feat: private token box upgrade to new Token contract

[dan-aztec]

#2350
#2823

We used a "deprecated" pattern for the private-token box contract, which has been superceded by Lasse's new Token contract.

copied over the e2e test for that one with small changes, since we don't have all the e2e utils available

[dan-aztec]

current status: formik frontend inputs are broken

[AztecBot]

Benchmark results

All benchmarks are run on txs on the Benchmarking contract on the repository. Each tx consists of a batch call to create_note and increment_balance, which guarantees that each tx has a private call, a nested private call, a public call, and a nested public call, as well as an emitted private note, an unencrypted log, and public storage read and write.

This benchmark source data is available in JSON format on S3 here.

Values are compared against data from master at commit 5585075f and shown if the difference exceeds 1%.

L2 block published to L1

Each column represents the number of txs on an L2 block published to L1.

Metric	8 txs	32 txs	128 txs
l1_rollup_calldata_size_in_bytes	45,444	179,588	716,132
l1_rollup_calldata_gas	222,996	868,004	3,449,564
l1_rollup_execution_gas	842,083	3,595,112	22,204,933
l2_block_processing_time_in_ms	1,023	3,934	15,454 (+2%)
note_successful_decrypting_time_in_ms	323	995	3,658 (+3%)
note_trial_decrypting_time_in_ms	26.0	105 (+6%)	138
l2_block_building_time_in_ms	8,931	35,924	149,856 (+1%)
l2_block_rollup_simulation_time_in_ms	6,632	26,735	105,502 (+1%)
l2_block_public_tx_process_time_in_ms	2,261	9,064	43,733 (+1%)

L2 chain processing

Each column represents the number of blocks on the L2 chain where each block has 16 txs.

Metric	5 blocks	10 blocks
node_history_sync_time_in_ms	13,876 (-1%)	30,919 (+1%)
note_history_successful_decrypting_time_in_ms	2,281	4,713 (+6%)
note_history_trial_decrypting_time_in_ms	122 (+1%)	⚠️ 148 (-29%)
node_database_size_in_bytes	1,649,824	1,191,888
pxe_database_size_in_bytes	27,188	54,187

Circuits stats

Stats on running time and I/O sizes collected for every circuit run across all benchmarks.

Circuit	circuit_simulation_time_in_ms	circuit_input_size_in_bytes	circuit_output_size_in_bytes
private-kernel-init	43.3	56,577	14,745
private-kernel-ordering	21.3	20,137	8,089
base-rollup	852	631,605	811
root-rollup	37.9 (-2%)	4,072	1,097
private-kernel-inner	35.9 (+1%)	72,288	14,745
public-kernel-private-input	47.2 (+1%)	37,359	14,745
public-kernel-non-first-iteration	27.9 (-1%)	37,401	14,745
merge-rollup	0.862 (-1%)	2,592	873

Miscellaneous

Transaction sizes based on how many contracts are deployed in the tx.

Metric	0 deployed contracts	1 deployed contracts
tx_size_in_bytes	8,723	27,094

[dan-aztec]

ok seems the struct parsing is working, have kind of crude frontend for the struct params.

remaining issue is CSS around having so many methods...

[benesjan]

Looks good but the box is still called private-token 😉

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: [email protected]

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

[dan-aztec]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue Package Version Note Source
Potential typo squat token 0.1.0

• Did you mean: gtoken (21 thousand times more downloads)

Next steps

** What is a potential typo squat? **
** Take a deeper look at the dependency **
** Remove the package **
Mark a package as acceptable risk

@SocketSecurity ignore [email protected]

[dan-aztec]

@SocketSecurity ignore [email protected]