Skip to content

Commit

Permalink
feat: no unencrypted logs in private functions (#1780)
Browse files Browse the repository at this point in the history
Fixes #1689
  • Loading branch information
benesjan authored Aug 24, 2023
1 parent 2c5c10f commit 4d8002e
Show file tree
Hide file tree
Showing 18 changed files with 60 additions and 187 deletions.
18 changes: 9 additions & 9 deletions docs/docs/dev_docs/contracts/events.md
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,14 @@ Emitting unencrypted events from private function is a significant privacy leak

:::

To emit unencrypted logs first import the `emit_unencrypted_log` utility function inside your contract:

#include_code unencrypted_import /yarn-project/noir-contracts/src/contracts/public_token_contract/src/main.nr rust

Then you can call the function:

#include_code unencrypted_log /yarn-project/noir-contracts/src/contracts/public_token_contract/src/main.nr rust

Once emitted, unencrypted events are stored in AztecNode and can be queried by anyone:
<Tabs groupId="events">
<TabItem value="cli" label="Aztec CLI">
Expand All @@ -72,19 +80,11 @@ aztec-cli get-logs --from 5 --limit 1
</TabItem>
<TabItem value="js" label="Aztec.js">

#include_code logs /yarn-project/end-to-end/src/e2e_public_token_contract.test.ts typescript
#include_code get_logs /yarn-project/end-to-end/src/fixtures/utils.ts typescript

</TabItem>
</Tabs>

To emit unencrypted logs first import the `emit_unencrypted_log` utility function inside your contract:

#include_code unencrypted_import /yarn-project/noir-contracts/src/contracts/private_token_contract/src/main.nr rust

Then you can call the function:

#include_code unencrypted /yarn-project/noir-contracts/src/contracts/private_token_contract/src/main.nr rust

### Costs

All event data is pushed to Ethereum as calldata by the sequencer and for this reason the cost of emitting an event is non-trivial.
Expand Down
13 changes: 0 additions & 13 deletions docs/docs/dev_docs/getting_started/cli.md
Original file line number Diff line number Diff line change
Expand Up @@ -216,16 +216,3 @@ View result: [
"{\"type\":\"bigint\",\"data\":\"543\"}"
]
```

## Logs

Finally, we can use the CLI's `get-logs` command to retrieve unencrypted logs emitted by the contract:

```
% aztec-cli get-logs --from 5 --limit 1
Logs found:
Coins transferred
```

Here we asked for the logs from block 5 (the block in which our call to `transfer` was mined) and to include a total of 1 block's worth of logs. The text `Coins Transferred` is emitted during the execution of the `transfer` function on the contract.
36 changes: 3 additions & 33 deletions docs/docs/dev_docs/getting_started/sandbox.md
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,6 @@ With the help of Aztec.js you will be able to:
- Simulate the calling of contract functions
- Send transactions to the network
- Be notified when transactions settle
- Retrieve and view unencrypted logs emitted by contracts
- Query chain state such as chain id, block number etc.

## I have the Sandbox running, show me how to use it!
Expand Down Expand Up @@ -215,14 +214,14 @@ Running `yarn start` should now output:

That might seem like a lot to digest but it can be broken down into the following steps:

1. We create 2 `Account` objects in Typescript. This object heavily abstracts away the mechanics of configuring and deploying an account contract and setting up a 'wallet' for signing transactions. If you aren't interested in building new types of account contracts or wallets then you don't need to be too concerned with it. In this example we have constructed account contracts and corresposing wallets that sign/verify transactions using schnorr signatures.
1. We create 2 `Account` objects in Typescript. This object heavily abstracts away the mechanics of configuring and deploying an account contract and setting up a 'wallet' for signing transactions. If you aren't interested in building new types of account contracts or wallets then you don't need to be too concerned with it. In this example we have constructed account contracts and corresponding wallets that sign/verify transactions using schnorr signatures.
2. We wait for the deployment of the 2 account contracts to complete.
3. We retrieve the expected account addresses from the `Account` objects and ensure that they are present in the set of account addresses registered on the Sandbox.

Note, we use the `getAccounts` api to verify that the addresses computed as part of the
account contract deployment have been successfully added to the Sandbox.

If you were looking at your terminal that is running the Sandbox you should hopefully have seen a lot of activity. This is because the Sandbox will have simulated the deployment of both contracts, executed the private kernel circuit for each before submitted 2 transactions to the pool. The sequencer will have picked them up and inserted them into a rollup and executed the recursive rollup circuits before publising the rollup to Anvil. Once this has completed, the rollup is retrieved and pulled down to the internal RPC Server so that any new account state can be decrypted.
If you were looking at your terminal that is running the Sandbox you should hopefully have seen a lot of activity. This is because the Sandbox will have simulated the deployment of both contracts, executed the private kernel circuit for each before submitted 2 transactions to the pool. The sequencer will have picked them up and inserted them into a rollup and executed the recursive rollup circuits before publishing the rollup to Anvil. Once this has completed, the rollup is retrieved and pulled down to the internal RPC Server so that any new account state can be decrypted.

## Token Contract Deployment

Expand Down Expand Up @@ -250,14 +249,6 @@ We can break this down as follows:
4. We use the `getContractInfo()` api on the RPC Server to retrieve information about the reported contract address.
5. The fact that this api returns a valid object tells us that the contract was successfully deployed in a prior block.

The Private Token Contract emits an unencrypted log message during construction:

#include_code constructor /yarn-project/noir-contracts/src/contracts/private_token_contract/src/main.nr rust

We can retrieve this emitted log using the `getUnencryptedLogs()` api:

#include_code Logs /yarn-project/end-to-end/src/e2e_sandbox_example.test.ts typescript

Our output will now be:

```
Expand All @@ -266,14 +257,9 @@ Our output will now be:
private-token Created Alice's account at 0x054d89d0...f17e +23s
private-token Created Bob's account at 0x0a8410a1...7c48 +1ms
private-token Deploying private token contract minting an initial 1000000 tokens to Alice... +0ms
private-token Transaction status is mined +8s
private-token Contract successfully deployed at address 0x143e0af4...11b6 +7ms
private-token Retrieving unencrypted logs for block 3 +4ms
private-token Emitted logs: [ 'Balance set in constructor' ] +5ms
```

Note how we used the `getBlockNum()` api to retrieve the number of the last mined block. This is the block for which we want to retrieve logs as it is the last mined block number.

## Viewing the balance of an account

A token contract wouldn't be very useful if you aren't able to query the balance of an account. As part of the deployment, tokens were minted to Alice. We can now call the contract's `getBalance()` function to retrieve the balances of the accounts.
Expand All @@ -294,8 +280,6 @@ Running now should yield output:
private-token Deploying private token contract minting an initial 1000000 tokens to Alice... +0ms
private-token Transaction status is mined +8s
private-token Contract successfully deployed at address 0x143e0af4...11b6 +7ms
private-token Retrieving unencrypted logs for block 3 +4ms
private-token Emitted logs: [ 'Balance set in constructor' ] +5ms
private-token Alice's balance 1000000 +4s
private-token Bob's balance 0 +3s
```
Expand All @@ -314,8 +298,6 @@ Now lets transfer some funds from Alice to Bob by calling the `transfer` functio

#include_code transfer /yarn-project/noir-contracts/src/contracts/private_token_contract/src/main.nr rust

We will again view the unencrypted logs emitted by the function and check the balances after the transfer:

#include_code Transfer /yarn-project/end-to-end/src/e2e_sandbox_example.test.ts typescript

Our output should now look like this:
Expand All @@ -326,20 +308,15 @@ Our output should now look like this:
private-token Created Alice's account at 0x054d89d0...f17e +23s
private-token Created Bob's account at 0x0a8410a1...7c48 +1ms
private-token Deploying private token contract minting an initial 1000000 tokens to Alice... +0ms
private-token Transaction status is mined +8s
private-token Contract successfully deployed at address 0x143e0af4...11b6 +7ms
private-token Retrieving unencrypted logs for block 3 +4ms
private-token Emitted logs: [ 'Balance set in constructor' ] +5ms
private-token Alice's balance 1000000 +4s
private-token Bob's balance 0 +3s
private-token Transferring 543 tokens from Alice to Bob... +0ms
private-token Retrieving unencrypted logs for block 4 +20s
private-token Emitted logs: [ 'Coins transferred' ] +13ms
private-token Alice's balance 999457 +4s
private-token Bob's balance 543 +3s
```

Here, we used the same contract abstraction as was previously used for reading Alice's balance. But this time we called `send()` generating and sending a transaction to the network. After waiting for the transaction to settle we were able to retrieve the newly emitted unencrypted logs and check the new balance values.
Here, we used the same contract abstraction as was previously used for reading Alice's balance. But this time we called `send()` generating and sending a transaction to the network. After waiting for the transaction to settle we were able to check the new balance values.

Finally, the contract has a `mint` function that can be used to generate new tokens for an account. This takes 2 arguments:

Expand All @@ -360,20 +337,13 @@ Our complete output should now be:
private-token Created Alice's account at 0x054d89d0...f17e +23s
private-token Created Bob's account at 0x0a8410a1...7c48 +1ms
private-token Deploying private token contract minting an initial 1000000 tokens to Alice... +0ms
private-token Transaction status is mined +8s
private-token Contract successfully deployed at address 0x143e0af4...11b6 +7ms
private-token Retrieving unencrypted logs for block 3 +4ms
private-token Emitted logs: [ 'Balance set in constructor' ] +5ms
private-token Alice's balance 1000000 +4s
private-token Bob's balance 0 +3s
private-token Transferring 543 tokens from Alice to Bob... +0ms
private-token Retrieving unencrypted logs for block 4 +20s
private-token Emitted logs: [ 'Coins transferred' ] +13ms
private-token Alice's balance 999457 +4s
private-token Bob's balance 543 +3s
private-token Minting 10000 tokens to Bob... +1ms
private-token Retrieving unencrypted logs for block 5 +13s
private-token Emitted logs: [ 'Coins minted' ] +13ms
private-token Alice's balance 999457 +4s
private-token Bob's balance 10543 +4s
```
Expand Down
Loading

0 comments on commit 4d8002e

Please sign in to comment.