feat(aztec-nr): wire handshake secret discovery into contract sync#23938
Conversation
…elivery-tagged-log-retrieval-in-default-2
nchamo
added
the
ci-no-fail-fast
…elivery-tagged-log-retrieval-in-default-2
| 10: generate_contract_library_method_compute_note_hash | ||
| 11: generate_contract_library_method_compute_note_hash | ||
| at <repo>/noir-projects/aztec-nr/aztec/src/macros/aztec/compute_note_hash_and_nullifier.nr:<line>:<col> | ||
| 11: generate_note_type_impl |
There was a problem hiding this comment.
not for this PR, but looks like this is extra noise that can be removed with <line>
There was a problem hiding this comment.
oh oops I cut it off. With <line>.
EDIT: TIL turns out if you don't put <word here> in a code snippet (e.g., ``) it won't display in the comment.
| } | ||
| const protocolContractsProvider = new BundledProtocolContractsProvider(); | ||
| const preloadedContractsProvider = options.preloadedContractsProvider ?? { | ||
| getPreloadedContracts: async () => [await getStandardMultiCallEntrypoint()], |
There was a problem hiding this comment.
For mutli call entry point I think this was fine but for the handshake registry which is called on every contract we would override the previous preloadedContractsProvider right? Do we allow custom preloaded contracts in PXE? Should we add a unit test for custom preloaded contract with the handshake discovery?
There was a problem hiding this comment.
Talked with Grego, decided to do this: c1c5040
There was a problem hiding this comment.
Ok, just discussed it again. Will change it up a bit and request your re-review when finished
There was a problem hiding this comment.
Ok, the idea will be:
- If the user specifies a provider, then we will honor it. We won't force-add any contracts, because they might not need it and we want to keep the loading to be as quick as possible
- If the user doesn't specify a provider, our entry points will add all 3 standard contracts (multicall, auth registry, handshake registry)
- On PXE, if no provider is set, we will add the ones that aztec-nr needs: auth registry + handshake registry
I'll mark you as reviewer when the CI passes, since I'm fighting against limits
…elivery-tagged-log-retrieval-in-default-2
|
|
||
| export async function getAuthRegistryArtifact(): Promise<ContractArtifact> { | ||
| if (!standardContractArtifact) { | ||
| // Cannot assert this import as it's incompatible with bundlers like vite |
There was a problem hiding this comment.
This was the case when this was introduced (2025). Not anymore
nchamo
deleted the
nchamo/f-588-constrained-delivery-tagged-log-retrieval-in-default-2
branch
| ); | ||
| // The HandshakeRegistry is called during every contract's sync to discover handshake secrets. | ||
| // It is a standard contract that only reads its own state, so it is always authorized. | ||
| const isHandshakeRegistryRead = |
There was a problem hiding this comment.
On second thought, do we think this bypass is too broad? The state is owned by the registry but it is scoped to the recipient. Thus a malicious utility can read registry state for the scoped user. Any regular utility call can call HandshakeRegistry.get_handshakes and learn handshake metadata. Do we want to try and add some info as to whether we are executing a contract sync here? Only then bypass the wallet hook.
Otherwise, I think this escapes where we intend for handshake info to live. Handshakes are supposed to be used as discovery input for the contract/PXE and to help find logs for that contract. With this bypass, a contract can call get_handshakes and return the info to the dapp without the wallet explicitly authorizing it.
There was a problem hiding this comment.
Discussed offline, we are ok with this being exposed to apps. Just added some extra documentation here #24018
The registry source changes from #23938 shift the standard registry's artifact hash, class id, and address. Regenerates the standard-contract data and address pins and repacks the registry entry in pinned-standard-contracts.tar.gz from the merged build.
2 participants
Summary
DiscoveredHandshake,HandshakePage, andMAX_HANDSHAKES_PER_PAGEfrom the HandshakeRegistry contract intoaztec::messages::delivery::handshakeso aztec-nr owns the shared types and the contract imports them.get_handshake_secretswhich paginates through the HandshakeRegistry'sget_handshakesutility function, derives app-siloed tagging secrets viaget_shared_secrets, and returns them asProvidedSecretentries for log discovery duringdo_sync_state.get_handshakescall in PXE (gated on both target address and function selector) and preloads its artifact in all PXE entrypoints.get_shared_secretsto accept and returnEphemeralArraydirectly, removing theBoundedVecconversion layer.Fixes F-588