feat: merge-train/barretenberg

barretenberg/README.md

@@ -10,7 +10,7 @@ Barretenberg (or `bb` for short) is an optimized elliptic curve library for the
 
 - [Barretenberg](#barretenberg)
   - [Development](#development)
-    - [Bootstrap](#bootstrap)
+    - [Quick Start](#quick-start)
     - [Build Options and Instructions](#build-options-and-instructions)
       - [WASM build](#wasm-build)
       - [Fuzzing build](#fuzzing-build)
@@ -19,7 +19,6 @@ Barretenberg (or `bb` for short) is an optimized elliptic curve library for the
     - [Testing](#testing)
       - [Integration tests with Aztec in Monorepo](#integration-tests-with-aztec-in-monorepo)
         - [Integration tests with Aztec in Barretenberg Standalone Repo](#integration-tests-with-aztec-in-barretenberg-standalone-repo)
-        - [Testing locally in docker](#testing-locally-in-docker)
     - [Docs Build](#docs-build)
     - [Benchmarks](#benchmarks)
       - [x86\_64](#x86_64)
@@ -92,15 +91,33 @@ git clone -b release/10.x --depth 1 https://github.com/llvm/llvm-project.git \
 
 </details>
 
-### Bootstrap
+### Quick Start
 
-The bootstrap script will build both the native and wasm versions of barretenberg:
+If you just want to use the `bb` binary and don't need to modify the source code, the easiest option is to install a pre-built binary using [bbup](bbup/README.md):
 
 ```bash
-cd cpp
-./bootstrap.sh
+curl -L https://raw.githubusercontent.com/AztecProtocol/aztec-packages/refs/heads/master/barretenberg/bbup/install | bash
+bbup
+bb --version
 ```
 
+To build from source, use the bootstrap script. By default it uses a [Zig](https://ziglang.org/)-wrapped Clang for portable binaries (glibc 2.35+). This requires `zig` to be installed in addition to the dependencies listed above:
+
+```bash
+cd barretenberg/cpp
+./bootstrap.sh               # Full build (native + WASM)
+./bootstrap.sh build_native  # Native only (faster)
+```
+
+If you don't have Zig installed, you can use the `default` preset which only requires a standard Clang toolchain:
+
+```bash
+cd barretenberg/cpp
+NATIVE_PRESET=default ./bootstrap.sh build_native
+```
+
+The resulting binary will be at `build/bin/bb`.
+
 ### Build Options and Instructions
 
 CMake can be passed various build options on its command line:
@@ -237,19 +254,6 @@ CI will automatically run integration tests against Aztec. It is located in the
 
 When working on a PR, you may want to point this file to a different Aztec branch or commit, but then it should probably be pointed back to master before merging.
 
-##### Testing locally in docker
-
-A common issue that arises is that our CI system has a different compiler version e.g. namely for GCC. If you need to mimic the CI operating system locally you can use bootstrap_docker.sh or run dockerfiles directly. However, there is a more efficient workflow for iterative development:
-
-```
-cd barretenberg/cpp
-./scripts/docker_interactive.sh
-mv build build-native # your native build folders are mounted, but will not work! have to clear them
-cmake --preset gcc ;  cmake --build build
-```
-
-This will allow you to rebuild as efficiently as if you were running native code, and not have to see a full compile cycle.
-
 ### Docs Build
 
 If doxygen is installed on the system, you can use the **build_docs** target to build documentation, which can be configured in vscode CMake extension or using

barretenberg/cpp/.clangd

@@ -2,6 +2,9 @@ CompileFlags: # Tweak the parse settings
   Remove:
     - "-fconstexpr-ops-limit=*"
     - "-Wfatal-errors"
+Diagnostics:
+  Suppress:
+    - drv_triple_version_invalid
 ---
 # Applies all barretenberg source files
 If:

barretenberg/cpp/CLAUDE.md

@@ -57,6 +57,13 @@ Note: Once you enable AVM, subsequent `ninja` calls will include AVM targets unt
 - **dsl/** - ACIR definition in C++. This is dictated by the serialization in noir/, so refactor should generally not change the structure without confirming that the user is changing noir.
 - **vm2/** - AVM implementation (not enabled, but might need to be fixed for compilation issues in root ./bootstrap.sh). If working in vm2, use barretenberg/cpp/src/barretenberg/vm2/CLAUDE.md
 
+## Code formatting
+
+All C++ files must be formatted with clang-format before committing:
+```bash
+clang-format-20 -i <files>
+```
+
 ## Benchmarking:
 
 **IMPORTANT**: In the barretenberg context, "bench" or "benchmark" almost always means running `benchmark_remote.sh` for the given target on a remote benchmarking machine.

barretenberg/cpp/CMakePresets.json

@@ -41,7 +41,9 @@
       "binaryDir": "build",
       "environment": {
         "CC": "${sourceDir}/scripts/zig-cc.sh",
-        "CXX": "${sourceDir}/scripts/zig-c++.sh"
+        "CXX": "${sourceDir}/scripts/zig-c++.sh",
+        "CFLAGS": "-g0",
+        "CXXFLAGS": "-g0"
       },
       "cacheVariables": {
         "CMAKE_AR": "${sourceDir}/scripts/zig-ar.sh",
@@ -464,7 +466,9 @@
       "binaryDir": "${sourceDir}/build-${presetName}",
       "environment": {
         "CC": "zig cc",
-        "CXX": "zig c++"
+        "CXX": "zig c++",
+        "CFLAGS": "-g0",
+        "CXXFLAGS": "-g0"
       },
       "cacheVariables": {
         "ENABLE_PIC": "ON",

barretenberg/cpp/cmake/lmdb.cmake

@@ -15,7 +15,7 @@ ExternalProject_Add(
     SOURCE_DIR ${LMDB_PREFIX}/src/lmdb_repo
     BUILD_IN_SOURCE YES
     CONFIGURE_COMMAND "" # No configure step
-    BUILD_COMMAND ${CMAKE_COMMAND} -E env CC=${CMAKE_C_COMPILER}${CMAKE_C_COMPILER_ARG1} AR=${CMAKE_AR} make -e -C libraries/liblmdb XCFLAGS=-fPIC liblmdb.a
+    BUILD_COMMAND ${CMAKE_COMMAND} -E env --unset=CFLAGS --unset=CXXFLAGS CC=${CMAKE_C_COMPILER}${CMAKE_C_COMPILER_ARG1} AR=${CMAKE_AR} make -e -C libraries/liblmdb XCFLAGS=-fPIC liblmdb.a
     INSTALL_COMMAND ""
     UPDATE_COMMAND "" # No update step
     BUILD_BYPRODUCTS ${LMDB_LIB}

barretenberg/cpp/scripts/audit/audit_scopes/polynomial_audit_scope.md

@@ -12,13 +12,12 @@ Note: Paths relative to `aztec-packages/barretenberg/cpp/src/barretenberg`
 4. `polynomials/eq_polynomial.hpp`
 5. `polynomials/evaluation_domain.cpp`
 6. `polynomials/evaluation_domain.hpp`
-7. `polynomials/iterate_over_domain.hpp`
-8. `polynomials/polynomial.cpp`
-9. `polynomials/polynomial.hpp`
-10. `polynomials/polynomial_arithmetic.cpp`
-11. `polynomials/polynomial_arithmetic.hpp`
-12. `polynomials/shared_shifted_virtual_zeroes_array.hpp`
-13. `polynomials/univariate_coefficient_basis.hpp`
+7. `polynomials/polynomial.cpp`
+8. `polynomials/polynomial.hpp`
+9. `polynomials/polynomial_arithmetic.cpp`
+10. `polynomials/polynomial_arithmetic.hpp`
+11. `polynomials/shared_shifted_virtual_zeroes_array.hpp`
+12. `polynomials/univariate_coefficient_basis.hpp`
 
 ## Summary of Module
 

barretenberg/cpp/scripts/test_chonk_standalone_vks_havent_changed.sh

@@ -150,8 +150,12 @@ elif [[ "${1:-}" == "--update_inputs" ]]; then
     # Generate new inputs
     echo "Running bootstrap to generate new IVC inputs..."
 
-    BOOTSTRAP_TO=yarn-project ../../bootstrap.sh # bootstrap aztec-packages from root
-    ../../yarn-project/end-to-end/bootstrap.sh build_bench # build bench to generate IVC inputs
+    cd "$root"
+    ./bootstrap.sh pull_submodules
+    make yarn-project
+    cd yarn-project/end-to-end
+    ./bootstrap.sh build_bench # build bench to generate IVC inputs
+    cd "$root/barretenberg/cpp/scripts"
 
     compress_and_upload "$inputs_dir"
 

barretenberg/cpp/src/barretenberg/api/api_chonk.cpp

@@ -115,6 +115,36 @@ bool ChonkAPI::verify([[maybe_unused]] const Flags& flags,
     return response.valid;
 }
 
+bool ChonkAPI::batch_verify([[maybe_unused]] const Flags& flags, const std::filesystem::path& proofs_dir)
+{
+    BB_BENCH_NAME("ChonkAPI::batch_verify");
+
+    std::vector<ChonkProof> proofs;
+    std::vector<std::vector<uint8_t>> vks;
+
+    for (size_t i = 0;; ++i) {
+        auto proof_file = proofs_dir / ("proof_" + std::to_string(i));
+        auto vk_file = proofs_dir / ("vk_" + std::to_string(i));
+
+        if (!std::filesystem::exists(proof_file) || !std::filesystem::exists(vk_file)) {
+            break;
+        }
+
+        auto proof_fields = many_from_buffer<fr>(read_file(proof_file));
+        proofs.push_back(ChonkProof::from_field_elements(proof_fields));
+        vks.push_back(read_vk_file(vk_file));
+    }
+
+    if (proofs.empty()) {
+        throw_or_abort("batch_verify: no proof_0/vk_0 pairs found in " + proofs_dir.string());
+    }
+
+    info("ChonkAPI::batch_verify - found ", proofs.size(), " proof/vk pairs in ", proofs_dir.string());
+
+    auto response = bbapi::ChonkBatchVerify{ .proofs = std::move(proofs), .vks = std::move(vks) }.execute();
+    return response.valid;
+}
+
 // WORKTODO(bbapi) remove this
 bool ChonkAPI::prove_and_verify(const std::filesystem::path& input_path)
 {

barretenberg/cpp/src/barretenberg/api/api_chonk.hpp

@@ -81,6 +81,14 @@ class ChonkAPI : public API {
                   const std::filesystem::path& bytecode_path,
                   const std::filesystem::path& output_path) override;
 
+    /**
+     * @brief Batch-verify multiple Chonk proofs from a directory of proof_N/vk_N pairs.
+     *
+     * @param proofs_dir Directory containing proof_0/vk_0, proof_1/vk_1, ...
+     * @return true if all proofs verify
+     */
+    bool batch_verify(const Flags& flags, const std::filesystem::path& proofs_dir);
+
     /**
      * @brief Validate that precomputed VKs in ivc-inputs.msgpack match computed VKs.
      *

barretenberg/cpp/src/barretenberg/bb/cli.cpp

@@ -519,6 +519,20 @@ int parse_and_run_cli_command(int argc, char* argv[])
     remove_zk_option(verify);
     add_ipa_accumulation_flag(verify);
 
+    /***************************************************************************************************************
+     * Subcommand: batch_verify
+     ***************************************************************************************************************/
+    std::filesystem::path batch_verify_proofs_dir{ "./proofs" };
+    CLI::App* batch_verify =
+        app.add_subcommand("batch_verify", "Batch-verify multiple Chonk proofs with a single IPA SRS MSM.");
+
+    add_help_extended_flag(batch_verify);
+    add_scheme_option(batch_verify);
+    batch_verify->add_option("--proofs_dir", batch_verify_proofs_dir, "Directory containing proof_N/vk_N pairs.");
+    add_verbose_flag(batch_verify);
+    add_debug_flag(batch_verify);
+    add_crs_path_option(batch_verify);
+
     /***************************************************************************************************************
      * Subcommand: write_solidity_verifier
      ***************************************************************************************************************/
@@ -954,6 +968,11 @@ int parse_and_run_cli_command(int argc, char* argv[])
                 }
                 return api.check_precomputed_vks(flags, ivc_inputs_path) ? 0 : 1;
             }
+            if (batch_verify->parsed()) {
+                const bool verified = api.batch_verify(flags, batch_verify_proofs_dir);
+                vinfo("batch verified: ", verified);
+                return verified ? 0 : 1;
+            }
             return execute_non_prove_command(api);
         } else if (flags.scheme == "ultra_honk") {
             UltraHonkAPI api;

barretenberg/cpp/src/barretenberg/bbapi/bbapi.test.cpp

@@ -22,7 +22,8 @@ using Commands = ::testing::Types<bbapi::CircuitProve,
                                   bbapi::ChonkAccumulate,
                                   bbapi::ChonkProve,
                                   bbapi::ChonkComputeVk,
-                                  bbapi::ChonkCheckPrecomputedVk>;
+                                  bbapi::ChonkCheckPrecomputedVk,
+                                  bbapi::ChonkBatchVerify>;
 
 // Typed test suites
 template <typename T> class BBApiMsgpack : public ::testing::Test {};

barretenberg/cpp/src/barretenberg/bbapi/bbapi_chonk.cpp

@@ -1,4 +1,5 @@
 #include "barretenberg/bbapi/bbapi_chonk.hpp"
+#include "barretenberg/chonk/chonk_batch_verifier.hpp"
 #include "barretenberg/chonk/chonk_verifier.hpp"
 #include "barretenberg/chonk/mock_circuit_producer.hpp"
 #include "barretenberg/chonk/proof_compression.hpp"
@@ -157,6 +158,43 @@ ChonkVerify::Response ChonkVerify::execute(const BBApiRequest& /*request*/) &&
     return { .valid = verified };
 }
 
+ChonkBatchVerify::Response ChonkBatchVerify::execute(const BBApiRequest& /*request*/) &&
+{
+    BB_BENCH_NAME(MSGPACK_SCHEMA_NAME);
+
+    if (proofs.size() != vks.size()) {
+        throw_or_abort("ChonkBatchVerify: proofs.size() (" + std::to_string(proofs.size()) + ") != vks.size() (" +
+                       std::to_string(vks.size()) + ")");
+    }
+    if (proofs.empty()) {
+        throw_or_abort("ChonkBatchVerify: no proofs provided");
+    }
+
+    using VerificationKey = Chonk::MegaVerificationKey;
+
+    std::vector<ChonkBatchVerifier::Input> inputs;
+    inputs.reserve(proofs.size());
+
+    for (size_t i = 0; i < proofs.size(); ++i) {
+        validate_vk_size<VerificationKey>(vks[i]);
+        auto hiding_kernel_vk = std::make_shared<VerificationKey>(from_buffer<VerificationKey>(vks[i]));
+
+        const size_t expected_proof_size =
+            static_cast<size_t>(hiding_kernel_vk->num_public_inputs) + ChonkProof::PROOF_LENGTH_WITHOUT_PUB_INPUTS;
+        if (proofs[i].size() != expected_proof_size) {
+            throw_or_abort("ChonkBatchVerify: proof[" + std::to_string(i) + "] has wrong size: expected " +
+                           std::to_string(expected_proof_size) + ", got " + std::to_string(proofs[i].size()));
+        }
+
+        auto vk_and_hash = std::make_shared<ChonkNativeVerifier::VKAndHash>(hiding_kernel_vk);
+        inputs.push_back({ .proof = std::move(proofs[i]), .vk_and_hash = std::move(vk_and_hash) });
+    }
+
+    const bool verified = ChonkBatchVerifier::verify(inputs);
+
+    return { .valid = verified };
+}
+
 static std::shared_ptr<Chonk::ProverInstance> get_acir_program_prover_instance(acir_format::AcirProgram& program)
 {
     Chonk::ClientCircuit builder = acir_format::create_circuit<Chonk::ClientCircuit>(program);

barretenberg/cpp/src/barretenberg/bbapi/bbapi_chonk.hpp

@@ -239,6 +239,27 @@ struct ChonkStats {
     bool operator==(const ChonkStats&) const = default;
 };
 
+/**
+ * @struct ChonkBatchVerify
+ * @brief Batch-verify multiple Chonk proofs with a single IPA SRS MSM
+ */
+struct ChonkBatchVerify {
+    static constexpr const char MSGPACK_SCHEMA_NAME[] = "ChonkBatchVerify";
+
+    struct Response {
+        static constexpr const char MSGPACK_SCHEMA_NAME[] = "ChonkBatchVerifyResponse";
+        bool valid;
+        MSGPACK_FIELDS(valid);
+        bool operator==(const Response&) const = default;
+    };
+
+    std::vector<ChonkProof> proofs;
+    std::vector<std::vector<uint8_t>> vks;
+    Response execute(const BBApiRequest& request = {}) &&;
+    MSGPACK_FIELDS(proofs, vks);
+    bool operator==(const ChonkBatchVerify&) const = default;
+};
+
 /**
  * @struct ChonkCompressProof
  * @brief Compress a Chonk proof to a compact byte representation

barretenberg/cpp/src/barretenberg/bbapi/bbapi_execute.hpp

@@ -23,6 +23,7 @@ using Command = NamedUnion<CircuitProve,
                            ChonkAccumulate,
                            ChonkProve,
                            ChonkVerify,
+                           ChonkBatchVerify,
                            VkAsFields,
                            MegaVkAsFields,
                            CircuitWriteSolidityVerifier,
@@ -79,6 +80,7 @@ using CommandResponse = NamedUnion<ErrorResponse,
                                    ChonkAccumulate::Response,
                                    ChonkProve::Response,
                                    ChonkVerify::Response,
+                                   ChonkBatchVerify::Response,
                                    VkAsFields::Response,
                                    MegaVkAsFields::Response,
                                    CircuitWriteSolidityVerifier::Response,

barretenberg/cpp/src/barretenberg/bbapi/bbapi_schnorr.cpp

@@ -18,6 +18,7 @@ SchnorrConstructSignature::Response SchnorrConstructSignature::execute(BB_UNUSED
 
     std::string message_str(reinterpret_cast<const char*>(message.data()), message.size());
     auto sig = crypto::schnorr_construct_signature<crypto::Blake2sHasher, grumpkin::fq>(message_str, key_pair);
+    crypto::secure_erase_bytes(&key_pair.private_key, sizeof(key_pair.private_key));
 
     return { sig.s, sig.e };
 }