diff --git a/docs/docs-developers/docs/resources/migration_notes.md b/docs/docs-developers/docs/resources/migration_notes.md index ea2afbf175da..6af3688cc641 100644 --- a/docs/docs-developers/docs/resources/migration_notes.md +++ b/docs/docs-developers/docs/resources/migration_notes.md @@ -256,8 +256,6 @@ For this reason we've created place holder protocol contracts in `noir-projects/ On your side all you need to do is update the dependency in `Nargo.toml`: ```diff --auth_contract = { path = "../../protocol/auth_registry_contract" } -+auth_contract = { path = "../../protocol_interface/auth_registry_interface" } -instance_contract = { path = "../../protocol/contract_instance_registry" } +instance_contract = { path = "../../protocol_interface/contract_instance_registry_interface" } ``` diff --git a/docs/examples/ts/token_bridge/yarn.lock b/docs/examples/ts/token_bridge/yarn.lock index 7ae618733b81..e69de29bb2d1 100644 --- a/docs/examples/ts/token_bridge/yarn.lock +++ b/docs/examples/ts/token_bridge/yarn.lock @@ -1,226 +0,0 @@ -# This file is generated by running "yarn install" inside your project. -# Manual changes might be lost - proceed with caution! - -__metadata: - version: 8 - cacheKey: 10c0 - -"@adraffy/ens-normalize@npm:^1.11.0": - version: 1.11.1 - resolution: "@adraffy/ens-normalize@npm:1.11.1" - checksum: 10c0/b364e2a57131db278ebf2f22d1a1ac6d8aea95c49dd2bbbc1825870b38aa91fd8816aba580a1f84edc50a45eb6389213dacfd1889f32893afc8549a82d304767 - languageName: node - linkType: hard - -"@aztec/accounts@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/accounts::locator=token_bridge%40workspace%3A.": - version: 0.0.0-use.local - resolution: "@aztec/accounts@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/accounts::locator=token_bridge%40workspace%3A." - languageName: node - linkType: soft - -"@aztec/aztec.js@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/aztec.js::locator=token_bridge%40workspace%3A.": - version: 0.0.0-use.local - resolution: "@aztec/aztec.js@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/aztec.js::locator=token_bridge%40workspace%3A." - languageName: node - linkType: soft - -"@aztec/ethereum@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/ethereum::locator=token_bridge%40workspace%3A.": - version: 0.0.0-use.local - resolution: "@aztec/ethereum@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/ethereum::locator=token_bridge%40workspace%3A." - languageName: node - linkType: soft - -"@aztec/foundation@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/foundation::locator=token_bridge%40workspace%3A.": - version: 0.0.0-use.local - resolution: "@aztec/foundation@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/foundation::locator=token_bridge%40workspace%3A." - languageName: node - linkType: soft - -"@aztec/stdlib@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/stdlib::locator=token_bridge%40workspace%3A.": - version: 0.0.0-use.local - resolution: "@aztec/stdlib@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/stdlib::locator=token_bridge%40workspace%3A." - languageName: node - linkType: soft - -"@aztec/viem@npm:2.38.2": - version: 2.38.2 - resolution: "@aztec/viem@npm:2.38.2" - dependencies: - "@noble/curves": "npm:1.9.1" - "@noble/hashes": "npm:1.8.0" - "@scure/bip32": "npm:1.7.0" - "@scure/bip39": "npm:1.6.0" - abitype: "npm:1.1.0" - isows: "npm:1.0.7" - ox: "npm:0.9.6" - ws: "npm:8.18.3" - peerDependencies: - typescript: ">=5.0.4" - peerDependenciesMeta: - typescript: - optional: true - checksum: 10c0/577bda96d258b990e90992766dbbf8b179db2ff1b6d480be3bebb867795d13ca16a01c3448826f09b02e8d04a6bb2c37d18967fd1076a9a3cafec3c33970567c - languageName: node - linkType: hard - -"@aztec/wallets@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/wallets::locator=token_bridge%40workspace%3A.": - version: 0.0.0-use.local - resolution: "@aztec/wallets@link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/wallets::locator=token_bridge%40workspace%3A." - languageName: node - linkType: soft - -"@noble/ciphers@npm:^1.3.0": - version: 1.3.0 - resolution: "@noble/ciphers@npm:1.3.0" - checksum: 10c0/3ba6da645ce45e2f35e3b2e5c87ceba86b21dfa62b9466ede9edfb397f8116dae284f06652c0cd81d99445a2262b606632e868103d54ecc99fd946ae1af8cd37 - languageName: node - linkType: hard - -"@noble/curves@npm:1.9.1": - version: 1.9.1 - resolution: "@noble/curves@npm:1.9.1" - dependencies: - "@noble/hashes": "npm:1.8.0" - checksum: 10c0/39c84dbfecdca80cfde2ecea4b06ef2ec1255a4df40158d22491d1400057a283f57b2b26c8b1331006e6e061db791f31d47764961c239437032e2f45e8888c1e - languageName: node - linkType: hard - -"@noble/curves@npm:~1.9.0": - version: 1.9.7 - resolution: "@noble/curves@npm:1.9.7" - dependencies: - "@noble/hashes": "npm:1.8.0" - checksum: 10c0/150014751ebe8ca06a8654ca2525108452ea9ee0be23430332769f06808cddabfe84f248b6dbf836916bc869c27c2092957eec62c7506d68a1ed0a624017c2a3 - languageName: node - linkType: hard - -"@noble/hashes@npm:1.8.0, @noble/hashes@npm:^1.8.0, @noble/hashes@npm:~1.8.0": - version: 1.8.0 - resolution: "@noble/hashes@npm:1.8.0" - checksum: 10c0/06a0b52c81a6fa7f04d67762e08b2c476a00285858150caeaaff4037356dd5e119f45b2a530f638b77a5eeca013168ec1b655db41bae3236cb2e9d511484fc77 - languageName: node - linkType: hard - -"@scure/base@npm:~1.2.5": - version: 1.2.6 - resolution: "@scure/base@npm:1.2.6" - checksum: 10c0/49bd5293371c4e062cb6ba689c8fe3ea3981b7bb9c000400dc4eafa29f56814cdcdd27c04311c2fec34de26bc373c593a1d6ca6d754398a488d587943b7c128a - languageName: node - linkType: hard - -"@scure/bip32@npm:1.7.0, @scure/bip32@npm:^1.7.0": - version: 1.7.0 - resolution: "@scure/bip32@npm:1.7.0" - dependencies: - "@noble/curves": "npm:~1.9.0" - "@noble/hashes": "npm:~1.8.0" - "@scure/base": "npm:~1.2.5" - checksum: 10c0/e3d4c1f207df16abcd79babcdb74d36f89bdafc90bf02218a5140cc5cba25821d80d42957c6705f35210cc5769714ea9501d4ae34732cdd1c26c9ff182a219f7 - languageName: node - linkType: hard - -"@scure/bip39@npm:1.6.0, @scure/bip39@npm:^1.6.0": - version: 1.6.0 - resolution: "@scure/bip39@npm:1.6.0" - dependencies: - "@noble/hashes": "npm:~1.8.0" - "@scure/base": "npm:~1.2.5" - checksum: 10c0/73a54b5566a50a3f8348a5cfd74d2092efeefc485efbed83d7a7374ffd9a75defddf446e8e5ea0385e4adb49a94b8ae83c5bad3e16333af400e932f7da3aaff8 - languageName: node - linkType: hard - -"abitype@npm:1.1.0": - version: 1.1.0 - resolution: "abitype@npm:1.1.0" - peerDependencies: - typescript: ">=5.0.4" - zod: ^3.22.0 || ^4.0.0 - peerDependenciesMeta: - typescript: - optional: true - zod: - optional: true - checksum: 10c0/99218d442951c60324fcd96a372c30d71ca8d5434cab62b95d5d80bae89e3024a445a90db323ef1fe4da0d749d86e815ca555a37719b06e6ca03ccad2116c45b - languageName: node - linkType: hard - -"abitype@npm:^1.0.9": - version: 1.2.3 - resolution: "abitype@npm:1.2.3" - peerDependencies: - typescript: ">=5.0.4" - zod: ^3.22.0 || ^4.0.0 - peerDependenciesMeta: - typescript: - optional: true - zod: - optional: true - checksum: 10c0/c8740de1ae4961723a153224a52cb9a34a57903fb5c2ad61d5082b0b79b53033c9335381aa8c663c7ec213c9955a9853f694d51e95baceedef27356f7745c634 - languageName: node - linkType: hard - -"eventemitter3@npm:5.0.1": - version: 5.0.1 - resolution: "eventemitter3@npm:5.0.1" - checksum: 10c0/4ba5c00c506e6c786b4d6262cfbce90ddc14c10d4667e5c83ae993c9de88aa856033994dd2b35b83e8dc1170e224e66a319fa80adc4c32adcd2379bbc75da814 - languageName: node - linkType: hard - -"isows@npm:1.0.7": - version: 1.0.7 - resolution: "isows@npm:1.0.7" - peerDependencies: - ws: "*" - checksum: 10c0/43c41fe89c7c07258d0be3825f87e12da8ac9023c5b5ae6741ec00b2b8169675c04331ea73ef8c172d37a6747066f4dc93947b17cd369f92828a3b3e741afbda - languageName: node - linkType: hard - -"ox@npm:0.9.6": - version: 0.9.6 - resolution: "ox@npm:0.9.6" - dependencies: - "@adraffy/ens-normalize": "npm:^1.11.0" - "@noble/ciphers": "npm:^1.3.0" - "@noble/curves": "npm:1.9.1" - "@noble/hashes": "npm:^1.8.0" - "@scure/bip32": "npm:^1.7.0" - "@scure/bip39": "npm:^1.6.0" - abitype: "npm:^1.0.9" - eventemitter3: "npm:5.0.1" - peerDependencies: - typescript: ">=5.4.0" - peerDependenciesMeta: - typescript: - optional: true - checksum: 10c0/559b39051f80a25352e1ca6e7aba6e04f60c4e29f98e4ef3ec0c8d2b0432d400004ce09d2991200eaf21745179af47367dc28c553da43403dd0b69c2453ebabe - languageName: node - linkType: hard - -"token_bridge@workspace:.": - version: 0.0.0-use.local - resolution: "token_bridge@workspace:." - dependencies: - "@aztec/accounts": "link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/accounts" - "@aztec/aztec.js": "link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/aztec.js" - "@aztec/ethereum": "link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/ethereum" - "@aztec/foundation": "link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/foundation" - "@aztec/stdlib": "link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/stdlib" - "@aztec/viem": "npm:2.38.2" - "@aztec/wallets": "link:/mnt/user-data/alexg/code/aztec-packages/epsilon/yarn-project/wallets" - languageName: unknown - linkType: soft - -"ws@npm:8.18.3": - version: 8.18.3 - resolution: "ws@npm:8.18.3" - peerDependencies: - bufferutil: ^4.0.1 - utf-8-validate: ">=5.0.2" - peerDependenciesMeta: - bufferutil: - optional: true - utf-8-validate: - optional: true - checksum: 10c0/eac918213de265ef7cb3d4ca348b891a51a520d839aa51cdb8ca93d4fa7ff9f6ccb339ccee89e4075324097f0a55157c89fa3f7147bde9d8d7e90335dc087b53 - languageName: node - linkType: hard diff --git a/noir-projects/noir-contracts/Nargo.toml b/noir-projects/noir-contracts/Nargo.toml index 41842163ae57..6077b7dec019 100644 --- a/noir-projects/noir-contracts/Nargo.toml +++ b/noir-projects/noir-contracts/Nargo.toml @@ -32,7 +32,6 @@ members = [ "contracts/protocol/fee_juice_contract", "contracts/protocol/multi_call_entrypoint_contract", "contracts/protocol/public_checks_contract", - "contracts/protocol_interface/auth_registry_interface", "contracts/protocol_interface/contract_instance_registry_interface", "contracts/protocol_interface/fee_juice_interface", "contracts/test/generic_proxy_contract", diff --git a/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/Nargo.toml b/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/Nargo.toml index dcfeb4a714ab..60926292804f 100644 --- a/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/Nargo.toml +++ b/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/Nargo.toml @@ -5,4 +5,4 @@ compiler_version = ">=0.25.0" type = "contract" [dependencies] -aztec = { path = "../aztec_sublib" } +aztec = { path = "../../../../aztec-nr/aztec" } diff --git a/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/src/main.nr b/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/src/main.nr index 77b6e0378a44..1e3117f31c7d 100644 --- a/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/protocol/auth_registry_contract/src/main.nr @@ -1,37 +1,31 @@ +use aztec::macros::aztec; + /// A contract that manages public authentication witnesses (authwits) on the Aztec network. /// /// In Aztec, private authwits are verified by account contracts directly (via oracles on the user's device). Public -/// authwits, however, require this onchain registry because local oracles cannot be used for global execution. Users pre-approve -/// actions by storing `message_hash -> true` mappings via `set_authorized`, and consumer contracts verify and -/// atomically revoke these approvals via `consume`. +/// authwits, however, require this onchain registry because local oracles cannot be used for global execution. Users +/// pre-approve actions by storing `message_hash -> true` mappings via `set_authorized`, and consumer contracts verify +/// and atomically revoke these approvals via `consume`. /// /// The `message_hash` includes the consumer address, chain ID, and protocol version, preventing cross-chain and /// cross-contract replay. Each approval can only be consumed once. Users can also enable `reject_all` as an emergency /// kill switch to invalidate all outstanding approvals at once. /// -/// A private-to-public bridge is provided via `set_authorized_private`: a user signs a private authwit, and any party -/// holding it can call this function to insert the corresponding public approval. -/// /// Note that there is no expiration time enforced on the approved actions in this contract as this can be achieved by /// including an expiration timestamp in the `message` (`message_hash` preimage) and having the consumer contract /// constrain that value. +#[aztec] pub contract AuthRegistry { use aztec::{ authwit::auth::{ assert_current_call_valid_authwit, compute_authwit_message_hash, IS_VALID_SELECTOR, }, - context::{PrivateContext, PublicContext, UtilityContext}, - hash::{hash_args, hash_calldata_array}, - oracle::{avm, execution_cache, version::assert_compatible_oracle_version}, - protocol::{ - abis::function_selector::FunctionSelector, - address::AztecAddress, - traits::{Deserialize, FromField, Serialize, ToField}, - utils::reader::Reader, - }, - state_vars::{Map, PublicMutable, StateVariable}, + macros::{functions::{external, only_self, view}, storage::storage}, + protocol::address::AztecAddress, + state_vars::{Map, PublicMutable}, }; + #[storage] struct Storage { /// Per-address flag that, when true, causes all `consume` calls for that address to revert. Provides an /// emergency "mass revocation" mechanism. Does not delete existing approvals - if later set back to false, @@ -42,399 +36,89 @@ pub contract AuthRegistry { approved_actions: Map, Context>, Context>, } - /// Approves or revokes a `message_hash` for the caller. - #[aztec::macros::internals_functions_generation::abi_attributes::abi_public] - unconstrained fn set_authorized(message_hash: Field, authorize: bool) { - // MACRO CODE START - let context: PublicContext = PublicContext::new( - || -> Field { - let serialized_args: [Field; 2] = - avm::calldata_copy(1, ::N + ::N); - hash_args(serialized_args) - }, - ); - let storage: Storage = Storage::init(context); - // MACRO CODE END - - storage.approved_actions.at(avm::sender()).at(message_hash).write(authorize); + /// Approves or revokes a `message_hash` for the `msg_sender`. + #[external("public")] + fn set_authorized(message_hash: Field, authorize: bool) { + self.storage.approved_actions.at(self.msg_sender()).at(message_hash).write(authorize); } - /// Enables or disables mass rejection of all authwits for the caller. When enabled, all `consume` calls for the - /// caller's address will revert regardless of individual approvals. - #[aztec::macros::internals_functions_generation::abi_attributes::abi_public] - unconstrained fn set_reject_all(reject: bool) { - // MACRO CODE START - let context: PublicContext = PublicContext::new( - || -> Field { - let serialized_args: [Field; 1] = avm::calldata_copy(1, ::N); - hash_args(serialized_args) - }, - ); - let storage: Storage = Storage::init(context); - // MACRO CODE END - - storage.reject_all.at(avm::sender()).write(reject); + /// Enables or disables mass rejection of all authwits for `msg_sender`. When enabled, all `consume` calls for the + /// `msg_sender` will revert regardless of individual approvals. + #[external("public")] + fn set_reject_all(reject: bool) { + self.storage.reject_all.at(self.msg_sender()).write(reject); } /// Consumes (verifies and atomically revokes) an authorization on behalf of `on_behalf_of`. /// - /// Called by consumer contracts (e.g. Token) to verify a user has authorized an action. This function: - /// 1. Checks that `on_behalf_of` has not enabled `reject_all`. - /// 2. Recomputes the `message_hash` from the caller (consumer), chain ID, version, and `inner_hash`, binding the - /// approval to this specific consumer contract. - /// 3. Verifies the message was approved and atomically revokes it to prevent replay. + /// Called by consumer contracts (e.g. Token) to verify a user has authorized an action. Reverts if `reject_all` + /// is set for `msg_sender`. /// /// Returns `IS_VALID_SELECTOR` (0x47dacd73) on success instead of a boolean. This follows the EIP-1271 pattern: /// a failed or malformed call would return the default zero value, which is indistinguishable from `false`. By /// requiring a specific magic value, the caller can reliably distinguish a successful validation from a failed /// call. The function also reverts on failure as a first line of defense, making the magic return value a /// defense-in-depth measure against subtle integration bugs on the caller side. - #[aztec::macros::internals_functions_generation::abi_attributes::abi_public] - unconstrained fn consume(on_behalf_of: AztecAddress, inner_hash: Field) -> pub Field { - // MACRO CODE START - let context: PublicContext = PublicContext::new( - || -> Field { - let serialized_args: [Field; 2] = - avm::calldata_copy(1, ::N + ::N); - hash_args(serialized_args) - }, - ); - let storage: Storage = Storage::init(context); - // MACRO CODE END + #[external("public")] + fn consume(on_behalf_of: AztecAddress, inner_hash: Field) -> Field { + assert_eq(false, self.storage.reject_all.at(on_behalf_of).read(), "rejecting all"); - // reject_all is checked first so it takes precedence over individual approvals. - assert_eq(false, storage.reject_all.at(on_behalf_of).read(), "rejecting all"); - - // The msg_sender here is the consumer contract, not the original user. This binds - // the approval to a specific consumer, preventing cross-contract replay. let message_hash = compute_authwit_message_hash( - context.maybe_msg_sender().unwrap(), - context.chain_id(), - context.version(), + self.msg_sender(), + self.context.chain_id(), + self.context.version(), inner_hash, ); - let authorized = storage.approved_actions.at(on_behalf_of).at(message_hash).read(); + let authorized = self.storage.approved_actions.at(on_behalf_of).at(message_hash).read(); + assert_eq(true, authorized, "unauthorized"); - // Revoke the approval to prevent replay. - storage.approved_actions.at(on_behalf_of).at(message_hash).write(false); + + self.storage.approved_actions.at(on_behalf_of).at(message_hash).write(false); IS_VALID_SELECTOR } - /// Bridges a private authwit into a public authorization entry. - /// - /// Allows any party to insert a public approval on behalf of `approver`, provided they present a valid private - /// authwit from that approver. Useful when e.g. Alice wants Bob to insert a public authwit for her so they can - /// execute a trade - Alice signs a private authwit and Bob calls this function. + /// Updates a public authwit for `approver` using a private authwit /// - /// This function: - /// 1. Verifies the approver's private authwit via `assert_current_call_valid_authwit` (static call + nullifier - /// emission to prevent replay). - /// 2. Enqueues a public call to `_set_authorized` to write the approval during the public phase. - #[aztec::macros::internals_functions_generation::abi_attributes::abi_private] - fn set_authorized_private( - inputs: aztec::context::inputs::PrivateContextInputs, - approver: AztecAddress, - message_hash: Field, - authorize: bool, - ) -> return_data aztec::protocol::abis::private_circuit_public_inputs::PrivateCircuitPublicInputs { - // MACRO CODE START - // Note: The macros initially inserted a phase check here, but since there is no phase change in this function - // body or in the subsequent enqueued public function call, I have removed that check. - assert_compatible_oracle_version(); - - let serialized_params: [Field; 3] = - [approver.to_field(), message_hash, authorize.to_field()]; - let args_hash: Field = hash_args(serialized_params); - let mut context: PrivateContext = PrivateContext::new(inputs, args_hash); - - // MACRO CODE END - - // The generic parameter `3` is the number of function arguments (approver, message_hash, authorize). - assert_current_call_valid_authwit::<3>(&mut context, approver); - - // Enqueue a public call to _set_authorized to write the approval into public storage. - { - let enqueue_params: [Field; 3] = - [approver.to_field(), message_hash, authorize.to_field()]; - let selector: FunctionSelector = FunctionSelector::from_field(_SET_AUTHORIZED_SELECTOR); - let calldata: [Field; 4] = [selector.to_field()].concat(enqueue_params); - let calldata_hash: Field = hash_calldata_array(calldata); - execution_cache::store(calldata, calldata_hash); - context.call_public_function_with_calldata_hash( - context.this_address(), - calldata_hash, - false, - false, - ); - } - - // MACRO CODE START - context.finish() - // MACRO CODE END + /// Useful for the case where you want someone else to insert a public authwit for you. For example, if Alice + /// (`approver` in this scenario) wants Bob to insert an authwit in public, such that they can execute a trade, + /// Alice can create a private authwit, and Bob can call this function with it. + #[external("private")] + fn set_authorized_private(approver: AztecAddress, message_hash: Field, authorize: bool) { + assert_current_call_valid_authwit::<3>(self.context, approver); + self.enqueue_self._set_authorized(approver, message_hash, authorize); } /// A function that writes an authorization entry for an arbitrary `approver`. Only callable by this contract /// itself (`#[only_self]`), ensuring it is only reachable through the validated `set_authorized_private` flow. - #[aztec::macros::internals_functions_generation::abi_attributes::abi_public] - #[aztec::macros::internals_functions_generation::abi_attributes::abi_only_self] - unconstrained fn _set_authorized(approver: AztecAddress, message_hash: Field, authorize: bool) { - // MACRO CODE START - let context: PublicContext = PublicContext::new( - || -> Field { - let serialized_args: [Field; 3] = avm::calldata_copy( - 1, - (::N + ::N) - + ::N, - ); - hash_args(serialized_args) - }, - ); - let storage: Storage = Storage::init(context); - - assert( - avm::sender() == context.this_address(), - "Function _set_authorized can only be called by the same contract", - ); - // MACRO CODE END - - storage.approved_actions.at(approver).at(message_hash).write(authorize); + #[external("public")] + #[only_self] + fn _set_authorized(approver: AztecAddress, message_hash: Field, authorize: bool) { + self.storage.approved_actions.at(approver).at(message_hash).write(authorize); } /// Returns whether `on_behalf_of` has enabled the `reject_all` flag. - #[aztec::macros::internals_functions_generation::abi_attributes::abi_public] - #[aztec::macros::internals_functions_generation::abi_attributes::abi_view] - unconstrained fn is_reject_all(on_behalf_of: AztecAddress) -> pub bool { - // MACRO CODE START - let context: PublicContext = PublicContext::new( - || -> Field { - let serialized_args: [Field; 1] = - avm::calldata_copy(1, ::N); - hash_args(serialized_args) - }, - ); - let storage: Storage = Storage::init(context); - - assert(context.is_static_call(), "Function is_reject_all can only be called statically"); - // MACRO CODE END - - storage.reject_all.at(on_behalf_of).read() + #[external("public")] + #[view] + fn is_reject_all(on_behalf_of: AztecAddress) -> bool { + self.storage.reject_all.at(on_behalf_of).read() } /// Returns whether a specific `message_hash` is currently approved for `on_behalf_of`. /// Does NOT check the `reject_all` flag - also check `is_reject_all` for a complete picture. - #[aztec::macros::internals_functions_generation::abi_attributes::abi_public] - #[aztec::macros::internals_functions_generation::abi_attributes::abi_view] - unconstrained fn is_consumable(on_behalf_of: AztecAddress, message_hash: Field) -> pub bool { - // MACRO CODE START - let context: PublicContext = PublicContext::new( - || -> Field { - let serialized_args: [Field; 2] = - avm::calldata_copy(1, ::N + ::N); - hash_args(serialized_args) - }, - ); - let storage: Storage = Storage::init(context); - - assert(context.is_static_call(), "Function is_consumable can only be called statically"); - // MACRO CODE END - - storage.approved_actions.at(on_behalf_of).at(message_hash).read() + #[external("public")] + #[view] + fn is_consumable(on_behalf_of: AztecAddress, message_hash: Field) -> bool { + self.storage.approved_actions.at(on_behalf_of).at(message_hash).read() } /// Utility version of `is_consumable` - #[aztec::macros::internals_functions_generation::abi_attributes::abi_utility] + #[external("utility")] unconstrained fn utility_is_consumable( on_behalf_of: AztecAddress, message_hash: Field, - ) -> pub bool { - // MACRO CODE START - assert_compatible_oracle_version(); - - let context: UtilityContext = UtilityContext::new(); - let storage: Storage = Storage::init(context); - // MACRO CODE END - - storage.approved_actions.at(on_behalf_of).at(message_hash).read() - } - - // THE REST OF THE CODE IN THIS CONTRACT WAS ORIGINALLY INJECTED BY THE #[aztec] MACRO. - - global SET_AUTHORIZED_SELECTOR: Field = - comptime { FunctionSelector::from_signature("set_authorized(Field,bool)").to_field() }; - - global SET_REJECT_ALL_SELECTOR: Field = - comptime { FunctionSelector::from_signature("set_reject_all(bool)").to_field() }; - - global CONSUME_SELECTOR: Field = - comptime { FunctionSelector::from_signature("consume((Field),Field)").to_field() }; - - global _SET_AUTHORIZED_SELECTOR: Field = comptime { - FunctionSelector::from_signature("_set_authorized((Field),Field,bool)").to_field() - }; - - global IS_REJECT_ALL_SELECTOR: Field = - comptime { FunctionSelector::from_signature("is_reject_all((Field))").to_field() }; - - global IS_CONSUMABLE_SELECTOR: Field = - comptime { FunctionSelector::from_signature("is_consumable((Field),Field)").to_field() }; - - #[aztec::macros::internals_functions_generation::abi_attributes::abi_public] - pub unconstrained fn public_dispatch(selector: Field) { - if selector == SET_AUTHORIZED_SELECTOR { - let input_calldata: [Field; 2] = - avm::calldata_copy(1, ::N + ::N); - let mut reader: Reader<2> = Reader::new(input_calldata); - let arg0: Field = ::stream_deserialize(&mut reader); - let arg1: bool = ::stream_deserialize(&mut reader); - set_authorized(arg0, arg1); - avm::avm_return([].as_vector()); - }; - if selector == SET_REJECT_ALL_SELECTOR { - let input_calldata: [Field; 1] = avm::calldata_copy(1, ::N); - let mut reader: Reader<1> = Reader::new(input_calldata); - let arg0: bool = ::stream_deserialize(&mut reader); - set_reject_all(arg0); - avm::avm_return([].as_vector()); - }; - if selector == CONSUME_SELECTOR { - let input_calldata: [Field; 2] = - avm::calldata_copy(1, ::N + ::N); - let mut reader: Reader<2> = Reader::new(input_calldata); - let arg0: AztecAddress = ::stream_deserialize(&mut reader); - let arg1: Field = ::stream_deserialize(&mut reader); - let return_value: [Field; 1] = ::serialize(consume(arg0, arg1)); - avm::avm_return(return_value.as_vector()); - }; - if selector == _SET_AUTHORIZED_SELECTOR { - let input_calldata: [Field; 3] = avm::calldata_copy( - 1, - (::N + ::N) + ::N, - ); - let mut reader: Reader<3> = Reader::new(input_calldata); - let arg0: AztecAddress = ::stream_deserialize(&mut reader); - let arg1: Field = ::stream_deserialize(&mut reader); - let arg2: bool = ::stream_deserialize(&mut reader); - _set_authorized(arg0, arg1, arg2); - avm::avm_return([].as_vector()); - }; - if selector == IS_REJECT_ALL_SELECTOR { - let input_calldata: [Field; 1] = avm::calldata_copy(1, ::N); - let mut reader: Reader<1> = Reader::new(input_calldata); - let arg0: AztecAddress = ::stream_deserialize(&mut reader); - let return_value: [Field; 1] = ::serialize(is_reject_all(arg0)); - avm::avm_return(return_value.as_vector()); - }; - if selector == IS_CONSUMABLE_SELECTOR { - let input_calldata: [Field; 2] = - avm::calldata_copy(1, ::N + ::N); - let mut reader: Reader<2> = Reader::new(input_calldata); - let arg0: AztecAddress = ::stream_deserialize(&mut reader); - let arg1: Field = ::stream_deserialize(&mut reader); - let return_value: [Field; 1] = - ::serialize(is_consumable(arg0, arg1)); - avm::avm_return(return_value.as_vector()); - }; - panic(f"Unknown selector {selector}") - } - - impl Storage { - fn init(context: Context) -> Self { - Self { - reject_all: , Context> as StateVariable<1, Context>>::new( - context, - 1, - ), - approved_actions: , Context>, Context> as StateVariable<1, Context>>::new( - context, - 2, - ), - } - } - } - - pub struct _set_authorized_parameters { - pub _approver: AztecAddress, - pub _message_hash: Field, - pub _authorize: bool, - } - - pub struct consume_parameters { - pub _on_behalf_of: AztecAddress, - pub _inner_hash: Field, - } - - pub struct is_consumable_parameters { - pub _on_behalf_of: AztecAddress, - pub _message_hash: Field, - } - - pub struct is_reject_all_parameters { - pub _on_behalf_of: AztecAddress, - } - - pub struct set_authorized_parameters { - pub _message_hash: Field, - pub _authorize: bool, - } - - pub struct set_authorized_private_parameters { - pub _approver: AztecAddress, - pub _message_hash: Field, - pub _authorize: bool, - } - - pub struct set_reject_all_parameters { - pub _reject: bool, - } - - pub struct utility_is_consumable_parameters { - pub _on_behalf_of: AztecAddress, - pub _message_hash: Field, - } - - #[abi(functions)] - pub struct _set_authorized_abi { - parameters: _set_authorized_parameters, - } - - #[abi(functions)] - pub struct consume_abi { - parameters: consume_parameters, - return_type: Field, - } - - #[abi(functions)] - pub struct is_consumable_abi { - parameters: is_consumable_parameters, - return_type: bool, - } - - #[abi(functions)] - pub struct is_reject_all_abi { - parameters: is_reject_all_parameters, - return_type: bool, - } - - #[abi(functions)] - pub struct set_authorized_abi { - parameters: set_authorized_parameters, - } - - #[abi(functions)] - pub struct set_authorized_private_abi { - parameters: set_authorized_private_parameters, - } - - #[abi(functions)] - pub struct set_reject_all_abi { - parameters: set_reject_all_parameters, - } - - #[abi(functions)] - pub struct utility_is_consumable_abi { - parameters: utility_is_consumable_parameters, - return_type: bool, + ) -> bool { + self.storage.approved_actions.at(on_behalf_of).at(message_hash).read() } } diff --git a/noir-projects/noir-contracts/contracts/protocol_interface/auth_registry_interface/Nargo.toml b/noir-projects/noir-contracts/contracts/protocol_interface/auth_registry_interface/Nargo.toml deleted file mode 100644 index a71bc8bee1a9..000000000000 --- a/noir-projects/noir-contracts/contracts/protocol_interface/auth_registry_interface/Nargo.toml +++ /dev/null @@ -1,8 +0,0 @@ -[package] -name = "auth_registry_interface" -authors = [""] -compiler_version = ">=0.25.0" -type = "contract" - -[dependencies] -aztec = { path = "../../../../aztec-nr/aztec" } diff --git a/noir-projects/noir-contracts/contracts/protocol_interface/auth_registry_interface/src/main.nr b/noir-projects/noir-contracts/contracts/protocol_interface/auth_registry_interface/src/main.nr deleted file mode 100644 index 928dbdc75bbe..000000000000 --- a/noir-projects/noir-contracts/contracts/protocol_interface/auth_registry_interface/src/main.nr +++ /dev/null @@ -1,52 +0,0 @@ -use aztec::macros::aztec; - -// The sole purpose of this contract is to serve as a Noir interface for the real AuthRegistry contract. This was done -// because the real AuthRegistry contract has been stripped of `aztec-nr` macros which results in the nice Noir -// interface no longer being generated. -// -// (We've stripped the contract of `aztec-nr` macros in order for auditors to not need to audit them - protocol -// contracts were audited during the protocol circuits audit). -// -// For context, this is the interface I am talking about: -// ```noir -// let is_reject_all = self.view(AuthRegistry::at(CANONICAL_AUTH_REGISTRY_ADDRESS).is_reject_all(self.address)); -// ``` -// where the macros generate the `AuthRegistry` struct. -#[aztec] -pub contract AuthRegistry { - use aztec::{macros::functions::{external, view}, protocol::address::AztecAddress}; - - #[external("public")] - fn set_authorized(message_hash: Field, authorize: bool) {} - - #[external("public")] - fn set_reject_all(reject: bool) {} - - #[external("public")] - fn consume(on_behalf_of: AztecAddress, inner_hash: Field) -> Field { - 0 - } - - #[external("private")] - fn set_authorized_private(approver: AztecAddress, message_hash: Field, authorize: bool) {} - - #[external("public")] - #[view] - fn is_reject_all(on_behalf_of: AztecAddress) -> bool { - false - } - - #[external("public")] - #[view] - fn is_consumable(on_behalf_of: AztecAddress, message_hash: Field) -> bool { - false - } - - #[external("utility")] - unconstrained fn utility_is_consumable( - on_behalf_of: AztecAddress, - message_hash: Field, - ) -> bool { - false - } -} diff --git a/noir-projects/noir-contracts/contracts/test/avm_test_contract/Nargo.toml b/noir-projects/noir-contracts/contracts/test/avm_test_contract/Nargo.toml index b90c685a9fd3..aeb241d59eed 100644 --- a/noir-projects/noir-contracts/contracts/test/avm_test_contract/Nargo.toml +++ b/noir-projects/noir-contracts/contracts/test/avm_test_contract/Nargo.toml @@ -11,5 +11,5 @@ sha256 = { tag = "v0.3.0", git = "https://github.com/noir-lang/sha256" } keccak256 = { tag = "v0.1.3", git = "https://github.com/noir-lang/keccak256" } poseidon = { tag= "v0.2.3", git = "https://github.com/noir-lang/poseidon" } fee_juice = { path = "../../protocol_interface/fee_juice_interface" } -auth_contract = { path = "../../protocol_interface/auth_registry_interface" } +auth_contract = { path = "../../protocol/auth_registry_contract" } instance_contract = { path = "../../protocol_interface/contract_instance_registry_interface" }