Squashed commit of the following:

commit 4064e18
Author: AztecBot <[email protected]>
Date:   Thu Mar 28 02:17:40 2024 +0000

    git subrepo push --branch=master noir-projects/aztec-nr

    subrepo:
      subdir:   "noir-projects/aztec-nr"
      merged:   "485393ab1"
    upstream:
      origin:   "https://github.com/AztecProtocol/aztec-nr"
      branch:   "master"
      commit:   "485393ab1"
    git-subrepo:
      version:  "0.4.6"
      origin:   "???"
      commit:   "???" [skip ci]

commit a8b48b8
Author: AztecBot <[email protected]>
Date:   Thu Mar 28 02:17:37 2024 +0000

    git_subrepo.sh: Fix parent in .gitrepo file. [skip ci]

commit 1f468db
Author: AztecBot <[email protected]>
Date:   Thu Mar 28 02:17:37 2024 +0000

    chore: replace relative paths to noir-protocol-circuits

commit 4329d40
Author: AztecBot <[email protected]>
Date:   Thu Mar 28 02:12:17 2024 +0000

    git subrepo push --branch=master barretenberg

    subrepo:
      subdir:   "barretenberg"
      merged:   "8afbd6d42"
    upstream:
      origin:   "https://github.com/AztecProtocol/barretenberg"
      branch:   "master"
      commit:   "8afbd6d42"
    git-subrepo:
      version:  "0.4.6"
      origin:   "???"
      commit:   "???" [skip ci]

commit a18288d
Author: Álvaro Rodríguez <[email protected]>
Date:   Wed Mar 27 22:00:46 2024 +0100

    feat: Dont double check num bits in brillig vm (#5489)

    We already have typed memory, that is checked on data ingestion and
    outputs of operations. It shouldn't be necessary to perform safe type
    conversions for MemoryValues

commit b9041e4
Author: maramihali <[email protected]>
Date:   Wed Mar 27 16:39:39 2024 -0400

    chore: add goblin ops in add_gates_to_ensure_all_polys_are_non_zero  (#5468)

    Resolves AztecProtocol/barretenberg#843.

    Removes the need to add golin ecc ops  for each UGH circuit by
    ensuring we add the dummy gates as part of the function used to ensure
    other polynomials are non-zero due to the absence of specific gates.
    However, we keep adding goblin ecc gates
    to circuits in situations when we want to test Goblin and also in
    ClientIVC because merge proving is done prior to ProverInstance
    creation.

commit 277168f
Author: esau <[email protected]>
Date:   Wed Mar 27 18:10:48 2024 +0100

    chore: run nargo format for noir-projects (#5483)

barretenberg/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/barretenberg
 	branch = master
-	commit = a58c46fc8c87db58aa091d9752640f5b5087ade5
-	parent = a4d4ee8dc927cf7f8b09013c72a5b4cc4bf86075
+	commit = 8afbd6d42c6f63e3e47761fde5cd2d8baebb9f04
+	parent = a18288d9b8f3057b9e79362d922da656dacf22a9
 	method = merge
 	cmdver = 0.4.6

barretenberg/cpp/src/barretenberg/client_ivc/client_ivc.test.cpp

@@ -38,14 +38,20 @@ class ClientIVCTests : public ::testing::Test {
 
     /**
      * @brief Construct mock circuit with arithmetic gates and goblin ops
-     * @details Currently default sized to 2^16 to match kernel. (Note: op gates will bump size to next power of
-     2)
+     * @details Currently default sized to 2^16 to match kernel. (Note: dummy op gates added to avoid non-zero
+     * polynomials will bump size to next power of 2)
      *
      */
     static Builder create_mock_circuit(ClientIVC& ivc, size_t log2_num_gates = 15)
     {
         Builder circuit{ ivc.goblin.op_queue };
         MockCircuits::construct_arithmetic_circuit(circuit, log2_num_gates);
+
+        // TODO(https://github.com/AztecProtocol/barretenberg/issues/911): We require goblin ops to be added to the
+        // function circuit because we cannot support zero commtiments. While the builder handles this at
+        // finalisation stage via the add_gates_to_ensure_all_polys_are_non_zero function for other UGH
+        // circuits (where we don't explicitly need to add goblin ops), in ClientIVC merge proving happens prior to
+        // folding where the absense of goblin ecc ops will result in zero commitments.
         MockCircuits::construct_goblin_ecc_op_circuit(circuit);
         return circuit;
     }

barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_format.cpp

@@ -247,10 +247,6 @@ GoblinUltraCircuitBuilder create_circuit(const AcirFormat& constraint_system,
     bool has_valid_witness_assignments = !witness.empty();
     acir_format::build_constraints(builder, constraint_system, has_valid_witness_assignments);
 
-    // TODO(https://github.com/AztecProtocol/barretenberg/issues/817): Add some arbitrary op gates to ensure the
-    // associated polynomials are non-zero and to give ECCVM and Translator some ECC ops to process.
-    MockCircuits::construct_goblin_ecc_op_circuit(builder);
-
     return builder;
 };
 

barretenberg/cpp/src/barretenberg/dsl/acir_proofs/goblin_acir_composer.cpp

@@ -17,7 +17,7 @@ void GoblinAcirComposer::create_circuit(acir_format::AcirFormat& constraint_syst
     acir_format::build_constraints(builder_, constraint_system, true);
 
     // TODO(https://github.com/AztecProtocol/barretenberg/issues/817): Add some arbitrary op gates to ensure the
-    // associated polynomials are non-zero and to give ECCVM and Translator some ECC ops to process.
+    //  to give ECCVM and Translator some ECC ops to process.
     MockCircuits::construct_goblin_ecc_op_circuit(builder_);
 }
 

barretenberg/cpp/src/barretenberg/goblin/goblin_recursion.test.cpp

@@ -45,7 +45,8 @@ TEST_F(GoblinRecursionTests, Vanilla)
     size_t NUM_CIRCUITS = 2;
     for (size_t circuit_idx = 0; circuit_idx < NUM_CIRCUITS; ++circuit_idx) {
 
-        // Construct and accumulate a mock function circuit
+        // Construct and accumulate a mock function circuit containing both arbitrary arithmetic gates and goblin
+        // ecc op gates to make it a meaningful test
         GoblinUltraCircuitBuilder function_circuit{ goblin.op_queue };
         MockCircuits::construct_arithmetic_circuit(function_circuit, /*target_log2_dyadic_size=*/8);
         MockCircuits::construct_goblin_ecc_op_circuit(function_circuit);

barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp

@@ -70,9 +70,11 @@ class GoblinMockCircuits {
         stdlib::generate_ecdsa_verification_test_circuit(builder, NUM_ITERATIONS); // min gates: ~41k
         stdlib::generate_merkle_membership_test_circuit(builder, NUM_ITERATIONS);  // min gates: ~29k
 
-        // Note: its not clear whether goblin ops will be supported for function circuits initially but currently
-        // UGH can only be used if some op gates are included so for now we'll assume each function circuit has
-        // some.
+        // TODO(https://github.com/AztecProtocol/barretenberg/issues/911): We require goblin ops to be added to the
+        // function circuit because we cannot support zero commtiments. While the builder handles this at
+        // ProverInstance creation stage via the add_gates_to_ensure_all_polys_are_non_zero function for other UGH
+        // circuits (where we don't explicitly need to add goblin ops), in ClientIVC merge proving happens prior to
+        // folding where the absense of goblin ecc ops will result in zero commitments.
         MockCircuits::construct_goblin_ecc_op_circuit(builder);
     }
 

barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/goblin_ultra_circuit_builder.cpp

@@ -82,6 +82,10 @@ template <typename FF> void GoblinUltraCircuitBuilder_<FF>::add_gates_to_ensure_
     // dummy gate to be read into by previous poseidon internal gate via shifts
     this->create_dummy_gate(
         this->blocks.poseidon_internal, this->zero_idx, this->zero_idx, this->zero_idx, this->zero_idx);
+
+    // add dummy mul accum op and an equality op
+    this->queue_ecc_mul_accum(bb::g1::affine_element::one() * FF::random_element(), FF::random_element());
+    this->queue_ecc_eq();
 }
 
 /**

barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mock_circuits.hpp

@@ -62,16 +62,15 @@ class MockCircuits {
     }
 
     /**
-     * @brief Populate a builder with some arbitrary goblinized ECC ops
+     * @brief Populate a builder with some arbitrary goblinized ECC ops, one of each type
      *
      * @param builder
      */
     static void construct_goblin_ecc_op_circuit(GoblinUltraCircuitBuilder& builder)
     {
-        // Add a mul accum op and an equality op
-        auto point = Point::one() * FF::random_element();
-        auto scalar = FF::random_element();
-        builder.queue_ecc_mul_accum(point, scalar);
+        // Add a mul accum op, an add accum op and an equality op
+        builder.queue_ecc_add_accum(Point::one() * FF::random_element());
+        builder.queue_ecc_mul_accum(Point::one() * FF::random_element(), FF::random_element());
         builder.queue_ecc_eq();
     }
 };

noir-projects/aztec-nr/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 	remote = https://github.com/AztecProtocol/aztec-nr
 	branch = master
-	commit = 07332f6ce49d75b3d4186de8edee2610fae3cbaf
+	commit = 485393ab11218b3f1d785728a92fd3e8e1ea4978
 	method = merge
 	cmdver = 0.4.6
-	parent = f4c6b299253c0bdd3c2a41bd79e1c0d2ed226409
+	parent = 52be8932695ae9864e9a78597f716b81c388ca1c

noir-projects/aztec-nr/authwit/src/account.nr

@@ -1,6 +1,6 @@
 use dep::aztec::context::{PrivateContext, PublicContext, Context};
 use dep::aztec::state_vars::{Map, PublicMutable};
-use dep::aztec::protocol_types::{address::AztecAddress, abis::function_selector::FunctionSelector, hash::{pedersen_hash}};
+use dep::aztec::protocol_types::{address::AztecAddress, abis::function_selector::FunctionSelector, hash::pedersen_hash};
 
 use crate::entrypoint::{app::AppPayload, fee::FeePayload};
 use crate::auth::{IS_VALID_SELECTOR, compute_outer_authwit_hash};
@@ -76,7 +76,12 @@ impl AccountActions {
         // The `inner_hash` is "siloed" with the `msg_sender` to ensure that only it can 
         // consume the message.
         // This ensures that contracts cannot consume messages that are not intended for them.
-        let message_hash = compute_outer_authwit_hash(context.msg_sender(), context.chain_id(), context.version(), inner_hash);
+        let message_hash = compute_outer_authwit_hash(
+            context.msg_sender(),
+            context.chain_id(),
+            context.version(),
+            inner_hash
+        );
         let valid_fn = self.is_valid_impl;
         assert(valid_fn(context, message_hash) == true, "Message not authorized by account");
         context.push_new_nullifier(message_hash, 0);
@@ -90,7 +95,12 @@ impl AccountActions {
         // The `inner_hash` is "siloed" with the `msg_sender` to ensure that only it can 
         // consume the message.
         // This ensures that contracts cannot consume messages that are not intended for them.
-        let message_hash = compute_outer_authwit_hash(context.msg_sender(), context.chain_id(), context.version(), inner_hash);
+        let message_hash = compute_outer_authwit_hash(
+            context.msg_sender(),
+            context.chain_id(),
+            context.version(),
+            inner_hash
+        );
         let is_valid = self.approved_action.at(message_hash).read();
         assert(is_valid == true, "Message not authorized by account");
         context.push_new_nullifier(message_hash, 0);

noir-projects/aztec-nr/aztec/src/context/inputs/private_context_inputs.nr

@@ -1,7 +1,4 @@
-use dep::protocol_types::{
-    abis::call_context::CallContext,
-    header::Header
-};
+use dep::protocol_types::{abis::call_context::CallContext, header::Header};
 use crate::context::globals::private_global_variables::PrivateGlobalVariables;
 
 // PrivateContextInputs are expected to be provided to each private function

noir-projects/aztec-nr/aztec/src/context/public_context.nr

@@ -15,7 +15,8 @@ use dep::protocol_types::{
     MAX_NEW_NOTE_HASHES_PER_CALL, MAX_NEW_L2_TO_L1_MSGS_PER_CALL, MAX_NEW_NULLIFIERS_PER_CALL,
     MAX_PUBLIC_CALL_STACK_LENGTH_PER_CALL, MAX_PUBLIC_DATA_READS_PER_CALL,
     MAX_PUBLIC_DATA_UPDATE_REQUESTS_PER_CALL, MAX_NOTE_HASH_READ_REQUESTS_PER_CALL,
-    MAX_NULLIFIER_READ_REQUESTS_PER_CALL, MAX_NULLIFIER_NON_EXISTENT_READ_REQUESTS_PER_CALL, RETURN_VALUES_LENGTH
+    MAX_NULLIFIER_READ_REQUESTS_PER_CALL, MAX_NULLIFIER_NON_EXISTENT_READ_REQUESTS_PER_CALL,
+    RETURN_VALUES_LENGTH
 },
     contrakt::{storage_read::StorageRead, storage_update_request::StorageUpdateRequest},
     hash::hash_args_array, header::Header, messaging::l2_to_l1_message::L2ToL1Message,

noir-projects/aztec-nr/aztec/src/deploy.nr

@@ -8,7 +8,9 @@ pub fn deploy_contract(context: &mut PrivateContext, target: AztecAddress) {
 
     let universal_deploy = is_default(instance.deployer);
     if !universal_deploy {
-        assert(instance.deployer == context.this_address(), "Deployer address does not match current address");
+        assert(
+            instance.deployer == context.this_address(), "Deployer address does not match current address"
+        );
     }
 
     // Adapted from noir-contracts/contracts/contract_instance_deployer_contract/src/interface/ContractInstanceDeployer.nr

noir-projects/aztec-nr/aztec/src/history/contract_inclusion.nr

@@ -1,61 +1,48 @@
 use dep::protocol_types::{
-    address::{AztecAddress, EthAddress}, 
-    contract_class_id::ContractClassId,
-    grumpkin_point::GrumpkinPoint,
-    hash::silo_nullifier,
-    constants::DEPLOYER_CONTRACT_ADDRESS
+    address::{AztecAddress, EthAddress}, contract_class_id::ContractClassId,
+    grumpkin_point::GrumpkinPoint, hash::silo_nullifier, constants::DEPLOYER_CONTRACT_ADDRESS
 };
 use dep::std::merkle::compute_merkle_root;
 
 use crate::{
     context::PrivateContext,
     history::{
-        nullifier_inclusion::prove_nullifier_inclusion_at,
-        nullifier_non_inclusion::prove_nullifier_not_included_at,
-    }
+    nullifier_inclusion::prove_nullifier_inclusion_at,
+    nullifier_non_inclusion::prove_nullifier_not_included_at
+}
 };
 
-pub fn prove_contract_deployment_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_deployment_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute deployment nullifier
-    let nullifier = silo_nullifier(AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS), contract_address.to_field());
+    let nullifier = silo_nullifier(
+        AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS),
+        contract_address.to_field()
+    );
 
     // Prove its inclusion
     prove_nullifier_inclusion_at(nullifier, block_number, context);
 }
 
-pub fn prove_contract_non_deployment_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_non_deployment_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute deployment nullifier
-    let nullifier = silo_nullifier(AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS), contract_address.to_field());
+    let nullifier = silo_nullifier(
+        AztecAddress::from_field(DEPLOYER_CONTRACT_ADDRESS),
+        contract_address.to_field()
+    );
 
     // Prove its non-inclusion
     prove_nullifier_not_included_at(nullifier, block_number, context);
 }
 
-pub fn prove_contract_initialization_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_initialization_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute initialization nullifier
     let nullifier = silo_nullifier(contract_address, contract_address.to_field());
 
     // Prove its inclusion
     prove_nullifier_inclusion_at(nullifier, block_number, context);
 }
 
-pub fn prove_contract_non_initialization_at(
-    contract_address: AztecAddress,
-    block_number: u32,
-    context: PrivateContext
-) {
+pub fn prove_contract_non_initialization_at(contract_address: AztecAddress, block_number: u32, context: PrivateContext) {
     // Compute initialization nullifier
     let nullifier = silo_nullifier(contract_address, contract_address.to_field());
 

noir-projects/aztec-nr/aztec/src/initializer.nr

@@ -1,14 +1,12 @@
 use dep::protocol_types::{
-    hash::{silo_nullifier, pedersen_hash},
-    constants::GENERATOR_INDEX__CONSTRUCTOR,
-    abis::function_selector::FunctionSelector,
-    traits::is_default,
+    hash::{silo_nullifier, pedersen_hash}, constants::GENERATOR_INDEX__CONSTRUCTOR,
+    abis::function_selector::FunctionSelector, traits::is_default,
 };
 
 use crate::{
     context::{PrivateContext, PublicContext, ContextInterface},
     oracle::get_contract_instance::get_contract_instance,
-    history::nullifier_inclusion::prove_nullifier_inclusion,
+    history::nullifier_inclusion::prove_nullifier_inclusion
 };
 
 pub fn mark_as_initialized<TContext>(context: &mut TContext) where TContext: ContextInterface {
@@ -34,13 +32,16 @@ pub fn compute_unsiloed_contract_initialization_nullifier<TContext>(context: TCo
 }
 
 pub fn assert_initialization_matches_address_preimage<TContext>(context: TContext) where TContext: ContextInterface {
-    let address = context.this_address(); 
+    let address = context.this_address();
     let instance = get_contract_instance(address);
     let expected_init = compute_initialization_hash(context.selector(), context.get_args_hash());
     assert(instance.initialization_hash == expected_init, "Initialization hash does not match");
     assert(is_default(instance.deployer) | (instance.deployer == context.msg_sender()), "Initializer address is not the contract deployer");
 }
 
 pub fn compute_initialization_hash(init_selector: FunctionSelector, init_args_hash: Field) -> Field {
-    pedersen_hash([init_selector.to_field(), init_args_hash], GENERATOR_INDEX__CONSTRUCTOR)
-}
+    pedersen_hash(
+        [init_selector.to_field(), init_args_hash],
+        GENERATOR_INDEX__CONSTRUCTOR
+    )
+}

noir-projects/aztec-nr/aztec/src/messaging.nr

@@ -16,7 +16,14 @@ pub fn process_l1_to_l2_message(
     secret: Field
 ) -> Field {
     let secret_hash = compute_secret_hash(secret);
-    let message_hash = compute_message_hash(portal_contract_address, chain_id, storage_contract_address, version, content, secret_hash);
+    let message_hash = compute_message_hash(
+        portal_contract_address,
+        chain_id,
+        storage_contract_address,
+        version,
+        content,
+        secret_hash
+    );
 
     let returned_message = get_l1_to_l2_membership_witness(storage_contract_address, message_hash, secret);
     let leaf_index = returned_message[0];

noir-projects/aztec-nr/aztec/src/oracle/enqueue_public_function_call.nr

@@ -1,6 +1,5 @@
 use dep::protocol_types::{
-    abis::function_selector::FunctionSelector, 
-    address::AztecAddress, 
+    abis::function_selector::FunctionSelector, address::AztecAddress,
     constants::ENQUEUE_PUBLIC_FUNCTION_CALL_RETURN_LENGTH
 };
 

noir-projects/aztec-nr/aztec/src/oracle/get_l1_to_l2_membership_witness.nr

@@ -1,12 +1,17 @@
-use dep::protocol_types::{
-    address::AztecAddress,
-    constants::L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH,
-};
+use dep::protocol_types::{address::AztecAddress, constants::L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH};
 
 // Obtains membership witness (index and sibling path) for a message in the L1 to L2 message tree.
 #[oracle(getL1ToL2MembershipWitness)]
-fn get_l1_to_l2_membership_witness_oracle(_contract_address: AztecAddress, _message_hash: Field, _secret: Field) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {}
+fn get_l1_to_l2_membership_witness_oracle(
+    _contract_address: AztecAddress,
+    _message_hash: Field,
+    _secret: Field
+) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {}
 
-unconstrained pub fn get_l1_to_l2_membership_witness(contract_address: AztecAddress, message_hash: Field, secret: Field) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {
+unconstrained pub fn get_l1_to_l2_membership_witness(
+    contract_address: AztecAddress,
+    message_hash: Field,
+    secret: Field
+) -> [Field; L1_TO_L2_MESSAGE_ORACLE_CALL_LENGTH] {
     get_l1_to_l2_membership_witness_oracle(contract_address, message_hash, secret)
 }

noir-projects/aztec-nr/aztec/src/oracle/logs.nr

@@ -17,13 +17,13 @@ unconstrained pub fn emit_encrypted_log<N>(
     encryption_pub_key: GrumpkinPoint,
     preimage: [Field; N]
 ) -> Field {
-        emit_encrypted_log_oracle(
-            contract_address,
-            storage_slot,
-            note_type_id,
-            encryption_pub_key,
-            preimage
-        )
+    emit_encrypted_log_oracle(
+        contract_address,
+        storage_slot,
+        note_type_id,
+        encryption_pub_key,
+        preimage
+    )
 }
 
 #[oracle(emitUnencryptedLog)]

noir-projects/aztec-nr/aztec/src/oracle/unsafe_rand.nr

@@ -1,7 +1,6 @@
 #[oracle(getRandomField)]
 fn rand_oracle() -> Field {}
 
-
 // Called `unsafe_rand` because we do not constrain in circuit that we are dealing with an actual random value.
 // Instead we just trust our PXE.
 unconstrained pub fn unsafe_rand() -> Field {

noir-projects/aztec-nr/aztec/src/state_vars/map.nr

@@ -1,5 +1,5 @@
 use crate::context::{PrivateContext, PublicContext, Context};
-use dep::protocol_types::{hash::pedersen_hash, traits::{ToField}};
+use dep::protocol_types::{hash::pedersen_hash, traits::ToField};
 use crate::state_vars::storage::Storage;
 
 // docs:start:map

noir-projects/aztec-nr/aztec/src/state_vars/private_immutable.nr

@@ -1,4 +1,4 @@
-use dep::protocol_types::{address::AztecAddress, constants::{GENERATOR_INDEX__INITIALIZATION_NULLIFIER}, hash::pedersen_hash};
+use dep::protocol_types::{address::AztecAddress, constants::GENERATOR_INDEX__INITIALIZATION_NULLIFIER, hash::pedersen_hash};
 
 use crate::context::{PrivateContext, Context};
 use crate::note::{

noir-projects/aztec-nr/aztec/src/state_vars/private_mutable.nr

@@ -1,4 +1,4 @@
-use dep::protocol_types::{address::AztecAddress, constants::{GENERATOR_INDEX__INITIALIZATION_NULLIFIER}, hash::pedersen_hash};
+use dep::protocol_types::{address::AztecAddress, constants::GENERATOR_INDEX__INITIALIZATION_NULLIFIER, hash::pedersen_hash};
 
 use crate::context::{PrivateContext, PublicContext, Context};
 use crate::note::{