Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@aztec/acir-simulator
Advanced tools
This library package is responsible for simulating function circuits compiled to ACIR.
Simulating a function implies generating the partial witness and the public inputs of the function, as well as collecting all the data (such as created notes or nullifiers, or state changes) that are necessary for components upstream.
It's able to simulate three different types of functions:
Private functions are simulated and proved client-side, and verified client-side in the private kernel circuit.
The public inputs of private functions is defined here.
They are run with the assistance of a DB oracle that provides any private data requested by the function.
Private functions can call another private function, and can request to call a public function, but the public function execution will be performed by the sequencer asynchronously, thus having no access to the return values.
Public functions are simulated and proved on the sequencer side, and verified by the public kernel circuit.
The public inputs of public functions is defined here.
They are run with the assistance of an oracle that provides any value read from the public state tree.
Public functions can call other public function, but no private functions.
Unconstrained functions are used to extract useful data for users, such as the user balance. They are not proved, and are simulated client-side.
They are run with the assistance of a DB oracle that provides any private data requested by the function.
At the moment, unconstrained functions cannot call any other function. It would be possible to allow them to call other unconstrained functions.
Same steps as any other library. They are detailed here
Same steps as any other library. They are detailed here
FAQs
## Responsibilities
We found that @aztec/acir-simulator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.