noir-lang · TomAFrench · May 8, 2024 · May 8, 2024 · May 8, 2024 · May 8, 2024
diff --git a/.aztec-sync-commit b/.aztec-sync-commit
@@ -1 +1 @@
-2e64428af9525bd8c390931061505f7b48d729a4
+1c74387e56b49102043fc6701735325a891e6c65
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
@@ -1,4 +1,4 @@
 {
   ".": "0.29.0",
   "acvm-repo": "0.45.0"
-}
+}
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -196,7 +196,7 @@ yarn docusaurus docs:version <new_version_tag>
 
 This should create a new version by copying the docs folder and the sidebars.js file to the relevant folders, as well as adding this version to versions.json.
 
-You can then open a Pull Request according to the the [PR section](#pull-requests)
+You can then open a Pull Request according to the [PR section](#pull-requests)
 
 ## Changelog
 

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -111,7 +111,7 @@ chumsky = { git = "https://github.com/jfecher/chumsky", rev = "ad9d312", default
 criterion = "0.5.0"
 # Note that using the "frame-pointer" feature breaks framegraphs on linux
 # https://github.com/tikv/pprof-rs/pull/172
-pprof = { version = "0.13", features = ["flamegraph","criterion"] }
+pprof = { version = "0.13", features = ["flamegraph", "criterion"] }
 
 
 dirs = "4"

diff --git a/acvm-repo/acir/README.md b/acvm-repo/acir/README.md
@@ -76,6 +76,12 @@ Some more advanced computations assume that the proving system has an 'embedded
 
 The black box functions supported by ACIR are:
 
+**AES128Encrypt**: ciphers the provided plaintext using AES128 in CBC mode, padding the input using PKCS#7.
+- inputs: byte array [u8; N]
+- iv: initialization vector [u8; 16]
+- key: user key [u8; 16]
+- outputs: byte vector [u8] of length `input.len() + (16 - input.len() % 16)``
+
 **AND**: performs the bitwise AND of lhs and rhs. bit_size must be the same for both inputs.
 - lhs: (witness, bit_size)
 - rhs: (witness, bit_size)
@@ -139,9 +145,11 @@ Inputs and outputs are similar to SchnorrVerify, except that because we use a di
 
 **EcdsaSecp256r1**: Same as EcdsaSecp256k1, but done over another curve.
 
-**FixedBaseScalarMul**: scalar multiplication with a fixed generator of the embedded curve
-- input: low, high are 2 (field , 254), representing the low and high part of the input. For Barretenberg, they must both be less than 128 bits.
-- output: x and y coordinates of $low*G+high*2^{128}*G$, where G is a fixed generator
+**MultiScalarMul**: scalar multiplication with a variable base/input point (P) of the embedded curve
+- input:
+    points (FieldElement, N) a vector of x and y coordinates of input points [x1, y1, x2, y2,...].
+    scalars (FieldElement, N) a vector of low and high limbs of input scalars [s1_low, s1_high, s2_low, s2_high, ...]. (FieldElement, N) For Barretenberg, they must both be less than 128 bits.
+- output: (FieldElement, N) a vector of x and y coordinates of output points [op1_x, op1_y, op2_x, op2_y, ...]. Points computed as $s_low*P+s_high*2^{128}*P$
 
 Because the Grumpkin scalar field is bigger than the ACIR field, we provide 2 ACIR fields representing the low and high parts of the Grumpkin scalar $a$:
 $a=low+high*2^{128},$ with $low, high < 2^{128}$
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		2e64428af9525bd8c390931061505f7b48d729a4
		1c74387e56b49102043fc6701735325a891e6c65