fix: claim contract & improve nullif docs#21234
Merged
nventuro merged 8 commits intomerge-train/fairiesfrom Mar 12, 2026
Merged
fix: claim contract & improve nullif docs#21234nventuro merged 8 commits intomerge-train/fairiesfrom
nventuro merged 8 commits intomerge-train/fairiesfrom
Conversation
nchamo
approved these changes
Mar 10, 2026
| //! [`crate::history::nullifier::assert_nullifier_existed_by`], but the only general mechanism to privately prove that | ||
| //! a nullifier _does not_ exist is to create it - which can only be done once. | ||
| //! | ||
| //! Public function on the other hand can prove both nullifier existence and non-existence via |
Contributor
There was a problem hiding this comment.
Suggested change
| //! Public function on the other hand can prove both nullifier existence and non-existence via | |
| //! Public functions on the other hand can prove both nullifier existence and non-existence via |
| // TODO(#7775): manually computing the hash and passing it to compute_nullifier func is not great as note could | ||
| // handle it on its own or we could make assert_note_existed_by return note_hash_for_nullification. | ||
| // 4) Consume the claim of this note, ensuring the reward can be claimed only once with the given note. Each | ||
| // claim being tied to their owner results in unlinkability of the claim's nullifier and the underlying note |
Contributor
There was a problem hiding this comment.
Super nit
Suggested change
| // claim being tied to their owner results in unlinkability of the claim's nullifier and the underlying note | |
| // claim being tied to its owner results in unlinkability of the claim's nullifier and the underlying note |
mverzilli
reviewed
Mar 11, 2026
Comment on lines
+3
to
+4
| //! Nullifiers are one of the key primitives of private state. A nullifier is a `Field` value that is stored in one of | ||
| //! Aztec state trees: the nullifier tree. Only unique values can be inserted into this tree: attempting to create an |
Contributor
There was a problem hiding this comment.
nit:
Suggested change
| //! Nullifiers are one of the key primitives of private state. A nullifier is a `Field` value that is stored in one of | |
| //! Aztec state trees: the nullifier tree. Only unique values can be inserted into this tree: attempting to create an | |
| //! Nullifiers are one of the key primitives of private state. A nullifier is a `Field` value that is stored in one of the | |
| //! Aztec state trees: the nullifier tree. Only unique values can be inserted into this tree: attempting to create an |
mverzilli
reviewed
Mar 11, 2026
Comment on lines
+14
to
+18
| //! One of the key properties of nullifiers is that they can be created by private functions, resulting in transactions | ||
| //! that do not reveal which actions they've performed. Their computation often involves a **secret parameter**, often | ||
| //! derived from a nullifier hiding key (`nhk`) which prevents linking of the resource that was consumed from the | ||
| //! nullifier. For example, it is not possible to determine which nullifier corresponds to a given note hash without | ||
| //! knowledge of the `nhk`, and so the transactions that created the note and nullifier remain unlinked. |
mverzilli
reviewed
Mar 11, 2026
| #[storage] | ||
| struct Storage<Context> { | ||
| config: PublicImmutable<ClaimConfig, Context>, | ||
| note_hash_claims: Map<Field, Owned<SingleUseClaim<Context>, Context>, Context>, |
Contributor
There was a problem hiding this comment.
A comment describing what the Map's key Field represents would be nice here
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
github-merge-queue bot
pushed a commit
that referenced
this pull request
Mar 13, 2026
BEGIN_COMMIT_OVERRIDE fix: skip oracle version check for pinned protocol contracts (#21349) fix: not reusing tags of partially reverted txs (#20817) feat: move storage_slot from partial commitment to completion hash (#21351) feat: offchain reception (#20893) fix: handle workspace members in needsRecompile crate collection (#21284) fix(aztec-nr): return Option from decode functions and fix event commitment capacity (#21264) fix: handle bad note lengths on compute_note_hash_and_nullifier (#21271) fix: address review feedback from PRs #21284 and #21237 (#21369) fix: claim contract & improve nullif docs (#21234) feat!: auto-enqueue public init nullifier for contracts with public functions (#20775) fix: search for all note nonces instead of just the one for the note index (#21438) fix: set anvilSlotsInAnEpoch in e2e_offchain_payment to prevent finalization race (#21452) fix: complete legacy oracle mappings for all pinned contracts (#21404) fix: correct inverted constrained encryption check in message delivery (#21399) feat!: improve L2ToL1MessageWitness API (#21231) END_COMMIT_OVERRIDE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This fixes the
Claimscontract (which is a bit odd anyway) by usingSingleUseClaiminstead of dangerously pushing a raw nullifier into state. It's another example ofSingleUseClaimbeing a bit awkward to use - we may want to revisit that a bit.I took the opportunity to review and improve the docs sorrounding nullifiers, mostly noting how dangerous it is to use these functions directly. I moved the docs on what a nullifier even is to the
nullifiermod, which seems like a better home for an explanation of the concept.