fix: fix assert_split_transformed_value_arrays conditional access index underflow#12540
Merged
Conversation
LeilaWang
approved these changes
Mar 6, 2025
LeilaWang
left a comment
LeilaWang
left a comment
Contributor
There was a problem hiding this comment.
Thanks for tracking this down!
Contributor
|
@MirandaWood Do you know if the bug still exists? When I follow the "Repro" steps, running |
Contributor
Author
Hi, I believe it does since we saw it today in another if statement (#12711). Which prover.toml did you use? It may have been updated since this PR to one that doesn't reach this code, or one that does not lead to edit: using the prover.toml on this PR fails on my side when removing the fix |
Contributor
|
@MirandaWood Thank you, that was it! I didn't realize |
Maddiaa0
pushed a commit
that referenced
this pull request
Mar 14, 2025
…ex overflow (#12711) Fixes exactly the same problem as #12540, but on the following if statement as an index overflow. See that description for more details! This is being looked into in noir: noir-lang/noir#7612
5 tasks
MirandaWood
added a commit
that referenced
this pull request
Jun 4, 2025
## Finalises integration of batched blobs `mw/blob-batching-integration` adds batching to the rollup .nr circuits only (=> will not run in the repo). This PR brings those changes downstream to the typescript and L1 contracts. Main changes: - L1 Contracts: - No longer calls the point evaluation precompile on `propose`, instead injects the blob commitments, check they correspond to the broadcast blobs, and stores them in the `blobCommitmentsHash` - Does not store any blob public inputs apart from the `blobCommitmentsHash` (no longer required) - Calls the point evaluation precompile once on `submitEpochRootProof` for ALL blobs in the epoch - Uses the same precompile inputs as pubic inputs to the root proof verification alonge with the `blobCommitmentsHash` to link the circuit batched blob, real L1 blobs, and the batched blob verified on L1 - Refactors mock blob oracle - Injects the final blob challenges used on each blob into all block building methods in `orchestrator` - Accumulates blobs in ts when building blocks and uses as inputs to each rollup circuit - Returns the blob inputs required for `submitEpochRootProof` on `finaliseEpoch()` - Updates nr structs in ts plus fixtures and tests ## TODOs/Current issues - ~When using real proofs (e.g. `yarn-project/prover-client/src/test/bb_prover_full_rollup.test.ts`), the root rollup proof is generated correctly but fails verification checks in `bb` due to incorrect number of public inputs. Changing the number correctly updates vks and all constants elsewhere, but `bb` does not change.~ EDIT: solved - must include the `is_inf` point member for now (see below TODO) - ~The `Prover.toml` for block-root is not executing. The error manifests in the same way as that in #12540 (but may be different).~ EDIT: temporarily fixed - details in this repro (#14381) and noir issue (noir-lang/noir#8563). - BLS points in noir take up 9 fields (4 for each coordinate as a limbed bignum, 1 for the `is_inf` flag) but can be compressed to only 2. For recursive verification in block root and above, would it be worth the gates to compress these? It depends whether the gate cost of compression is more/less than gate cost of recursively verifying 7 more public inputs. ## PR Stack - [ ] `mw/blob-batching` <- main feature - [ ] ^ `mw/blob-batching-bls-utils` <- BLS12-381 bigcurve and bignum utils (noir) (#13583) - [ ] ^ `mw/blob-batching-bls-utils-ts` <- BLS12-381 bigcurve and bignum utils (ts) (#13606) - [ ] ^ `mw/blob-batching-integration` <- Integrate batching into noir protocol circuits (#13817) - [x] ^ `mw/blob-batching-integration-ts-sol` <- Integrate batching into ts and solidity (#14329) --------- Co-authored-by: Tom French <15848336+TomAFrench@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #10592
Bug
We previously commented out the array checks for private logs in tail to public (#10593) because a constraint was mysteriously failing (#10530).
It failed because of an attempted underflow array access e.g.
array[i - 1]wherei = 0. The thing is that the array access shouldn't have been called because it was wrapped in an if statement.I don't think this has anything to do with logs, it just so happened that logs were the first tx effect array to have
num_non_revertibles = 0in the above bot run.Fix
In this case we had a private log with
.counter() = 8,split_counter = 3, andnum_non_revertibles = 0. However the constraint failure* was coming fromsorted_array[num_non_revertibles - 1]below:I added a hacky fix which prevents the constraint failure by simply multiplying the LHS by zero if the array access will fail:
*(If we had incorrectly entered the if statement and the assertion failed, the error would be
Assertion failed, but the error wasConstraint failure).Repro
I included the
Prover.tomlwhich came from the above failure - it's valid and should pass. To see the failure removeis_non_zerofrom the above code (inassert_split_transformed_value_arrays.nr), then run:nargo execute --package private_kernel_tail_to_publicAdd back the fix and run the same to see it passing.