          feeRecipient: ('0x' + 'ff'.repeat(32)) as unknown as AztecAddress,
+          feeRecipient: ('0x' + '0f'.repeat(32)) as unknown as AztecAddress,
         },
         log,
       );
@@ -533,7 +533,7 @@ describe('validator keys utilities', () => {
           count: 2,
           publishers: [publisherKeyNoPrefix],
           mnemonic: TEST_MNEMONIC,
-          feeRecipient: ('0x' + 'dd'.repeat(32)) as unknown as AztecAddress,
+          feeRecipient: ('0x' + '0d'.repeat(32)) as unknown as AztecAddress,
         },
         log,
       );
@@ -559,7 +559,7 @@ describe('validator keys utilities', () => {
             count: 1,
             publishers: [invalidPublisherKey],
             mnemonic: TEST_MNEMONIC,
-            feeRecipient: ('0x' + 'cc'.repeat(32)) as unknown as AztecAddress,
+            feeRecipient: ('0x' + '0c'.repeat(32)) as unknown as AztecAddress,
           },
           log,
         ),
@@ -580,7 +580,7 @@ describe('validator keys utilities', () => {
           count: 1,
           publishers: [publisherKey1, publisherKey2],
           mnemonic: TEST_MNEMONIC,
-          feeRecipient: ('0x' + 'ee'.repeat(32)) as unknown as AztecAddress,
+          feeRecipient: ('0x' + '0e'.repeat(32)) as unknown as AztecAddress,
         },
         log,
       );
@@ -597,10 +597,10 @@ describe('validator keys utilities', () => {
   describe('materialization helpers (invoked directly)', () => {
     it('replaces plaintext keys with file references', async () => {
       const validators = [
-        { attester: '0x' + 'aa'.repeat(32), feeRecipient: ('0x' + '99'.repeat(32)) as unknown as AztecAddress },
+        { attester: '0x' + '0a'.repeat(32), feeRecipient: ('0x' + '09'.repeat(32)) as unknown as AztecAddress },
         {
-          attester: { eth: '0x' + 'bb'.repeat(32), bls: '0x' + 'cc'.repeat(32) },
-          feeRecipient: ('0x' + '88'.repeat(32)) as unknown as AztecAddress,
+          attester: { eth: '0x' + '0b'.repeat(32), bls: '0x' + '0c'.repeat(32) },
+          feeRecipient: ('0x' + '08'.repeat(32)) as unknown as AztecAddress,
         },
       ] as any;
       const dirA = mkdtempSync(join(tmpdir(), 'aztec-mat-a-'));
@@ -622,8 +622,8 @@ describe('validator keys utilities', () => {
         schemaVersion: 1,
         validators: [
           {
-            attester: '0x' + 'aa'.repeat(32),
-            feeRecipient: ('0x' + '66'.repeat(32)) as unknown as AztecAddress,
+            attester: '0x' + '0a'.repeat(32),
+            feeRecipient: ('0x' + '06'.repeat(32)) as unknown as AztecAddress,
           },
         ],
       } as any;
@@ -637,7 +637,7 @@ describe('validator keys utilities', () => {
           dataDir: tmp,
           count: 2,
           mnemonic: TEST_MNEMONIC,
-          feeRecipient: ('0x' + '66'.repeat(32)) as unknown as AztecAddress,
+          feeRecipient: ('0x' + '06'.repeat(32)) as unknown as AztecAddress,
         },
         log,
       );
@@ -703,7 +703,7 @@ describe('validator keys utilities', () => {
             file: 'staker-test.json',
             count: 1,
             mnemonic: TEST_MNEMONIC,
-            feeRecipient: ('0x' + '44'.repeat(32)) as unknown as AztecAddress,
+            feeRecipient: ('0x' + '04'.repeat(32)) as unknown as AztecAddress,
             stakerOutput: true,
             // Missing gseAddress
             l1RpcUrls: ['http://localhost:8545'],

yarn-project/foundation/src/curves/bn254/field.test.ts

@@ -7,10 +7,72 @@ describe('Fr Serialization', () => {
     const obtained = Fr.schema.parse(string);
     expect(obtained).toEqual(original);
   });
+});
+
+describe('Fr Modulus Validation', () => {
+  it('throws when constructing from bigint >= modulus', () => {
+    expect(() => new Fr(Fr.MODULUS)).toThrow('greater or equal to field modulus');
+    expect(() => new Fr(Fr.MODULUS + 1n)).toThrow('greater or equal to field modulus');
+  });
+
+  it('throws when constructing from negative bigint', () => {
+    expect(() => new Fr(-1n)).toThrow('is negative');
+  });
+
+  it('throws when constructing from Buffer with value >= modulus', () => {
+    const buf = Buffer.from(Fr.MODULUS.toString(16).padStart(64, '0'), 'hex');
+    expect(() => new Fr(buf)).toThrow('greater or equal to field modulus');
+  });
 
-  it('should validate hex strings', () => {
+  it('throws when using fromBuffer with value >= modulus', () => {
+    const buf = Buffer.from(Fr.MODULUS.toString(16).padStart(64, '0'), 'hex');
+    expect(() => Fr.fromBuffer(buf)).toThrow('greater or equal to field modulus');
+  });
+
+  it('throws when using fromString with numeric string >= modulus', () => {
+    expect(() => Fr.fromString(Fr.MODULUS.toString())).toThrow('greater or equal to field modulus');
+  });
+
+  it('throws when using fromHexString with value >= modulus', () => {
     expect(() => Fr.fromHexString(Fr.MODULUS.toString(16))).toThrow('greater or equal to field modulus');
   });
+
+  it('accepts MAX_FIELD_VALUE (modulus - 1)', () => {
+    expect(() => new Fr(Fr.MODULUS - 1n)).not.toThrow();
+  });
+});
+
+describe('Fq Modulus Validation', () => {
+  it('throws when constructing from bigint >= modulus', () => {
+    expect(() => new Fq(Fq.MODULUS)).toThrow('greater or equal to field modulus');
+    expect(() => new Fq(Fq.MODULUS + 1n)).toThrow('greater or equal to field modulus');
+  });
+
+  it('throws when constructing from negative bigint', () => {
+    expect(() => new Fq(-1n)).toThrow('is negative');
+  });
+
+  it('throws when constructing from Buffer with value >= modulus', () => {
+    const buf = Buffer.from(Fq.MODULUS.toString(16).padStart(64, '0'), 'hex');
+    expect(() => new Fq(buf)).toThrow('greater or equal to field modulus');
+  });
+
+  it('throws when using fromBuffer with value >= modulus', () => {
+    const buf = Buffer.from(Fq.MODULUS.toString(16).padStart(64, '0'), 'hex');
+    expect(() => Fq.fromBuffer(buf)).toThrow('greater or equal to field modulus');
+  });
+
+  it('throws when using fromString with numeric string >= modulus', () => {
+    expect(() => Fq.fromString(Fq.MODULUS.toString())).toThrow('greater or equal to field modulus');
+  });
+
+  it('throws when using fromHexString with value >= modulus', () => {
+    expect(() => Fq.fromHexString(Fq.MODULUS.toString(16))).toThrow('greater or equal to field modulus');
+  });
+
+  it('accepts modulus - 1', () => {
+    expect(() => new Fq(Fq.MODULUS - 1n)).not.toThrow();
+  });
 });
 
 describe('Bn254 arithmetic', () => {

yarn-project/foundation/src/curves/bn254/field.ts

@@ -8,8 +8,6 @@ import { hexSchemaFor } from '../../schemas/utils.js';
 import { BufferReader } from '../../serialize/buffer_reader.js';
 import { TypeRegistry } from '../../serialize/type_registry.js';
 
-const ZERO_BUFFER = Buffer.alloc(32);
-
 /* eslint-disable @typescript-eslint/no-unsafe-declaration-merging */
 
 /**
@@ -25,14 +23,12 @@ type DerivedField<T extends BaseField> = {
 
 /**
  * Base field class.
- * Conversions from Buffer to BigInt and vice-versa are not cheap.
- * We allow construction with either form and lazily convert to other as needed.
- * We only check we are within the field modulus when initializing with bigint.
+ * Uses bigint as the internal representation.
+ * Buffers are generated on demand from the bigint value.
  */
 abstract class BaseField {
   static SIZE_IN_BYTES = 32;
-  private asBuffer?: Buffer;
-  private asBigInt?: bigint;
+  private readonly asBigInt: bigint;
 
   /**
    * Return bigint representation.
@@ -52,74 +48,60 @@ abstract class BaseField {
       if (value.length > BaseField.SIZE_IN_BYTES) {
         throw new Error(`Value length ${value.length} exceeds ${BaseField.SIZE_IN_BYTES}`);
       }
-      this.asBuffer =
-        value.length === BaseField.SIZE_IN_BYTES
-          ? value
-          : Buffer.concat([Buffer.alloc(BaseField.SIZE_IN_BYTES - value.length), value]);
+      this.asBigInt = toBigIntBE(value);
     } else if (typeof value === 'bigint' || typeof value === 'number' || typeof value === 'boolean') {
       this.asBigInt = BigInt(value);
-      if (this.asBigInt >= this.modulus()) {
-        throw new Error(`Value 0x${this.asBigInt.toString(16)} is greater or equal to field modulus.`);
-      } else if (this.asBigInt < 0n) {
-        throw new Error(`Value 0x${this.asBigInt.toString(16)} is negative.`);
-      }
     } else if (value instanceof BaseField) {
-      this.asBuffer = value.asBuffer;
       this.asBigInt = value.asBigInt;
     } else {
       throw new Error(`Type '${typeof value}' with value '${value}' passed to BaseField ctor.`);
     }
+
+    if (this.asBigInt < 0n) {
+      throw new Error(`Value 0x${this.asBigInt.toString(16)} is negative.`);
+    } else if (this.asBigInt >= this.modulus()) {
+      throw new Error(`Value 0x${this.asBigInt.toString(16)} is greater or equal to field modulus.`);
+    }
   }
 
   protected abstract modulus(): bigint;
 
   /**
-   * We return a copy of the Buffer to ensure this remains immutable.
+   * Converts the bigint to a Buffer.
    */
   toBuffer(): Buffer {
-    if (!this.asBuffer) {
-      this.asBuffer = toBufferBE(this.asBigInt!, 32);
-    }
-    return Buffer.from(this.asBuffer);
+    return toBufferBE(this.asBigInt, 32);
   }
 
   toString(): `0x${string}` {
-    return `0x${this.toBuffer().toString('hex')}`;
+    return `0x${this.asBigInt.toString(16).padStart(64, '0')}`;
   }
 
   toBigInt(): bigint {
-    if (this.asBigInt === undefined) {
-      this.asBigInt = toBigIntBE(this.asBuffer!);
-      if (this.asBigInt >= this.modulus()) {
-        throw new Error(`Value 0x${this.asBigInt.toString(16)} is greater or equal to field modulus.`);
-      }
-    }
     return this.asBigInt;
   }
 
   toBool(): boolean {
-    return Boolean(this.toBigInt());
+    return this.asBigInt !== 0n;
   }
 
   /**
    * Converts this field to a number.
    * Throws if the underlying value is greater than MAX_SAFE_INTEGER.
    */
   toNumber(): number {
-    const value = this.toBigInt();
-    if (value > Number.MAX_SAFE_INTEGER) {
-      throw new Error(`Value ${value.toString(16)} greater than than max safe integer`);
+    if (this.asBigInt > Number.MAX_SAFE_INTEGER) {
+      throw new Error(`Value ${this.asBigInt.toString(16)} greater than than max safe integer`);
     }
-    return Number(value);
+    return Number(this.asBigInt);
   }
 
   /**
    * Converts this field to a number.
    * May cause loss of precision if the underlying value is greater than MAX_SAFE_INTEGER.
    */
   toNumberUnsafe(): number {
-    const value = this.toBigInt();
-    return Number(value);
+    return Number(this.asBigInt);
   }
 
   toShortString(): string {
@@ -128,21 +110,20 @@ abstract class BaseField {
   }
 
   equals(rhs: BaseField): boolean {
-    return this.toBuffer().equals(rhs.toBuffer());
+    return this.asBigInt === rhs.asBigInt;
   }
 
   lt(rhs: BaseField): boolean {
-    return this.toBigInt() < rhs.toBigInt();
+    return this.asBigInt < rhs.asBigInt;
   }
 
   cmp(rhs: BaseField): -1 | 0 | 1 {
-    const lhsBigInt = this.toBigInt();
-    const rhsBigInt = rhs.toBigInt();
-    return lhsBigInt === rhsBigInt ? 0 : lhsBigInt < rhsBigInt ? -1 : 1;
+    const rhsBigInt = rhs.asBigInt;
+    return this.asBigInt === rhsBigInt ? 0 : this.asBigInt < rhsBigInt ? -1 : 1;
   }
 
   isZero(): boolean {
-    return this.toBuffer().equals(ZERO_BUFFER);
+    return this.asBigInt === 0n;
   }
 
   isEmpty(): boolean {