update zkemail.nr for Aztec 4.2.0 / Nargo 1.0.0-beta.18 compatibility#65
update zkemail.nr for Aztec 4.2.0 / Nargo 1.0.0-beta.18 compatibility#65critesjosh wants to merge 2 commits intozkemail:mainfrom
Conversation
Bump Nargo toolchain to 1.0.0-beta.18 and bb.js to 4.2.0-aztecnr-rc.2. Update all Noir dependencies (bignum, rsa, base64, nodash, sha256, poseidon), migrate JS prover to Honk-only with async init, adapt to BoundedVec API changes, u64→u32 sha256_var casts, add pub visibility to globals/struct fields, replace stdlib Poseidon2 with local sponge implementation, and update redc test parameters. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (3)
✅ Files skipped from review due to trivial changes (2)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughThis PR updates Noir/Barretenberg toolchain versions, bumps multiple Rust and example dependencies, narrows SHA-256 length parameters from u64→u32, exposes several previously-private library constants/fields as public, refactors the JS prover to a single UltraHonk backend with persistent init, and makes assorted internal and test adjustments. Changes
Sequence Diagram(s)sequenceDiagram
participant Client
participant ZKEmailProver
participant Barretenberg
Client->>ZKEmailProver: request fullProve(input)
ZKEmailProver->>ZKEmailProver: await init() (ensure Barretenberg ready)
ZKEmailProver->>Barretenberg: generateProof(witness, proofOptions)
Barretenberg-->>ZKEmailProver: proof
ZKEmailProver-->>Client: return proof
Client->>ZKEmailProver: request verify(proof)
ZKEmailProver->>Barretenberg: verifyProof(proof, proofOptions)
Barretenberg-->>ZKEmailProver: verification result
ZKEmailProver-->>Client: return verification result
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
I tested this against the current running Aztec testnet with this project. AztecProtocol/aztec-examples#35 |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@js/src/prover.ts`:
- Around line 14-23: Update the tests to match the new Prover constructor that
takes (circuit, proofOptions?): replace usages like new
ZKEmailProver(circuit2048, num_cpus) and new ZKEmailProver(circuit2048, "plonk",
threads) / new ZKEmailProver(circuit2048, "honk", threads) with the new
signature by passing an UltraHonkBackendOptions object as the second argument
(e.g., new ZKEmailProver(circuit2048, { verifierTarget: "plonk" | "honk",
threads: num_cpus })) so the second parameter is an options object; locate
instantiations of ZKEmailProver in circuits.test.ts and proving.test.ts and
update them accordingly to supply verifierTarget and threads via the options
argument.
In `@lib/Nargo.toml`:
- Around line 8-13: The nodash and poseidon dependency entries in Nargo.toml
(the nodash = { tag = "v0.44.0", git = "https://github.com/olehmisar/nodash" }
and poseidon = { tag = "v0.2.3", git = "https://github.com/noir-lang/poseidon" }
lines) refer to tags that don't exist; fix them by checking the actual GitHub
repo tags for olehmisar/nodash and noir-lang/poseidon and replacing the tag
values with the correct existing tag names (or use a commit SHA or branch name
like "main"/"master" if appropriate) so the dependency resolver can fetch them.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 82cfc49f-dc90-475a-96c5-e4c005dd87e6
📒 Files selected for processing (21)
.github/workflows/test.ymlexamples/email_mask/Nargo.tomlexamples/email_mask/src/main.nrexamples/partial_hash/src/main.nrexamples/remove_soft_line_breaks/Nargo.tomlexamples/remove_soft_line_breaks/src/main.nrexamples/verify_email_1024_bit_dkim/Nargo.tomlexamples/verify_email_1024_bit_dkim/src/main.nrexamples/verify_email_2048_bit_dkim/Nargo.tomlexamples/verify_email_2048_bit_dkim/src/main.nrjs/package.jsonjs/src/prover.tslib/Nargo.tomllib/src/dkim.nrlib/src/headers/email_address.nrlib/src/lib.nrlib/src/partial_hash.nrlib/src/remove_soft_line_breaks.nrlib/src/tests/mod.nrlib/src/tests/test_inputs.nrscripts/common.sh
| constructor( | ||
| /* The ACIR of the Noir circuit to prove */ | ||
| circuit: CompiledCircuit, | ||
| /* Define the prover backend to use */ | ||
| private provingBackend: ProvingBackend = "plonk", | ||
| /* Threads to use */ | ||
| private threads: number = 1 | ||
| /* Options for proof generation (e.g., verifierTarget) */ | ||
| private proofOptions?: UltraHonkBackendOptions, | ||
| ) { | ||
| // initialize the backends | ||
| if (provingBackend === "plonk" || provingBackend === "all") { | ||
| this.plonk = new UltraPlonkBackend(circuit.bytecode, { threads: this.threads }); | ||
| } | ||
| if (provingBackend === "honk" || provingBackend === "all") { | ||
| this.honk = new UltraHonkBackend(circuit.bytecode, { threads: this.threads }); | ||
| } | ||
| this.bytecode = circuit.bytecode; | ||
| // initialize the Noir instance | ||
| this.noir = new Noir(circuit); | ||
| } |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Find all ZKEmailProver instantiations in test files
rg -n "new ZKEmailProver\(" --glob "*.test.ts" -A 1Repository: zkemail/zkemail.nr
Length of output: 1787
🌐 Web query:
zkemail.nr prover typescript constructor breaking change UltraHonk
💡 Result:
In zkemail/zkemail.nr (Noir implementation of ZK Email verifier), recent releases (v2.0.0 on 2026-03-03) introduced breaking changes affecting TypeScript usage via @zk-email/zkemail-nr. Key breaking changes: - RSAPubkey::hash now returns [Field; 2] (separate Poseidon hashes for modulus and redc parameter), changing circuit public outputs from 2 to 3 fields: [modulus_hash, redc_hash, email_nullifier]. - JS hashRSAPublicKey now returns { modulusHash, redcHash } object instead of single bigint. Consumers must destructure accordingly. - Verifier keys must be regenerated due to changed hash return type and circuit outputs. This impacts prover initialization/constructor calls in TypeScript when generating inputs or proofs, as public key handling and witness structures changed. Fixed a Veridise vulnerability by binding prover to redc parameter. UltraHonk refers to Barretenberg's UltraHonk proving scheme (used in Noir/Barretenberg), seen in examples like mopro-zkemail-nr using prove_ultra_honk for zkemail.nr circuits. No specific constructor breaking change tied directly to UltraHonk, but Noir 1.0 updates (mentioned in releases) align with UltraHonk/MegaHonk support.
Citations:
- 1: https://github.com/zkemail/zkemail.nr/releases
- 2: https://github.com/zkemail/zkemail.nr
- 3: https://www.npmjs.com/package/@zk-email/zkemail-nr
- 4: https://github.com/zkmopro/mopro-zkemail-nr/blob/main/src/lib.rs
🏁 Script executed:
# Check if any files in provided context match the test files mentioned
git ls-files | grep -E "(test|spec)" | head -20Repository: zkemail/zkemail.nr
Length of output: 487
🏁 Script executed:
cat js/tests/circuits.test.tsRepository: zkemail/zkemail.nr
Length of output: 8941
🏁 Script executed:
cat js/tests/proving.test.tsRepository: zkemail/zkemail.nr
Length of output: 8852
🏁 Script executed:
head -40 js/src/prover.tsRepository: zkemail/zkemail.nr
Length of output: 1348
Breaking API change: Constructor signature incompatible with existing tests.
The constructor now accepts only (circuit, proofOptions?), but tests use incompatible arguments with @ts-ignore suppressions:
- circuits.test.ts:
new ZKEmailProver(circuit2048, num_cpus)— passes a number whereUltraHonkBackendOptionsis expected - proving.test.ts:
new ZKEmailProver(circuit2048, "plonk", threads)andnew ZKEmailProver(circuit2048, "honk", threads)— passes a string and number; the string will be incorrectly treated asproofOptions, and the third argument is ignored
These tests will fail at runtime. Update test instantiations to use the new constructor signature.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@js/src/prover.ts` around lines 14 - 23, Update the tests to match the new
Prover constructor that takes (circuit, proofOptions?): replace usages like new
ZKEmailProver(circuit2048, num_cpus) and new ZKEmailProver(circuit2048, "plonk",
threads) / new ZKEmailProver(circuit2048, "honk", threads) with the new
signature by passing an UltraHonkBackendOptions object as the second argument
(e.g., new ZKEmailProver(circuit2048, { verifierTarget: "plonk" | "honk",
threads: num_cpus })) so the second parameter is an options object; locate
instantiations of ZKEmailProver in circuits.test.ts and proving.test.ts and
update them accordingly to supply verifierTarget and threads via the options
argument.
| bignum = { tag = "v0.9.2", git = "https://github.com/noir-lang/noir-bignum" } | ||
| rsa = { tag = "v0.10.0", git = "https://github.com/zkpassport/noir_rsa" } | ||
| base64 = { tag = "v0.4.2", git = "https://github.com/noir-lang/noir_base64" } | ||
| nodash = { tag = "v0.44.0", git = "https://github.com/olehmisar/nodash" } | ||
| sha256 = { git = "https://github.com/noir-lang/sha256", tag = "v0.3.0" } | ||
| poseidon = { tag = "v0.2.3", git = "https://github.com/noir-lang/poseidon" } No newline at end of file |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify git tags exist for the updated dependencies
echo "Checking bignum v0.9.2..."
git ls-remote --tags https://github.com/noir-lang/noir-bignum refs/tags/v0.9.2
echo "Checking rsa v0.10.0 (new repo: zkpassport/noir_rsa)..."
git ls-remote --tags https://github.com/zkpassport/noir_rsa refs/tags/v0.10.0
echo "Checking base64 v0.4.2..."
git ls-remote --tags https://github.com/noir-lang/noir_base64 refs/tags/v0.4.2
echo "Checking nodash v0.44.0..."
git ls-remote --tags https://github.com/olehmisar/nodash refs/tags/v0.44.0
echo "Checking sha256 v0.3.0..."
git ls-remote --tags https://github.com/noir-lang/sha256 refs/tags/v0.3.0
echo "Checking poseidon v0.2.3..."
git ls-remote --tags https://github.com/noir-lang/poseidon refs/tags/v0.2.3Repository: zkemail/zkemail.nr
Length of output: 1784
🌐 Web query:
bignum v0.9.2 site:github.com/noir-lang/noir-bignum tag release
💡 Result:
The noir-lang/noir-bignum repository, an optimized big number library for Noir, lists v0.9.2 as its latest release on 2026-02-20. However, detailed release notes or tag information for v0.9.2 are not available in the searched results, which show details for prior versions like v0.9.0 (2026-02-05, breaking changes in Div trait impl and features like Barrett reduction), v0.8.1 (2025-11-13), and v0.7.4 (2025-07-11). The repository has 36 total releases, with last push on 2026-03-30.
Citations:
🌐 Web query:
rsa v0.10.0 site:github.com/zkpassport/noir_rsa tag release
💡 Result:
In github.com/zkpassport/noir_rsa, there is a Git tag v0.10.0 (dated Feb 24, 2026) pointing to commit 42664c4 with the tag message “update bignum, sha256 and sha512 deps”. (github.com)
There does not appear to be a corresponding GitHub “Release” entry for v0.10.0 on the repo’s Releases page (i.e., it’s a tag, not a published Release). (github.com)
Citations:
🌐 Web query:
base64 v0.4.2 site:github.com/noir-lang/noir_base64 tag release
💡 Result:
The base64 v0.4.2 tag refers to the latest release of the noir_base64 library, a Base64 encoding/decoding library written in Noir (a programming language for zero-knowledge proofs). It was released on 2025-07-15. The repository is at https://github.com/noir-lang/noir_base64, which has 10 releases, with v0.4.2 as the most recent. The library supports encoding arbitrary byte arrays to Base64 and decoding Base64-encoded byte arrays, compatible with Noir stable releases from v1.0.0-beta.1. It implements RFC 4648 alphabets (standard base64 and base64url), with options for padding. No specific changelog for v0.4.2 was found in search results, but the repo last had activity in 2026-03-13.
Citations:
🌐 Web query:
nodash v0.44.0 site:github.com/olehmisar/nodash tag release
💡 Result:
No evidence found of a nodash v0.44.0 tag release. The only relevant result is a GitHub repository at https://github.com/olehmisar/nodash, which appears to be inactive or empty, with no open pull requests and no mentions of releases or tags, including v0.44.0. No official documentation, changelogs, or announcements for this specific version were discovered across multiple searches.
Citations:
🌐 Web query:
sha256 v0.3.0 site:github.com/noir-lang/sha256 tag release
💡 Result:
The sha256 v0.3.0 tag release refers to the latest release of the noir-lang/sha256 GitHub repository, a SHA256 hashing library for the Noir language (previously part of Noir's standard library). It was released on 2025-12-09T16:22:05Z. The repository has 9 total releases, with v0.3.0 as the most recent. It is compatible with Noir v0.36.0 and is installed via Nargo.toml with a git tag dependency (example shown for v0.1.0, but similar for v0.3.0).
Citations:
🌐 Web query:
poseidon v0.2.3 site:github.com/noir-lang/poseidon tag release
💡 Result:
No evidence found of a v0.2.3 tag release for any project named Poseidon. The noir-lang/poseidon GitHub repository exists (21 stars, on master branch with active workflows), but direct searches for releases, tags, or changelog for v0.2.3 returned no results. No official documentation or announcements confirm this specific release tag as of 2026-04-15.
Citations:
- 1: https://github.com/noir-lang/poseidon/projects?query=is%3Aopen
- 2: https://github.com/noir-lang/poseidon/actions
Fix dependency tags for nodash and poseidon.
Verification found issues with two dependencies:
nodash v0.44.0: No evidence of this tag atgithub.com/olehmisar/nodashposeidon v0.2.3: No evidence of this tag atgithub.com/noir-lang/poseidon
The following dependencies were verified and are correct:
bignum v0.9.2✓rsa v0.10.0atzkpassport/noir_rsa✓base64 v0.4.2✓sha256 v0.3.0✓
Update the nodash and poseidon dependency tags to existing versions, or verify the correct tag names.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@lib/Nargo.toml` around lines 8 - 13, The nodash and poseidon dependency
entries in Nargo.toml (the nodash = { tag = "v0.44.0", git =
"https://github.com/olehmisar/nodash" } and poseidon = { tag = "v0.2.3", git =
"https://github.com/noir-lang/poseidon" } lines) refer to tags that don't exist;
fix them by checking the actual GitHub repo tags for olehmisar/nodash and
noir-lang/poseidon and replacing the tag values with the correct existing tag
names (or use a commit SHA or branch name like "main"/"master" if appropriate)
so the dependency resolver can fetch them.
1 participant
Bump Nargo toolchain to 1.0.0-beta.18 and bb.js to 4.2.0-aztecnr-rc.2. Update all Noir dependencies (bignum, rsa, base64, nodash, sha256, poseidon), migrate JS prover to Honk-only with async init, adapt to BoundedVec API changes, u64→u32 sha256_var casts, add pub visibility to globals/struct fields, replace stdlib Poseidon2 with local sponge implementation, and update redc test parameters.
Summary by CodeRabbit
Chores
New Features
API
Tests