docs(yellow-paper): changes to circuit sections (#4616)

Please read [contributing guidelines](CONTRIBUTING.md) and remove this line.
AztecProtocol · Mar 1, 2024 · 3260081 · 3260081
1 parent 553c2c6
commit 3260081
Show file tree

Hide file tree

Showing 8 changed files with 605 additions and 489 deletions.
diff --git a/yellow-paper/docs/circuits/private-function.md b/yellow-paper/docs/circuits/private-function.md
diff --git a/yellow-paper/docs/circuits/private-kernel-initial.mdx b/yellow-paper/docs/circuits/private-kernel-initial.mdx
diff --git a/yellow-paper/docs/circuits/private-kernel-inner.mdx b/yellow-paper/docs/circuits/private-kernel-inner.mdx
@@ -28,30 +28,23 @@ The previous proof and the proof for the current function call are verified usin
 
 This section follows the same [process](./private-kernel-initial.mdx#ensuring-the-function-being-called-exists-in-the-contract) as outlined in the initial private kernel circuit.
 
-#### Ensuring the function is legitimate:
-
-For the [`function_data`](./private-kernel-initial.mdx#functiondata) in [`private_call`](#privatecall)[`.call_stack_item`](./private-kernel-initial.mdx#privatecallstackitem), this circuit verifies that:
-
-- It must be a private function:
-  - `function_data.function_type == private`
-
 #### Ensuring the current call matches the call request.
 
 <!-- TODO: we should align the terminology of "call stacks" and "call requests". They appear to be the same thing, but with differing names in different places. -->
 
-The top item in the `private_call_requests` of the [`previous_kernel`](#previouskernel) must pertain to the current function call.
+The top item in the `private_call_request_stack` of the [`previous_kernel`](#previouskernel) must pertain to the current function call.
 
 This circuit will:
 
-1. Pop the request from the stack:
+1. Pop the call request from the stack:
 
-   - `call_request = previous_kernel.public_inputs.transient_accumulated_data.private_call_requests.pop()`
+   - `call_request = previous_kernel.public_inputs.transient_accumulated_data.private_call_request_stack.pop()`
 
 2. Compare the hash with that of the current function call:
 
-   - `call_request.call_stack_item_hash == private_call.call_stack_item.hash()` <!-- I renamed the data member from `hash` to `call_stack_item_hash`, because I was getting confused. -->
+   - `call_request.call_stack_item_hash == private_call.call_stack_item.hash()`
    - The hash of the `call_stack_item` is computed as:
-     - `hash(contract_address, function_data.hash(), public_inputs.hash(), counter_start, counter_end)` <!-- TODO: concrete hashing explanation -->
+     - `hash(contract_address, function_data.hash(), public_inputs.hash())` <!-- TODO: concrete hashing explanation -->
      - Where `function_data.hash()` and `public_inputs.hash()` are the hashes of the serialized field elements. <!-- TODO: concrete hashing explanations -->
 
 #### Ensuring this function is called with the correct context.
@@ -82,11 +75,6 @@ For the `call_context` in the [`public_inputs`](./private-function.md#public-inp
    - The previous iteration must not be a static call:
      - `caller_context.is_static_call == false`
 
-4. If it is an internal call: `call_stack_item.function_data.is_internal == true`
-
-   - The `msg_sender` of the current iteration must equal the `storage_contract_address`:
-     - `call_context.msg_sender == call_context.storage_contract_address`
-
 #### Verifying the private function proof.
 
 It verifies that the private function was executed successfully with the provided proof data, verification key, and the public inputs, sourced from [`private_inputs`](#private-inputs)[`.private_call`](#privatecall).
@@ -110,7 +98,7 @@ It ensures the private function circuit's intention by checking the following in
 
 This section follows the same [process](./private-kernel-initial.mdx#verifying-the-counters) as outlined in the initial private kernel circuit.
 
-Additionally, it verifies that for the [`call_stack_item`](#privatecallstackitem), the `counter_start` and `counter_end` must match those in the `call_request` [popped](#ensuring-the-current-call-matches-the-call-request) from the `private_call_requests` in a previous step.
+Additionally, it verifies that for the [`call_stack_item`](#privatecallstackitem), the `counter_start` and `counter_end` must match those in the `call_request` [popped](#ensuring-the-current-call-matches-the-call-request) from the `private_call_request_stack` in a previous step.
 
 ### Validating Public Inputs
 
@@ -124,13 +112,13 @@ For each array in the `transient_accumulated_data`, this circuit verifies that:
 
    - `public_inputs.transient_accumulated_data.ARRAY[0..N] == private_inputs.previous_kernel.public_inputs.transient_accumulated_data.ARRAY[0..N]`
 
-   > It's important to note that the top item in the `private_call_requests` from the `previous_kernel` won't be included, as it has been removed in a [previous step](#ensuring-the-current-call-matches-the-call-request).
+   > It's important to note that the top item in the `private_call_request_stack` from the `previous_kernel` won't be included, as it has been removed in a [previous step](#ensuring-the-current-call-matches-the-call-request).
 
 2. As for the subsequent items appended after the values from the previous iterations, they constitute the values from the `private_call`, and each must undergo the same [verification](./private-kernel-initial.mdx#verifying-the-transient-accumulated-data) as outlined in the initial private kernel circuit.
 
-#### Verifying the constant data.
+#### Verifying other data.
 
-It verifies that the [`constant_data`](./private-kernel-initial.mdx#constantdata) in the [`public_inputs`](#public-inputs) matches the `constant_data` in [`private_inputs`](#private-inputs)[`.previous_kernel`](#previouskernel)[`.public_inputs`](./private-kernel-initial.mdx#public-inputs).
+It verifies that the [`constant_data`](./private-kernel-initial.mdx#constantdata) and the `min_revertible_side_effect_counter` in the [`public_inputs`](#public-inputs) align with the corresponding values in [`private_inputs`](#private-inputs)[`.previous_kernel`](#previouskernel)[`.public_inputs`](./private-kernel-initial.mdx#public-inputs).
 
 <!-- This is a bodge to make the diagram legible (it was being shrunk to be too small, otherwise). -->
 
@@ -212,8 +200,6 @@ class PrivateCallStackItem {
     contract_address: AztecAddress
     function_data: FunctionData
     public_inputs: PrivateFunctionPublicInputs
-    counter_start: field
-    counter_end: field
 }
 PrivateCallStackItem *-- FunctionData: function_data
 PrivateCallStackItem *-- PrivateFunctionPublicInputs: public_inputs
@@ -225,7 +211,7 @@ PrivateCallStackItem .. CallContext: if is_delegatecall then\n contract_address
 
 PrivateCallStackItem .. PrivateFunctionPublicInputs: Validate counter_start & counter_end\nvs. the counters of the ordered arrays
 
-PrivateCallStackItem .. CallRequest: Validate all counter_start\n& counter_end values.
+PrivateCallStackItem .. PrivateCallRequestContext: Validate all counter_start\n& counter_end values.
 
 TransactionRequest .. PrivateFunctionPublicInputs: args_hash == args_hash
 
@@ -235,8 +221,7 @@ ContractInstance .. PrivateCallStackItem: hash(contract_data) == contract_addres
 
 class FunctionData {
     function_selector: u32
-    function_type: private|public|unconstrained
-    is_internal: bool
+    function_type: private|public
 }
 
 class PrivateFunctionPublicInputs {
@@ -246,25 +231,32 @@ class PrivateFunctionPublicInputs {
     note_hashes: List~NoteHash~
     nullifiers: List~Nullifier~
     l2_to_l1_messages: List~field~
-    read_requests: List~ReadRequest~
-    nullifier_key_validation_requests: List~NullifierKeyValidationRequest~
     unencrypted_log_hashes: List~UnencryptedLogHash~
     encrypted_log_hashes: List~EncryptedLogHash~
     encrypted_note_preimage_hashes: List~EncryptedNotePreimageHash~
-    private_call_stack_item_hashes: List~field~
-    public_call_stack_item_hashes: List~field~
+    note_hash_read_requests: List~ReadRequest~
+    nullifier_read_requests: List~ReadRequest~
+    nullifier_key_validation_requests: List~ParentSecretKeyValidationRequest~
+    public_call_requests: List~PublicCallRequest~
+    private_call_requests: List~PrivateCallRequest~
+    counter_start: u32
+    counter_end: u32
+    min_revertible_side_effect_counter: u32
     block_header: BlockHeader
     chain_id: field
     version: field
 }
 PrivateFunctionPublicInputs *-- CallContext: call_context
 PrivateFunctionPublicInputs *-- NoteHash: note_hashes
 PrivateFunctionPublicInputs *-- Nullifier: nullifiers
-PrivateFunctionPublicInputs *-- ReadRequest: read_requests
-PrivateFunctionPublicInputs *-- NullifierKeyValidationRequest: nullifier_key_validation_requests
+PrivateFunctionPublicInputs *-- ReadRequest: note_hash_read_requests
+PrivateFunctionPublicInputs *-- ReadRequest: nullifier_read_requests
+PrivateFunctionPublicInputs *-- ParentSecretKeyValidationRequest: nullifier_key_validation_requests
 PrivateFunctionPublicInputs *-- UnencryptedLogHash: unencrypted_log_hashes
 PrivateFunctionPublicInputs *-- EncryptedLogHash: encrypted_log_hashes
 PrivateFunctionPublicInputs *-- EncryptedNotePreimageHash: encrypted_note_preimage_hashes
+PrivateFunctionPublicInputs *-- PublicCallRequest: public_call_requests
+PrivateFunctionPublicInputs *-- PrivateCallRequest: private_call_requests
 PrivateFunctionPublicInputs *-- BlockHeader: block_header
 
 TransactionContext .. PrivateFunctionPublicInputs: chain_id==chain_id\nversion==version
@@ -289,8 +281,7 @@ CallContext ..> CallerContext : call_context
 
 CallContext .. NoteHashContext: storage_contract_address\n== contract_address
 CallContext .. NullifierContext: storage_contract_address\n== contract_address
-CallContext .. ReadRequestContext: storage_contract_address\n== contract_address
-CallContext .. NullifierKeyValidationRequestContext: storage_contract_address\n== contract_address
+CallContext .. ParentSecretKeyValidationRequestContext: storage_contract_address\n== contract_address
 CallContext .. UnencryptedLogHashContext: storage_contract_address\n== contract_address
 CallContext .. EncryptedLogHashContext: storage_contract_address\n== contract_address
 CallContext .. EncryptedNotePreimageHashContext: storage_contract_address\n== contract_address
@@ -313,15 +304,26 @@ Nullifier ..> NullifierContext: nullifiers\n->nullifier_contexts
 
 class ReadRequest {
     note_hash: field
+    contract_address: AztecAddress
     counter: field
 }
-ReadRequest ..> ReadRequestContext: read_requests\n->read_request_contexts
 
-class NullifierKeyValidationRequest {
-    public_key: GrumpkinPoint
-    secret_key: fq
+class PublicCallRequest {
+    call_stack_item_hash: field
+    counter: field
+}
+
+class PrivateCallRequest {
+    call_stack_item_hash: field
+    counter_start: field
+    counter_end: field
+}
+
+class ParentSecretKeyValidationRequest {
+    parent_public_key: GrumpkinPoint
+    hardened_child_secret_key: fq
 }
-NullifierKeyValidationRequest ..> NullifierKeyValidationRequestContext: nullifier_key_validation_requests\n->nullifier_key_validation_request_contexts
+ParentSecretKeyValidationRequest ..> ParentSecretKeyValidationRequestContext: nullifier_key_validation_requests\n->nullifier_key_validation_request_contexts
 
 class UnencryptedLogHash {
     hash: field
@@ -356,16 +358,26 @@ class BlockHeader {
     global_variables_hash: field
 }
 
-class CallRequest {
+class PublicCallRequestContext {
+    call_stack_item_hash: field
+    caller_contract_address: AztecAddress
+    caller_context: CallerContext
+    counter: field
+}
+CallerContext --* PublicCallRequestContext : caller_context
+
+PublicCallRequest ..> PublicCallRequestContext: public_call_requests->public_call_request_contexts
+
+class PrivateCallRequestContext {
     call_stack_item_hash: field
-    caller_contract: AztecAddress
+    caller_contract_address: AztecAddress
     caller_context: CallerContext
     counter_start: field
     counter_end: field
 }
-CallerContext --* CallRequest : caller_context
+CallerContext --* PrivateCallRequestContext : caller_context
 
-PrivateFunctionPublicInputs ..> CallRequest: private_call_stack_item_hash->call_stack_item_hash\npublic_call_stack_item_hash->call_stack_item_hash
+PrivateCallRequest ..> PrivateCallRequestContext: private_call_requests->private_call_request_stack
 
 class CallerContext {
     msg_sender: AztecAddress
@@ -395,15 +407,9 @@ class L2ToL1MessageContext {
     contract_address: AztecAddress
 }
 
-class ReadRequestContext {
-    note_hash: field
-    counter: field
-    contract_address: AztecAddress
-}
-
-class NullifierKeyValidationRequestContext {
-    public_key: field
-    secret_key: field
+class ParentSecretKeyValidationRequestContext {
+    parent_public_key: GrumpkinPoint
+    hardened_child_secret_key: fq
     contract_address: AztecAddress
 }
 
@@ -442,31 +448,34 @@ class ContractInstance {
   contract_class_id: field
   contract_args_hash: field
   portal_contract_address: EthereumAddress
-  public_keys_hash: Field
+  public_keys_hash: field
 }
 
 class TransientAccumulatedData {
   note_hash_contexts: List~NoteHashContext~
   nullifier_contexts: List~NullifierContext~
   l2_to_l1_message_contexts: List~L2ToL1MessageContext~
-  read_request_contexts: List~ReadRequestContext~
-  nullifier_key_validation_request_contexts: List~NullifierKeyValidationRequestContext~
   unencrypted_log_hash_contexts: List~UnencryptedLogHashContext~
   encrypted_log_hash_contexts: List~EncryptedLogHashContext~
   encrypted_note_preimage_hash_contexts: List~EncryptedNotePreimageHashContext~
-  private_call_requests: List~CallRequest~
-  public_call_requests: List~CallRequest~
+  note_hash_read_requests: List~ReadRequest~
+  nullifier_read_requests: List~ReadRequest~
+  nullifier_key_validation_request_contexts: List~ParentSecretKeyValidationRequestContext~
+  public_call_request_contexts: List~PublicCallRequestContext~
+  private_call_request_stack: List~PrivateCallRequestContext~
 }
 NoteHashContext --* TransientAccumulatedData: note_hash_contexts
 NullifierContext --* TransientAccumulatedData: nullifier_contexts
 L2ToL1MessageContext --* TransientAccumulatedData: l2_to_l1_message_contexts
-ReadRequestContext --* TransientAccumulatedData: read_request_contexts
-NullifierKeyValidationRequestContext --* TransientAccumulatedData: nullifier_key_validation_request_contexts
+ReadRequest --* TransientAccumulatedData: note_hash_read_requests
+ReadRequest --* TransientAccumulatedData: nullifier_read_requests
+ParentSecretKeyValidationRequestContext --* TransientAccumulatedData: nullifier_key_validation_request_contexts
 UnencryptedLogHashContext --* TransientAccumulatedData: unencrypted_log_hash_contexts
 EncryptedLogHashContext --* TransientAccumulatedData: encrypted_log_hash_contexts
 EncryptedNotePreimageHashContext --* TransientAccumulatedData: encrypted_note_preimage_hash_contexts
-CallRequest --* TransientAccumulatedData: private_call_requests
-CallRequest --* TransientAccumulatedData: public_call_requests
+PublicCallRequestContext --* TransientAccumulatedData: public_call_request_contexts
+PrivateCallRequestContext --* TransientAccumulatedData: private_call_request_stack
+PublicCallRequestContext --* TransientAccumulatedData: public_call_request_contexts
 
 class ConstantData {
     block_header: BlockHeader