fix: handle bad note lengths on compute_note_hash_and_nullifier#21271
Merged
nchamo merged 10 commits intomerge-train/fairiesfrom Mar 11, 2026
Merged
Conversation
nchamo
commented
Mar 9, 2026
| /// let note = MyNoteType::unpack(aztec::utils::array::subarray(packed_note.storage(), 0)); | ||
| /// let note_hash = note.compute_note_hash(owner, storage_slot, randomness); | ||
| /// let note_hash_for_nullification = aztec::note::utils::compute_note_hash_for_nullification( | ||
| /// HintedNote { |
Contributor
Author
There was a problem hiding this comment.
Updated the comment since now storage_slot goes inside HintedNote
nchamo
commented
Mar 9, 2026
| @@ -298,7 +314,7 @@ comptime fn generate_contract_library_method_compute_note_hash_and_nullifier() - | |||
| /// | |||
| /// This function is automatically injected by the `#[aztec]` macro. | |||
| #[contract_library_method] | |||
| unconstrained fn _compute_note_hash_and_nullifier( | |||
| pub(crate) unconstrained fn _compute_note_hash_and_nullifier( | |||
Contributor
Author
There was a problem hiding this comment.
Made pub(crate) so we could test it
Contributor
There was a problem hiding this comment.
Given that the tests are already in a contract crate this can be avoided by just having a simple wrapper function in the test contract that is exposed and just calls this.
Would say that is preferrable.
Contributor
Author
There was a problem hiding this comment.
Agree, that would be much better 🫡
benesjan
reviewed
Mar 10, 2026
| @@ -298,7 +314,7 @@ comptime fn generate_contract_library_method_compute_note_hash_and_nullifier() - | |||
| /// | |||
| /// This function is automatically injected by the `#[aztec]` macro. | |||
| #[contract_library_method] | |||
| unconstrained fn _compute_note_hash_and_nullifier( | |||
| pub(crate) unconstrained fn _compute_note_hash_and_nullifier( | |||
Contributor
There was a problem hiding this comment.
Given that the tests are already in a contract crate this can be avoided by just having a simple wrapper function in the test contract that is exposed and just calls this.
Would say that is preferrable.
| @@ -0,0 +1,48 @@ | |||
| use crate::{Test, test_note::TestNote}; | |||
Contributor
There was a problem hiding this comment.
Test contract is an old pile of mess so ideally would not add to that and just create a new test contract for this.
Contributor
Author
|
@benesjan , I'm aware we still need to handle that scenario, but we already have F-344 for that. I just wanted to make each PR as small as possible, specially if we already had another task for it |
…test packages to workspace
benesjan
approved these changes
Mar 11, 2026
|
|
||
| // TestNote::compute_nullifier_unconstrained returns a hardcoded Some(2) so we can verify the | ||
| // macro-generated function propagates the inner nullifier correctly. | ||
| assert_eq(note_hash_and_nullifier.inner_nullifier.unwrap(), 2); |
Contributor
There was a problem hiding this comment.
Even though you have it explained here anyway think it would be better to define a TEST_NOTE_NULLIFIER in test_note.nr and use it here. Then you can easily navigate with LSP to where the value originates.
| #[test] | ||
| unconstrained fn returns_none_for_bad_note_length() { | ||
| // TestNote has Packable N=1, but we provide 2 fields | ||
| let packed_note = BoundedVec::from_array([42, 99]); |
Contributor
There was a problem hiding this comment.
Would also add a test case for empty BVec.
nchamo
deleted the
fix/handle-bad-note-lengths-compute-note-hash-and-nullifier
branch
Collaborator
|
❌ Failed to cherry-pick to |
1 task
1 task
AztecBot
pushed a commit
that referenced
this pull request
Mar 11, 2026
…llifier (#21271) (with conflicts)
AztecBot
pushed a commit
that referenced
this pull request
Mar 11, 2026
…llifier (#21271) (with conflicts)
github-merge-queue bot
pushed a commit
that referenced
this pull request
Mar 13, 2026
BEGIN_COMMIT_OVERRIDE fix: skip oracle version check for pinned protocol contracts (#21349) fix: not reusing tags of partially reverted txs (#20817) feat: move storage_slot from partial commitment to completion hash (#21351) feat: offchain reception (#20893) fix: handle workspace members in needsRecompile crate collection (#21284) fix(aztec-nr): return Option from decode functions and fix event commitment capacity (#21264) fix: handle bad note lengths on compute_note_hash_and_nullifier (#21271) fix: address review feedback from PRs #21284 and #21237 (#21369) fix: claim contract & improve nullif docs (#21234) feat!: auto-enqueue public init nullifier for contracts with public functions (#20775) fix: search for all note nonces instead of just the one for the note index (#21438) fix: set anvilSlotsInAnEpoch in e2e_offchain_payment to prevent finalization race (#21452) fix: complete legacy oracle mappings for all pinned contracts (#21404) fix: correct inverted constrained encryption check in message delivery (#21399) feat!: improve L2ToL1MessageWitness API (#21231) END_COMMIT_OVERRIDE
AztecBot
pushed a commit
that referenced
this pull request
Mar 14, 2026
…llifier (#21271) (with conflicts)
nchamo
pushed a commit
that referenced
this pull request
Mar 14, 2026
alexghr
pushed a commit
that referenced
this pull request
Mar 17, 2026
BEGIN_COMMIT_OVERRIDE fix(aztec-nr): return Option from decode functions and fix event commitment capacity (backport #21264) (#21360) fix: backport #21271 — handle bad note lengths on compute_note_hash_and_nullifier (#21364) fix: not reusing tags of partially reverted txs (#20817) chore: revert accidental backport of #20817 (#21583) feat: Implement commit all and revert all for world state checkpoints (#21532) cherry-pick: fix: dependabot alerts (#21531) fix: dependabot alerts (backport #21531 to v4) (#21592) fix: backport #21443 — Don't update state if we failed to execute sufficient transactions (v4) (#21610) chore: Fix msgpack serialisation (#21612) END_COMMIT_OVERRIDE --------- Co-authored-by: Jan Beneš <janbenes1234@gmail.com> Co-authored-by: PhilWindle <60546371+PhilWindle@users.noreply.github.com> Co-authored-by: Phil Windle <philip.windle@gmail.com> Co-authored-by: Santiago Palladino <santiago@aztecprotocol.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: ludamad <adam.domurad@gmail.com>
This was referenced Mar 14, 2026
alexghr
added a commit
that referenced
this pull request
Mar 17, 2026
BEGIN_COMMIT_OVERRIDE fix(aztec-nr): return Option from decode functions and fix event commitment capacity (backport #21264) (#21360) fix: backport #21271 — handle bad note lengths on compute_note_hash_and_nullifier (#21364) fix: not reusing tags of partially reverted txs (#20817) chore: revert accidental backport of #20817 (#21583) feat: Implement commit all and revert all for world state checkpoints (#21532) cherry-pick: fix: dependabot alerts (#21531) fix: dependabot alerts (backport #21531 to v4) (#21592) fix: backport #21443 — Don't update state if we failed to execute sufficient transactions (v4) (#21610) chore: Fix msgpack serialisation (#21612) fix(p2p): fall back to maxTxsPerCheckpoint for per-block tx validation (#21605) chore: merge v4 into backport-to-v4-staging (#21618) fix(revert): avm sim uses event loop again (#21138) (#21630) fix(e2e): remove historic/finalized block checks from epochs_multiple test (#21642) fix: clamp finalized block to oldest available in world-state (#21643) fix: skip handleChainFinalized when block is behind oldest available (#21656) chore: demote finalized block skip log to trace (#21661) fix: off-by-1 in getBlockHashMembershipWitness archive snapshot (backport #21648) (#21663) fix: capture txs not available error reason in proposal handler (#21670) chore: add L1 inclusion time to stg public (#21665) END_COMMIT_OVERRIDE --------- Co-authored-by: Jan Beneš <janbenes1234@gmail.com> Co-authored-by: PhilWindle <60546371+PhilWindle@users.noreply.github.com> Co-authored-by: Phil Windle <philip.windle@gmail.com> Co-authored-by: Santiago Palladino <santiago@aztecprotocol.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: ludamad <adam.domurad@gmail.com> Co-authored-by: Alex Gherghisan <alexghr@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
We are now being safe on
_compute_note_hash_and_nullifierby returningOption::none()instead of panicking when the length doesn't match the expected valueFixes F-362