u64s_packing utils

Author: benesjan

noir-projects/aztec-nr/aztec/src/discovery/private_logs.nr

@@ -10,7 +10,7 @@ use crate::{
         log_type::{PARTIAL_NOTE_PRIVATE_LOG_TYPE_ID, PRIVATE_NOTE_LOG_TYPE_ID},
     },
     oracle::message_discovery::sync_notes,
-    utils::array,
+    utils::{array, u64s_packing::unpack_two_u64s},
 };
 
 use protocol_types::{
@@ -134,10 +134,7 @@ unconstrained fn decode_log_plaintext(
 
     // See the documentation of this function for a description of the log layout
     let expanded_log_metadata = log_plaintext.get(0);
-
-    let log_metadata = ((expanded_log_metadata as u128) >> 64) as u64;
-    let log_type_id = (expanded_log_metadata as u64);
-
+    let (log_type_id, log_metadata) = unpack_two_u64s(expanded_log_metadata);
     let log_content = array::subbvec(log_plaintext, PRIVATE_LOG_EXPANDED_METADATA_LEN);
 
     (log_type_id, log_metadata, log_content)

noir-projects/aztec-nr/aztec/src/encrypted_logs/log_assembly_strategies/default_aes128/note.nr

@@ -7,6 +7,7 @@ use crate::{
     },
     note::{note_emission::NoteEmission, note_interface::NoteType},
     oracle::notes::{get_app_tag_as_sender, increment_app_tagging_secret_index_as_sender},
+    utils::u64s_packing::pack_two_u64s,
 };
 use dep::protocol_types::{
     abis::note_hash::NoteHash, address::AztecAddress, constants::PRIVATE_LOG_SIZE_IN_FIELDS,
@@ -39,7 +40,7 @@ where
 
     // We pack log type id and log metadata into the first field. Search for `decode_log_plaintext` function to see
     // where the value gets decoded.
-    fields[0] = (Note::get_id() * 2.pow_32(64)) + log_type_id as Field;
+    fields[0] = pack_two_u64s(log_type_id, Note::get_id() as u64);
     fields[1] = storage_slot;
     for i in 0..packed_note.len() {
         fields[i + 2] = packed_note[i];

noir-projects/aztec-nr/aztec/src/utils/mod.nr

@@ -6,4 +6,5 @@ pub mod point;
 pub mod random;
 pub mod to_bytes;
 pub mod secrets;
+pub mod u64s_packing;
 pub mod with_hash;

noir-projects/aztec-nr/aztec/src/utils/u64s_packing.nr

@@ -0,0 +1,88 @@
+global U64_SHIFT_MULTIPLIER: Field = 2.pow_32(64);
+
+pub fn pack_two_u64s(high: u64, low: u64) -> Field {
+    let low_field = low as Field;
+    // We use multiplication instead of bit shifting operations to shift the high bits as bit shift operations are
+    // expensive in circuits.
+    let high_field: Field = (high as Field) * U64_SHIFT_MULTIPLIER;
+    high_field + low_field
+}
+
+pub fn unpack_two_u64s(input: Field) -> (u64, u64) {
+    input.assert_max_bit_size::<128>();
+    let low = (input as u64);
+    // Use division instead of bit shift since bit shifts are expensive in circuits
+    let high = ((input - (low as Field)) / U64_SHIFT_MULTIPLIER) as u64;
+    (high, low)
+}
+
+mod tests {
+    use super::{pack_two_u64s, unpack_two_u64s};
+
+    global U64_MAX: Field = 2.pow_32(64) - 1;
+    global U128_MAX: Field = 2.pow_32(128) - 1;
+
+    #[test]
+    fn packing_two_u64s() {
+        // Test case 1: All bits set
+        let packed = pack_two_u64s(U64_MAX as u64, U64_MAX as u64);
+        let (upper, lower) = unpack_two_u64s(packed);
+        assert(lower == U64_MAX as u64, "Lower 64 bits should be all 1s");
+        assert(upper == U64_MAX as u64, "Upper 64 bits should be all 1s");
+
+        // Test case 2: Only upper 64 bits set
+        let packed = pack_two_u64s(U64_MAX as u64, 0);
+        let (upper, lower) = unpack_two_u64s(packed);
+        assert(lower == 0, "Lower 64 bits should be 0");
+        assert(upper == U64_MAX as u64, "Upper 64 bits should be all 1s");
+
+        // Test case 3: Only lower 64 bits set
+        let packed = pack_two_u64s(0, U64_MAX as u64);
+        let (upper, lower) = unpack_two_u64s(packed);
+        assert(lower == U64_MAX as u64, "Lower 64 bits should be all 1s");
+        assert(upper == 0, "Upper 64 bits should be 0");
+
+        // Test case 4: Zero
+        let packed = pack_two_u64s(0, 0);
+        let (upper, lower) = unpack_two_u64s(packed);
+        assert(lower == 0, "Lower 64 bits should be 0");
+        assert(upper == 0, "Upper 64 bits should be 0");
+    }
+
+    #[test]
+    fn unpacking_two_u64s() {
+        // Test case 1: All bits set
+        let input = U128_MAX;
+        let (upper, lower) = unpack_two_u64s(input);
+        assert(lower == U64_MAX as u64, "Lower 64 bits should be all 1s");
+        assert(upper == U64_MAX as u64, "Upper 64 bits should be all 1s");
+
+        // Test case 2: Only upper 64 bits set
+        let input = U128_MAX - U64_MAX;
+        let (upper, lower) = unpack_two_u64s(input);
+        assert(lower == 0, "Lower 64 bits should be 0");
+        assert(upper == U64_MAX as u64, "Upper 64 bits should be all 1s");
+
+        // Test case 3: Only lower 64 bits set
+        let input = U64_MAX;
+        let (upper, lower) = unpack_two_u64s(input);
+        assert(lower == U64_MAX as u64, "Lower 64 bits should be all 1s");
+        assert(upper == 0, "Upper 64 bits should be 0");
+
+        // Test case 4: Zero
+        let input = 0;
+        let (upper, lower) = unpack_two_u64s(input);
+        assert(lower == 0, "Lower 64 bits should be 0");
+        assert(upper == 0, "Upper 64 bits should be 0");
+    }
+
+    #[test]
+    fn roundtrip_two_u64s() {
+        let original_upper = 12345;
+        let original_lower = 67890;
+        let packed = pack_two_u64s(original_upper, original_lower);
+        let (unpacked_upper, unpacked_lower) = unpack_two_u64s(packed);
+        assert(original_upper == unpacked_upper, "Upper 64 bits should match after roundtrip");
+        assert(original_lower == unpacked_lower, "Lower 64 bits should match after roundtrip");
+    }
+}