chore: even more warnings removed

noir-projects/aztec-nr/authwit/src/entrypoint/app.nr

@@ -50,7 +50,7 @@ impl AppPayload {
         }
         bytes.extend_from_array(self.nonce.to_be_bytes::<32>());
 
-        bytes.storage
+        bytes.storage()
     }
 
     // Executes all private and public calls

noir-projects/aztec-nr/authwit/src/entrypoint/fee.nr

@@ -51,7 +51,7 @@ impl FeePayload {
         bytes.extend_from_array(self.nonce.to_be_bytes::<32>());
         bytes.push(self.is_fee_payer as u8);
 
-        bytes.storage
+        bytes.storage()
     }
 
     fn execute_calls(self, context: &mut PrivateContext) {

noir-projects/aztec-nr/authwit/src/entrypoint/function_call.nr

@@ -8,11 +8,11 @@ global FUNCTION_CALL_SIZE: u32 = 5;
 global FUNCTION_CALL_SIZE_IN_BYTES: u32 = 98;
 
 pub struct FunctionCall {
-    args_hash: Field,
-    function_selector: FunctionSelector,
-    target_address: AztecAddress,
-    is_public: bool,
-    is_static: bool,
+    pub args_hash: Field,
+    pub function_selector: FunctionSelector,
+    pub target_address: AztecAddress,
+    pub is_public: bool,
+    pub is_static: bool,
 }
 
 impl Serialize<FUNCTION_CALL_SIZE> for FunctionCall {

noir-projects/aztec-nr/authwit/src/lib.nr

@@ -1,5 +1,5 @@
-mod account;
-mod auth_witness;
-mod auth;
-mod entrypoint;
-mod cheatcodes;
+pub mod account;
+pub mod auth_witness;
+pub mod auth;
+pub mod entrypoint;
+pub mod cheatcodes;

noir-projects/aztec-nr/aztec/src/context/call_interfaces.nr

@@ -30,13 +30,13 @@ pub trait CallInterface<let N: u32> {
 }
 
 pub struct PrivateCallInterface<let N: u32, T> {
-    target_contract: AztecAddress,
-    selector: FunctionSelector,
-    name: str<N>,
-    args_hash: Field,
-    args: [Field],
-    return_type: T,
-    is_static: bool,
+    pub target_contract: AztecAddress,
+    pub selector: FunctionSelector,
+    pub name: str<N>,
+    pub args_hash: Field,
+    pub args: [Field],
+    pub return_type: T,
+    pub is_static: bool,
 }
 
 impl<let N: u32, T> PrivateCallInterface<N, T> {
@@ -73,13 +73,13 @@ impl<let N: u32, T> PrivateCallInterface<N, T> {
 impl<let N: u32> CallInterface<N> for PrivateVoidCallInterface<N> {}
 
 pub struct PrivateVoidCallInterface<let N: u32> {
-    target_contract: AztecAddress,
-    selector: FunctionSelector,
-    name: str<N>,
-    args_hash: Field,
-    args: [Field],
-    return_type: (),
-    is_static: bool,
+    pub target_contract: AztecAddress,
+    pub selector: FunctionSelector,
+    pub name: str<N>,
+    pub args_hash: Field,
+    pub args: [Field],
+    pub return_type: (),
+    pub is_static: bool,
 }
 
 impl<let N: u32> PrivateVoidCallInterface<N> {
@@ -111,13 +111,13 @@ impl<let N: u32> PrivateVoidCallInterface<N> {
 impl<let N: u32, T> CallInterface<N> for PrivateStaticCallInterface<N, T> {}
 
 pub struct PrivateStaticCallInterface<let N: u32, T> {
-    target_contract: AztecAddress,
-    selector: FunctionSelector,
-    name: str<N>,
-    args_hash: Field,
-    args: [Field],
-    return_type: T,
-    is_static: bool,
+    pub target_contract: AztecAddress,
+    pub selector: FunctionSelector,
+    pub name: str<N>,
+    pub args_hash: Field,
+    pub args: [Field],
+    pub return_type: T,
+    pub is_static: bool,
 }
 
 impl<let N: u32, T> PrivateStaticCallInterface<N, T> {
@@ -139,13 +139,13 @@ impl<let N: u32, T> PrivateStaticCallInterface<N, T> {
 impl<let N: u32> CallInterface<N> for PrivateStaticVoidCallInterface<N> {}
 
 pub struct PrivateStaticVoidCallInterface<let N: u32> {
-    target_contract: AztecAddress,
-    selector: FunctionSelector,
-    name: str<N>,
-    args_hash: Field,
-    args: [Field],
-    return_type: (),
-    is_static: bool,
+    pub target_contract: AztecAddress,
+    pub selector: FunctionSelector,
+    pub name: str<N>,
+    pub args_hash: Field,
+    pub args: [Field],
+    pub return_type: (),
+    pub is_static: bool,
 }
 
 impl<let N: u32> PrivateStaticVoidCallInterface<N> {
@@ -165,13 +165,13 @@ impl<let N: u32> PrivateStaticVoidCallInterface<N> {
 impl<let N: u32, T> CallInterface<N> for PublicCallInterface<N, T> {}
 
 pub struct PublicCallInterface<let N: u32, T> {
-    target_contract: AztecAddress,
-    selector: FunctionSelector,
-    name: str<N>,
-    args: [Field],
-    gas_opts: GasOpts,
-    return_type: T,
-    is_static: bool,
+    pub target_contract: AztecAddress,
+    pub selector: FunctionSelector,
+    pub name: str<N>,
+    pub args: [Field],
+    pub gas_opts: GasOpts,
+    pub return_type: T,
+    pub is_static: bool,
 }
 
 impl<let N: u32, T> PublicCallInterface<N, T> {
@@ -234,13 +234,13 @@ impl<let N: u32, T> PublicCallInterface<N, T> {
 impl<let N: u32> CallInterface<N> for PublicVoidCallInterface<N> {}
 
 pub struct PublicVoidCallInterface<let N: u32> {
-    target_contract: AztecAddress,
-    selector: FunctionSelector,
-    name: str<N>,
-    args: [Field],
-    return_type: (),
-    is_static: bool,
-    gas_opts: GasOpts,
+    pub target_contract: AztecAddress,
+    pub selector: FunctionSelector,
+    pub name: str<N>,
+    pub args: [Field],
+    pub return_type: (),
+    pub is_static: bool,
+    pub gas_opts: GasOpts,
 }
 
 impl<let N: u32> PublicVoidCallInterface<N> {
@@ -297,13 +297,13 @@ impl<let N: u32> PublicVoidCallInterface<N> {
 impl<let N: u32, T> CallInterface<N> for PublicStaticCallInterface<N, T> {}
 
 pub struct PublicStaticCallInterface<let N: u32, T> {
-    target_contract: AztecAddress,
-    selector: FunctionSelector,
-    name: str<N>,
-    args: [Field],
-    return_type: T,
-    is_static: bool,
-    gas_opts: GasOpts,
+    pub target_contract: AztecAddress,
+    pub selector: FunctionSelector,
+    pub name: str<N>,
+    pub args: [Field],
+    pub return_type: T,
+    pub is_static: bool,
+    pub gas_opts: GasOpts,
 }
 
 impl<let N: u32, T> PublicStaticCallInterface<N, T> {

noir-projects/aztec-nr/aztec/src/context/gas.nr

@@ -1,6 +1,6 @@
 pub struct GasOpts {
-    l2_gas: Option<Field>,
-    da_gas: Option<Field>,
+    pub l2_gas: Option<Field>,
+    pub da_gas: Option<Field>,
 }
 
 impl GasOpts {

noir-projects/aztec-nr/aztec/src/context/private_context.nr

@@ -48,41 +48,41 @@ use dep::protocol_types::{
 // When finished, one can call .finish() to convert back to the abi
 pub struct PrivateContext {
     // docs:start:private-context
-    inputs: PrivateContextInputs,
-    side_effect_counter: u32,
+    pub inputs: PrivateContextInputs,
+    pub side_effect_counter: u32,
 
-    min_revertible_side_effect_counter: u32,
-    is_fee_payer: bool,
+    pub min_revertible_side_effect_counter: u32,
+    pub is_fee_payer: bool,
 
-    args_hash: Field,
-    return_hash: Field,
+    pub args_hash: Field,
+    pub return_hash: Field,
 
-    max_block_number: MaxBlockNumber,
+    pub max_block_number: MaxBlockNumber,
 
-    note_hash_read_requests: BoundedVec<ReadRequest, MAX_NOTE_HASH_READ_REQUESTS_PER_CALL>,
-    nullifier_read_requests: BoundedVec<ReadRequest, MAX_NULLIFIER_READ_REQUESTS_PER_CALL>,
+    pub note_hash_read_requests: BoundedVec<ReadRequest, MAX_NOTE_HASH_READ_REQUESTS_PER_CALL>,
+    pub nullifier_read_requests: BoundedVec<ReadRequest, MAX_NULLIFIER_READ_REQUESTS_PER_CALL>,
     key_validation_requests_and_generators: BoundedVec<KeyValidationRequestAndGenerator, MAX_KEY_VALIDATION_REQUESTS_PER_CALL>,
 
-    note_hashes: BoundedVec<NoteHash, MAX_NOTE_HASHES_PER_CALL>,
-    nullifiers: BoundedVec<Nullifier, MAX_NULLIFIERS_PER_CALL>,
+    pub note_hashes: BoundedVec<NoteHash, MAX_NOTE_HASHES_PER_CALL>,
+    pub nullifiers: BoundedVec<Nullifier, MAX_NULLIFIERS_PER_CALL>,
 
-    private_call_requests: BoundedVec<PrivateCallRequest, MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL>,
-    public_call_requests: BoundedVec<Counted<PublicCallRequest>, MAX_ENQUEUED_CALLS_PER_CALL>,
-    public_teardown_call_request: PublicCallRequest,
-    l2_to_l1_msgs: BoundedVec<L2ToL1Message, MAX_L2_TO_L1_MSGS_PER_CALL>,
+    pub private_call_requests: BoundedVec<PrivateCallRequest, MAX_PRIVATE_CALL_STACK_LENGTH_PER_CALL>,
+    pub public_call_requests: BoundedVec<Counted<PublicCallRequest>, MAX_ENQUEUED_CALLS_PER_CALL>,
+    pub public_teardown_call_request: PublicCallRequest,
+    pub l2_to_l1_msgs: BoundedVec<L2ToL1Message, MAX_L2_TO_L1_MSGS_PER_CALL>,
     // docs:end:private-context
 
     // Header of a block whose state is used during private execution (not the block the transaction is included in).
-    historical_header: Header,
+    pub historical_header: Header,
 
-    note_encrypted_logs_hashes: BoundedVec<NoteLogHash, MAX_NOTE_ENCRYPTED_LOGS_PER_CALL>,
-    encrypted_logs_hashes: BoundedVec<EncryptedLogHash, MAX_ENCRYPTED_LOGS_PER_CALL>,
-    unencrypted_logs_hashes: BoundedVec<LogHash, MAX_UNENCRYPTED_LOGS_PER_CALL>,
+    pub note_encrypted_logs_hashes: BoundedVec<NoteLogHash, MAX_NOTE_ENCRYPTED_LOGS_PER_CALL>,
+    pub encrypted_logs_hashes: BoundedVec<EncryptedLogHash, MAX_ENCRYPTED_LOGS_PER_CALL>,
+    pub unencrypted_logs_hashes: BoundedVec<LogHash, MAX_UNENCRYPTED_LOGS_PER_CALL>,
 
     // Contains the last key validation request for each key type. This is used to cache the last request and avoid
     // fetching the same request multiple times.
     // The index of the array corresponds to the key type (0 nullifier, 1 incoming, 2 outgoing, 3 tagging).
-    last_key_validation_requests: [Option<KeyValidationRequest>; NUM_KEY_TYPES],
+    pub last_key_validation_requests: [Option<KeyValidationRequest>; NUM_KEY_TYPES],
 }
 
 impl PrivateContext {
@@ -181,22 +181,22 @@ impl PrivateContext {
             min_revertible_side_effect_counter: self.min_revertible_side_effect_counter,
             is_fee_payer: self.is_fee_payer,
             max_block_number: self.max_block_number,
-            note_hash_read_requests: self.note_hash_read_requests.storage,
-            nullifier_read_requests: self.nullifier_read_requests.storage,
+            note_hash_read_requests: self.note_hash_read_requests.storage(),
+            nullifier_read_requests: self.nullifier_read_requests.storage(),
             key_validation_requests_and_generators: self
                 .key_validation_requests_and_generators
-                .storage,
-            note_hashes: self.note_hashes.storage,
-            nullifiers: self.nullifiers.storage,
-            private_call_requests: self.private_call_requests.storage,
-            public_call_requests: self.public_call_requests.storage,
+                .storage(),
+            note_hashes: self.note_hashes.storage(),
+            nullifiers: self.nullifiers.storage(),
+            private_call_requests: self.private_call_requests.storage(),
+            public_call_requests: self.public_call_requests.storage(),
             public_teardown_call_request: self.public_teardown_call_request,
-            l2_to_l1_msgs: self.l2_to_l1_msgs.storage,
+            l2_to_l1_msgs: self.l2_to_l1_msgs.storage(),
             start_side_effect_counter: self.inputs.start_side_effect_counter,
             end_side_effect_counter: self.side_effect_counter,
-            note_encrypted_logs_hashes: self.note_encrypted_logs_hashes.storage,
-            encrypted_logs_hashes: self.encrypted_logs_hashes.storage,
-            unencrypted_logs_hashes: self.unencrypted_logs_hashes.storage,
+            note_encrypted_logs_hashes: self.note_encrypted_logs_hashes.storage(),
+            encrypted_logs_hashes: self.encrypted_logs_hashes.storage(),
+            unencrypted_logs_hashes: self.unencrypted_logs_hashes.storage(),
             historical_header: self.historical_header,
             tx_context: self.inputs.tx_context,
         }
@@ -252,17 +252,21 @@ impl PrivateContext {
             // We get a match so the cached request is the latest one
             cached_request.sk_app
         } else {
-            // We didn't get a match meaning the cached result is stale. We fetch new values from oracle and instruct
-            // protocol circuits to validate them by storing the validation request in context.
-            let request = get_key_validation_request(pk_m_hash, key_index);
-            let request_and_generator = KeyValidationRequestAndGenerator {
-                request,
-                sk_app_generator: sk_generators[key_index],
-            };
-            // We constrain that the pk_m_hash matches the one in the request (otherwise we could get an arbitrary
-            // valid key request and not the one corresponding to pk_m_hash).
+            // We didn't get a match meaning the cached result is stale
+            // Typically we'd validate keys by showing that they are the preimage of `pk_m_hash`, but that'd require
+            // the oracle returning the master secret keys, which could cause malicious contracts to leak it or learn
+            // about secrets from other contracts. We therefore silo secret keys, and rely on the private kernel to
+            // validate that we siloed secret key corresponds to correct siloing of the master secret key that hashes
+            // to `pk_m_hash`.
+            let request = unsafe { get_key_validation_request(pk_m_hash, key_index) };
             assert(request.pk_m.hash() == pk_m_hash);
-            self.key_validation_requests_and_generators.push(request_and_generator);
+
+            self.key_validation_requests_and_generators.push(
+                KeyValidationRequestAndGenerator {
+                    request,
+                    sk_app_generator: sk_generators[key_index],
+                },
+            );
             self.last_key_validation_requests[key_index] = Option::some(request);
             request.sk_app
         }
@@ -389,15 +393,36 @@ impl PrivateContext {
     ) -> PackedReturns {
         let mut is_static_call = is_static_call | self.inputs.call_context.is_static_call;
         let start_side_effect_counter = self.side_effect_counter;
-        let (end_side_effect_counter, returns_hash) = call_private_function_internal(
-            contract_address,
-            function_selector,
-            args_hash,
-            start_side_effect_counter,
-            is_static_call,
-        );
 
-        self.side_effect_counter = end_side_effect_counter + 1;
+        // The oracle simulates the private call and returns the value of the side effects counter after execution of
+        // the call (which means that end_side_effect_counter - start_side_effect_counter is the number of side effects
+        // that took place), along with the hash of the return values. We validate these by requesting a private kernel
+        // iteration in which the return values are constrained to hash to `returns_hash` and the side effects counter
+        // to increment from start to end.
+        let (end_side_effect_counter, returns_hash) = unsafe {
+            call_private_function_internal(
+                contract_address,
+                function_selector,
+                args_hash,
+                start_side_effect_counter,
+                is_static_call,
+            )
+        };
+
+        self.private_call_requests.push(
+            PrivateCallRequest {
+                call_context: CallContext {
+                    msg_sender: self.this_address(),
+                    contract_address,
+                    function_selector,
+                    is_static_call,
+                },
+                args_hash,
+                returns_hash,
+                start_side_effect_counter,
+                end_side_effect_counter,
+            },
+        );
 
         // TODO (fees) figure out why this crashes the prover and enable it
         // we need this in order to pay fees inside child call contexts
@@ -410,23 +435,7 @@ impl PrivateContext {
         //     > self.min_revertible_side_effect_counter {
         //     self.min_revertible_side_effect_counter = item.public_inputs.min_revertible_side_effect_counter;
         // }
-        let call_context = CallContext {
-            msg_sender: self.this_address(),
-            contract_address,
-            function_selector,
-            is_static_call,
-        };
-
-        self.private_call_requests.push(
-            PrivateCallRequest {
-                call_context,
-                args_hash,
-                returns_hash,
-                start_side_effect_counter,
-                end_side_effect_counter,
-            },
-        );
-
+        self.side_effect_counter = end_side_effect_counter + 1;
         PackedReturns::new(returns_hash)
     }