Merge branch 'next' into merge-train/avm

Author: AztecBot

noir-projects/aztec-nr/aztec/src/context/mod.nr

@@ -22,3 +22,6 @@ pub mod gas;
 
 mod note_existence_request;
 pub use note_existence_request::NoteExistenceRequest;
+
+mod nullifier_existence_request;
+pub use nullifier_existence_request::NullifierExistenceRequest;

noir-projects/aztec-nr/aztec/src/context/note_existence_request.nr

@@ -15,6 +15,10 @@ impl NoteExistenceRequest {
     /// requests are created using the unsiloed note hash (i.e. from
     /// [crate::note::note_interface::NoteHash::compute_note_hash]) and address of the contract that created the note.
     pub fn for_pending(unsiloed_note_hash: Field, contract_address: AztecAddress) -> Self {
+        // The kernel doesn't take options; it takes a note_hash and an address, and infers whether the request is
+        // siloed based on whether the address is zero or non-zero. When passing the value to the kernel, we use
+        // `maybe_addr.unwrap_or(Address::ZERO)`. Therefore, passing a zero address to `for_pending` is not allowed
+        // since it would be interpreted by the kernel as a settled request.
         assert(
             !contract_address.is_zero(),
             "Can't read a transient note with a zero contract address",

noir-projects/aztec-nr/aztec/src/context/nullifier_existence_request.nr

@@ -0,0 +1,46 @@
+use protocol_types::address::aztec_address::AztecAddress;
+
+/// A request to assert the existence of a nullifier.
+///
+/// Used by [crate::context::private_context::PrivateContext::assert_nullifier_exists].
+pub struct NullifierExistenceRequest {
+    nullifier: Field,
+    maybe_contract_address: Option<AztecAddress>,
+}
+
+impl NullifierExistenceRequest {
+    /// Creates an existence request for a pending nullifier.
+    ///
+    /// Pending nullifiers have not been siloed with the contract address. These requests are created using the unsiloed
+    /// value and address of the contract that emitted the nullifier.
+    pub fn for_pending(unsiloed_nullifier: Field, contract_address: AztecAddress) -> Self {
+        // The kernel doesn't take options; it takes a nullifier and an address, and infers whether the request is
+        // siloed based on whether the address is zero or non-zero. When passing the value to the kernel, we use
+        // `maybe_addr.unwrap_or(Address::ZERO)`. Therefore, passing a zero address to `for_pending` is not allowed
+        // since it would be interpreted by the kernel as a settled request.
+        assert(
+            !contract_address.is_zero(),
+            "Can't read a pending nullifier with a zero contract address",
+        );
+        Self {
+            nullifier: unsiloed_nullifier,
+            maybe_contract_address: Option::some(contract_address),
+        }
+    }
+
+    /// Creates an existence request for a settled nullifier.
+    ///
+    /// Unlike pending nullifiers, settled nullifiers have been siloed with their contract addresses before adding to
+    /// the nullifier tree, and their existence request is created using the siloed value.
+    pub fn for_settled(siloed_nullifier: Field) -> Self {
+        Self { nullifier: siloed_nullifier, maybe_contract_address: Option::none() }
+    }
+
+    pub(crate) fn nullifier(self) -> Field {
+        self.nullifier
+    }
+
+    pub(crate) fn maybe_contract_address(self) -> Option<AztecAddress> {
+        self.maybe_contract_address
+    }
+}

noir-projects/aztec-nr/aztec/src/context/private_context.nr

@@ -1,5 +1,7 @@
 use crate::{
-    context::{inputs::PrivateContextInputs, NoteExistenceRequest, ReturnsHash},
+    context::{
+        inputs::PrivateContextInputs, NoteExistenceRequest, NullifierExistenceRequest, ReturnsHash,
+    },
     hash::{hash_args, hash_calldata_array},
     keys::constants::{NULLIFIER_INDEX, NUM_KEY_TYPES, OUTGOING_INDEX, sk_generators},
     messaging::process_l1_to_l2_message,
@@ -13,7 +15,8 @@ use crate::{
         execution_cache,
         key_validation_request::get_key_validation_request,
         logs::notify_created_contract_class_log,
-        notes::{notify_created_nullifier, notify_nullified_note},
+        notes::notify_nullified_note,
+        nullifiers::notify_created_nullifier,
     },
 };
 use dep::protocol_types::{
@@ -803,13 +806,17 @@ impl PrivateContext {
     /// an additional invocation of the kernel reset circuit.
     pub fn assert_nullifier_exists(
         &mut self,
-        unsiloed_nullifier: Field,
-        contract_address: AztecAddress,
+        nullifier_existence_request: NullifierExistenceRequest,
     ) {
+        let nullifier = nullifier_existence_request.nullifier();
+        let contract_address =
+            nullifier_existence_request.maybe_contract_address().unwrap_or(AztecAddress::zero());
+
         let request = Scoped::new(
-            Counted::new(unsiloed_nullifier, self.next_counter()),
+            Counted::new(nullifier, self.next_counter()),
             contract_address,
         );
+
         self.nullifier_read_requests.push(request);
     }
 

noir-projects/aztec-nr/aztec/src/history/nullifier_inclusion/test.nr

@@ -3,7 +3,7 @@ use crate::history::{
     nullifier_inclusion::{ProveNoteIsNullified, ProveNullifierInclusion},
     test,
 };
-use crate::oracle::{notes::notify_created_nullifier, random::random};
+use crate::oracle::{nullifiers::notify_created_nullifier, random::random};
 use crate::test::helpers::test_environment::{PrivateContextOptions, TestEnvironment};
 use dep::protocol_types::{
     constants::DOM_SEP__OUTER_NULLIFIER, hash::poseidon2_hash_with_separator, traits::ToField,

noir-projects/aztec-nr/aztec/src/history/nullifier_non_inclusion/test.nr

@@ -3,7 +3,7 @@ use crate::history::{
     nullifier_non_inclusion::{ProveNoteNotNullified, ProveNullifierNonInclusion},
     test,
 };
-use crate::oracle::{notes::notify_created_nullifier, random::random};
+use crate::oracle::{nullifiers::notify_created_nullifier, random::random};
 use crate::test::helpers::test_environment::{PrivateContextOptions, TestEnvironment};
 use dep::protocol_types::{
     constants::DOM_SEP__OUTER_NULLIFIER, hash::poseidon2_hash_with_separator, traits::ToField,

noir-projects/aztec-nr/aztec/src/lib.nr

@@ -35,6 +35,7 @@ pub mod history;
 pub mod keys;
 mod messaging;
 pub mod note;
+pub mod nullifier;
 pub mod oracle;
 pub mod state_vars;
 mod capsules;

noir-projects/aztec-nr/aztec/src/macros/functions/initialization_utils.nr

@@ -5,6 +5,7 @@ use dep::protocol_types::{
 
 use crate::{
     context::{PrivateContext, PublicContext},
+    nullifier::utils::compute_nullifier_existence_request,
     oracle::get_contract_instance::{
         get_contract_instance, get_contract_instance_deployer_avm,
         get_contract_instance_initialization_hash_avm,
@@ -39,7 +40,9 @@ pub fn assert_is_initialized_public(context: PublicContext) {
 // Used by `create_init_check` (you won't find it through searching)
 pub fn assert_is_initialized_private(context: &mut PrivateContext) {
     let init_nullifier = compute_unsiloed_contract_initialization_nullifier(context.this_address());
-    context.assert_nullifier_exists(init_nullifier, context.this_address());
+    let nullifier_existence_request =
+        compute_nullifier_existence_request(init_nullifier, context.this_address());
+    context.assert_nullifier_exists(nullifier_existence_request);
 }
 
 fn compute_unsiloed_contract_initialization_nullifier(address: AztecAddress) -> Field {

noir-projects/aztec-nr/aztec/src/nullifier/mod.nr

@@ -0,0 +1,3 @@
+//! Nullifier-related utilities.
+
+pub mod utils;

noir-projects/aztec-nr/aztec/src/nullifier/utils.nr

@@ -0,0 +1,26 @@
+use crate::{context::NullifierExistenceRequest, oracle::nullifiers::is_nullifier_pending};
+
+use protocol_types::{address::aztec_address::AztecAddress, hash::compute_siloed_nullifier};
+
+/// Returns the [NullifierExistenceRequest] used to prove a nullifier exists.
+pub fn compute_nullifier_existence_request(
+    unsiloed_nullifier: Field,
+    contract_address: AztecAddress,
+) -> NullifierExistenceRequest {
+    let pending_read_request =
+        NullifierExistenceRequest::for_pending(unsiloed_nullifier, contract_address);
+
+    let siloed_nullifier = compute_siloed_nullifier(contract_address, unsiloed_nullifier);
+    let settled_read_request = NullifierExistenceRequest::for_settled(siloed_nullifier);
+
+    // Safety: This is a hint to check whether we are reading a pending or settled nullifier. The chosen read request
+    // will be validated by the kernel. Failure to provide a correct hint will cause the read request validation to fail.
+    let should_use_pending_read_request =
+        unsafe { is_nullifier_pending(unsiloed_nullifier, contract_address) };
+
+    if should_use_pending_read_request {
+        pending_read_request
+    } else {
+        settled_read_request
+    }
+}