fix: handle missing nullifiers in nonce discovery#21328
fix: handle missing nullifiers in nonce discovery#21328nchamo wants to merge 8 commits intomerge-train/fairiesfrom
Conversation
…nstead of panicking
noir-projects/aztec-nr/aztec/src/messages/discovery/nonce_discovery.nr
Outdated
Show resolved
Hide resolved
noir-projects/aztec-nr/aztec/src/messages/discovery/nonce_discovery.nr
Outdated
Show resolved
Hide resolved
noir-projects/aztec-nr/aztec/src/messages/discovery/nonce_discovery.nr
Outdated
Show resolved
Hide resolved
noir-projects/aztec-nr/aztec/src/messages/discovery/nonce_discovery.nr
Outdated
Show resolved
Hide resolved
Co-authored-by: Jan Beneš <janbenes1234@gmail.com>
| // matches the note hash at the array index we're currently processing. This computation may fail, in which | ||
| // case we skip the candidate. | ||
| let maybe_hashes = compute_note_hash_and_nullifier( |
There was a problem hiding this comment.
It's not the computation that fails, it's that the contract may not know what to do. Examples include it not recognizing the note_type_id, or the packed_note not having the correct length.
We should log a warning mentioning that we attempted to process note data during discovery but failed to compute its hash.
| // and calls to the application could result in invalid transactions (with duplicate nullifiers). | ||
| // This is not a concern because an application already has more direct means of making a call to | ||
| // it fail the transaction. | ||
| // TODO(F-265): consider the case for external notes even when nullifier is not computable |
There was a problem hiding this comment.
This TODO should go on the else
|
Nico's comments are not addressed yet and there are conflicts so not reviewing again for now. |
…nce-discovery-optional-nullifier
…nce-discovery-optional-nullifier
| if discovered_notes.len() == 0 { | ||
| if had_hash_failure { | ||
| aztecnr_warn_log_format!( | ||
| "Could not compute note hash for note type {0} on contract {1}, discarding note", | ||
| )( | ||
| [note_type_id, contract_address.to_field()], | ||
| ); | ||
| } | ||
| if had_nullifier_failure { | ||
| aztecnr_warn_log_format!( | ||
| "Could not compute nullifier for note type {0} on contract {1}, discarding note", | ||
| )( | ||
| [note_type_id, contract_address.to_field()], | ||
| ); |
There was a problem hiding this comment.
Like @benesjan mentioned before, we were emitting warnings inside the loop. The problem is that Option::none could be returned for reasons unrelated to the nonce, so we would end up logging the warning for every nonce. So I moved this here
| if discovered_notes.len() == 0 { | ||
| if had_hash_failure { | ||
| aztecnr_warn_log_format!( | ||
| "Could not compute note hash for note type {0} on contract {1}, discarding note", | ||
| )( | ||
| [note_type_id, contract_address.to_field()], | ||
| ); | ||
| } | ||
| if had_nullifier_failure { | ||
| aztecnr_warn_log_format!( | ||
| "Could not compute nullifier for note type {0} on contract {1}, discarding note", | ||
| )( | ||
| [note_type_id, contract_address.to_field()], |
There was a problem hiding this comment.
Hm, not sure. This is the second time we run into this - might as well do it properly if we're going to be doing so much error handling.
We could have a local implementation of Result (Noir doesn't have it yet), which is the same as Option except the none case has a type:
struct Result<T, E> {
value: T;
error: E;
is_ok: bool;
}
impl<T, E> Result<T, E> {
fn ok(value: T) -> Self {
Self { value, error: std::mem::zeroed(), is_ok: true }
}
fn err(error: E) -> Self {
Self { value: std::mem::zeroed(), error, is_ok: false }
}
fn is_ok(self) -> bool {
..
}
fn is_err(self) -> bool {
..
}
fn and_then(self) -> bool {
..
}
}See https://doc.rust-lang.org/std/result/ and https://doc.rust-lang.org/std/result/enum.Result.html.
wdyt?
There was a problem hiding this comment.
I like it but seems like something that should be in noir::std. Shall we ping Noir people if they are willing to add it?
@nchamo once this discussion gets resolved feel free to re-request review from me (just trying to keep my review work clean by un-requesting when it doesn't make sense for me to imminently review). Thanks
|
#21639 now accidentally also overlaps with this. |
4 participants
Summary
compute_note_hash_and_nullifiernow returnsOptioninstead of panicking when note hash computation fails (e.g. unknown note type)Closes #11157
Closes F-344