chore: Accumulated backports to v4-next#23142
Merged
Merged
Conversation
…oposal check (#22989) `hasPayloadBeenProposed` (now `hasActiveProposalWithPayload`) used `eth_getLogs` over the rollup's full L1 deployment range to find prior `PayloadSubmitted` events. On long-lived rollups that range exceeds typical RPC provider block-range caps and the call times out, silently breaking the sequencer's "stop signaling for an already-proposed payload" logic. The previous in-memory cache also permanently blacklisted any payload it saw as proposed once, which is wrong: each round on `EmpireBase` is independent and the same payload can legitimately be re-signaled and re-submitted after a prior proposal becomes Dropped/Rejected/Expired/Executed. Replace the log scan with a bounded view-call sweep over `Governance.proposals`. The sweep walks newest -> oldest using `proposalCount`, unwraps each proposal's `GSEPayload` via `getOriginalPayload()`, and treats only `Pending`/`Active`/`Queued`/`Executable` as "in an active proposal" -- terminal states allow re-signaling. The descent has a hard early-stop on the protocol-wide proposal lifetime cap (`4 * ConfigurationLib.TIME_UPPER = 360 days`), which is safe regardless of per-proposal frozen configs because every config field is bounded by `TIME_UPPER` on-chain. Two in-memory caches absorb the per-call cost over time: terminal proposals (provably immutable on-chain) and wrapper -> original payload unwraps (immutable bytecode). - **ethereum/contracts/governance**: New `hasActiveProposalWithPayload(payload)` and `getProposalCount()` on `ReadOnlyGovernanceContract`. Inlines a minimal `IProposerPayload` ABI (just `getOriginalPayload`) to avoid generating a full artifact. Handles `proposeWithLock`-style proposals (no GSEPayload wrapper) by catching the unwrap revert and skipping. - **ethereum/contracts/governance (types)**: Adds explicit types (`Proposal`, `ProposalConfiguration`, `GovernanceConfiguration`, `ProposeWithLockConfiguration`, `Ballot`) and maps the viem return shapes of `getProposal` / `getConfiguration` onto them. `Proposal` now carries both `cachedState` (raw stored) and `state` (live, time-derived from `getProposalState`); `getProposal` issues both reads in parallel so callers don't need a separate state RPC. - **ethereum/contracts/governance (caching)**: Adds two memoization layers on `ReadOnlyGovernanceContract`. Proposals are cached when `state` is in any of the four terminal phases (Executed/Rejected/Dropped/Expired) -- once terminal the entire struct is provably immutable on-chain. Wrapper unwraps are keyed by wrapper address and cached forever (deployed bytecode is immutable). `GovernanceProposerContract` already memoizes its `getGovernance()`, so the same `ReadOnlyGovernanceContract` instance (and its caches) is reused across slots in the sequencer publisher. - **ethereum/contracts/governance_proposer**: Drops the event-based `hasPayloadBeenProposed`. Adds a memoized `getGovernance()` accessor and a thin `hasActiveProposalWithPayload` delegate that resolves the Governance address via the on-chain registry lookup. - **ethereum/contracts/empire_base**: Removes `hasPayloadBeenProposed` from `IEmpireBase` -- it's a Governance concern, not a generic empire concern (slasher doesn't need it). - **sequencer-client/publisher**: Removes the permanent `payloadProposedCache` so the publisher re-checks every slot, allowing re-signaling once a prior proposal is terminal. Switches the failure mode from fail-closed to fail-open (a flaky L1 endpoint should not silence governance participation; a duplicate signal is harmless). Narrows the helper's `base` param from `IEmpireBase` to `GovernanceProposerContract` since this code path is governance-only. - **ethereum/contracts (tests)**: New `hasActiveProposalWithPayload` describe block hitting a real anvil-deployed Governance. Impersonates the `governanceProposer`, calls `Governance.propose` directly, and etches hand-rolled mock wrapper bytecode at chosen addresses to drive (wrapper, original) pairs. Covers: empty governance, live match, no match, terminal state via warp, reverting wrapper (proposeWithLock-style), descent past unrelated proposals, case-insensitive match, and the 360-day hard cutoff via warp. Also adds a sync-guard describe block that probes `Governance.updateConfiguration` via impersonated `eth_call` to assert each of `votingDelay`/`votingDuration`/`executionDelay`/`gracePeriod` accepts `TIME_UPPER` and rejects `TIME_UPPER + 1` -- if those caps change on-chain, this trips and `MAX_PROPOSAL_LIFETIME_SECONDS` must be revisited. - **sequencer-client/publisher (tests)**: Replaces the cache test with a "re-checks each call so re-signaling resumes after terminal" test. Updates the RPC-failure semantics test from fail-closed to fail-open.
…21779) Moves the "CI3 failed on backport PR" Slack notification from `#team-alpha` to `#backports`, which is where all other backport-related notifications already go. - Updated `.github/workflows/ci3.yml`: changed the Slack channel for backport CI failure notifications from `#team-alpha` to `#backports` ClaudeBox log: https://claudebox.work/s/d16f655779423037?run=1
Use same structure as the handles missed message inserted by an L1 reorg test to wait for checkpoint when sending L2 txs to help trigger mbps. Co-authored-by: danielntmd <danielntmd@nethermind.io> (cherry picked from commit 3c007ed)
BEGIN_COMMIT_OVERRIDE chore: route backport CI failure notifications to #backports channel (#21779) END_COMMIT_OVERRIDE
`verifyAvmProof`(from `execute.ts`) was using the shared `this.config.bbWorkingDirectory`path to write the `avm_inputs.bin` file. Under concurrent operations, the files could get overwritten and verification would fail. This PR plumbs the temporary path so that it gets used.
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-04-15 [View changes in noir-lang/noir](noir-lang/noir@842974f...nightly-2026-04-15)
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-04-16 [View changes in noir-lang/noir](noir-lang/noir@04a373e...nightly-2026-04-16)
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-04-17 [View changes in noir-lang/noir](noir-lang/noir@b3b0faa...nightly-2026-04-17)
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-04-23 [View changes in noir-lang/noir](noir-lang/noir@ad02a20...nightly-2026-04-23)
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-04-28 [View changes in noir-lang/noir](noir-lang/noir@f39ac4f...nightly-2026-04-28)
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-05-01 [View changes in noir-lang/noir](noir-lang/noir@5f68596...nightly-2026-05-01)
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-05-05 [View changes in noir-lang/noir](noir-lang/noir@20391fd...nightly-2026-05-05)
Automated update of Noir submodule to latest nightly. **Current**: unknown **New**: nightly-2026-05-11 [View changes in noir-lang/noir](noir-lang/noir@d52888d...nightly-2026-05-11)
Accepts snapshot diffs after backporting noir sync PRs #22572-#23023: - CustomMessageHandler<()> type alias now expands to its full fn type in nargo expand output (cosmetic) - nargo expand emits functions in a new deterministic order (token, amm, avm_test_contract) - authorization_selector_collision: one redundant 'missing trait ID' error removed by noir (6 -> 5 errors)
## Summary Backports the 8 noir sync PRs merged to `next` after #22393 (which was already cherry-picked onto `backport-to-v4-next-staging`). Cherry-picked in chronological order: - #22572 — Update Noir to nightly-2026-04-15 - #22594 — Update Noir to nightly-2026-04-16 - #22633 — Update Noir to nightly-2026-04-17 - #22653 — Update Noir to nightly-2026-04-23 (resolved `avm-transpiler/Cargo.lock` conflict by taking the incoming version) - #22755 — Update Noir to nightly-2026-04-28 - #22836 — Update Noir to nightly-2026-05-01 - #22911 — Update Noir to nightly-2026-05-05 - #23023 — Update Noir to nightly-2026-05-11 (resolved `.test_patterns.yml` and `yarn-project/kv-store/package.json` conflicts: kept backport branch's extra dev deps for chai/mocha/sinon) Final `noir/noir-repo` submodule pointer matches `next`: `1d9727a6e0a9df75a71bb9c87daacbe30659ba09`. Label `ci-no-squash` is set to preserve the 8 individual commits. ## Contract snapshot updates A follow-up commit regenerates `noir-projects/contract-snapshots` snapshots that drifted due to the new noir version. All 60 snapshot tests pass locally after the update. The drift is purely from noir-side changes — no semantic change in our code: - `compile_failure/authorization_selector_collision`: noir removed a redundant `check_parent_traits_are_implemented: missing trait ID` error, so the total error count went from 6 to 5. - 6 × `expand/*` snapshots (`amm_contract`, `avm_gadgets_test_contract`, `avm_test_contract`, `public_fns_with_emit_repro_contract`, `storage_proof_test_contract`, `token_contract`): `nargo expand` now prints the full `unconstrained fn(AztecAddress, u64, u64, BoundedVec<Field, 11>, MessageContext, AztecAddress)` type instead of the `CustomMessageHandler<()>` alias. - `expand/token_contract`, `expand/amm_contract`, `expand/avm_test_contract`: `nargo expand` emits functions in a new deterministic order (e.g. `constructor` / `_reduce_total_supply` / `_recurse_subtract_balance` / `private_get_symbol` were moved within their impl blocks; `add_args_return` likewise on the AVM contract; `swap_exact_tokens_for_tokens` / `swap_tokens_for_exact_tokens` swapped order on AMM). ## Test plan - CI on `backport-to-v4-next-staging` flow passes
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
…yte code size blow up (#23062) Resolves [F-637](https://linear.app/aztec-labs/issue/F-637/aztec-nr-macros-contain-self-construction-to-a-function-to-prevent) Stacks on #23061 - New `generate_public_self_creator` emits a per-contract `__aztec_nr_internals__create_public_self<let N: u32>()` helper - `generate_public_external` now emits a single call to it instead of inlining the preamble. This can be seen in the snapshots. - Helper is emitted from `process_functions` and gated on `public_functions.len() > 0` ~~Improvements tested locally:~~ I need to test further. Either way this is cleaner macro code.
…23156) ## Summary Backport of #23062 to `v4-next`. Cherry-pick of merge commit `b6adc6b20fa79f4b55a73517a7ba8e2444716387`. ### Conflict resolved - `noir-projects/contract-snapshots/tests/snapshots/expand/avm_gadgets_test_contract/snapshots__expanded.snap` — the upstream PR's snapshot included a `__aztec_nr_internals__keccak_hash_300` function (added in a separate upstream commit), but the v4-next source contract (`avm_gadgets_test_contract/src/main.nr`) does not contain a `keccak_hash_300` test function. The conflict was resolved by dropping the `keccak_hash_300` block from the snapshot so it matches the v4-next source contract. All other public-function helpers in the snapshot were updated to call the new `__aztec_nr_internals__create_public_self::<N>()` helper. ### What this PR does - Adds `generate_public_self_creator` which emits a per-contract `__aztec_nr_internals__create_public_self<let N: u32>()` helper. - `generate_public_external` now emits a single call to the helper instead of inlining the preamble, shrinking generated bytecode. - Helper emission is gated on `public_functions.len() > 0` in `process_functions`. ### Files changed - `noir-projects/aztec-nr/aztec/src/macros/internals_functions_generation/external/public.nr` - `noir-projects/aztec-nr/aztec/src/macros/internals_functions_generation/mod.nr` - 4 `compile_failure` `snapshots__stderr.snap` files - 6 `expand` `snapshots__expanded.snap` files 12 files changed, 302 insertions(+), 1817 deletions(-). 🤖 Generated automatically by the backport workflow. ClaudeBox log: https://claudebox.work/s/b8ac01ace45bf87e?run=1
) Fixes #22949. We keep track of the range of tagging indices used by a tx as `(lowestIdx, highestIdx)` - we need this so that future transactions start from `highest + 1` even if a previous tx has not yet been mined, avoiding tag duplication. The lowest index is required in case of transaction reverts: we walk all indices from low to high and test which ones survived onchain, and that way determine the actual highest index for a tx. On sync, we validate that our records for a tx match the indices used in said tx - this helps detect bugs (like the bug being fixed here). This check started failing because our `(low, high)` record did not consider the possibility of logs being squashed - if either `low` or `high` got squashed then the range would change. Note that we don't care about indices between low and high being squashed , gaps are ok - we only really care about the edges. This PR fixes this by inspecting tx effects to adjust the range prior to storing the indices in the database. It hints at the need for a tagging service layer, but that was a bigger change that I didn't want to introduce here. I added tests for both new functions created, plus an e2e regression test that checks we've fixed the original issue. I validated that the test fails without this fix. --------- Co-authored-by: Nicolas Chamo <nicolas@chamo.com.ar> Co-authored-by: AztecBot <tech@aztecprotocol.com> Co-authored-by: Maxim Vezenov <mvezenov@gmail.com>
Reverts OIDC-based AWS auth in the ci-release-publish job back to access key credentials for the v4 backport branch. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
A workaround that should hopefully unblock nightlies that are currently not getting released. For more context see [this comment](https://aztecprotocol.slack.com/archives/C08HLF3J941/p1778532048823649?thread_ts=1778248294.466559&cid=C08HLF3J941) on slack. ## Summary - Reverts the OIDC-based AWS auth in the `ci-release-publish` job back to using `AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY` secrets on the v4 backport line. - Drops the `permissions: id-token: write` block and the `aws-actions/configure-aws-credentials` step that the OIDC flow required.
benesjan
approved these changes
May 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
BEGIN_COMMIT_OVERRIDE
fix(sequencer): bounded sweep instead of event scan for governance proposal check (#22989)
fix(sequencer): bounded sweep instead of event scan for governance proposal check (#22989) (#23001)
chore: route backport CI failure notifications to #backports channel (#21779)
fix: (A-589) epochs l1 reorgs test (#20999)
chore: Accumulated backports to v4 (#23065)
fix(bb-prover): use temp directory for avm_verify (#23138)
chore: notify on v4-next sync (#23139)
refactor(pxe): use findLeavesIndexes for read request verification (#23123)
refactor(pxe): skip storage reads for never-updated contracts (#23131)
fix(pxe): skip registerContractFunctionSignatures when no public fns (#23134)
chore: Update Noir to nightly-2026-04-15 (#22572)
chore: Update Noir to nightly-2026-04-16 (#22594)
chore: Update Noir to nightly-2026-04-17 (#22633)
chore: Update Noir to nightly-2026-04-23 (#22653)
chore: Update Noir to nightly-2026-04-28 (#22755)
chore: Update Noir to nightly-2026-05-01 (#22836)
chore: Update Noir to nightly-2026-05-05 (#22911)
chore: Update Noir to nightly-2026-05-11 (#23023)
chore: backport noir sync PRs to backport-to-v4-next-staging (#23148)
refactor(pxe): prefetch updated class id hints per unique contract (#23130)
chore(aztec-nr): Public self constructor function to prevent static byte code size blow up (#23062)
chore: merge v4 into backport-to-v4-next-staging (#23140)
chore(aztec-nr): Public self constructor function (backport #23062) (#23156)
refactor(pxe): avoid expensive toTx() call when computing tx hash (#23136)
END_COMMIT_OVERRIDE