feat: Pass through unencrypted logs to base rollup

[sirasistant]

Instead of siloing and crunching together all the unencrypted logs in the private kernels and the public kernels, we pass them through to the base rollup who will do that work.

[github-actions]

Changes to circuit sizes

Generated at commit: 75a8be6493c2ebb21382ad12800c96572edb5479, compared to commit: cca2a9b393f781a2518e7fb6cbb376e4ae6fbd4e

🧾 Summary (100% most significant diffs)

Program	ACIR opcodes (+/-)	%	Circuit size (+/-)	%
private_kernel_empty_simulated	0 ➖	0.00%	+31 ❌	+7.97%
private_kernel_tail_simulated	0 ➖	0.00%	+31 ❌	+7.97%
public_kernel_tail_simulated	0 ➖	0.00%	+31 ❌	+7.97%
rollup_base	+1,769 ❌	+0.52%	+75,084 ❌	+2.00%
private_kernel_tail_to_public_simulated	0 ➖	0.00%	+16 ❌	+0.48%
public_kernel_app_logic_simulated	0 ➖	0.00%	+16 ❌	+0.48%
public_kernel_setup_simulated	0 ➖	0.00%	+16 ❌	+0.48%
public_kernel_teardown_simulated	0 ➖	0.00%	+16 ❌	+0.48%
private_kernel_empty	+31 ❌	+1.74%	+62 ❌	+0.01%
public_kernel_tail	+367 ❌	+0.04%	-17,564 ✅	-0.38%
public_kernel_teardown	-226 ✅	-0.09%	-26,997 ✅	-1.64%
public_kernel_setup	-342 ✅	-0.19%	-27,113 ✅	-1.71%
public_kernel_app_logic	-226 ✅	-0.09%	-27,093 ✅	-4.61%
private_kernel_tail_to_public	-1,168 ✅	-1.88%	-55,442 ✅	-11.17%
private_kernel_tail	-1,694 ✅	-8.09%	-74,828 ✅	-12.25%

---

Full diff report 👇

Program	ACIR opcodes (+/-)	%	Circuit size (+/-)	%
private_kernel_empty_simulated	1 (0)	0.00%	420 (+31)	+7.97%
private_kernel_tail_simulated	1 (0)	0.00%	420 (+31)	+7.97%
public_kernel_tail_simulated	1 (0)	0.00%	420 (+31)	+7.97%
rollup_base	341,542 (+1,769)	+0.52%	3,836,142 (+75,084)	+2.00%
private_kernel_tail_to_public_simulated	1 (0)	0.00%	3,344 (+16)	+0.48%
public_kernel_app_logic_simulated	1 (0)	0.00%	3,344 (+16)	+0.48%
public_kernel_setup_simulated	1 (0)	0.00%	3,344 (+16)	+0.48%
public_kernel_teardown_simulated	1 (0)	0.00%	3,344 (+16)	+0.48%
private_kernel_empty	1,811 (+31)	+1.74%	1,041,821 (+62)	+0.01%
public_kernel_tail	965,693 (+367)	+0.04%	4,645,487 (-17,564)	-0.38%
public_kernel_teardown	241,730 (-226)	-0.09%	1,618,002 (-26,997)	-1.64%
public_kernel_setup	183,195 (-342)	-0.19%	1,554,056 (-27,113)	-1.71%
public_kernel_app_logic	240,368 (-226)	-0.09%	560,162 (-27,093)	-4.61%
private_kernel_tail_to_public	61,119 (-1,168)	-1.88%	441,060 (-55,442)	-11.17%
private_kernel_tail	19,234 (-1,694)	-8.09%	536,096 (-74,828)	-12.25%

[AztecBot]

Benchmark results

Metrics with a significant change:

• avm_simulation_time_ms (Token:mint_public): 367 (+554%)
• protocol_circuit_proving_time_in_ms (base-parity): 2,042 (+41%)

Detailed results

All benchmarks are run on txs on the Benchmarking contract on the repository. Each tx consists of a batch call to create_note and increment_balance, which guarantees that each tx has a private call, a nested private call, a public call, and a nested public call, as well as an emitted private note, an unencrypted log, and public storage read and write.

This benchmark source data is available in JSON format on S3 here.

Proof generation

Each column represents the number of threads used in proof generation.

Metric	1 threads	4 threads	16 threads	32 threads	64 threads
proof_construction_time_sha256_ms	5,794 (+1%)	1,558 (+1%)	708	743	769
proof_construction_time_sha256_30_ms	11,897	3,190 (+1%)	1,413	1,440 (+1%)	1,471 (+1%)
proof_construction_time_sha256_100_ms	44,368 (+1%)	11,869	5,465	5,449 (+1%)	5,370
proof_construction_time_poseidon_hash_ms	79.0 (+1%)	34.0	34.0	58.0	87.0 (-1%)
proof_construction_time_poseidon_hash_30_ms	1,535 (+1%)	420 (+1%)	200	223	268
proof_construction_time_poseidon_hash_100_ms	5,692 (+1%)	1,533 (+1%)	678	729 (-1%)	752 (+1%)

L2 block published to L1

Each column represents the number of txs on an L2 block published to L1.

Metric	4 txs	8 txs	16 txs
l1_rollup_calldata_size_in_bytes	708	708	708
l1_rollup_calldata_gas	6,600	6,588	6,588
l1_rollup_execution_gas	583,062	583,201	583,352
l2_block_processing_time_in_ms	757 (+1%)	1,410	2,722 (+1%)
l2_block_building_time_in_ms	13,270 (+1%)	26,038	51,139 (+1%)
l2_block_rollup_simulation_time_in_ms	13,269 (+1%)	26,037	51,138 (+1%)
l2_block_public_tx_process_time_in_ms	11,121 (+2%)	23,678	48,765 (+2%)

L2 chain processing

Each column represents the number of blocks on the L2 chain where each block has 8 txs.

Metric	3 blocks	5 blocks
node_history_sync_time_in_ms	6,971 (-3%)	9,866 (-1%)
node_database_size_in_bytes	12,439,632	16,498,768
pxe_database_size_in_bytes	16,254	26,813

Circuits stats

Stats on running time and I/O sizes collected for every kernel circuit run across all benchmarks.

Circuit	simulation_time_in_ms	witness_generation_time_in_ms	input_size_in_bytes	output_size_in_bytes	proving_time_in_ms	proof_size_in_bytes	num_public_inputs	size_in_gates
private-kernel-init	116 (+1%)	397 (+2%)	21,732	54,085	N/A	N/A	N/A	N/A
private-kernel-inner	229	725 (+2%)	81,199	54,264	N/A	N/A	N/A	N/A
private-kernel-tail	1,115 (-3%)	2,445	61,543	62,127 (+1%)	N/A	N/A	N/A	N/A
base-parity	6.47 (-2%)	820 (+3%)	160	96.0	⚠️ 2,042 (+41%)	12,676	3.00	131,072
root-parity	108 (-1%)	124 (+8%)	64,860	96.0	31,345 (-1%)	12,676	3.00	4,194,304
base-rollup	4,225	5,056 (+4%)	181,083	632	44,623 (+1%)	13,476	28.0	4,194,304
root-rollup	152	120 (+4%)	51,261	652	28,434 (-2%)	13,412	26.0	4,194,304
public-kernel-setup	199 (+1%)	2,404 (-1%)	113,048	80,822 (+1%)	18,359 (+1%)	119,428	3,339	2,097,152
public-kernel-app-logic	150	3,394 (+2%)	113,048	80,822 (+1%)	10,097 (-3%)	119,428	3,339	1,048,576
public-kernel-tail	891	26,047 (-6%)	410,181	10,814 (+8%)	67,634	25,860 (+4%)	415 (+8%)	8,388,608
private-kernel-reset-tiny	297	998	77,007	53,954	N/A	N/A	N/A	N/A
private-kernel-tail-to-public	6,748 (+1%)	2,898 (+3%)	752,611 (-3%)	1,632	N/A	N/A	N/A	N/A
public-kernel-teardown	139 (+1%)	3,311	113,048	80,822 (+1%)	19,043 (-1%)	119,428	3,339	2,097,152
merge-rollup	57.2	N/A	33,566	632	N/A	N/A	N/A	N/A
undefined	N/A	N/A	N/A	N/A	166,018 (-2%)	N/A	N/A	N/A

Stats on running time collected for app circuits

Function	input_size_in_bytes	output_size_in_bytes	witness_generation_time_in_ms	proof_size_in_bytes	proving_time_in_ms
ContractClassRegisterer:register	1,312	9,344	396 (+1%)	N/A	N/A
ContractInstanceDeployer:deploy	1,376	9,344	25.1 (+1%)	N/A	N/A
MultiCallEntrypoint:entrypoint	1,888	9,344	628 (+1%)	N/A	N/A
GasToken:deploy	1,344	9,344	570 (+1%)	N/A	N/A
SchnorrAccount:constructor	1,280	9,344	430	N/A	N/A
SchnorrAccount:entrypoint	2,272	9,344	763	N/A	N/A
Token:privately_mint_private_note	1,248	9,344	500 (+1%)	N/A	N/A
FPC:fee_entrypoint_public	1,312	9,344	101 (+2%)	N/A	N/A
Token:transfer	1,280	9,344	1,463	N/A	N/A
AuthRegistry:set_authorized (avm)	19,222	N/A	N/A	95,392	2,133
FPC:prepare_fee (avm)	26,664	N/A	N/A	95,456	2,885 (+1%)
Token:transfer_public (avm)	42,914	N/A	N/A	95,456	3,259 (+2%)
AuthRegistry:consume (avm)	33,100	N/A	N/A	95,424	2,862 (+2%)
FPC:pay_refund (avm)	36,829	N/A	N/A	95,424	11,146 (+1%)
Benchmarking:create_note	1,312	9,344	421 (-1%)	N/A	N/A
SchnorrAccount:verify_private_authwit	1,248	9,344	42.8 (+3%)	N/A	N/A
Token:unshield	1,344	9,344	1,188	N/A	N/A
FPC:fee_entrypoint_private	1,344	9,344	1,553	N/A	N/A

AVM Simulation

Time to simulate various public functions in the AVM.

Function	time_ms	bytecode_size_in_bytes
GasToken:_increase_public_balance	99.8 (+1%)	13,790
GasToken:set_portal	15.0 (+28%)	3,339
Token:constructor	127 (-2%)	23,692
FPC:constructor	91.7 (-2%)	13,592
GasToken:mint_public	80.9 (-3%)	10,158
Token:mint_public	⚠️ 367 (+554%)	19,034
Token:assert_minter_and_mint	69.3 (+1%)	12,925
AuthRegistry:set_authorized	51.3 (+15%)	7,812
FPC:prepare_fee	124 (+13%)	15,062
Token:transfer_public	42.3 (-1%)	31,218
FPC:pay_refund	128 (-7%)	25,260
Benchmarking:increment_balance	1,350 (+1%)	15,267
Token:_increase_public_balance	16.9 (+8%)	15,006
FPC:pay_refund_with_shielded_rebate	180 (-2%)	26,347

Public DB Access

Time to access various public DBs.

Function	time_ms
get-nullifier-index	0.170 (+11%)

Tree insertion stats

The duration to insert a fixed batch of leaves into each tree type.

Metric	1 leaves	16 leaves	64 leaves	128 leaves	256 leaves	512 leaves	1024 leaves
batch_insert_into_append_only_tree_16_depth_ms	10.4	16.7	N/A	N/A	N/A	N/A	N/A
batch_insert_into_append_only_tree_16_depth_hash_count	16.8	31.7	N/A	N/A	N/A	N/A	N/A
batch_insert_into_append_only_tree_16_depth_hash_ms	0.600	0.514	N/A	N/A	N/A	N/A	N/A
batch_insert_into_append_only_tree_32_depth_ms	N/A	N/A	48.1	76.1 (+1%)	131 (+1%)	245	473 (+1%)
batch_insert_into_append_only_tree_32_depth_hash_count	N/A	N/A	95.9	159	287	543	1,055
batch_insert_into_append_only_tree_32_depth_hash_ms	N/A	N/A	0.491	0.467 (+1%)	0.452 (+1%)	0.444	0.442 (+1%)
batch_insert_into_indexed_tree_20_depth_ms	N/A	N/A	59.7	111	183 (+1%)	352	695 (+1%)
batch_insert_into_indexed_tree_20_depth_hash_count	N/A	N/A	109	207	355	691	1,363
batch_insert_into_indexed_tree_20_depth_hash_ms	N/A	N/A	0.504	0.499	0.485 (+1%)	0.476	0.477 (+1%)
batch_insert_into_indexed_tree_40_depth_ms	N/A	N/A	72.8	N/A	N/A	N/A	N/A
batch_insert_into_indexed_tree_40_depth_hash_count	N/A	N/A	133	N/A	N/A	N/A	N/A
batch_insert_into_indexed_tree_40_depth_hash_ms	N/A	N/A	0.518	N/A	N/A	N/A	N/A

Miscellaneous

Transaction sizes based on how many contract classes are registered in the tx.

Metric	0 registered classes	1 registered classes
tx_size_in_bytes	77,408 (+1%)	668,545

Transaction size based on fee payment method

| Metric | |
| - | |

[LeilaWang]

Got distracted and started looking at the code on the sequencer side. But that's not relevant to this PR!
Just one suggestion. Great idea for optimisation! 🔥

[LeilaWang]

This can be self.output.end.unencrypted_logs! And the assert_eq below won't be needed.

Actually, maybe there can be a variation of assert_sorted_array that takes the OrderHint. Something like:

assert_sorted_array(
  self.previous_kernel.end.unencrypted_logs_hashes,
  self.output.end.unencrypted_logs,
  hints.sorted_unencrypted_log_hash_hints
);

[sirasistant]

Hmmm but I think we cannot get rid of the assert_eq due to the self.output.end.unencrypted_logs being self.previous_kernel.end.unencrypted_logs_hashes reordered and exposed to public (so counters are zeroed out)

[sirasistant]

I will write a specialized function to avoid using the transformed version when there was no transformation though!

[LeilaWang]

I find it weird that this validateProcessedTxLogs is called in the public processor, after it has processed a tx with or without public calls.

Shouldn't the check for log hashes vs log data be done in the tx validator? A tx shouldn't be considered valid if the user submits wrong log data for it.

The public processor doesn't have to check the logs after simulation if the check is already done before the tx is given to it. If there's any unencrypted log emitted from the public functions, the data will be there. Unless it's using a faulty simulator.

Maybe it's a question for @just-mitch? Wonder if it makes sense or am I missing something 😅

[just-mitch]

That makes sense to me! It's even listed as a validity condition, but it is not done in yarn-project/sequencer-client/src/tx_validator/tx_validator_factory.ts

[sirasistant]

Yes, I think it would need to be to be a tx validator since with the current approach the sequencer will select the TX for inclusion (and simulate its public functions, losing valuable time!) even if the preimages of the logs don't match the hashes in the kernels

[LeilaWang]

Smart new util and tests!