chore: merge next#22089
Merged
alexghr merged 112 commits intomerge-train/spartanfrom Mar 27, 2026
Merged
Conversation
This PR attempts to improve our interaction classes. Closes: #21875 1. ) Addresses the aforementioned bug, where `BatchCall` wasn't forwarding the baked in interaction data (authwitnesses, capsules, extrahashedargs) 2. ) Removes the stale `returnReceipt` option from `DeployMethod`. This is a remnant from when we were just returning the deployed contract. Now that the return type is complex object, it just doesn't make sense to have extra complexity --------- Co-authored-by: Jan Beneš <janbenes1234@gmail.com>
…d structs in `AbiDecoder` (#21926)
Now that `EmbeddedWallet` estimates gas on send, these simulations are redundant
…packages into gj/iframe_wallets_sdk
Changes the error messages thrown when oracle version issues are detected. It deemphasizes the "oracle" wording since that's about internals, and emphasizes that the contract has been compiled with an Aztec.nr version that their PXE doesn't know how to handle. It also adds an error page link where we can document more specifics in the future. Closes F-486
… tx liveness issues (#21944) Follow up from troubleshooting a user app. This app was interacting with PXE in a way that it is not designed to work, but ultimately "protecting" this method by queueing it makes it a bit more robust even when misused. Closes F-485
…21953) ## Summary - macOS release binaries were broken (SIGKILL/exit 137) because `inject_version` in `bootstrap.sh` used `llvm-objdump` (unversioned) to detect Mach-O binaries for re-signing, but the CI environment only has `llvm-objdump-20` - The detection silently failed (`&>/dev/null`), skipping `ldid -S` re-signing after version injection, leaving binaries with an invalidated linker-signed code signature - Fix: `llvm-objdump` → `llvm-objdump-20`
The Chonk standalone vk check was failing because: - The native preset was not used to resolve `bb` (so we were resolving `build/bin/bb` instead of `build-debug/bin/bb`) - The VK check did not disable asserts (so when checking VKs we would detect mismatches due to the dummy data supplied to build VKs) This PR fixes the above issues: - Resolve `bb` using the script `preset-build-dir` with argument `NATIVE_PRESET` - Add a flag to the `check` command in the bb api that disables asserts when checking vks
## Summary Switch entirely to compressed BN254 G1 points (32 bytes/point vs 64 bytes/point) everywhere: C++ native, WASM/bb.js, CI scripts, and release images. - C++ decompresses via parallel `from_compressed()` using `ThreadChunk` - SHA-256 chunk hash verification of downloaded compressed CRS data - Prover-agent release image ships `bn254_g1_compressed.dat`, halving the CRS layer size (~3.2GB vs ~6.4GB) - Added `skipSrsInit` option to `BackendOptions` so hash-only WASM tests skip CRS initialization ### Browser wallet startup benchmark Tested on the playground embedded wallet. Download from local L2 node, measuring G1 download time, `srsInitSrs` (WASM deserialization/decompression), and total `createPXE` time. **Compressed (32 bytes/point, `g1_compressed.dat`):** | Cores | G1 download | srsInitSrs | CRS total | createPXE | |-------|------------|------------|-----------|-----------| | 4 | 3059ms | 1988ms | 5840ms | 10351ms | | 2 | 3097ms | 3781ms | 7677ms | 12150ms | | 1 | 3111ms | 7372ms | 11249ms | 15858ms | **Uncompressed baseline (64 bytes/point, `g1.dat`, parallelized `from_buffer`):** | Cores | G1 download | srsInitSrs | CRS total | createPXE | |-------|------------|------------|-----------|-----------| | 4 | 7565ms | 2019ms | 10381ms | 15549ms | | 2 | 6078ms | 3802ms | 10742ms | 15635ms | | 1 | 6065ms | 7307ms | 14173ms | 18744ms | **Key findings:** - **Decompression overhead is effectively zero in the browser.** `srsInitSrs` is dominated by msgpack serialization and JS-to-WASM data transfer, not point parsing. The raw `from_compressed` cost is masked by this overhead. - **The win is the 2x smaller download**: ~3.1s vs ~6-7.5s for G1 data. - **createPXE improvement**: 33% at 4 cores, 22% at 2 cores, 15% at 1 core. Note: earlier wasmtime benchmarks showed `from_compressed` at ~19s for 2^20 points (single-threaded), but V8's WASM JIT is roughly 5x faster on this field arithmetic workload. The browser `from_compressed` cost is estimated at ~3.9s (after subtracting serialization overhead), well within the existing overhead budget. ### Native C++ decompression (full 100M point SRS, 3.2GB compressed) | Threads | Time | |---------|------| | 8 | 111s | | 32 | 28s | ### Changes **C++ (bb CLI + WASM)** - `bbapi_srs.cpp` -- `SrsInitSrs` decompresses 32-byte compressed points via parallel `from_compressed()` - `get_bn254_crs.cpp` -- downloads compressed CRS with CDN fallback, parallel SHA-256 chunk verification, parallel decompression - `chonk.bench.cpp` -- added `bn254_point_decompression` benchmark **TypeScript (bb.js)** - `net_crs.ts` -- downloads from `g1_compressed.dat` endpoint - `crs/node/index.ts` -- caches and loads `bn254_g1_compressed.dat` (32 bytes/point) - `crs/browser/cached_net_crs.ts` -- same for browser/IndexedDB - `bb_backends/index.ts` -- added `skipSrsInit` option to `BackendOptions` - `barretenberg/index.ts` -- respect `skipSrsInit` in `Barretenberg.new()` - `blake2s.test.ts`, `poseidon.bench.test.ts` -- use `skipSrsInit: true` (hash-only, no CRS needed) **Release image** - `release-image/bootstrap.sh` -- `prepare_crs` ships `bn254_g1_compressed.dat` **CI scripts** - `download_bb_crs.sh` -- downloads compressed with fallback/retries ## Test plan - [ ] CI passes (bb tests, WASM tests, acir tests) - [ ] Prover-agent image builds with compressed CRS
The ci-external workflow's `gh pr edit --remove-label "ci-external-once"` fails with "Resource not accessible by integration" because the default github.token has read-only permissions when no permissions block is set. This adds explicit permissions (contents: read, pull-requests: write) to the ci-external job, matching the pattern used by other label-modifying workflows in the repo. Safe because the workflow runs via pull_request_target (code from base branch) and is gated by a maintainer adding the ci-external label.
The useApiVersion hook was missing handling for rc and testnet version names, causing those versions to fall through to the default case. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
## Summary - Adds handling for `rc` and `testnet` version names in the `useApiVersion` hook across API reference pages - Without this, rc/testnet versioned docs fell through to the default case instead of resolving to `"testnet"` ## Test plan - [ ] Verify API reference pages load correctly for rc-versioned docs - [ ] Verify API reference pages load correctly for testnet-versioned docs 🤖 Generated with [Claude Code](https://claude.com/claude-code)
## Summary - The `ci-external` workflow fails with `Resource not accessible by integration (removeLabelsFromLabelable)` because `github.token` defaults to read-only when no `permissions` block is set. - Adds `contents: read` + `pull-requests: write` to the `ci-external` job so `gh pr edit --remove-label "ci-external-once"` can succeed. ## Context - Safe because the workflow uses `pull_request_target` (code always from base branch, not fork) and is gated by a maintainer adding the `ci-external` / `ci-external-once` label. - Matches the pattern used by other label-modifying workflows in the repo (e.g., `merge-train-create-pr`, `auto-close-stale-drafts`). - Fixes the CI failure seen on external PRs like #21885.
BEGIN_COMMIT_OVERRIDE chore: deflake n_tps benchmark for LOW_VALUE_TPS=2 (#21578) fix(sequencer): use wall-clock timestamp for simulation when pipelining is disabled (#21888) fix: disable caching of error responses (300-499) on R2 custom domain (#21939) fix: add missing default cases in treeId switch statements (#21942) END_COMMIT_OVERRIDE
- Add schema parsing (parseWithOptionals) to iframe connection handler so serialized args are properly deserialized before calling wallet methods - Fix race condition in iframe discovery by registering message listener before appending iframe to DOM - Fix async iterator types in discovery session to satisfy TypeScript - Deduplicate DisconnectCallback type into shared types.ts - Use shared WalletInfo type instead of inline type literals - Fix various lint issues (no-misused-promises, require-await, jsdoc) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…thwits ## Summary - Document the two new `EmbeddedWallet` features from #21646: automatic gas estimation via pre-simulation, and automatic private authwit generation - Update `how_to_send_transaction.md` with a "What happens behind the scenes" section - Add tips/notes to `how_to_use_authwit.md` that private authwits are now automatic - Add tips/notes to `how_to_pay_fees.md` that gas estimation is now automatic - Update foundational `wallets.md` with pre-simulation and automatic authwit paragraphs - All changes mirrored to both latest docs and v4.1.0-rc.2 versioned docs ## Test plan - Verify docs build cleanly - Review rendered pages for clarity and accuracy 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Josh Crites <jc@joshcrites.com>
…thwits (#21790) ## Summary - Document the two new `EmbeddedWallet` features from #21646: automatic gas estimation via pre-simulation, and automatic private authwit generation - Update `how_to_send_transaction.md` with a "What happens behind the scenes" section - Add tips/notes to `how_to_use_authwit.md` that private authwits are now automatic - Add tips/notes to `how_to_pay_fees.md` that gas estimation is now automatic - Update foundational `wallets.md` with pre-simulation and automatic authwit paragraphs - All changes mirrored to both latest docs and v4.1.0-rc.2 versioned docs ## Test plan - Verify docs build cleanly - Review rendered pages for clarity and accuracy 🤖 Generated with [Claude Code](https://claude.com/claude-code)
Mostly just cleanup and standard pre-audit steps. Also went and reordered `bc_retrieval`'s tuple in its lookup to `contract_instance_retrieval` to align with that gadget's usage comment (a forgotten step from `contract_instance_retrieval` pre-audit).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
In this PR I add a check that makes `aztec compile` throw an error in case the compile crate or any of its dependencies do not match the version of the `aztec` command. We are currently just checking for version equality instead of doing a more sophisticated semver checks as we are not tracking the versions reliably now. Proper semver checks are likely to be introduced in the future when we track `Aztec.nr` versioning separately from `aztec-packages`. Since I need to check versions not only of local path based dependencies but also of the remote git based deps the approach I use here is that I check if the dep is in the relevant nargo dir, if not I fetch it there, and then I perform the check on that dep there. This means that I re-implement some `nargo` functionality here. Closes https://linear.app/aztec-labs/issue/F-288/make-aztec-compile-warn-of-oldincompatible-aztec-deps-from-nargotoml
In this PR I add a check that makes `aztec compile` throw an error in case the compile crate or any of its dependencies do not match the version of the `aztec` command. We are currently just checking for version equality instead of doing a more sophisticated semver checks as we are not tracking the versions reliably now. Proper semver checks are likely to be introduced in the future when we track `Aztec.nr` versioning separately from `aztec-packages`. Since I need to check versions not only of local path based dependencies but also of the remote git based deps the approach I use here is that I check if the dep is in the relevant nargo dir, if not I fetch it there, and then I perform the check on that dep there. This means that I re-implement some `nargo` functionality here. Closes https://linear.app/aztec-labs/issue/F-288/make-aztec-compile-warn-of-oldincompatible-aztec-deps-from-nargotoml
…e server API - SSH tunnel now routes to port 4000 (was 3001 via proxy) - Use /sessions endpoint directly instead of /run proxy - Add profile/model/budget/target_ref inputs for workflow_dispatch - claude-review job uses same new format Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
BEGIN_COMMIT_OVERRIDE feat(aztec-up): default install version to latest instead of nightly (#21883) fix(aztec-up): always reinstall noirup and foundryup bootstrappers (#21826) fix(aztec-up): show installed version after install (#21822) feat(aztec-up): decouple infra assets from toolchain VERSION (#22078) feat(aztec-up): add versioned aliases for multi-major version support (#21817) feat(aztec-up): auto-update before install with staleness check (#21866) fix(aztec-up): pass VERSION to per-version installer and fix release sed (#22083) feat: asserts that aztec dep version matches cli (#21245) END_COMMIT_OVERRIDE
…nts (#22050) Improved logging based on audit finding 114 in #21500 + random improvements that I noticed could be done ## Summary - Adds warning logs in PXE block synchronizer when `getBlockHeader` returns null for `chain-proven` and `chain-finalized` events, instead of silently skipping the anchor update. - Aligns with the `chain-pruned` handler which already throws on missing headers. Closes #21500 .
alexghr
requested review from
a team,
IlyasRidhuan,
LeilaWang,
Maddiaa0,
charlielye,
dbanks12,
fcarreiro,
jeanmon,
nventuro and
sirasistant
as code owners
spypsy
approved these changes
Mar 27, 2026
This was referenced Mar 27, 2026
AztecBot
added a commit
that referenced
this pull request
Mar 27, 2026
## Summary - Increases the `e2e_prover_full_real` CI timeout from 20m to 40m in `end-to-end/bootstrap.sh` - Increases the Jest `TIMEOUT` constant from 15m (900s) to 35m (2100s) in `full.test.ts` - Increases the `beforeAll` Jest timeout from 2m to 5m ## Root Cause The `merge-next` PR (#22089) merged 111 commits into `spartan` that introduced multiple cumulative performance regressions for the full prover test: 1. CHONK recursion gates: +577 gates (1,493,584 → 1,494,161) 2. ECCVM recursive verifier gates: +579 gates (224,657 → 225,236) 3. AVM SHA256 PIL: added new circuit includes (`bitwise.pil`, `memory.pil`, `precomputed.pil`) 4. Shplemini security fix: adds `padding_indicator_array` multiplication per round 5. CRS format change: first-run decompression overhead on fresh EC2 instances These changes collectively push the test from ~17-18 minutes to over 20 minutes, causing it to be killed by the 20-minute OS timeout. ## Test plan - [ ] CI passes on `merge-train/spartan` with this fix - [ ] `e2e_prover_full_real` completes within the new 40-minute timeout 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Mar 27, 2026
BEGIN_COMMIT_OVERRIDE fix: only clear provenBlockNumber when it exceeds prune point (#21946) chore: (A-779) load all accounts before calling LogService.#getSecretsForSenders (#21923) fix: align staging-public mana target with testnet/mainnet (#21983) chore: (A-777) add warn logs for regressive path in block synchronizer (#21925) fix: fully validate txs retrieved from tx file store (#21988) refactor: extract checkpoint proposal handling to ProposalHandler (#21999) fix: unbounded memory in calldataRetriever (#22004) fix(p2p): check peer rate limit before global to prevent quota starvation (#21997) fix(p2p): evict expired failed-auth-handshake entries on heartbeat (#21992) chore: defensively handle skipPushProposedBlocksToArchiver (#22017) chore: bump testnet prover resource profile to prod-hi-tps (#22019) chore: (A-835) remove unused serializer (#22037) fix(p2p): remove disconnected peers from scoring maps (#22009) fix(e2e): set anvilSlotsInAnEpoch in slashing tests (#21869) fix(ethereum): Audit fixes A-810, A-812 (nonce race, isEscapeHatchOpen logging) (#21948) chore: remove old TxPool implementation (#22028) fix: Fix blob encoding when uploaded from proposals (#22045) chore: Adds /cycle and /fix skills. Also configures linear mcp server (#22043) chore: remove validatorReexecute config option (#22024) fix(sequencer): use last L1 slot of L2 slot as eth_simulateV1 timestamp (#22023) docs(simulator): clarify teardown gas billing is intentional (#22057) chore: revert account loading optimization in log service (#22062) fix: use DateProvider in PeerScoring (#22070) fix(aztec.js): preserve extraHashedArgs in DeployMethod.with() (#22053) fix(p2p): replace process.exit() with graceful shutdown in worker cleanup (#22046) chore: merge next (#22089) fix(stdlib): correct NoteDao size (#22068) feat: improve blob download from filestores (#22096) fix: remove stale tx_pool v1 benchmark reference (#22104) END_COMMIT_OVERRIDE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
.