Skip to content

[1/2] Authentication component rollup target #666

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Sep 22, 2025
Merged

[1/2] Authentication component rollup target #666

merged 15 commits into from
Sep 22, 2025

Conversation

greenhat
Copy link
Contributor

@greenhat greenhat commented Sep 9, 2025
edited
Loading

Close #660
Close #667

Corresponding template repo PR - 0xMiden/rust-templates#21

I suggest reviewing this PR on a per-commit basis.

This PR:

  • Adds new project template for the authentication component (cargo miden new --auth-component [NAME]);
  • Adds example/auth-component-no-auth example project for no-auth version;
  • Adds a local network test using the example/auth-component-no-auth as an authentication component using miden-client in the counter contract scenario;
  • Fixes a few issues discovered along the way.

@greenhat greenhat mentioned this pull request Sep 9, 2025
Closed
@greenhat greenhat linked an issue Sep 9, 2025 that may be closed by this pull request
Don't export core Wasm function that was lifted as component export #667
Closed
@greenhat greenhat mentioned this pull request Sep 10, 2025
Closed
@greenhat greenhat force-pushed the greenhat/i660-auth-proc branch from fbb19fd to aa01ece Compare September 11, 2025 07:33
@greenhat greenhat mentioned this pull request Sep 11, 2025
Merged
@greenhat greenhat marked this pull request as ready for review September 11, 2025 13:07
Copilot
Copilot AI reviewed Sep 11, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds support for authentication components to the Miden rollup system by introducing a new project template and compilation target for authentication components.

  • Adds --auth-component template for creating authentication components that validate account state changes
  • Implements a "no-auth" authentication component example that increments nonce when account state changes
  • Adds local network test demonstrating authentication component usage in counter contract scenario

Reviewed Changes

Copilot reviewed 189 out of 190 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
tools/cargo-miden/src/commands/new_project.rs Adds auth-component template option and updates template tag version
tools/cargo-miden/src/target.rs Adds AuthComponent rollup target detection and library type mapping
tools/cargo-miden/src/lib.rs Adds authentication component midenc compilation flags and RUSTFLAGS management
tools/cargo-miden/tests/build.rs Adds test for auth-component template validation
midenc-session/src/lib.rs Adds AuthComponent rollup target enum variant
sdk/base/wit/miden.wit Adds authentication-component interface definition
examples/auth-component-no-auth/ New example authentication component with no-auth implementation
tests/integration-node/src/node_tests/counter_contract_no_auth.rs Test demonstrating auth component usage
Comments suppressed due to low confidence (1)

tools/cargo-miden/src/target.rs:54

  • The error message is outdated and doesn't include the new 'authentication-component' option. It should be updated to include all valid project kinds.
        _ => bail!(
            "Invalid value '{}' for 'project-kind' in [package.metadata.miden]. Must be one of: \
             'account', 'note-script', or 'transaction-script'",
            kind_str

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@greenhat greenhat marked this pull request as draft September 16, 2025 06:55
@greenhat greenhat marked this pull request as ready for review September 16, 2025 12:12
@greenhat greenhat marked this pull request as draft September 16, 2025 12:13
@greenhat
feature: add RollupTarget::AuthComponent
df18043
@greenhat
fix: don't export core Wasm function after lifting #667
f4b5ff6
@greenhat
fix: convert auth-* function names to snake case (auth_*)
b418339 
The miden-base expects the authentication component expects an authentication procedure with
the name `auth_*` (underscore). Since WIT names are in kebab case convert this one to snake
case. In the future miden-base will use annotation to mark the procedure as authentication
procedure and we will remove this. Until then we use the following workaround.
@greenhat
feature: implement no-auth authentication procedure
afe485d
@greenhat
refactor: move auth-component-no-auth test project to examples
8dddef9
@greenhat
fix: fix the incr_nonce stub function signature,
e398690 
add `-C link-args=--fatal-warnings` to cargo-miden `RUSTFLAGS` to error
out in such cases during the linking.
@greenhat
fix(workaround): rename auth_* function to auth__* to make miden-…
ab27cbc 
…base recognize

the authentication procedure.
@greenhat
chore: add local network test for the no-auth authentication component
5c8d6fe
@greenhat
fix: make init procedure private
3dd2fc2
@greenhat
chore: formatting
3d969b5
@greenhat
fix: restore the RUSTFLAGS env var after running cargo in cargo-miden
825c2e5
@greenhat
feature: add authentication component new project template to `cargo …
e2c3a75 
…miden new`
@greenhat
chore: remove extra comma in RUSTFLAGS, clean up dbg!
eb558cf
@greenhat
refactor: double underscore the whole auth procedure name `auth-proce…
6fc2f3f 
…dure`,

add comments.
@greenhat
shore: update Cargo.lock after rebase
4efe063
@greenhat greenhat force-pushed the greenhat/i660-auth-proc branch from 9f7ec43 to 4efe063 Compare September 16, 2025 13:02
@greenhat greenhat mentioned this pull request Sep 16, 2025
Merged
@greenhat greenhat marked this pull request as ready for review September 16, 2025 13:21
@greenhat
Copy link
Contributor Author

@bitwalker Rebased and ready for review.

Base automatically changed from greenhat/i532-undefined-stub to next September 17, 2025 11:53
bitwalker
bitwalker requested changes Sep 17, 2025
View reviewed changes
Copy link
Collaborator

@bitwalker bitwalker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! There is one change that should be reverted here though (see my comment for details)

codegen/masm/src/lower/component.rs
let init_body = core::mem::take(&mut self.init_body);
let init = masm::Procedure::new(
Default::default(),
masm::Visibility::Public,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The init procedure needs to be public, so that it can be called from any callable procedure in the component that needs to initialize a fresh context in its prologue.

Copy link
Contributor Author

@greenhat greenhat Sep 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure that I understand why init needs to be public. We only invoke the init in our lifted exports functions (see an example at

compiler/tests/integration/expected/examples/basic_wallet.masm

Lines 13 to 21 in 4efe063

export.move-asset-to-note
exec.::miden:basic-wallet/[email protected]::init
trace.240
nop
exec.::miden:basic-wallet/[email protected]::basic_wallet::miden:basic-wallet/[email protected]#move-asset-to-note
trace.252
nop
exec.::std::sys::truncate_stack
end
) which we place in the same module. The lifted export function is then called without any prologue and epilogue at the call site. So the lifted export functions are the only public procedures in the component.

See also the discussion that led to making init private at 0xMiden/miden-base#1877

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should be noted that the fact we're emitting a single module for a given Wasm binary is incidental here, it isn't an inherent structural thing, just an artifact of how Rust compiles to Wasm.

In any case, if we can guarantee that all exports from a component (including a program entrypoint, if present), are emitted to the same underlying MASM module, sure, the init procedure can be private in that case. I didn't think that was something we guaranteed, so much as it was a happy accident of how things get compiled from Rust.

I'm fine with making this private until there is an actual issue in practice, but wanted to raise the chance of it being an issue during review to make sure the change is actually well-motivated.

@greenhat greenhat linked an issue Sep 19, 2025 that may be closed by this pull request
New project template and RollupTarget for the authentication AccountComponent #660
Closed
@greenhat greenhat changed the title Authentication component rollup target [1/2] Authentication component rollup target Sep 19, 2025
bitwalker
bitwalker approved these changes Sep 19, 2025
View reviewed changes
Copy link
Collaborator

@bitwalker bitwalker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Marking this approved, per my latest comment

@greenhat greenhat merged commit d79ee15 into next Sep 22, 2025
9 checks passed
@greenhat greenhat deleted the greenhat/i660-auth-proc branch September 22, 2025 04:53
greenhat added a commit that referenced this pull request Sep 22, 2025
@greenhat
fix: fix the build after merging #666 and #678 without rebasing
a07394d
@greenhat greenhat mentioned this pull request Sep 22, 2025
Merged
greenhat added a commit that referenced this pull request Sep 22, 2025
@greenhat
Merge pull request #684 from 0xMiden/greenhat/fix-incorrect-merge
1cea5c5 
fix: fix the build after merging #666 and #678 without rebasing
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@bitwalker bitwalker bitwalker approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Don't export core Wasm function that was lifted as component export New project template and RollupTarget for the authentication AccountComponent
2 participants
@greenhat @bitwalker