chore: checks that proof_type does not overflow (#11661)

guipublic · web-flow · commit bb4cd6cdfcbc · 2026-02-26T12:58:33.000Z
diff --git a/compiler/noirc_evaluator/src/acir/acir_context/generated_acir/mod.rs b/compiler/noirc_evaluator/src/acir/acir_context/generated_acir/mod.rs
@@ -324,7 +324,15 @@ impl<F: AcirField> GeneratedAcir<F> {
                     proof,
                     public_inputs,
                     key_hash,
-                    proof_type: proof_type.to_u128() as u32,
+                    proof_type: u32::try_from(proof_type.to_u128()).map_err(|_| {
+                        InternalError::General {
+                            message: format!(
+                                "proof_type value {} does not fit into a u32",
+                                proof_type.to_u128()
+                            ),
+                            call_stack: self.get_call_stack(),
+                        }
+                    })?,
                     predicate,
                 }
             }
diff --git a/compiler/noirc_evaluator/src/acir/tests/intrinsics.rs b/compiler/noirc_evaluator/src/acir/tests/intrinsics.rs
@@ -1,6 +1,6 @@
 use acvm::assert_circuit_snapshot;
 
-use crate::acir::tests::ssa_to_acir_program;
+use crate::acir::tests::{ssa_to_acir_program, try_ssa_to_acir};
 
 #[test]
 fn vector_push_back_known_length() {
@@ -986,3 +986,27 @@ fn as_vector_for_vector_with_nested_array() {
     ASSERT w20 = w77
     ");
 }
+
+#[test]
+fn recursive_aggregation_proof_type_truncation_poc() {
+    // A `proof_type` value that overflows u32 (2^32) must produce an InternalError
+    // rather than silently truncating to 0.
+    let src = "
+    acir(inline) fn main f0 {
+      b0():
+        v0 = make_array [Field 0] : [Field; 1]
+        v1 = make_array [Field 1] : [Field; 1]
+        v2 = make_array [Field 2] : [Field; 1]
+        v3 = unchecked_add u32 4294967295, u32 1
+        call recursive_aggregation(v0, v1, v2, Field 3, v3)
+        return
+    }
+    ";
+
+    let err = try_ssa_to_acir(src).expect_err("expected an error when proof_type overflows u32");
+    let message = err.to_string();
+    assert!(
+        message.contains("proof_type") && message.contains("does not fit into a u32"),
+        "unexpected error message: {message}"
+    );
+}
diff --git a/compiler/noirc_evaluator/src/acir/tests/mod.rs b/compiler/noirc_evaluator/src/acir/tests/mod.rs
@@ -41,7 +41,9 @@ fn ssa_to_acir_program_with_debug_info(src: &str) -> (Program<FieldElement>, Vec
 }
 
 /// Attempts to convert SSA to ACIR, returning the error if compilation fails.
-fn try_ssa_to_acir(src: &str) -> Result<(Program<FieldElement>, Vec<DebugInfo>), RuntimeError> {
+pub(crate) fn try_ssa_to_acir(
+    src: &str,
+) -> Result<(Program<FieldElement>, Vec<DebugInfo>), RuntimeError> {
     let ssa = Ssa::from_str(src).unwrap();
     let arg_size_and_visibilities = ssa
         .functions
