diff --git a/yarn-project/acir-simulator/src/acvm/acvm.ts b/yarn-project/acir-simulator/src/acvm/acvm.ts index 076842c1a6d..505d0e039d4 100644 --- a/yarn-project/acir-simulator/src/acvm/acvm.ts +++ b/yarn-project/acir-simulator/src/acvm/acvm.ts @@ -34,6 +34,7 @@ export const ONE_ACVM_FIELD: ACVMField = `0x${'00'.repeat(Fr.SIZE_IN_BYTES - 1)} type ORACLE_NAMES = | 'computeSelector' | 'packArguments' + | 'getAuthWitness' | 'getSecretKey' | 'getNote' | 'getNotes' diff --git a/yarn-project/acir-simulator/src/client/db_oracle.ts b/yarn-project/acir-simulator/src/client/db_oracle.ts index 5fa48c5044f..b77eff0e0da 100644 --- a/yarn-project/acir-simulator/src/client/db_oracle.ts +++ b/yarn-project/acir-simulator/src/client/db_oracle.ts @@ -88,6 +88,13 @@ export interface DBOracle extends CommitmentsDB { */ getCompleteAddress(address: AztecAddress): Promise; + /** + * Retrieve the auth witness for a given message hash. + * @param message_hash - The message hash. + * @returns A Promise that resolves to an array of field elements representing the auth witness. + */ + getAuthWitness(message_hash: Fr): Promise; + /** * Retrieve the secret key associated with a specific public key. * The function only allows access to the secret keys of the transaction creator, diff --git a/yarn-project/acir-simulator/src/client/private_execution.ts b/yarn-project/acir-simulator/src/client/private_execution.ts index 29efd94472b..bc470ab2813 100644 --- a/yarn-project/acir-simulator/src/client/private_execution.ts +++ b/yarn-project/acir-simulator/src/client/private_execution.ts @@ -80,6 +80,9 @@ export class PrivateFunctionExecution { packArguments: async args => { return toACVMField(await this.context.packedArgsCache.pack(args.map(fromACVMField))); }, + getAuthWitness: async ([messageHash]) => { + return (await this.context.db.getAuthWitness(fromACVMField(messageHash))).map(toACVMField); + }, getSecretKey: ([ownerX], [ownerY]) => this.context.getSecretKey(this.contractAddress, ownerX, ownerY), getPublicKey: async ([acvmAddress]) => { const address = frToAztecAddress(fromACVMField(acvmAddress)); diff --git a/yarn-project/aztec-rpc/src/aztec_rpc_server/aztec_rpc_server.ts b/yarn-project/aztec-rpc/src/aztec_rpc_server/aztec_rpc_server.ts index a0b2284afbe..5a6034db556 100644 --- a/yarn-project/aztec-rpc/src/aztec_rpc_server/aztec_rpc_server.ts +++ b/yarn-project/aztec-rpc/src/aztec_rpc_server/aztec_rpc_server.ts @@ -76,6 +76,11 @@ export class AztecRPCServer implements AztecRPC { this.clientInfo = `${name.split('/')[name.split('/').length - 1]}@${version}`; } + public async addAuthWitness(messageHash: Fr, witness: Fr[]) { + await this.db.addAuthWitness(messageHash, witness); + return Promise.resolve(); + } + /** * Starts the Aztec RPC server by beginning the synchronisation process between the Aztec node and the database. * diff --git a/yarn-project/aztec-rpc/src/database/database.ts b/yarn-project/aztec-rpc/src/database/database.ts index 76ed1166e69..0809cf7e0e2 100644 --- a/yarn-project/aztec-rpc/src/database/database.ts +++ b/yarn-project/aztec-rpc/src/database/database.ts @@ -10,6 +10,20 @@ import { NoteSpendingInfoDao } from './note_spending_info_dao.js'; * addresses, storage slots, and nullifiers. */ export interface Database extends ContractDatabase { + /** + * Add a auth witness to the database. + * @param messageHash - The message hash. + * @param witness - An array of field elements representing the auth witness. + */ + addAuthWitness(messageHash: Fr, witness: Fr[]): Promise; + + /** + * Fetching the auth witness for a given message hash. + * @param messageHash - The message hash. + * @returns A Promise that resolves to an array of field elements representing the auth witness. + */ + getAuthWitness(messageHash: Fr): Promise; + /** * Get auxiliary transaction data based on contract address and storage slot. * It searches for matching NoteSpendingInfoDao objects in the MemoryDB's noteSpendingInfoTable diff --git a/yarn-project/aztec-rpc/src/database/memory_db.ts b/yarn-project/aztec-rpc/src/database/memory_db.ts index 6704ab0977c..208096fd106 100644 --- a/yarn-project/aztec-rpc/src/database/memory_db.ts +++ b/yarn-project/aztec-rpc/src/database/memory_db.ts @@ -19,11 +19,31 @@ export class MemoryDB extends MemoryContractDatabase implements Database { private treeRoots: Record | undefined; private globalVariablesHash: Fr | undefined; private addresses: CompleteAddress[] = []; + private authWitnesses: Record = {}; constructor(logSuffix?: string) { super(createDebugLogger(logSuffix ? 'aztec:memory_db_' + logSuffix : 'aztec:memory_db')); } + /** + * Add a auth witness to the database. + * @param messageHash - The message hash. + * @param witness - An array of field elements representing the auth witness. + */ + public addAuthWitness(messageHash: Fr, witness: Fr[]): Promise { + this.authWitnesses[messageHash.toString()] = witness; + return Promise.resolve(); + } + + /** + * Fetching the auth witness for a given message hash. + * @param messageHash - The message hash. + * @returns A Promise that resolves to an array of field elements representing the auth witness. + */ + public getAuthWitness(messageHash: Fr): Promise { + return Promise.resolve(this.authWitnesses[messageHash.toString()]); + } + public addNoteSpendingInfo(noteSpendingInfoDao: NoteSpendingInfoDao) { this.noteSpendingInfoTable.push(noteSpendingInfoDao); return Promise.resolve(); diff --git a/yarn-project/aztec-rpc/src/simulator_oracle/index.ts b/yarn-project/aztec-rpc/src/simulator_oracle/index.ts index 42a33e58c3b..08f613978e0 100644 --- a/yarn-project/aztec-rpc/src/simulator_oracle/index.ts +++ b/yarn-project/aztec-rpc/src/simulator_oracle/index.ts @@ -46,6 +46,12 @@ export class SimulatorOracle implements DBOracle { return completeAddress; } + async getAuthWitness(messageHash: Fr): Promise { + const witness = await this.db.getAuthWitness(messageHash); + if (!witness) throw new Error(`Unknown auth witness for message hash ${messageHash.toString()}`); + return witness; + } + async getNotes(contractAddress: AztecAddress, storageSlot: Fr) { const noteDaos = await this.db.getNoteSpendingInfo(contractAddress, storageSlot); return noteDaos.map(({ contractAddress, storageSlot, nonce, notePreimage, siloedNullifier, index }) => ({ diff --git a/yarn-project/aztec.js/src/abis/schnorr_auth_witness_account_contract.json b/yarn-project/aztec.js/src/abis/schnorr_auth_witness_account_contract.json new file mode 100644 index 00000000000..a048caeb4d7 --- /dev/null +++ b/yarn-project/aztec.js/src/abis/schnorr_auth_witness_account_contract.json @@ -0,0 +1,104 @@ +{ + "name": "SchnorrAuthWitnessAccount", + "functions": [ + { + "name": "_inner_is_valid", + "functionType": "secret", + "isInternal": false, + "parameters": [ + { + "name": "address", + "type": { + "kind": "field" + }, + "visibility": "private" + } + ], + "returnTypes": [], + "bytecode": "", + "verificationKey": "0000000200000800000000740000000f00000003515f3109623eb3c25aa5b16a1a79fd558bac7a7ce62c4560a8c537c77ce80dd339128d1d37b6582ee9e6df9567efb64313471dfa18f520f9ce53161b50dbf7731bc5f900000003515f322bc4cce83a486a92c92fd59bd84e0f92595baa639fc2ed86b00ffa0dfded2a092a669a3bdb7a273a015eda494457cc7ed5236f26cee330c290d45a33b9daa94800000003515f332729426c008c085a81bd34d8ef12dd31e80130339ef99d50013a89e4558eee6d0fa4ffe2ee7b7b62eb92608b2251ac31396a718f9b34978888789042b790a30100000003515f342be6b6824a913eb7a57b03cb1ee7bfb4de02f2f65fe8a4e97baa7766ddb353a82a8a25c49dc63778cd9fe96173f12a2bc77f3682f4c4448f98f1df82c75234a100000003515f351f85760d6ab567465aadc2f180af9eae3800e6958fec96aef53fd8a7b195d7c000c6267a0dd5cfc22b3fe804f53e266069c0e36f51885baec1e7e67650c62e170000000c515f41524954484d455449430d9d0f8ece2aa12012fa21e6e5c859e97bd5704e5c122064a66051294bc5e04213f61f54a0ebdf6fee4d4a6ecf693478191de0c2899bcd8e86a636c8d3eff43400000003515f43224a99d02c86336737c8dd5b746c40d2be6aead8393889a76a18d664029096e90f7fe81adcc92a74350eada9622ac453f49ebac24a066a1f83b394df54dfa0130000000c515f46495845445f42415345060e8a013ed289c2f9fd7473b04f6594b138ddb4b4cf6b901622a14088f04b8d2c83ff74fce56e3d5573b99c7b26d85d5046ce0c6559506acb7a675e7713eb3a00000007515f4c4f4749430721a91cb8da4b917e054f72147e1760cfe0ef3d45090ac0f4961d84ec1996961a25e787b26bd8b50b1a99450f77a424a83513c2b33af268cd253b0587ff50c700000003515f4d05dbd8623b8652511e1eb38d38887a69eceb082f807514f09e127237c5213b401b9325b48c6c225968002318095f89d0ef9cf629b2b7f0172e03bc39aacf6ed800000007515f52414e474504b57a3805e41df328f5ca9aefa40fad5917391543b7b65c6476e60b8f72e9ad07c92f3b3e11c8feae96dedc4b14a6226ef3201244f37cfc1ee5b96781f48d2b000000075349474d415f3125001d1954a18571eaa007144c5a567bb0d2be4def08a8be918b8c05e3b27d312c59ed41e09e144eab5de77ca89a2fd783be702a47c951d3112e3de02ce6e47c000000075349474d415f3223994e6a23618e60fa01c449a7ab88378709197e186d48d604bfb6931ffb15ad11c5ec7a0700570f80088fd5198ab5d5c227f2ad2a455a6edeec024156bb7beb000000075349474d415f3300cda5845f23468a13275d18bddae27c6bb189cf9aa95b6a03a0cb6688c7e8d829639b45cf8607c525cc400b55ebf90205f2f378626dc3406cc59b2d1b474fba000000075349474d415f342d299e7928496ea2d37f10b43afd6a80c90a33b483090d18069ffa275eedb2fc2f82121e8de43dc036d99b478b6227ceef34248939987a19011f065d8b5cef5c0000000010000000000000000100000002000000030000000400000005000000060000000700000008000000090000000a0000000b0000000c0000000d0000000e0000000f" + }, + { + "name": "constructor", + "functionType": "secret", + "isInternal": false, + "parameters": [], + "returnTypes": [], + "bytecode": "H4sIAAAAAAAA/9Xc12/aUBzFcZIm6d4le+8dG9tg05Wme++9Ehro3un/X44CEsprTh6+V7LAL+h8GPYdv8u/XC5XyW23tvrRXj86Gs+b5507zrsaz1tb83y18RgFxTiulgrVMAo3gkJWSZMgTirFNEzDJE02C2kUVdM4LWWVrBRkYRxVw1qSRbVgu3W3vFawy7aXOXsgOXshOfsgOfshOQcgOQchOYcgOYchOUcgOUchOccgOcchOScgOSchOacgOachOWcgOWchOecgOechORcgORchOZcgOZchOVcgOQNIzhCSswDJGUFyxpCcCSRnEZKzBMmZQnJmkJzlPcrZviNnsLsWthnNZyHmdqP5HMS8z2g+DzF3GM0XIOZOo/kixNxlNK9CzN1G8yWIucdoXoOYe43myxBzn9F8BWLuN5qvQswDRvM1iHnQaL4OMQ8ZzTcg5mGj+SbEPGI034KYR43m2xDzmNF8B2IeN5rvQswTRvM9iHnSaL4PMU8ZzQ8g5mmj+SHEPGM0P4KYZ43mxxDznNH8BGKeN5qfQswLRvMziHnRaH4OMS8ZzS8g5mWj+SXEvGI0v4KYA6P5NcQcGs1vIOaC0fwWYo6M5ncQc2w0v4eYE6N5HWIuGs0bEHPJaK5AzKnR/AFizozmTYi5bDRXIeb9RnMNYj5gNH+EmA8azZ8g5kNG82eI+bDR/AViPmI0f4WYjxrN3yDmY0bzd4j5uNH8A2I+YTT/hJhPGs2/IOZTRvNviPm00fwHYj5jNP+FmPNG85bRnG+8TvN/+rQnSnuEtGdGe0g0HtT4SOMF9Z/Vn1T/Sv0N3X91P9L1Wdcr/X71fdbnm295L8uNR+2F094w7ZXS3qHmXhrttVirH6rFV226arVVu6xaXtW2qtZTtY+qBVRtnGrFVDulWiLV1qjWRLUXqkXQ2rzWqrV2q7VMre1prUtrP1oL0dqA5so1d6y51PX6obk2zT1pLkZzExqra+yqsZzGNurrq++rvqD6Ruor6N6pe4murbrW6Len7+JWi/s/E/s4lihRAAA=", + "verificationKey": "0000000200000800000000740000000f00000003515f3109623eb3c25aa5b16a1a79fd558bac7a7ce62c4560a8c537c77ce80dd339128d1d37b6582ee9e6df9567efb64313471dfa18f520f9ce53161b50dbf7731bc5f900000003515f322bc4cce83a486a92c92fd59bd84e0f92595baa639fc2ed86b00ffa0dfded2a092a669a3bdb7a273a015eda494457cc7ed5236f26cee330c290d45a33b9daa94800000003515f332729426c008c085a81bd34d8ef12dd31e80130339ef99d50013a89e4558eee6d0fa4ffe2ee7b7b62eb92608b2251ac31396a718f9b34978888789042b790a30100000003515f342be6b6824a913eb7a57b03cb1ee7bfb4de02f2f65fe8a4e97baa7766ddb353a82a8a25c49dc63778cd9fe96173f12a2bc77f3682f4c4448f98f1df82c75234a100000003515f351f85760d6ab567465aadc2f180af9eae3800e6958fec96aef53fd8a7b195d7c000c6267a0dd5cfc22b3fe804f53e266069c0e36f51885baec1e7e67650c62e170000000c515f41524954484d455449430d9d0f8ece2aa12012fa21e6e5c859e97bd5704e5c122064a66051294bc5e04213f61f54a0ebdf6fee4d4a6ecf693478191de0c2899bcd8e86a636c8d3eff43400000003515f43224a99d02c86336737c8dd5b746c40d2be6aead8393889a76a18d664029096e90f7fe81adcc92a74350eada9622ac453f49ebac24a066a1f83b394df54dfa0130000000c515f46495845445f42415345060e8a013ed289c2f9fd7473b04f6594b138ddb4b4cf6b901622a14088f04b8d2c83ff74fce56e3d5573b99c7b26d85d5046ce0c6559506acb7a675e7713eb3a00000007515f4c4f4749430721a91cb8da4b917e054f72147e1760cfe0ef3d45090ac0f4961d84ec1996961a25e787b26bd8b50b1a99450f77a424a83513c2b33af268cd253b0587ff50c700000003515f4d05dbd8623b8652511e1eb38d38887a69eceb082f807514f09e127237c5213b401b9325b48c6c225968002318095f89d0ef9cf629b2b7f0172e03bc39aacf6ed800000007515f52414e474504b57a3805e41df328f5ca9aefa40fad5917391543b7b65c6476e60b8f72e9ad07c92f3b3e11c8feae96dedc4b14a6226ef3201244f37cfc1ee5b96781f48d2b000000075349474d415f3125001d1954a18571eaa007144c5a567bb0d2be4def08a8be918b8c05e3b27d312c59ed41e09e144eab5de77ca89a2fd783be702a47c951d3112e3de02ce6e47c000000075349474d415f3223994e6a23618e60fa01c449a7ab88378709197e186d48d604bfb6931ffb15ad11c5ec7a0700570f80088fd5198ab5d5c227f2ad2a455a6edeec024156bb7beb000000075349474d415f3300cda5845f23468a13275d18bddae27c6bb189cf9aa95b6a03a0cb6688c7e8d829639b45cf8607c525cc400b55ebf90205f2f378626dc3406cc59b2d1b474fba000000075349474d415f342d299e7928496ea2d37f10b43afd6a80c90a33b483090d18069ffa275eedb2fc2f82121e8de43dc036d99b478b6227ceef34248939987a19011f065d8b5cef5c0000000010000000000000000100000002000000030000000400000005000000060000000700000008000000090000000a0000000b0000000c0000000d0000000e0000000f" + }, + { + "name": "entrypoint", + "functionType": "secret", + "isInternal": false, + "parameters": [ + { + "name": "payload", + "type": { + "kind": "struct", + "path": "aztec::entrypoint::EntrypointPayload", + "fields": [ + { + "name": "flattened_args_hashes", + "type": { + "kind": "array", + "length": 4, + "type": { + "kind": "field" + } + } + }, + { + "name": "flattened_selectors", + "type": { + "kind": "array", + "length": 4, + "type": { + "kind": "field" + } + } + }, + { + "name": "flattened_targets", + "type": { + "kind": "array", + "length": 4, + "type": { + "kind": "field" + } + } + }, + { + "name": "nonce", + "type": { + "kind": "field" + } + } + ] + }, + "visibility": "public" + } + ], + "returnTypes": [], + "bytecode": "", + "verificationKey": "0000000200000800000000740000000f00000003515f3109623eb3c25aa5b16a1a79fd558bac7a7ce62c4560a8c537c77ce80dd339128d1d37b6582ee9e6df9567efb64313471dfa18f520f9ce53161b50dbf7731bc5f900000003515f322bc4cce83a486a92c92fd59bd84e0f92595baa639fc2ed86b00ffa0dfded2a092a669a3bdb7a273a015eda494457cc7ed5236f26cee330c290d45a33b9daa94800000003515f332729426c008c085a81bd34d8ef12dd31e80130339ef99d50013a89e4558eee6d0fa4ffe2ee7b7b62eb92608b2251ac31396a718f9b34978888789042b790a30100000003515f342be6b6824a913eb7a57b03cb1ee7bfb4de02f2f65fe8a4e97baa7766ddb353a82a8a25c49dc63778cd9fe96173f12a2bc77f3682f4c4448f98f1df82c75234a100000003515f351f85760d6ab567465aadc2f180af9eae3800e6958fec96aef53fd8a7b195d7c000c6267a0dd5cfc22b3fe804f53e266069c0e36f51885baec1e7e67650c62e170000000c515f41524954484d455449430d9d0f8ece2aa12012fa21e6e5c859e97bd5704e5c122064a66051294bc5e04213f61f54a0ebdf6fee4d4a6ecf693478191de0c2899bcd8e86a636c8d3eff43400000003515f43224a99d02c86336737c8dd5b746c40d2be6aead8393889a76a18d664029096e90f7fe81adcc92a74350eada9622ac453f49ebac24a066a1f83b394df54dfa0130000000c515f46495845445f42415345060e8a013ed289c2f9fd7473b04f6594b138ddb4b4cf6b901622a14088f04b8d2c83ff74fce56e3d5573b99c7b26d85d5046ce0c6559506acb7a675e7713eb3a00000007515f4c4f4749430721a91cb8da4b917e054f72147e1760cfe0ef3d45090ac0f4961d84ec1996961a25e787b26bd8b50b1a99450f77a424a83513c2b33af268cd253b0587ff50c700000003515f4d05dbd8623b8652511e1eb38d38887a69eceb082f807514f09e127237c5213b401b9325b48c6c225968002318095f89d0ef9cf629b2b7f0172e03bc39aacf6ed800000007515f52414e474504b57a3805e41df328f5ca9aefa40fad5917391543b7b65c6476e60b8f72e9ad07c92f3b3e11c8feae96dedc4b14a6226ef3201244f37cfc1ee5b96781f48d2b000000075349474d415f3125001d1954a18571eaa007144c5a567bb0d2be4def08a8be918b8c05e3b27d312c59ed41e09e144eab5de77ca89a2fd783be702a47c951d3112e3de02ce6e47c000000075349474d415f3223994e6a23618e60fa01c449a7ab88378709197e186d48d604bfb6931ffb15ad11c5ec7a0700570f80088fd5198ab5d5c227f2ad2a455a6edeec024156bb7beb000000075349474d415f3300cda5845f23468a13275d18bddae27c6bb189cf9aa95b6a03a0cb6688c7e8d829639b45cf8607c525cc400b55ebf90205f2f378626dc3406cc59b2d1b474fba000000075349474d415f342d299e7928496ea2d37f10b43afd6a80c90a33b483090d18069ffa275eedb2fc2f82121e8de43dc036d99b478b6227ceef34248939987a19011f065d8b5cef5c0000000010000000000000000100000002000000030000000400000005000000060000000700000008000000090000000a0000000b0000000c0000000d0000000e0000000f" + }, + { + "name": "is_valid", + "functionType": "secret", + "isInternal": false, + "parameters": [ + { + "name": "message_hash", + "type": { + "kind": "field" + }, + "visibility": "private" + } + ], + "returnTypes": [], + "bytecode": "", + "verificationKey": "0000000200000800000000740000000f00000003515f3109623eb3c25aa5b16a1a79fd558bac7a7ce62c4560a8c537c77ce80dd339128d1d37b6582ee9e6df9567efb64313471dfa18f520f9ce53161b50dbf7731bc5f900000003515f322bc4cce83a486a92c92fd59bd84e0f92595baa639fc2ed86b00ffa0dfded2a092a669a3bdb7a273a015eda494457cc7ed5236f26cee330c290d45a33b9daa94800000003515f332729426c008c085a81bd34d8ef12dd31e80130339ef99d50013a89e4558eee6d0fa4ffe2ee7b7b62eb92608b2251ac31396a718f9b34978888789042b790a30100000003515f342be6b6824a913eb7a57b03cb1ee7bfb4de02f2f65fe8a4e97baa7766ddb353a82a8a25c49dc63778cd9fe96173f12a2bc77f3682f4c4448f98f1df82c75234a100000003515f351f85760d6ab567465aadc2f180af9eae3800e6958fec96aef53fd8a7b195d7c000c6267a0dd5cfc22b3fe804f53e266069c0e36f51885baec1e7e67650c62e170000000c515f41524954484d455449430d9d0f8ece2aa12012fa21e6e5c859e97bd5704e5c122064a66051294bc5e04213f61f54a0ebdf6fee4d4a6ecf693478191de0c2899bcd8e86a636c8d3eff43400000003515f43224a99d02c86336737c8dd5b746c40d2be6aead8393889a76a18d664029096e90f7fe81adcc92a74350eada9622ac453f49ebac24a066a1f83b394df54dfa0130000000c515f46495845445f42415345060e8a013ed289c2f9fd7473b04f6594b138ddb4b4cf6b901622a14088f04b8d2c83ff74fce56e3d5573b99c7b26d85d5046ce0c6559506acb7a675e7713eb3a00000007515f4c4f4749430721a91cb8da4b917e054f72147e1760cfe0ef3d45090ac0f4961d84ec1996961a25e787b26bd8b50b1a99450f77a424a83513c2b33af268cd253b0587ff50c700000003515f4d05dbd8623b8652511e1eb38d38887a69eceb082f807514f09e127237c5213b401b9325b48c6c225968002318095f89d0ef9cf629b2b7f0172e03bc39aacf6ed800000007515f52414e474504b57a3805e41df328f5ca9aefa40fad5917391543b7b65c6476e60b8f72e9ad07c92f3b3e11c8feae96dedc4b14a6226ef3201244f37cfc1ee5b96781f48d2b000000075349474d415f3125001d1954a18571eaa007144c5a567bb0d2be4def08a8be918b8c05e3b27d312c59ed41e09e144eab5de77ca89a2fd783be702a47c951d3112e3de02ce6e47c000000075349474d415f3223994e6a23618e60fa01c449a7ab88378709197e186d48d604bfb6931ffb15ad11c5ec7a0700570f80088fd5198ab5d5c227f2ad2a455a6edeec024156bb7beb000000075349474d415f3300cda5845f23468a13275d18bddae27c6bb189cf9aa95b6a03a0cb6688c7e8d829639b45cf8607c525cc400b55ebf90205f2f378626dc3406cc59b2d1b474fba000000075349474d415f342d299e7928496ea2d37f10b43afd6a80c90a33b483090d18069ffa275eedb2fc2f82121e8de43dc036d99b478b6227ceef34248939987a19011f065d8b5cef5c0000000010000000000000000100000002000000030000000400000005000000060000000700000008000000090000000a0000000b0000000c0000000d0000000e0000000f" + } + ] +} diff --git a/yarn-project/aztec.js/src/account/contract/auth_witness_account_contract.ts b/yarn-project/aztec.js/src/account/contract/auth_witness_account_contract.ts new file mode 100644 index 00000000000..134c58082b8 --- /dev/null +++ b/yarn-project/aztec.js/src/account/contract/auth_witness_account_contract.ts @@ -0,0 +1,35 @@ +import { Schnorr } from '@aztec/circuits.js/barretenberg'; +import { ContractAbi } from '@aztec/foundation/abi'; +import { CompleteAddress, NodeInfo, PrivateKey } from '@aztec/types'; + +import AuthWitnessAccountContractAbi from '../../abis/schnorr_auth_witness_account_contract.json' assert { type: 'json' }; +import { AuthWitnessAccountEntrypoint } from '../entrypoint/auth_witness_account_entrypoint.js'; +import { AccountContract } from './index.js'; + +/** + * Account contract that authenticates transactions using Schnorr signatures verified against + * the note encryption key, relying on a single private key for both encryption and authentication. + * Extended to pull verification data from the oracle instead of passed as arguments. + */ +export class AuthWitnessAccountContract implements AccountContract { + constructor(private encryptionPrivateKey: PrivateKey) {} + + public getDeploymentArgs() { + return Promise.resolve([]); + } + + public async getEntrypoint({ address, partialAddress }: CompleteAddress, { chainId, version }: NodeInfo) { + return new AuthWitnessAccountEntrypoint( + address, + partialAddress, + this.encryptionPrivateKey, + await Schnorr.new(), + chainId, + version, + ); + } + + public getContractAbi(): ContractAbi { + return AuthWitnessAccountContractAbi as unknown as ContractAbi; + } +} diff --git a/yarn-project/aztec.js/src/account/contract/index.ts b/yarn-project/aztec.js/src/account/contract/index.ts index 5f34e55c34b..31a661a0f26 100644 --- a/yarn-project/aztec.js/src/account/contract/index.ts +++ b/yarn-project/aztec.js/src/account/contract/index.ts @@ -6,6 +6,7 @@ import { Entrypoint } from '../index.js'; export * from './ecdsa_account_contract.js'; export * from './schnorr_account_contract.js'; export * from './single_key_account_contract.js'; +export * from './auth_witness_account_contract.js'; // docs:start:account-contract-interface /** diff --git a/yarn-project/aztec.js/src/account/entrypoint/auth_witness_account_entrypoint.ts b/yarn-project/aztec.js/src/account/entrypoint/auth_witness_account_entrypoint.ts new file mode 100644 index 00000000000..c4a6f4915f2 --- /dev/null +++ b/yarn-project/aztec.js/src/account/entrypoint/auth_witness_account_entrypoint.ts @@ -0,0 +1,106 @@ +import { AztecAddress, Fr, FunctionData, PartialAddress, PrivateKey, TxContext } from '@aztec/circuits.js'; +import { Signer } from '@aztec/circuits.js/barretenberg'; +import { ContractAbi, FunctionAbi, encodeArguments } from '@aztec/foundation/abi'; +import { FunctionCall, PackedArguments, TxExecutionRequest } from '@aztec/types'; + +import SchnorrAuthWitnessAccountContractAbi from '../../abis/schnorr_auth_witness_account_contract.json' assert { type: 'json' }; +import { generatePublicKey } from '../../index.js'; +import { DEFAULT_CHAIN_ID, DEFAULT_VERSION } from '../../utils/defaults.js'; +import { buildPayload, hashPayload } from './entrypoint_payload.js'; +import { CreateTxRequestOpts, Entrypoint } from './index.js'; + +/** + * Account contract implementation that uses a single key for signing and encryption. This public key is not + * stored in the contract, but rather verified against the contract address. Note that this approach is not + * secure and should not be used in real use cases. + * The entrypoint is extended to support signing and creating eip1271-like witnesses. + */ +export class AuthWitnessAccountEntrypoint implements Entrypoint { + constructor( + private address: AztecAddress, + private partialAddress: PartialAddress, + private privateKey: PrivateKey, + private signer: Signer, + private chainId: number = DEFAULT_CHAIN_ID, + private version: number = DEFAULT_VERSION, + ) {} + + /** + * Sign a message hash with the private key. + * @param message - The message hash to sign. + * @returns The signature as a Buffer. + */ + public sign(message: Buffer): Buffer { + return this.signer.constructSignature(message, this.privateKey).toBuffer(); + } + + /** + * Creates an AuthWitness witness for the given message. In this case, witness is the public key, the signature + * and the partial address, to be used for verification. + * @param message - The message hash to sign. + * @returns [publicKey, signature, partialAddress] as Fr[]. + */ + async createAuthWitness(message: Buffer): Promise { + const signature = this.sign(message); + const publicKey = await generatePublicKey(this.privateKey); + + const sigFr: Fr[] = []; + for (let i = 0; i < 64; i++) { + sigFr.push(new Fr(signature[i])); + } + + return [...publicKey.toFields(), ...sigFr, this.partialAddress]; + } + + /** + * Returns the transaction request and the auth witness for the given function calls. + * Returning the witness here as a nonce is generated in the buildPayload action. + * @param executions - The function calls to execute + * @param opts - The options + * @returns The TxRequest, the auth witness to insert in db and the message signed + */ + async createTxExecutionRequestWithWitness( + executions: FunctionCall[], + opts: CreateTxRequestOpts = {}, + ): Promise<{ + /** The transaction request */ + txRequest: TxExecutionRequest; + /** The auth witness */ + witness: Fr[]; + /** The message signed */ + message: Buffer; + }> { + if (opts.origin && !opts.origin.equals(this.address)) { + throw new Error(`Sender ${opts.origin.toString()} does not match account address ${this.address.toString()}`); + } + + const { payload, packedArguments: callsPackedArguments } = await buildPayload(executions); + const message = await hashPayload(payload); + const witness = await this.createAuthWitness(message); + + const args = [payload]; + const abi = this.getEntrypointAbi(); + const packedArgs = await PackedArguments.fromArgs(encodeArguments(abi, args)); + const txRequest = TxExecutionRequest.from({ + argsHash: packedArgs.hash, + origin: this.address, + functionData: FunctionData.fromAbi(abi), + txContext: TxContext.empty(this.chainId, this.version), + packedArguments: [...callsPackedArguments, packedArgs], + }); + + return { txRequest, message, witness }; + } + + createTxExecutionRequest(executions: FunctionCall[], _opts: CreateTxRequestOpts = {}): Promise { + throw new Error(`Not implemented, use createTxExecutionRequestWithWitness instead`); + } + + private getEntrypointAbi(): FunctionAbi { + const abi = (SchnorrAuthWitnessAccountContractAbi as any as ContractAbi).functions.find( + f => f.name === 'entrypoint', + ); + if (!abi) throw new Error(`Entrypoint abi for account contract not found`); + return abi; + } +} diff --git a/yarn-project/aztec.js/src/account/entrypoint/index.ts b/yarn-project/aztec.js/src/account/entrypoint/index.ts index 0b0335b28e1..bd38032d428 100644 --- a/yarn-project/aztec.js/src/account/entrypoint/index.ts +++ b/yarn-project/aztec.js/src/account/entrypoint/index.ts @@ -6,6 +6,7 @@ export * from './entrypoint_payload.js'; export * from './entrypoint_utils.js'; export * from './single_key_account_entrypoint.js'; export * from './stored_key_account_entrypoint.js'; +export * from './auth_witness_account_entrypoint.js'; /** Options for creating a tx request out of a set of function calls. */ export type CreateTxRequestOpts = { diff --git a/yarn-project/aztec.js/src/aztec_rpc_client/wallet.ts b/yarn-project/aztec.js/src/aztec_rpc_client/wallet.ts index c9450bbf887..4734b0b0457 100644 --- a/yarn-project/aztec.js/src/aztec_rpc_client/wallet.ts +++ b/yarn-project/aztec.js/src/aztec_rpc_client/wallet.ts @@ -15,7 +15,7 @@ import { TxReceipt, } from '@aztec/types'; -import { CreateTxRequestOpts, Entrypoint } from '../account/entrypoint/index.js'; +import { AuthWitnessAccountEntrypoint, CreateTxRequestOpts, Entrypoint } from '../account/entrypoint/index.js'; import { CompleteAddress } from '../index.js'; /** @@ -94,6 +94,9 @@ export abstract class BaseWallet implements Wallet { getSyncStatus(): Promise { return this.rpc.getSyncStatus(); } + addAuthWitness(messageHash: Fr, witness: Fr[]) { + return this.rpc.addAuthWitness(messageHash, witness); + } } /** @@ -108,6 +111,56 @@ export class EntrypointWallet extends BaseWallet { } } +/** + * A wallet implementation supporting auth witnesses. + * This wallet inserts eip1271-like witnesses into the RPC, which are then fetched using an oracle + * to provide authentication data to the contract during execution. + */ +export class AuthWitnessEntrypointWallet extends BaseWallet { + constructor(rpc: AztecRPC, protected accountImpl: AuthWitnessAccountEntrypoint) { + super(rpc); + } + + /** + * Create a transaction request and add the auth witness to the RPC. + * Note: When used in simulations, the witness that is inserted could be used later by attacker with + * access to the RPC. + * Meaning that if you were to use someone elses rpc with db you could send these transactions. + * For simulations it would be desirable to bypass such that no data is generated. + * + * @param executions - The function calls to execute. + * @param opts - The options. + * @returns - The TxRequest + */ + async createTxExecutionRequest( + executions: FunctionCall[], + opts: CreateTxRequestOpts = {}, + ): Promise { + const { txRequest, message, witness } = await this.accountImpl.createTxExecutionRequestWithWitness( + executions, + opts, + ); + await this.rpc.addAuthWitness(Fr.fromBuffer(message), witness); + return txRequest; + } + + sign(messageHash: Buffer): Promise { + return Promise.resolve(this.accountImpl.sign(messageHash)); + } + + /** + * Signs the `messageHash` and adds the witness to the RPC. + * This is useful for signing messages that are not directly part of the transaction payload, such as + * approvals . + * @param messageHash - The message hash to sign + */ + async signAndAddAuthWitness(messageHash: Buffer): Promise { + const witness = await this.accountImpl.createAuthWitness(messageHash); + await this.rpc.addAuthWitness(Fr.fromBuffer(messageHash), witness); + return Promise.resolve(); + } +} + /** * A wallet implementation that forwards authentication requests to a provided account. */ diff --git a/yarn-project/end-to-end/src/e2e_account_contracts.test.ts b/yarn-project/end-to-end/src/e2e_account_contracts.test.ts index 69f5630c5e9..e0e179cae19 100644 --- a/yarn-project/end-to-end/src/e2e_account_contracts.test.ts +++ b/yarn-project/end-to-end/src/e2e_account_contracts.test.ts @@ -2,19 +2,31 @@ import { AztecRPCServer } from '@aztec/aztec-rpc'; import { Account, AccountContract, + AuthWitnessAccountContract, + AuthWitnessAccountEntrypoint, + AuthWitnessEntrypointWallet, + AztecRPC, EcdsaAccountContract, Fr, SchnorrAccountContract, SingleKeyAccountContract, Wallet, } from '@aztec/aztec.js'; -import { PrivateKey } from '@aztec/circuits.js'; +import { CompleteAddress, PrivateKey } from '@aztec/circuits.js'; import { toBigInt } from '@aztec/foundation/serialize'; import { ChildContract } from '@aztec/noir-contracts/types'; import { setup } from './fixtures/utils.js'; -function itShouldBehaveLikeAnAccountContract(getAccountContract: (encryptionKey: PrivateKey) => AccountContract) { +function itShouldBehaveLikeAnAccountContract( + getAccountContract: (encryptionKey: PrivateKey) => AccountContract, + walletSetup: ( + rpc: AztecRPC, + encryptionPrivateKey: PrivateKey, + accountContract: AccountContract, + address?: CompleteAddress, + ) => Promise<{ account: Account; wallet: Wallet }>, +) { describe(`behaves like an account contract`, () => { let context: Awaited>; let child: ChildContract; @@ -23,10 +35,14 @@ function itShouldBehaveLikeAnAccountContract(getAccountContract: (encryptionKey: let encryptionPrivateKey: PrivateKey; beforeEach(async () => { - context = await setup(); + context = await setup(0); encryptionPrivateKey = PrivateKey.random(); - account = new Account(context.aztecRpcServer, encryptionPrivateKey, getAccountContract(encryptionPrivateKey)); - wallet = await account.deploy().then(tx => tx.getWallet()); + + ({ account, wallet } = await walletSetup( + context.aztecRpcServer, + encryptionPrivateKey, + getAccountContract(encryptionPrivateKey), + )); child = await ChildContract.deploy(wallet).send().deployed(); }, 60_000); @@ -54,12 +70,12 @@ function itShouldBehaveLikeAnAccountContract(getAccountContract: (encryptionKey: it('fails to call a function using an invalid signature', async () => { const accountAddress = await account.getCompleteAddress(); - const invalidWallet = await new Account( + const { wallet: invalidWallet } = await walletSetup( context.aztecRpcServer, encryptionPrivateKey, getAccountContract(PrivateKey.random()), accountAddress, - ).getWallet(); + ); const childWithInvalidWallet = await ChildContract.at(child.address, invalidWallet); await expect(childWithInvalidWallet.methods.value(42).simulate()).rejects.toThrowError( /Cannot satisfy constraint.*/, @@ -69,15 +85,50 @@ function itShouldBehaveLikeAnAccountContract(getAccountContract: (encryptionKey: } describe('e2e_account_contracts', () => { + const base = async ( + rpc: AztecRPC, + encryptionPrivateKey: PrivateKey, + accountContract: AccountContract, + address?: CompleteAddress, + ) => { + const account = new Account(rpc, encryptionPrivateKey, accountContract, address); + const wallet = !address ? await account.deploy().then(tx => tx.getWallet()) : await account.getWallet(); + return { account, wallet }; + }; + describe('schnorr single-key account', () => { - itShouldBehaveLikeAnAccountContract((encryptionKey: PrivateKey) => new SingleKeyAccountContract(encryptionKey)); + itShouldBehaveLikeAnAccountContract( + (encryptionKey: PrivateKey) => new SingleKeyAccountContract(encryptionKey), + base, + ); }); describe('schnorr multi-key account', () => { - itShouldBehaveLikeAnAccountContract(() => new SchnorrAccountContract(PrivateKey.random())); + itShouldBehaveLikeAnAccountContract(() => new SchnorrAccountContract(PrivateKey.random()), base); }); describe('ecdsa stored-key account', () => { - itShouldBehaveLikeAnAccountContract(() => new EcdsaAccountContract(PrivateKey.random())); + itShouldBehaveLikeAnAccountContract(() => new EcdsaAccountContract(PrivateKey.random()), base); + }); + + describe('eip single-key account', () => { + itShouldBehaveLikeAnAccountContract( + (encryptionKey: PrivateKey) => new AuthWitnessAccountContract(encryptionKey), + async ( + rpc: AztecRPC, + encryptionPrivateKey: PrivateKey, + accountContract: AccountContract, + address?: CompleteAddress, + ) => { + const account = new Account(rpc, encryptionPrivateKey, accountContract, address); + if (!address) { + const tx = await account.deploy(); + await tx.wait(); + } + const entryPoint = (await account.getEntrypoint()) as unknown as AuthWitnessAccountEntrypoint; + const wallet = new AuthWitnessEntrypointWallet(rpc, entryPoint); + return { account, wallet }; + }, + ); }); }); diff --git a/yarn-project/end-to-end/src/e2e_lending_contract.test.ts b/yarn-project/end-to-end/src/e2e_lending_contract.test.ts index 27a303e5d9f..499b7497ac3 100644 --- a/yarn-project/end-to-end/src/e2e_lending_contract.test.ts +++ b/yarn-project/end-to-end/src/e2e_lending_contract.test.ts @@ -1,8 +1,17 @@ import { AztecNodeService } from '@aztec/aztec-node'; import { AztecRPCServer } from '@aztec/aztec-rpc'; -import { AztecAddress, CheatCodes, Fr, Wallet, computeMessageSecretHash } from '@aztec/aztec.js'; -import { CircuitsWasm, CompleteAddress } from '@aztec/circuits.js'; -import { pedersenPlookupCommitInputs } from '@aztec/circuits.js/barretenberg'; +import { + Account, + AuthWitnessAccountContract, + AuthWitnessAccountEntrypoint, + AuthWitnessEntrypointWallet, + AztecAddress, + CheatCodes, + Fr, + computeMessageSecretHash, +} from '@aztec/aztec.js'; +import { CircuitsWasm, CompleteAddress, FunctionSelector, GeneratorIndex, PrivateKey } from '@aztec/circuits.js'; +import { pedersenPlookupCommitInputs, pedersenPlookupCompressWithHashIndex } from '@aztec/circuits.js/barretenberg'; import { DebugLogger } from '@aztec/foundation/log'; import { LendingContract, NativeTokenContract, PriceFeedContract } from '@aztec/noir-contracts/types'; import { AztecRPC, TxStatus } from '@aztec/types'; @@ -12,7 +21,7 @@ import { setup } from './fixtures/utils.js'; describe('e2e_lending_contract', () => { let aztecNode: AztecNodeService | undefined; let aztecRpcServer: AztecRPC; - let wallet: Wallet; + let wallet: AuthWitnessEntrypointWallet; let accounts: CompleteAddress[]; let logger: DebugLogger; @@ -71,7 +80,17 @@ describe('e2e_lending_contract', () => { }; beforeEach(async () => { - ({ aztecNode, aztecRpcServer, wallet, accounts, logger, cheatCodes: cc } = await setup()); + ({ aztecNode, aztecRpcServer, logger, cheatCodes: cc } = await setup(0)); + + const privateKey = PrivateKey.random(); + const account = new Account(aztecRpcServer, privateKey, new AuthWitnessAccountContract(privateKey)); + const entryPoint = (await account.getEntrypoint()) as unknown as AuthWitnessAccountEntrypoint; + + const deployTx = await account.deploy(); + await deployTx.wait({ interval: 0.1 }); + + wallet = new AuthWitnessEntrypointWallet(aztecRpcServer, entryPoint); + accounts = await wallet.getAccounts(); }, 100_000); afterEach(async () => { @@ -81,12 +100,20 @@ describe('e2e_lending_contract', () => { } }); + const hashPayload = async (payload: Fr[]) => { + return pedersenPlookupCompressWithHashIndex( + await CircuitsWasm.get(), + payload.map(fr => fr.toBuffer()), + GeneratorIndex.SIGNATURE_PAYLOAD, + ); + }; + // Fetch a storage snapshot from the contract that we can use to compare between transitions. const getStorageSnapshot = async ( lendingContract: LendingContract, collateralAsset: NativeTokenContract, stableCoin: NativeTokenContract, - account: Account, + account: LendingAccount, ) => { logger('Fetching storage snapshot 📸 '); const accountKey = await account.key(); @@ -115,7 +142,7 @@ describe('e2e_lending_contract', () => { // Convenience struct to hold an account's address and secret that can easily be passed around. // Contains utilities to compute the "key" for private holdings in the public state. - class Account { + class LendingAccount { public readonly address: AztecAddress; public readonly secret: Fr; @@ -173,7 +200,7 @@ describe('e2e_lending_contract', () => { private key: Fr = Fr.ZERO; - constructor(private cc: CheatCodes, private account: Account, private rate: bigint) {} + constructor(private cc: CheatCodes, private account: LendingAccount, private rate: bigint) {} async prepare() { this.key = await this.account.key(); @@ -258,12 +285,13 @@ describe('e2e_lending_contract', () => { } it('Full lending run-through', async () => { - const recipientIdx = 0; + // Gotta use the actual auth witness account here and not the standard wallet. + const recipientFull = accounts[0]; + const recipient = recipientFull.address; - const recipient = accounts[recipientIdx].address; const { lendingContract, priceFeedContract, collateralAsset, stableCoin } = await deployContracts(recipient); - const account = new Account(recipient, new Fr(42)); + const lendingAccount = new LendingAccount(recipient, new Fr(42)); const storageSnapshots: { [key: string]: { [key: string]: Fr } } = {}; @@ -277,7 +305,7 @@ describe('e2e_lending_contract', () => { { // Minting some collateral in public so we got it at hand. - const tx = collateralAsset.methods.owner_mint_pub(account.address, 10000n).send({ origin: recipient }); + const tx = collateralAsset.methods.owner_mint_pub(lendingAccount.address, 10000n).send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -304,10 +332,10 @@ describe('e2e_lending_contract', () => { // Also specified in `noir-contracts/src/contracts/lending_contract/src/main.nr` const rate = 1268391679n; - const lendingSim = new LendingSimulator(cc, account, rate); + const lendingSim = new LendingSimulator(cc, lendingAccount, rate); await lendingSim.prepare(); // To handle initial mint (we use these funds to refund privately without shielding first). - lendingSim.mintStable(await account.key(), 10000n); + lendingSim.mintStable(await lendingAccount.key(), 10000n); { // Initialize the contract values, setting the interest accumulator to 1e9 and the last updated timestamp to now. @@ -317,15 +345,28 @@ describe('e2e_lending_contract', () => { .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); - storageSnapshots['initial'] = await getStorageSnapshot(lendingContract, collateralAsset, stableCoin, account); + storageSnapshots['initial'] = await getStorageSnapshot( + lendingContract, + collateralAsset, + stableCoin, + lendingAccount, + ); lendingSim.check(storageSnapshots['initial']); } { const depositAmount = 420n; + + const messageHash = await hashPayload([ + FunctionSelector.fromSignature('unshieldTokens(Field,Field,Field)').toField(), + recipientFull.address.toField(), + lendingContract.address.toField(), + new Fr(depositAmount), + ]); + await wallet.signAndAddAuthWitness(messageHash); await lendingSim.progressTime(10); - lendingSim.deposit(await account.key(), depositAmount); + lendingSim.deposit(await lendingAccount.key(), depositAmount); // Make a private deposit of funds into own account. // This should: @@ -334,7 +375,7 @@ describe('e2e_lending_contract', () => { // - increase the private collateral. logger('Depositing 🥸 : 💰 -> 🏦'); const tx = lendingContract.methods - .deposit_private(account.secret, account.address, 0n, depositAmount, collateralAsset.address) + .deposit_private(lendingAccount.secret, lendingAccount.address, 0n, depositAmount, collateralAsset.address) .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -342,14 +383,22 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['private_deposit']); } { - const depositAmount = 420n; + const depositAmount = 421n; + const messageHash = await hashPayload([ + FunctionSelector.fromSignature('unshieldTokens(Field,Field,Field)').toField(), + recipientFull.address.toField(), + lendingContract.address.toField(), + new Fr(depositAmount), + ]); + await wallet.signAndAddAuthWitness(messageHash); + await lendingSim.progressTime(10); lendingSim.deposit(recipient.toField(), depositAmount); // Make a private deposit of funds into another account, in this case, a public account. @@ -359,7 +408,7 @@ describe('e2e_lending_contract', () => { // - increase the public collateral. logger('Depositing 🥸 on behalf of recipient: 💰 -> 🏦'); const tx = lendingContract.methods - .deposit_private(0n, account.address, recipient.toField(), depositAmount, collateralAsset.address) + .deposit_private(0n, lendingAccount.address, recipient.toField(), depositAmount, collateralAsset.address) .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -367,7 +416,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['private_deposit_on_behalf']); @@ -386,7 +435,7 @@ describe('e2e_lending_contract', () => { logger('Depositing: 💰 -> 🏦'); const tx = lendingContract.methods - .deposit_public(account.address, depositAmount, collateralAsset.address) + .deposit_public(lendingAccount.address, depositAmount, collateralAsset.address) .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -394,7 +443,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['public_deposit']); } @@ -402,7 +451,7 @@ describe('e2e_lending_contract', () => { { const borrowAmount = 69n; await lendingSim.progressTime(10); - lendingSim.borrow(await account.key(), account.address.toField(), borrowAmount); + lendingSim.borrow(await lendingAccount.key(), lendingAccount.address.toField(), borrowAmount); // Make a private borrow using the private account // This should: @@ -412,7 +461,7 @@ describe('e2e_lending_contract', () => { logger('Borrow 🥸 : 🏦 -> 🍌'); const tx = lendingContract.methods - .borrow_private(account.secret, account.address, borrowAmount) + .borrow_private(lendingAccount.secret, lendingAccount.address, borrowAmount) .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -420,7 +469,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['private_borrow']); @@ -429,7 +478,7 @@ describe('e2e_lending_contract', () => { { const borrowAmount = 69n; await lendingSim.progressTime(10); - lendingSim.borrow(recipient.toField(), account.address.toField(), borrowAmount); + lendingSim.borrow(recipient.toField(), lendingAccount.address.toField(), borrowAmount); // Make a public borrow using the private account // This should: @@ -438,14 +487,16 @@ describe('e2e_lending_contract', () => { // - increase the public debt. logger('Borrow: 🏦 -> 🍌'); - const tx = lendingContract.methods.borrow_public(account.address, borrowAmount).send({ origin: recipient }); + const tx = lendingContract.methods + .borrow_public(lendingAccount.address, borrowAmount) + .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); storageSnapshots['public_borrow'] = await getStorageSnapshot( lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['public_borrow']); @@ -453,8 +504,16 @@ describe('e2e_lending_contract', () => { { const repayAmount = 20n; + const messageHash = await hashPayload([ + FunctionSelector.fromSignature('unshieldTokens(Field,Field,Field)').toField(), + recipientFull.address.toField(), + lendingContract.address.toField(), + new Fr(repayAmount), + ]); + await wallet.signAndAddAuthWitness(messageHash); + await lendingSim.progressTime(10); - lendingSim.repay(await account.key(), await account.key(), repayAmount); + lendingSim.repay(await lendingAccount.key(), await lendingAccount.key(), repayAmount); // Make a private repay of the debt in the private account // This should: @@ -464,7 +523,7 @@ describe('e2e_lending_contract', () => { logger('Repay 🥸 : 🍌 -> 🏦'); const tx = lendingContract.methods - .repay_private(account.secret, account.address, 0n, repayAmount, stableCoin.address) + .repay_private(lendingAccount.secret, lendingAccount.address, 0n, repayAmount, stableCoin.address) .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -472,16 +531,24 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['private_repay']); } { - const repayAmount = 20n; + const repayAmount = 21n; + const messageHash = await hashPayload([ + FunctionSelector.fromSignature('unshieldTokens(Field,Field,Field)').toField(), + recipientFull.address.toField(), + lendingContract.address.toField(), + new Fr(repayAmount), + ]); + await wallet.signAndAddAuthWitness(messageHash); + await lendingSim.progressTime(10); - lendingSim.repay(await account.key(), account.address.toField(), repayAmount); + lendingSim.repay(await lendingAccount.key(), lendingAccount.address.toField(), repayAmount); // Make a private repay of the debt in the public account // This should: @@ -491,7 +558,7 @@ describe('e2e_lending_contract', () => { logger('Repay 🥸 on behalf of public: 🍌 -> 🏦'); const tx = lendingContract.methods - .repay_private(0n, account.address, recipient.toField(), repayAmount, stableCoin.address) + .repay_private(0n, lendingAccount.address, recipient.toField(), repayAmount, stableCoin.address) .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -499,7 +566,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['private_repay_on_behalf']); @@ -508,7 +575,7 @@ describe('e2e_lending_contract', () => { { const repayAmount = 20n; await lendingSim.progressTime(10); - lendingSim.repay(account.address.toField(), account.address.toField(), repayAmount); + lendingSim.repay(lendingAccount.address.toField(), lendingAccount.address.toField(), repayAmount); // Make a public repay of the debt in the public account // This should: @@ -526,7 +593,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['public_repay']); @@ -562,7 +629,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['public_withdraw']); @@ -571,7 +638,7 @@ describe('e2e_lending_contract', () => { { const withdrawAmount = 42n; await lendingSim.progressTime(10); - lendingSim.withdraw(await account.key(), withdrawAmount); + lendingSim.withdraw(await lendingAccount.key(), withdrawAmount); // Withdraw funds from the private account // This should: @@ -581,7 +648,7 @@ describe('e2e_lending_contract', () => { logger('Withdraw 🥸 : 🏦 -> 💰'); const tx = lendingContract.methods - .withdraw_private(account.secret, account.address, withdrawAmount) + .withdraw_private(lendingAccount.secret, lendingAccount.address, withdrawAmount) .send({ origin: recipient }); const receipt = await tx.wait(); expect(receipt.status).toBe(TxStatus.MINED); @@ -589,7 +656,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); lendingSim.check(storageSnapshots['private_withdraw']); @@ -612,7 +679,7 @@ describe('e2e_lending_contract', () => { lendingContract, collateralAsset, stableCoin, - account, + lendingAccount, ); expect(storageSnapshots['private_withdraw']).toEqual(storageSnapshots['attempted_internal_deposit']); } diff --git a/yarn-project/noir-contracts/src/contracts/native_token_contract/src/main.nr b/yarn-project/noir-contracts/src/contracts/native_token_contract/src/main.nr index da46929f836..97f064e5ec8 100644 --- a/yarn-project/noir-contracts/src/contracts/native_token_contract/src/main.nr +++ b/yarn-project/noir-contracts/src/contracts/native_token_contract/src/main.nr @@ -13,6 +13,8 @@ contract NativeToken { utils::{increment, decrement}, value_note::{VALUE_NOTE_LEN, ValueNoteMethods}, }; + use dep::std; + use dep::aztec::constants_gen::GENERATOR_INDEX__SIGNATURE_PAYLOAD; use dep::non_native::{ hash::{get_mint_content_hash, get_withdraw_content_hash}, @@ -299,7 +301,27 @@ contract NativeToken { ) { let storage = Storage::init(Option::some(&mut context), Option::none()); - // Remove user balance + // If `from != sender` then we use the is_valid function to check that the message is approved. + if (from != context.msg_sender()) { + // Compute the message hash, should follow eip-712 more here. + // @todo @lherskind, probably need a separate generator index and address of the + // @todo @lherskind Currently this can be used multiple times since it is not nullified. + // We can do a simple nullifier to handle that in here. Spends only 32 bytes onchain. + // @todo @LHerskind Is to be solved as part of https://github.com/AztecProtocol/aztec-packages/issues/1743 + let message_field: Field = std::hash::pedersen_with_separator([ + compute_selector("unshieldTokens(Field,Field,Field)"), + from, + to, + amount + ], + GENERATOR_INDEX__SIGNATURE_PAYLOAD + )[0]; + let is_valid_selector = compute_selector("is_valid(Field)"); + let _callStackItem0 = context.call_private_function(from, is_valid_selector, [message_field]); + assert(_callStackItem0[0] == is_valid_selector); + } + + // Reduce user balance let sender_balance = storage.balances.at(from); decrement(sender_balance, amount, from); diff --git a/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/Nargo.toml b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/Nargo.toml new file mode 100644 index 00000000000..922b93267d0 --- /dev/null +++ b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/Nargo.toml @@ -0,0 +1,8 @@ +[package] +name = "schnorr_auth_witness_account_contract" +authors = [""] +compiler_version = "0.1" +type = "contract" + +[dependencies] +aztec = { path = "../../../../noir-libs/noir-aztec" } diff --git a/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/auth_oracle.nr b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/auth_oracle.nr new file mode 100644 index 00000000000..bff7d071b23 --- /dev/null +++ b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/auth_oracle.nr @@ -0,0 +1,28 @@ +use dep::aztec::types::point::Point; + +#[oracle(getAuthWitness)] +fn get_auth_witness_oracle(_message_hash: Field) -> [Field; 67] {} + +struct AuthWitness { + owner: Point, + signature: [u8; 64], + partial_address: Field, +} + +impl AuthWitness { + fn deserialize(values: [Field; 67]) -> Self { + let mut signature = [0; 64]; + for i in 0..64 { + signature[i] = values[i + 2] as u8; + } + Self { + owner: Point::new(values[0], values[1]), + signature, + partial_address: values[66], + } + } +} + +unconstrained fn get_auth_witness(message_hash: Field) -> AuthWitness { + AuthWitness::deserialize(get_auth_witness_oracle(message_hash)) +} \ No newline at end of file diff --git a/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/main.nr b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/main.nr new file mode 100644 index 00000000000..749c1b04276 --- /dev/null +++ b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/main.nr @@ -0,0 +1,41 @@ +mod util; +mod auth_oracle; + +contract SchnorrAuthWitnessAccount { + use dep::std::hash::pedersen_with_separator; + use dep::aztec::entrypoint::EntrypointPayload; + use dep::aztec::constants_gen::GENERATOR_INDEX__SIGNATURE_PAYLOAD; + use crate::util::recover_address; + use crate::auth_oracle::get_auth_witness; + + #[aztec(private)] + fn constructor() {} + + #[aztec(private)] + fn entrypoint( + payload: pub EntrypointPayload, + ) { + let message_hash: Field = pedersen_with_separator( + payload.serialize(), + GENERATOR_INDEX__SIGNATURE_PAYLOAD + )[0]; + _inner_is_valid(message_hash, context.this_address()); + payload.execute_calls(&mut context); + } + + #[aztec(private)] + fn is_valid( + message_hash: Field + ) -> Field { + _inner_is_valid(message_hash, context.this_address()); + 0xe86ab4ff + } + + fn _inner_is_valid( + message_hash: Field, + address: Field, + ) { + let witness = get_auth_witness(message_hash); + assert(recover_address(message_hash, witness) == address); + } +} \ No newline at end of file diff --git a/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/util.nr b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/util.nr new file mode 100644 index 00000000000..7445008aa2b --- /dev/null +++ b/yarn-project/noir-contracts/src/contracts/schnorr_auth_witness_account_contract/src/util.nr @@ -0,0 +1,22 @@ +mod auth_oracle; + +use dep::std::{schnorr::verify_signature, hash::pedersen_with_separator}; +use dep::aztec::constants_gen::GENERATOR_INDEX__CONTRACT_ADDRESS; +use crate::auth_oracle::{AuthWitness}; + +fn recover_address( + message_hash: Field, + witness: AuthWitness, +) -> Field { + let message_bytes_slice = message_hash.to_be_bytes(32); + let mut message_bytes: [u8; 32] = [0; 32]; + for i in 0..32 { + message_bytes[i] = message_bytes_slice[i]; + } + + let verification = verify_signature(witness.owner.x, witness.owner.y, witness.signature, message_bytes); + assert(verification == true); + + let reproduced_address = pedersen_with_separator([witness.owner.x, witness.owner.y, witness.partial_address], GENERATOR_INDEX__CONTRACT_ADDRESS)[0]; + reproduced_address +} \ No newline at end of file diff --git a/yarn-project/noir-contracts/src/scripts/copy_output.ts b/yarn-project/noir-contracts/src/scripts/copy_output.ts index 605ffd04ec2..69846b59908 100644 --- a/yarn-project/noir-contracts/src/scripts/copy_output.ts +++ b/yarn-project/noir-contracts/src/scripts/copy_output.ts @@ -20,6 +20,7 @@ const PROJECT_CONTRACTS = [ { name: 'SchnorrSingleKeyAccount', target: '../aztec.js/src/abis/', exclude: [] }, { name: 'SchnorrAccount', target: '../aztec.js/src/abis/', exclude: [] }, { name: 'EcdsaAccount', target: '../aztec.js/src/abis/', exclude: [] }, + { name: 'SchnorrAuthWitnessAccount', target: '../aztec.js/src/abis/', exclude: [] }, ]; const INTERFACE_CONTRACTS = ['private_token', 'private_token_airdrop', 'test']; diff --git a/yarn-project/types/src/interfaces/aztec_rpc.ts b/yarn-project/types/src/interfaces/aztec_rpc.ts index 5eded121bfe..b67ba94f11c 100644 --- a/yarn-project/types/src/interfaces/aztec_rpc.ts +++ b/yarn-project/types/src/interfaces/aztec_rpc.ts @@ -68,6 +68,13 @@ export type SyncStatus = { * as well as storage and view functions for smart contracts. */ export interface AztecRPC { + /** + * Insert a witness for a given message hash. + * @param messageHash - The message hash to insert witness at + * @param witness - The witness to insert + */ + addAuthWitness(messageHash: Fr, witness: Fr[]): Promise; + /** * Registers an account in the Aztec RPC server. *