feat!: include init_hash in private initialization nullifier (backport #21427)#21736
Merged
nchamo merged 4 commits intobackport-to-v4-next-stagingfrom Mar 18, 2026
Merged
Conversation
AztecBot
added
ci-draft
AztecBot
force-pushed
the
claudebox/da2e780cdbdce797-2
branch
from
b854e84 to
f55ecc8
Compare
Resolved conflicts in: - migration_notes.md: kept only init_hash migration note - constants_tests.nr: added DOM_SEP__PRIVATE_INITIALIZATION_NULLIFIER import, tester size <51, 45> - private_execution.test.ts: merged imports from both sides
AztecBot
force-pushed
the
claudebox/da2e780cdbdce797-2
branch
from
f55ecc8 to
6c9db81
Compare
…om private_execution.test.ts
…ts both counters)
nchamo
approved these changes
Mar 18, 2026
Collaborator
Author
Flakey Tests🤖 says: This CI run detected 2 tests that failed, but were tolerated due to a .test_patterns.yml entry. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Backport of #21427 to v4-next.
The private initialization nullifier was computed as just
address.to_field(). Anyone who knows a contract's address can compute this nullifier and check for its existence in the nullifier tree, revealing whether the contract has been initialized. This is a privacy leak for fully private contracts.The private initialization nullifier is now computed as
poseidon2_hash(address, init_hash)with a dedicated domain separator (DOM_SEP__PRIVATE_INITIALIZATION_NULLIFIER). Sinceinit_hashis not publicly available for fully private contracts, address knowledge alone is no longer sufficient to determine initialization status.Cherry-pick conflicts resolved
assert_contract_was_initialized_by_with_wrong_init_hash_failstest, updated error message for non-inclusion testDOM_SEP__PRIVATE_INITIALIZATION_NULLIFIERimport, updated tester size from<51, 44>to<51, 45>(excludedDOM_SEP__SINGLE_USE_CLAIM_NULLIFIERwhich doesn't exist on v4-next)AppendOnlyTreeSnapshot,PartialStateReference,StateReference+ added PR'srandomContractInstanceWithAddress,MerkleTreeId,NativeWorldStateService)ClaudeBox log: https://claudebox.work/s/da2e780cdbdce797?run=2