Skip to content

v0.11.0

Choose a tag to compare

View all tags
@iamalwaysuncomfortable iamalwaysuncomfortable released this 27 May 04:51
· 16 commits to mainnet since this release
v0.11.0
1fcb7bd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

v0.11.0

✨ New features

30-50% Proving time Speedup Via Proving Key Caching

If a KeyStore object is configured on the ProgramManager. Proving keys will now:

  1. Be inserted into a function's execution prior to the execution starting, saving up to 50% on proving time.
  2. Be stored in the KeyStore if a function ends up synthesizing new keys.
  • For browsers a reference implementation of an IndexedDB KeyStore is provided for reference.
  • For nodeJS/denoJS or other non-browser clients, a local filesystem KeyStore implementation is provided for reference.
  import {
      Account,
      AleoNetworkClient,
      IndexedDBKeyStore,
      ProgramManager,
  } from "@provablehq/sdk";

  // 1. Construct an IndexedDB-backed KeyStore.
  //    dbName defaults to "aleo-keystore"; override to scope by app.
  //    Browser / Web Worker only — throws a clear error if used in Node/SSR.
  //    Keys are stored as plaintext Uint8Array (readable by any same-origin
  //    script — don't use for secrets you need to defend against XSS).
  const keyStore = new IndexedDBKeyStore("my-app-keys");

  // 2. Wire it into ProgramManager.
  const networkClient = new AleoNetworkClient("https://api.provable.com/v2");
  networkClient.setAccount(Account.fromCiphertext(ciphertext, password));

  const pm = new ProgramManager();
  pm.setNetworkClient(networkClient);
  pm.setKeyStore(keyStore);

  // 3. Caching is now automatic on proof-generating calls.
  //    Before proving: keys for functions in the entry function's call graph
  //      are loaded from IndexedDB.
  //    After proving:  any keys WASM synthesized are persisted back.
  //
  //    Applies to:
  //      • pm.buildExecutionTransaction(...)
  //      • pm.buildTransactionFromAuthorization(...)
  //      • pm.run(...)
  //    Not to authorization-only paths (no proving happens there).

  const tx = await pm.buildExecutionTransaction({
      programName: "credits.aleo",
      functionName: "transfer_public",
      fee: 0.01,
      privateFee: false,
      inputs: ["aleo1...", "100u64"],
  });
  // First call: keys synthesized + written to IndexedDB (~seconds).
  // Subsequent calls (same user, same browser): keys load from cache (~ms).
  // Survives page reloads and tab restarts.

Signed Requests for delegated proving (#1329)

The callers can now execute delegated proofs by sending signed requests AND authorizations. Currently requests are limited to functions with a single call. A call stack deeper than 1 is not yet supported.

import { ExecutionRequest, ProvingRequest } from "@provablehq/sdk";

const signedRequest = ExecutionRequest.sign(
    privateKey,
    "credits.aleo",
    "transfer_public",
    inputs,
    inputTypes,
    /* rootTvk */ undefined,
    /* programChecksum */ undefined,
    /* isRoot */ true,
    /* isDynamic */ false,
);

const provingRequest = ProvingRequest.fromRequest(signedRequest, /* feeRequest */ undefined,
 /* broadcast */ true);
await client.submitProvingRequest({ provingRequest });
// → encrypted-only POST to /prove/request

🔧 Improvements (#1327)

  • IndexedDBKeyStore hardening:

    • Clear "browser/Web Worker only" error when used in Node/SSR contexts
      instead of an unhelpful ReferenceError.
    • Class JSDoc now explicitly warns that keys are stored as plaintext
      Uint8Array (readable by any same-origin script, including XSS).
    • New smoke-test coverage for locator validation, env guard, and open-error
      recovery.

  • RecordScanner.register() restored as an alias of registerEncrypted().
    Existing callers using .register(viewKey, startBlock) continue to compile
    and behaviorally upgrade to the encrypted flow (1. fetches an ephemeral pubkey
    from /pubkey, 2. encrypts the registration payload, 3. POSTs to
    /register/encrypted).

  • SDK logging routed through logger.* in program-manager.ts. ~14 raw
    console.* calls (added in the same release cycle as setLogLevel) now
    respect the configured log level.

⚠️ Breaking changes

This release drops the legacy plaintext /prove and /prove/encrypted routes entirely. All proving requests now flow through encrypted-only endpoints:

  • Authorization-variant requests → POST /prove/authorization
  • Request-variant requests → POST /prove/request

Related changes:

  • DelegatedProvingParams.dpsPrivacy is now @deprecated and silently ignored.
    Existing callers compile; the flag no longer affects routing. Slated for removal
    in a future minor version.
  • submitProvingRequestSafe now throws synchronously if options.provingRequest
    is a string that fails to parse. HTTP failures (400/500/503) still resolve to
    { ok: false, status, error } as before — only caller-side input bugs now
    surface as exceptions rather than fake 500 result objects.

📦 Dependencies

  • Bump ws 8.18.3 → 8.20.1 (#1320)
  • Bump webpack-dev-server 5.2.2 → 5.2.4 (#1319)
  • Bump openssl 0.10.79 → 0.10.80 in /wasm (#1324)
Assets 5
Loading