refactor: remove outgoing tagging field in logs (#9502)

We are removing the `outgoing_tagging` field in an encrypted log in this
PR. We will be repurposing the `incoming_tagging` field as our `tag`
field in a PR down the stack.

noir-projects/aztec-nr/aztec/src/encrypted_logs/encrypted_event_emission.nr

@@ -12,15 +12,15 @@ fn compute_payload_and_hash<Event, let N: u32>(
     ovsk_app: Field,
     ovpk: OvpkM,
     recipient: AztecAddress,
-) -> ([u8; 416 + N * 32], Field)
+) -> ([u8; 384 + N * 32], Field)
 where
     Event: EventInterface<N>,
 {
     let contract_address: AztecAddress = context.this_address();
     let plaintext = event.private_to_be_bytes(randomness);
 
     // For event logs we never include public values prefix as there are never any public values
-    let encrypted_log: [u8; 416 + N * 32] = compute_private_log_payload(
+    let encrypted_log: [u8; 384 + N * 32] = compute_private_log_payload(
         contract_address,
         ovsk_app,
         ovpk,
@@ -38,7 +38,7 @@ unconstrained fn compute_payload_and_hash_unconstrained<Event, let N: u32>(
     randomness: Field,
     ovpk: OvpkM,
     recipient: AztecAddress,
-) -> ([u8; 416 + N * 32], Field)
+) -> ([u8; 384 + N * 32], Field)
 where
     Event: EventInterface<N>,
 {

noir-projects/aztec-nr/aztec/src/encrypted_logs/encrypted_note_emission.nr

@@ -15,7 +15,7 @@ fn compute_payload_and_hash<Note, let N: u32>(
     ovsk_app: Field,
     ovpk: OvpkM,
     recipient: AztecAddress,
-) -> (u32, [u8; 417 + N * 32], Field)
+) -> (u32, [u8; 385 + N * 32], Field)
 where
     Note: NoteInterface<N>,
 {
@@ -32,7 +32,7 @@ where
     let plaintext = note.to_be_bytes(storage_slot);
 
     // For note logs we always include public values prefix
-    let encrypted_log: [u8; 417 + N * 32] =
+    let encrypted_log: [u8; 385 + N * 32] =
         compute_private_log_payload(contract_address, ovsk_app, ovpk, recipient, plaintext, true);
     let log_hash = sha256_to_field(encrypted_log);
 
@@ -44,7 +44,7 @@ unconstrained fn compute_payload_and_hash_unconstrained<Note, let N: u32>(
     note: Note,
     ovpk: OvpkM,
     recipient: AztecAddress,
-) -> (u32, [u8; 417 + N * 32], Field)
+) -> (u32, [u8; 385 + N * 32], Field)
 where
     Note: NoteInterface<N>,
 {

noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr

@@ -39,7 +39,7 @@ fn compute_private_log_payload<let P: u32, let M: u32>(
 
     let mut encrypted_bytes: [u8; M] = [0; M];
     // @todo We ignore the tags for now
-    offset += 64;
+    offset += 32;
 
     let eph_pk_bytes = point_to_bytes(eph_pk);
     for i in 0..32 {
@@ -206,7 +206,7 @@ mod test {
             0x25afb798ea6d0b8c1618e50fdeafa463059415013d3b7c75d46abf5e242be70c,
         );
 
-        let log: [u8; 448] = compute_private_log_payload(
+        let log = compute_private_log_payload(
             contract_address,
             ovsk_app,
             ovpk_m,
@@ -219,28 +219,27 @@ mod test {
         // --> Run the test with AZTEC_GENERATE_TEST_DATA=1 flag to update test data.
         let encrypted_log_from_typescript = [
             0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-            0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-            0, 0, 0, 0, 0, 0, 141, 70, 12, 14, 67, 77, 132, 110, 193, 234, 40, 110, 64, 144, 235,
-            86, 55, 111, 242, 123, 221, 193, 170, 202, 225, 216, 86, 84, 159, 112, 31, 167, 5, 119,
-            121, 10, 234, 188, 194, 216, 30, 200, 208, 201, 158, 127, 93, 43, 242, 241, 69, 32, 37,
-            220, 119, 122, 23, 132, 4, 248, 81, 217, 61, 232, 24, 146, 63, 133, 24, 120, 113, 217,
-            155, 223, 149, 214, 149, 239, 240, 169, 224, 155, 161, 81, 83, 252, 155, 77, 34, 75,
-            110, 30, 113, 223, 189, 202, 171, 6, 192, 157, 91, 60, 116, 155, 254, 190, 28, 4, 7,
-            236, 205, 4, 245, 27, 187, 89, 20, 38, 128, 200, 160, 145, 185, 127, 198, 203, 207, 97,
-            246, 194, 175, 155, 142, 188, 143, 120, 83, 122, 178, 63, 208, 197, 232, 24, 228, 212,
-            45, 69, 157, 38, 90, 219, 119, 194, 239, 130, 155, 246, 143, 135, 242, 196, 123, 71,
-            139, 181, 122, 231, 228, 26, 7, 100, 63, 101, 195, 83, 8, 61, 85, 123, 148, 227, 29,
-            164, 162, 161, 49, 39, 73, 141, 46, 179, 240, 52, 109, 165, 238, 210, 233, 188, 36, 90,
-            175, 2, 42, 149, 78, 208, 176, 145, 50, 180, 152, 245, 55, 112, 40, 153, 180, 78, 54,
-            102, 119, 98, 56, 235, 246, 51, 179, 86, 45, 127, 18, 77, 187, 168, 41, 24, 232, 113,
-            149, 138, 148, 33, 143, 215, 150, 188, 105, 131, 254, 236, 199, 206, 56, 44, 130, 134,
-            29, 99, 254, 69, 153, 146, 68, 234, 148, 148, 178, 38, 221, 182, 148, 178, 100, 13, 206,
-            0, 91, 71, 58, 207, 26, 227, 190, 21, 143, 85, 138, 209, 202, 34, 142, 159, 121, 61, 9,
-            57, 2, 48, 162, 89, 126, 14, 83, 173, 40, 247, 170, 154, 112, 12, 204, 48, 38, 7, 173,
-            108, 38, 234, 20, 16, 115, 91, 106, 140, 121, 63, 99, 23, 247, 0, 148, 9, 163, 145, 43,
-            21, 238, 47, 40, 204, 241, 124, 246, 201, 75, 114, 3, 1, 229, 197, 130, 109, 227, 158,
-            133, 188, 125, 179, 220, 51, 170, 121, 175, 202, 243, 37, 103, 13, 27, 53, 157, 8, 177,
-            11, 208, 120, 64, 211, 148, 201, 240, 56,
+            0, 0, 0, 141, 70, 12, 14, 67, 77, 132, 110, 193, 234, 40, 110, 64, 144, 235, 86, 55,
+            111, 242, 123, 221, 193, 170, 202, 225, 216, 86, 84, 159, 112, 31, 167, 5, 119, 121, 10,
+            234, 188, 194, 216, 30, 200, 208, 201, 158, 127, 93, 43, 242, 241, 69, 32, 37, 220, 119,
+            122, 23, 132, 4, 248, 81, 217, 61, 232, 24, 146, 63, 133, 24, 120, 113, 217, 155, 223,
+            149, 214, 149, 239, 240, 169, 224, 155, 161, 81, 83, 252, 155, 77, 34, 75, 110, 30, 113,
+            223, 189, 202, 171, 6, 192, 157, 91, 60, 116, 155, 254, 190, 28, 4, 7, 236, 205, 4, 245,
+            27, 187, 89, 20, 38, 128, 200, 160, 145, 185, 127, 198, 203, 207, 97, 246, 194, 175,
+            155, 142, 188, 143, 120, 83, 122, 178, 63, 208, 197, 232, 24, 228, 212, 45, 69, 157, 38,
+            90, 219, 119, 194, 239, 130, 155, 246, 143, 135, 242, 196, 123, 71, 139, 181, 122, 231,
+            228, 26, 7, 100, 63, 101, 195, 83, 8, 61, 85, 123, 148, 227, 29, 164, 162, 161, 49, 39,
+            73, 141, 46, 179, 240, 52, 109, 165, 238, 210, 233, 188, 36, 90, 175, 2, 42, 149, 78,
+            208, 176, 145, 50, 180, 152, 245, 55, 112, 40, 153, 180, 78, 54, 102, 119, 98, 56, 235,
+            246, 51, 179, 86, 45, 127, 18, 77, 187, 168, 41, 24, 232, 113, 149, 138, 148, 33, 143,
+            215, 150, 188, 105, 131, 254, 236, 199, 206, 56, 44, 130, 134, 29, 99, 254, 69, 153,
+            146, 68, 234, 148, 148, 178, 38, 221, 182, 148, 178, 100, 13, 206, 0, 91, 71, 58, 207,
+            26, 227, 190, 21, 143, 85, 138, 209, 202, 34, 142, 159, 121, 61, 9, 57, 2, 48, 162, 89,
+            126, 14, 83, 173, 40, 247, 170, 154, 112, 12, 204, 48, 38, 7, 173, 108, 38, 234, 20, 16,
+            115, 91, 106, 140, 121, 63, 99, 23, 247, 0, 148, 9, 163, 145, 43, 21, 238, 47, 40, 204,
+            241, 124, 246, 201, 75, 114, 3, 1, 229, 197, 130, 109, 227, 158, 133, 188, 125, 179,
+            220, 51, 170, 121, 175, 202, 243, 37, 103, 13, 27, 53, 157, 8, 177, 11, 208, 120, 64,
+            211, 148, 201, 240, 56,
         ];
         assert_eq(encrypted_log_from_typescript, log);
     }

noir-projects/aztec-nr/aztec/src/macros/notes/mod.nr

@@ -8,7 +8,7 @@ use std::{
 
 comptime global NOTE_HEADER_TYPE = type_of(NoteHeader::empty());
 // The following is a fixed ciphertext overhead as defined by `compute_private_log_payload`
-comptime global NOTE_CIPHERTEXT_OVERHEAD: u32 = 353;
+comptime global NOTE_CIPHERTEXT_OVERHEAD: u32 = 321;
 
 /// A map from note type to (note_struct_definition, serialized_note_length, note_type_id, fields).
 /// `fields` is an array of tuples where each tuple contains the name of the field/struct member (e.g. `amount`

noir-projects/noir-contracts/contracts/nft_contract/src/main.nr

@@ -227,7 +227,7 @@ contract NFT {
     fn _store_payload_in_transient_storage_unsafe(
         slot: Field,
         point: Point,
-        setup_log: [Field; 16],
+        setup_log: [Field; 15],
     ) {
         context.storage_write(slot, point);
         context.storage_write(slot + aztec::protocol_types::point::POINT_LENGTH as Field, setup_log);

noir-projects/noir-contracts/contracts/token_contract/src/main.nr

@@ -786,7 +786,7 @@ contract Token {
     fn _store_payload_in_transient_storage_unsafe(
         slot: Field,
         point: Point,
-        setup_log: [Field; 16],
+        setup_log: [Field; 15],
     ) {
         context.storage_write(slot, point);
         context.storage_write(slot + aztec::protocol_types::point::POINT_LENGTH as Field, setup_log);

yarn-project/circuit-types/src/logs/l1_payload/encrypted_log_payload.test.ts

@@ -32,7 +32,7 @@ describe('EncryptedLogPayload', () => {
     beforeAll(() => {
       const incomingBodyPlaintext = randomBytes(128);
       const contract = AztecAddress.random();
-      original = new EncryptedLogPayload(PLACEHOLDER_TAG, PLACEHOLDER_TAG, contract, incomingBodyPlaintext);
+      original = new EncryptedLogPayload(PLACEHOLDER_TAG, contract, incomingBodyPlaintext);
 
       const secretKey = Fr.random();
       const partialAddress = Fr.random();
@@ -111,7 +111,7 @@ describe('EncryptedLogPayload', () => {
       '00000001301640ceea758391b2e161c92c0513f129020f4125256afdae2646ce31099f5c10f48cd9eff7ae5b209c557c70de2e657ee79166868676b787e9417e19260e040fe46be583b71f4ab5b70c2657ff1d05cccf1d292a9369628d1a194f944e659900001027',
       'hex',
     );
-    const log = new EncryptedLogPayload(new Fr(0), new Fr(0), contract, plaintext);
+    const log = new EncryptedLogPayload(new Fr(0), contract, plaintext);
 
     const ovskM = new GrumpkinScalar(0x1d7f6b3c491e99f32aad05c433301f3a2b4ed68de661ff8255d275ff94de6fc4n);
     const ovKeys = getKeyValidationRequest(ovskM, contract);
@@ -124,7 +124,7 @@ describe('EncryptedLogPayload', () => {
 
     const encrypted = log.encrypt(ephSk, recipientCompleteAddress.address, ovKeys).toString('hex');
     expect(encrypted).toMatchInlineSnapshot(
-      `"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008d460c0e434d846ec1ea286e4090eb56376ff27bddc1aacae1d856549f701fa70577790aeabcc2d81ec8d0c99e7f5d2bf2f1452025dc777a178404f851d93de818923f85187871d99bdf95d695eff0a9e09ba15153fc9b4d224b6e1e71dfbdcaab06c09d5b3c749bfebe1c0407eccd04f51bbb59142680c8a091b97fc6cbcf61f6c2af9b8ebc8f78537ab23fd0c5e818e4d42d459d265adb77c2ef829bf68f87f2c47b478bb57ae7e41a07643f65c353083d557b94e31da4a2a13127498d2eb3f0346da5eed2e9bc245aaf022a954ed0b09132b498f537702899b44e3666776238ebf633b3562d7f124dbba82918e871958a94218fd796bc6983feecc7ce382c82861d63fe45999244ea9494b226ddb694b2640dce005b473acf1ae3be158f558ad1ca228e9f793d09390230a2597e0e53ad28f7aa9a700ccc302607ad6c26ea1410735b6a8c793f6317f7009409a3912b15ee2f28ccf17cf6c94b720301e5c5826de39e85bc7db3dc33aa79afcaf325670d1b359d08b10bd07840d394c9f038"`,
+      `"00000000000000000000000000000000000000000000000000000000000000008d460c0e434d846ec1ea286e4090eb56376ff27bddc1aacae1d856549f701fa70577790aeabcc2d81ec8d0c99e7f5d2bf2f1452025dc777a178404f851d93de818923f85187871d99bdf95d695eff0a9e09ba15153fc9b4d224b6e1e71dfbdcaab06c09d5b3c749bfebe1c0407eccd04f51bbb59142680c8a091b97fc6cbcf61f6c2af9b8ebc8f78537ab23fd0c5e818e4d42d459d265adb77c2ef829bf68f87f2c47b478bb57ae7e41a07643f65c353083d557b94e31da4a2a13127498d2eb3f0346da5eed2e9bc245aaf022a954ed0b09132b498f537702899b44e3666776238ebf633b3562d7f124dbba82918e871958a94218fd796bc6983feecc7ce382c82861d63fe45999244ea9494b226ddb694b2640dce005b473acf1ae3be158f558ad1ca228e9f793d09390230a2597e0e53ad28f7aa9a700ccc302607ad6c26ea1410735b6a8c793f6317f7009409a3912b15ee2f28ccf17cf6c94b720301e5c5826de39e85bc7db3dc33aa79afcaf325670d1b359d08b10bd07840d394c9f038"`,
     );
 
     const byteArrayString = `[${encrypted.match(/.{1,2}/g)!.map(byte => parseInt(byte, 16))}]`;

yarn-project/circuit-types/src/logs/l1_payload/encrypted_log_payload.ts

@@ -29,13 +29,9 @@ const OUTGOING_BODY_SIZE = 144;
 export class EncryptedLogPayload {
   constructor(
     /**
-     * Note discovery tag used by the recipient of the log.
+     * Note discovery tag.
      */
-    public readonly incomingTag: Fr,
-    /**
-     * Note discovery tag used by the sender of the log.
-     */
-    public readonly outgoingTag: Fr,
+    public readonly tag: Fr,
     /**
      * Address of a contract that emitted the log.
      */
@@ -75,8 +71,7 @@ export class EncryptedLogPayload {
     }
 
     return serializeToBuffer(
-      this.incomingTag,
-      this.outgoingTag,
+      this.tag,
       ephPk.toCompressedBuffer(),
       incomingHeaderCiphertext,
       outgoingHeaderCiphertext,
@@ -104,8 +99,7 @@ export class EncryptedLogPayload {
     const reader = BufferReader.asReader(ciphertext);
 
     try {
-      const incomingTag = reader.readObject(Fr);
-      const outgoingTag = reader.readObject(Fr);
+      const tag = reader.readObject(Fr);
 
       const ephPk = Point.fromCompressedBuffer(reader.readBytes(Point.COMPRESSED_SIZE_IN_BYTES));
 
@@ -118,12 +112,7 @@ export class EncryptedLogPayload {
       // The incoming can be of variable size, so we read until the end
       const incomingBodyPlaintext = decrypt(reader.readToEnd(), addressSecret, ephPk);
 
-      return new EncryptedLogPayload(
-        incomingTag,
-        outgoingTag,
-        AztecAddress.fromBuffer(incomingHeader),
-        incomingBodyPlaintext,
-      );
+      return new EncryptedLogPayload(tag, AztecAddress.fromBuffer(incomingHeader), incomingBodyPlaintext);
     } catch (e: any) {
       // Following error messages are expected to occur when decryption fails
       if (
@@ -160,8 +149,7 @@ export class EncryptedLogPayload {
     const reader = BufferReader.asReader(ciphertext);
 
     try {
-      const incomingTag = reader.readObject(Fr);
-      const outgoingTag = reader.readObject(Fr);
+      const tag = reader.readObject(Fr);
 
       const ephPk = Point.fromCompressedBuffer(reader.readBytes(Point.COMPRESSED_SIZE_IN_BYTES));
 
@@ -188,7 +176,7 @@ export class EncryptedLogPayload {
       // Now we decrypt the incoming body using the ephSk and recipientAddressPoint
       const incomingBody = decrypt(reader.readToEnd(), ephSk, recipientAddressPoint);
 
-      return new EncryptedLogPayload(incomingTag, outgoingTag, contractAddress, incomingBody);
+      return new EncryptedLogPayload(tag, contractAddress, incomingBody);
     } catch (e: any) {
       // Following error messages are expected to occur when decryption fails
       if (
@@ -206,11 +194,6 @@ export class EncryptedLogPayload {
   }
 
   public toBuffer() {
-    return serializeToBuffer(
-      this.incomingTag,
-      this.outgoingTag,
-      this.contractAddress.toBuffer(),
-      this.incomingBodyPlaintext,
-    );
+    return serializeToBuffer(this.tag, this.contractAddress.toBuffer(), this.incomingBodyPlaintext);
   }
 }

yarn-project/pxe/src/note_processor/note_processor.test.ts

@@ -388,6 +388,6 @@ describe('Note Processor', () => {
   });
 
   function getRandomNoteLogPayload(app = AztecAddress.random()): EncryptedLogPayload {
-    return new EncryptedLogPayload(Fr.random(), Fr.random(), app, L1NotePayload.random(app).toIncomingBodyPlaintext());
+    return new EncryptedLogPayload(Fr.random(), app, L1NotePayload.random(app).toIncomingBodyPlaintext());
   }
 });