feat!: remove proveTx from Wallet interface (#17835)

Closes:
https://linear.app/aztec-labs/issue/F-71/evaluate-collapsing-provetx-and-sendtx

Removes `proveTx` from the wallet interface, since it has been deemed
dangerous (app could route proven txs to malicious nodes) and
inconvenient (wallet loses track of txs).

Maintained it on `TestWallet` since in e2e it is useful to bulk prove
txs and then send them together.

Removed `cancelTx` from `cli-wallet` since it was already broken and the
new approach requires a new way to handle it anyways. Created
https://linear.app/aztec-labs/issue/F-88/add-cancel-tx-to-cli-wallet to
track this task

Author: AztecBot

boxes/boxes/vanilla/app/embedded-wallet.ts

@@ -237,8 +237,7 @@ export class EmbeddedWallet extends BaseWallet {
       skipInstancePublication: true,
     };
 
-    const provenInteraction = await deployMethod.prove(deployOpts);
-    const receipt = await provenInteraction.send().wait({ timeout: 120 });
+    const receipt = await deployMethod.send(deployOpts).wait({ timeout: 120 });
 
     logger.info('Account deployed', receipt);
 

boxes/boxes/vanilla/scripts/deploy.ts

@@ -78,8 +78,7 @@ async function createAccount(wallet: TestWallet) {
     skipClassPublication: true,
     skipInstancePublication: true,
   };
-  const provenInteraction = await deployMethod.prove(deployOpts);
-  await provenInteraction.send().wait({ timeout: 120 });
+  await deployMethod.send(deployOpts).wait({ timeout: 120 });
 
   return accountManager.address;
 }
@@ -111,16 +110,17 @@ async function deployContract(wallet: Wallet, deployer: AztecAddress) {
 
   const sponsoredPFCContract = await getSponsoredPFCContract();
 
-  const provenInteraction = await deployMethod.prove({
-    from: deployer,
-    contractAddressSalt: salt,
-    fee: {
-      paymentMethod: new SponsoredFeePaymentMethod(
-        sponsoredPFCContract.address
-      ),
-    },
-  });
-  await provenInteraction.send().wait({ timeout: 120 });
+  await deployMethod
+    .send({
+      from: deployer,
+      contractAddressSalt: salt,
+      fee: {
+        paymentMethod: new SponsoredFeePaymentMethod(
+          sponsoredPFCContract.address
+        ),
+      },
+    })
+    .wait({ timeout: 120 });
   await wallet.registerContract(contract, PrivateVotingContract.artifact);
 
   return {

docs/docs/developers/docs/concepts/transactions.md

@@ -85,10 +85,6 @@ Most transaction requests are created as interactions with specific contracts. T
 
 #include_code simulate yarn-project/aztec.js/src/contract/contract_function_interaction.ts javascript
 
-##### `prove`
-
-#include_code prove yarn-project/aztec.js/src/contract/base_contract_interaction.ts javascript
-
 ##### `send`
 
 #include_code send yarn-project/aztec.js/src/contract/base_contract_interaction.ts javascript
@@ -101,7 +97,7 @@ Batched transactions are a way to send multiple transactions in a single call. T
 
 There are two kernel circuits in Aztec, the private kernel and the public kernel. Each circuit validates the correct execution of a particular function call.
 
-A transaction is built up by generating proofs for multiple recursive iterations of kernel circuits. Each call in the call stack is modeled as new iteration of the kernel circuit and are managed by a [FIFO](https://en.wikipedia.org/wiki/FIFO_(computing_and_electronics)) queue containing pending function calls. There are two call stacks, one for private calls and one for public calls.
+A transaction is built up by generating proofs for multiple recursive iterations of kernel circuits. Each call in the call stack is modeled as new iteration of the kernel circuit and are managed by a [FIFO](<https://en.wikipedia.org/wiki/FIFO_(computing_and_electronics)>) queue containing pending function calls. There are two call stacks, one for private calls and one for public calls.
 
 One iteration of a kernel circuit will pop a call off of the stack and execute the call. If the call triggers subsequent contract calls, these are pushed onto the stack.
 

docs/docs/developers/migration_notes.md

@@ -9,6 +9,10 @@ Aztec is in full-speed development. Literally every version breaks compatibility
 
 ## TBD
 
+### Removal of `proveTx` from `Wallet` interface
+
+Exposing this method on the interface opened the door for certain types of attacks, were an app could route proven transactions through malicious nodes (that stored them for later decryption, or collected user IPs for example). It also made transactions difficult to track for the wallet, since they could be sent without their knowledge at any time. This change also affects `ContractFunctionInteraction` and `DeployMethod`, which no longer expose a `prove()` method.
+
 ### `msg_sender` is now an `Option<AztecAddress>` type.
 
 Because Aztec has native account abstraction, the very first function call of a tx has no `msg_sender`. (Recall, the first function call of an Aztec transaction is always a _private_ function call).
@@ -103,7 +107,6 @@ When lining up a new tx, the `FunctionCall` struct has been extended to include
 - `!is_public & hide_msg_sender` -- Incompatible flags.
 - `!is_public & !hide_msg_sender` -- will make a private call with a visible `msg_sender` (noting that since it's a private function call, the `msg_sender` will only be visible to the called private function, but not to the rest of the world).
 
-
 ## [cli-wallet]
 
 The `deploy-account` command now requires the address (or alias) of the account to deploy as an argument, not a parameter

playground/src/hooks/useTransaction.tsx

@@ -38,25 +38,19 @@ export function useTransaction() {
     setCurrentTx(tx);
 
     try {
-      notifications.show('Proving transaction...', {
+      notifications.show('Sending transaction...', {
         severity: 'info',
       });
-      const provenInteraction = await interaction.prove(opts);
+      const tx = await interaction.send(opts);
 
-      if (showNotifications) {
-        notifications.show('Proof generated successfully, sending transaction...', {
-          severity: 'success',
-        });
-      }
-
-      txHash = await provenInteraction.getTxHash();
+      txHash = await tx.getTxHash();
       setCurrentTx({
         ...currentTx,
         ...{ txHash, status: 'sending' },
       });
 
       // TODO: Don't send the tx if the user has cancelled the transaction
-      receipt = await provenInteraction.send().wait({ dontThrowOnRevert: true, timeout: TX_TIMEOUT, interval: 5 });
+      receipt = await tx.wait({ dontThrowOnRevert: true, timeout: TX_TIMEOUT, interval: 5 });
 
       if (showNotifications && receipt.status === TxStatus.SUCCESS) {
         notifications.show('Congratulations! Your transaction was included in a block.', {

yarn-project/aztec.js/src/api/contract.ts

@@ -44,14 +44,21 @@ export {
   type ProfileInteractionOptions,
   type SimulateInteractionOptions,
   type InteractionFeeOptions,
+  toProfileOptions,
+  toSendOptions,
+  toSimulateOptions,
 } from '../contract/interaction_options.js';
 
 export { TxProfileResult } from '@aztec/stdlib/tx';
 export { DefaultWaitOpts, SentTx, type WaitOpts } from '../contract/sent_tx.js';
-export { ProvenTx } from '../contract/proven_tx.js';
 export { ContractBase, type ContractMethod, type ContractStorageLayout } from '../contract/contract_base.js';
 export { BatchCall } from '../contract/batch_call.js';
-export { type DeployOptions, DeployMethod } from '../contract/deploy_method.js';
+export {
+  type DeployOptions,
+  DeployMethod,
+  type RequestDeployOptions,
+  type SimulateDeployOptions,
+} from '../contract/deploy_method.js';
 export { DeploySentTx } from '../contract/deploy_sent_tx.js';
 export { waitForProven, type WaitForProvenOpts, DefaultWaitForProvenOpts } from '../contract/wait_for_proven.js';
 export { getGasLimits } from '../contract/get_gas_limits.js';

yarn-project/aztec.js/src/api/wallet.ts

@@ -1,14 +1,35 @@
 export {
   type Aliased,
-  BaseWallet,
-  type Wallet,
-  AccountManager,
-  WalletSchema,
-  type FeeOptions,
+  type ContractInstanceAndArtifact,
   type UserFeeOptions,
   type SimulateOptions,
-  type SendOptions,
   type ProfileOptions,
-} from '../wallet/index.js';
+  type SendOptions,
+  type BatchableMethods,
+  type BatchedMethod,
+  type BatchedMethodResult,
+  type BatchedMethodResultWrapper,
+  type BatchResults,
+  type Wallet,
+  ContractInstantiationDataSchema,
+  FunctionCallSchema,
+  ExecutionPayloadSchema,
+  UserFeeOptionsSchema,
+  WalletSimulationFeeOptionSchema,
+  SendOptionsSchema,
+  SimulateOptionsSchema,
+  ProfileOptionsSchema,
+  InstanceDataSchema,
+  MessageHashOrIntentSchema,
+  BatchedMethodSchema,
+  ContractMetadataSchema,
+  ContractClassMetadataSchema,
+  EventMetadataDefinitionSchema,
+  WalletSchema,
+} from '../wallet/wallet.js';
+
+export { type FeeOptions, BaseWallet } from '../wallet/base_wallet.js';
+
+export { AccountManager } from '../wallet/account_manager.js';
 
 export { type DeployAccountOptions, DeployAccountMethod } from '../wallet/deploy_account_method.js';

yarn-project/aztec.js/src/contract/base_contract_interaction.ts

@@ -1,11 +1,10 @@
 import type { ExecutionPayload } from '@aztec/entrypoints/payload';
 import { createLogger } from '@aztec/foundation/log';
 import type { AuthWitness } from '@aztec/stdlib/auth-witness';
-import type { Capsule, TxProvingResult } from '@aztec/stdlib/tx';
+import type { Capsule } from '@aztec/stdlib/tx';
 
 import type { Wallet } from '../wallet/wallet.js';
 import { type RequestInteractionOptions, type SendInteractionOptions, toSendOptions } from './interaction_options.js';
-import { ProvenTx } from './proven_tx.js';
 import { SentTx } from './sent_tx.js';
 
 /**
@@ -29,51 +28,22 @@ export abstract class BaseContractInteraction {
    */
   public abstract request(options?: RequestInteractionOptions): Promise<ExecutionPayload>;
 
-  /**
-   * Creates a transaction execution request, simulates and proves it. Differs from .prove in
-   * that its result does not include the wallet nor the composed tx object, but only the proving result.
-   * This object can then be used to either create a ProvenTx ready to be sent, or directly send the transaction.
-   * @param options - optional arguments to be used in the creation of the transaction
-   * @returns The proving result.
-   */
-  protected async proveInternal(options: SendInteractionOptions): Promise<TxProvingResult> {
-    const executionPayload = await this.request(options);
-    const proveOptions = await toSendOptions(options);
-    return await this.wallet.proveTx(executionPayload, proveOptions);
-  }
-
-  // docs:start:prove
-  /**
-   * Proves a transaction execution request and returns a tx object ready to be sent.
-   * @param options - optional arguments to be used in the creation of the transaction
-   * @returns The resulting transaction
-   */
-  public async prove(options: SendInteractionOptions): Promise<ProvenTx> {
-    // docs:end:prove
-    const txProvingResult = await this.proveInternal(options);
-    return new ProvenTx(
-      this.wallet,
-      await txProvingResult.toTx(),
-      txProvingResult.getOffchainEffects(),
-      txProvingResult.stats,
-    );
-  }
-
   // docs:start:send
   /**
    * Sends a transaction to the contract function with the specified options.
    * This function throws an error if called on a utility function.
    * It creates and signs the transaction if necessary, and returns a SentTx instance,
    * which can be used to track the transaction status, receipt, and events.
-   * @param options - An optional object containing 'from' property representing
-   * the AztecAddress of the sender. If not provided, the default address is used.
+   * @param options - An object containing 'from' property representing
+   * the AztecAddress of the sender and optional fee configuration
    * @returns A SentTx instance for tracking the transaction status and information.
    */
   public send(options: SendInteractionOptions): SentTx {
     // docs:end:send
     const sendTx = async () => {
-      const txProvingResult = await this.proveInternal(options);
-      return this.wallet.sendTx(await txProvingResult.toTx());
+      const executionPayload = await this.request(options);
+      const sendOptions = await toSendOptions(options);
+      return this.wallet.sendTx(executionPayload, sendOptions);
     };
     return new SentTx(this.wallet, sendTx);
   }

yarn-project/aztec.js/src/contract/contract.test.ts

@@ -6,10 +6,8 @@ import {
   getContractClassFromArtifact,
 } from '@aztec/stdlib/contract';
 import type {
-  Tx,
   TxExecutionRequest,
   TxHash,
-  TxProvingResult,
   TxReceipt,
   TxSimulationResult,
   UtilitySimulationResult,
@@ -28,8 +26,6 @@ describe('Contract Class', () => {
   let accountAddress: CompleteAddress;
   let contractInstance: ContractInstanceWithAddress;
 
-  const mockTx = { type: 'Tx' } as any as Tx;
-  const mockTxProvingResult = { type: 'TxProvingResult', toTx: () => mockTx } as any as TxProvingResult;
   const mockTxRequest = { type: 'TxRequest' } as any as TxExecutionRequest;
   const mockTxHash = { type: 'TxHash' } as any as TxHash;
   const mockTxReceipt = { type: 'TxReceipt' } as any as TxReceipt;
@@ -142,7 +138,7 @@ describe('Contract Class', () => {
     wallet.sendTx.mockResolvedValue(mockTxHash);
     wallet.simulateUtility.mockResolvedValue(mockUtilityResultValue);
     wallet.getTxReceipt.mockResolvedValue(mockTxReceipt);
-    wallet.proveTx.mockResolvedValue(mockTxProvingResult);
+    wallet.sendTx.mockResolvedValue(mockTxHash);
   });
 
   it('should create and send a contract method tx', async () => {
@@ -156,7 +152,6 @@ describe('Contract Class', () => {
     expect(txHash).toBe(mockTxHash);
     expect(receipt).toBe(mockTxReceipt);
     expect(wallet.sendTx).toHaveBeenCalledTimes(1);
-    expect(wallet.sendTx).toHaveBeenCalledWith(mockTx);
   });
 
   it('should call view on a utility function', async () => {

yarn-project/aztec.js/src/contract/deploy_method.ts

@@ -10,7 +10,7 @@ import {
   getContractInstanceFromInstantiationParams,
 } from '@aztec/stdlib/contract';
 import type { PublicKeys } from '@aztec/stdlib/keys';
-import { type Capsule, type TxProfileResult, TxProvingResult, collectOffchainEffects } from '@aztec/stdlib/tx';
+import { type Capsule, type TxProfileResult, collectOffchainEffects } from '@aztec/stdlib/tx';
 
 import { publishContractClass } from '../deployment/publish_class.js';
 import { publishInstance } from '../deployment/publish_instance.js';
@@ -19,7 +19,6 @@ import { BaseContractInteraction } from './base_contract_interaction.js';
 import type { Contract } from './contract.js';
 import type { ContractBase } from './contract_base.js';
 import { ContractFunctionInteraction } from './contract_function_interaction.js';
-import { DeployProvenTx } from './deploy_proven_tx.js';
 import { DeploySentTx } from './deploy_sent_tx.js';
 import { getGasLimits } from './get_gas_limits.js';
 import {
@@ -142,7 +141,7 @@ export class DeployMethod<TContract extends ContractBase = Contract> extends Bas
     return finalExecutionPayload;
   }
 
-  protected convertDeployOptionsToRequestOptions(options: DeployOptions): RequestDeployOptions {
+  convertDeployOptionsToRequestOptions(options: DeployOptions): RequestDeployOptions {
     return {
       ...options,
       deployer: !options?.universalDeploy ? options.from : undefined,
@@ -229,12 +228,6 @@ export class DeployMethod<TContract extends ContractBase = Contract> extends Bas
     return mergeExecutionPayloads(executionsPayloads);
   }
 
-  override async proveInternal(options: DeployOptions): Promise<TxProvingResult> {
-    const executionPayload = await this.request(this.convertDeployOptionsToRequestOptions(options));
-    const proveOptions = await toSendOptions(options);
-    return await this.wallet.proveTx(executionPayload, proveOptions);
-  }
-
   /**
    * Send a contract deployment transaction (initialize and/or publish) using the provided options.
    * This function extends the 'send' method from the ContractFunctionInteraction class,
@@ -244,8 +237,10 @@ export class DeployMethod<TContract extends ContractBase = Contract> extends Bas
    * @returns A SentTx object that returns the receipt and the deployed contract instance.
    */
   public override send(options: DeployOptions): DeploySentTx<TContract> {
-    const sendTx = () => {
-      return super.send(options).getTxHash();
+    const sendTx = async () => {
+      const executionPayload = await this.request(this.convertDeployOptionsToRequestOptions(options));
+      const sendOptions = await toSendOptions(options);
+      return this.wallet.sendTx(executionPayload, sendOptions);
     };
     this.log.debug(`Sent deployment tx of ${this.artifact.name} contract`);
     return new DeploySentTx(this.wallet, sendTx, this.postDeployCtor, () => this.getInstance(options));
@@ -270,22 +265,6 @@ export class DeployMethod<TContract extends ContractBase = Contract> extends Bas
     return this.instance;
   }
 
-  /**
-   * Prove the request.
-   * @param options - initialization and publication options.
-   * @returns The proven tx.
-   */
-  public override async prove(options: DeployOptions): Promise<DeployProvenTx<TContract>> {
-    const txProvingResult = await this.proveInternal(options);
-    return await DeployProvenTx.fromProvingResult(
-      this.wallet,
-      txProvingResult,
-      this.postDeployCtor,
-      () => this.getInstance(options),
-      txProvingResult.stats,
-    );
-  }
-
   /**
    * Simulate the deployment
    *