More conventions in ARCHITECTURE.md: depdencies, dynamic memory management, constant-time and side-channel resistance

[mratsim]

Add new conventions to ARCHITECTURE.md

• dependencies / supply chain risk
• dynamic memory management
• constant-time and side-channel resistance

Summary by CodeRabbit

• Documentation
  • Expanded architecture docs with a renamed APIs section and new guidance on dependencies, allowed libraries, and implementation constraints.
  • Added policies for memory allocation in secure/enclave contexts and guidance on annotating code to avoid heap/stack allocations.
  • Introduced detailed constant-time and side-channel resistance guidance, secret-type primitives, and uniform table-access patterns.
  • Reorganized conventions for argument ordering, return-value recommendations, and error/status handling.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly expands the ARCHITECTURE.MD document by formalizing crucial development conventions for the Constantine project. It establishes clear guidelines for managing external dependencies to enhance supply chain security, outlines strict policies for dynamic memory allocation to safeguard sensitive data, and details robust strategies for implementing constant-time operations and mitigating side-channel attack risks in cryptographic routines.

Highlights

• Dependencies and Supply Chain Risk: Introduced guidelines for managing external dependencies, specifying allowed and disallowed components of the Nim standard library to prevent supply chain attacks and ensure cryptographic security.
• Dynamic Memory Management: Established conventions for memory allocation, emphasizing avoidance for secret-handling protocols and detailing the use of custom allocators with Nim's effect tracking for necessary allocations.
• Constant-Time and Side-Channel Resistance: Defined principles for constant-time operations and side-channel resistance, including the use of SecretWord/SecretBool types, conditional primitives, assembly paths, _vartime suffix with effect tracking, and secure table access.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• ARCHITECTURE.md
  • Added a new section "Dependencies" under "APIs & Conventions" detailing allowed and disallowed Nim standard library usage.
  • Added a new section "Memory allocation" outlining policies for avoiding and managing dynamic memory.
  • Added a new section "Constant-time and side-channel resistance" explaining principles and mechanisms for secure cryptographic implementations.
  • Renamed the "APIs" heading to "APIs & Conventions".

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Warning

Rate limit exceeded

@mratsim has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 12 minutes and 31 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: de7031dd-b046-40b0-99d0-77cf89500faf

📥 Commits

Reviewing files that changed from the base of the PR and between 9d49d91 and 5fca1c8.

📒 Files selected for processing (1)

• ARCHITECTURE.md

📝 Walkthrough

Walkthrough

The ARCHITECTURE.md document is expanded and reorganized: "APIs" is renamed to "APIs & Conventions" and new sections cover Dependencies, Argument ordering, Return values, Memory allocation policies, and Constant-time/side-channel resistance details.

Changes

Cohort / File(s)

Summary

Architecture Documentation ARCHITECTURE.md

Renamed "APIs" to "APIs & Conventions". Added new subsections: Dependencies (Nim stdlib, compile-time paths, allowed/forbidden libs), Argument orders, Return values guidance (avoid large returns, prefer out params), Memory allocation policy (allocator restrictions, annotations/effect tracking), Constant-time & side-channel resistance (secret types, primitives, uniform table access, ct_routines.nim references). Lines changed: +63/-1.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I nibble notes in moonlit code,

I tuck secrets gently in a node,
I stamp "no alloc" with tiny paw,
I hop through timing, neat and law,
Hooray—our docs now guard and show!

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: it covers all three key additions (dependencies, dynamic memory management, constant-time and side-channel resistance) to the ARCHITECTURE.md documentation and clearly indicates the pull request's primary purpose.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch update-code-conventions

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request adds important architectural conventions to the ARCHITECTURE.md file regarding dependencies, memory management, and resistance to side-channel attacks. The new sections are well-written and provide valuable guidance for developers. My review includes a few minor suggestions to correct some typos in the documentation to improve its quality.

[gemini-code-assist]

There's a small typo here. compiletime should be compile-time for better readability and consistency with how such terms are usually written.

Suggested change

	- std/os and std/strutils to create compiletime paths relative to the currentSourcePath
	- std/os and std/strutils to create compile-time paths relative to the currentSourcePath

[gemini-code-assist]

There's a typo in substraction. It should be subtraction.

Suggested change

	Constantine assumes that addition, substraction (including carries/borrows), multiplication, bit operations, shifts are constant-time in hardware.
	Constantine assumes that addition, subtraction (including carries/borrows), multiplication, bit operations, shifts are constant-time in hardware.

[gemini-code-assist]

There's a typo here. adn should be and.

Suggested change

	High-level protocols or subroutines for high-level protocols do not need this `_vartime` suffix hence this mostly concerns bigint, fields, elliptic curves adn polynomial arithmetic.
	High-level protocols or subroutines for high-level protocols do not need this `_vartime` suffix hence this mostly concerns bigint, fields, elliptic curves and polynomial arithmetic.

[greptile-apps]

Greptile Summary

This PR is a documentation-only update to ARCHITECTURE.md, expanding the "APIs" section into "APIs & Conventions" with three new subsections covering the project's conventions around dependencies, dynamic memory management, and constant-time/side-channel resistance.

Key additions:

• Dependencies: Clarifies that src has no external dependencies (including most of the Nim standard library) to minimize supply chain attack risk, listing explicit exceptions for compile-time, test, and code-generation usage.
• Memory allocation: Documents the policy of avoiding heap allocation in secret-handling protocols (encryption, hashing, signatures), with custom allocators in constantine/platforms/allocs.nim enforced via Nim's effect tracking.
• Constant-time & side-channel resistance: Explains SecretWord/SecretBool, the _vartime suffix convention, the assembly path for critical routines, and secretLookup/ccopy for cache-safe table access.
• Three minor typos were found: "substraction" → "subtraction" (line 111), missing colon in {.tags[VarTime].} → {.tags:[VarTime].} (line 122), and "adn" → "and" (line 124).

Confidence Score: 5/5

• This PR is safe to merge — it is a documentation-only change with no impact on source code or tests.
• Only ARCHITECTURE.md is modified. No code, tests, build files, or cryptographic logic is changed. The three issues found are documentation typos that do not affect correctness.
• No files require special attention beyond fixing the three identified typos.

Important Files Changed

Filename	Overview
ARCHITECTURE.md	Documentation-only update adding conventions for dependencies, memory allocation, and constant-time/side-channel resistance. Contains three minor typos: "substraction" (line 111), a missing colon in {.tags[VarTime].} (line 122), and "adn" (line 124).

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Protocol Operation] --> B{Handles Secrets?}
    B -- Yes --> C[Avoid Dynamic Allocation]
    B -- No --> D[Custom Allocators\nconstantine/platforms/allocs.nim]
    C --> E{Low-level op?}
    E -- Yes --> F[Use SecretWord / SecretBool\nct_routines.nim]
    F --> G{Compiler may introduce branches?}
    G -- Yes --> H[Assembly path\nx86-64 / ARM64]
    G -- No --> I[Nim implementation]
    E -- No --> J[High-level protocol\nno _vartime suffix needed]
    H --> K{Variable-time variant needed?}
    I --> K
    K -- Yes --> L[Suffix with _vartime\nTagged with VarTime effect]
    K -- No --> M[Default constant-time path]
    L --> N[Blocked at compile-time\nin secret-handling call stacks]
    M --> O{Table access?}
    O -- Yes --> P[Use secretLookup or ccopy\nfor uniform cache access]
    O -- No --> Q[Safe to use]

Loading

_{Last reviewed commit: a90eaaf}

[greptile-apps]

Typo: "substraction" should be "subtraction"

substraction is a misspelling of "subtraction".

Suggested change

	Constantine assumes that addition, substraction (including carries/borrows), multiplication, bit operations, shifts are constant-time in hardware.
	Constantine assumes that addition, subtraction (including carries/borrows), multiplication, bit operations, shifts are constant-time in hardware.

[greptile-apps]

Missing colon in effect-tracking pragma

{.tags[VarTime].} is missing the colon after tags. The correct Nim pragma syntax — as used consistently throughout the actual codebase (e.g., in constantine/platforms/intrinsics/extended_precision_vartime.nim) — is {.tags:[VarTime].}.

Suggested change

	We use Nim's effect tracking `{.tags[VarTime].}` so we can ensure that in protocols that handle secrets it is a compile-time error to have VarTime anywhere in the call stack via `{.tags:[].}`.
	We use Nim's effect tracking `{.tags:[VarTime].}` so we can ensure that in protocols that handle secrets it is a compile-time error to have VarTime anywhere in the call stack via `{.tags:[].}`.

[greptile-apps]

Typo: "adn" should be "and"

adn is a misspelling of "and".

Suggested change

	High-level protocols or subroutines for high-level protocols do not need this `_vartime` suffix hence this mostly concerns bigint, fields, elliptic curves adn polynomial arithmetic.
	High-level protocols or subroutines for high-level protocols do not need this `_vartime` suffix hence this mostly concerns bigint, fields, elliptic curves and polynomial arithmetic.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@ARCHITECTURE.md`:
- Line 111: Fix two typos in the ARCHITECTURE.md security guidance: replace the
word "substraction" with "subtraction" and replace "adn" with "and" (search for
the exact tokens "substraction" and "adn" to locate the occurrences in the
conventions section and update them accordingly).
- Line 122: The Nim pragma example for VarTime is using malformed syntax
`{.tags[VarTime].}`; update the example to the correct Nim pragma format
`{.tags:[VarTime].}` so it matches all other usages and is safe to
copy/paste—specifically replace the occurrence of `{.tags[VarTime].}` with
`{.tags:[VarTime].}` in the VarTime/example line and ensure the brackets and
colon are exactly as shown.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: bfbaad73-f9ed-45a3-aef9-3b0cda1d977b

📥 Commits

Reviewing files that changed from the base of the PR and between 024534f and a90eaaf.

📒 Files selected for processing (1)

• ARCHITECTURE.md

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

ARCHITECTURE.md (1)

75-75: ⚠️ Potential issue | 🟡 Minor

Fix spelling: "Guarenteed" → "Guaranteed"

The abbreviation GCE is misspelled as "Guarenteed Copy Elision" when it should be "Guaranteed Copy Elision".

📝 Proposed spelling fix

-    - And they are struggling with GCE (Guarenteed Copy Elision) and NRVO/RVO(Named) Return Value Optimization
+    - And they are struggling with GCE (Guaranteed Copy Elision) and NRVO/RVO(Named) Return Value Optimization

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@ARCHITECTURE.md` at line 75, Replace the misspelled phrase "Guarenteed Copy
Elision" with the correct spelling "Guaranteed Copy Elision" where it appears
(specifically in the text "GCE (Guarenteed Copy Elision) and NRVO/RVO(Named)
Return Value Optimization") so the line reads "GCE (Guaranteed Copy Elision) and
NRVO/RVO (Named) Return Value Optimization".

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@ARCHITECTURE.md`:
- Line 106: The pragma spacing is inconsistent: change the `{.tags: [].}`
instance to match the established `{.tags:[...].}` style used elsewhere (e.g.,
`{.tags:[HeapAlloc].}` and `{.tags:[Alloca].}`) so all occurrences use no space
after `tags:`; locate the `{.tags: [].}` snippet in the ARCHITECTURE.md text and
remove the space to make it `{.tags:[].}`.
- Line 122: The pragma syntax is inconsistent: update the occurrence of `{.tags:
[VarTime].}` so it matches the project's `{.tags:[].}` style by removing the
space after the colon (change to `{.tags:[VarTime].}`), and scan for other
`{.tags: ...}` occurrences (e.g., `{.tags:[].}`) to ensure all use the
`{.tags:[...].}` format for consistency across the doc.

---

Outside diff comments:
In `@ARCHITECTURE.md`:
- Line 75: Replace the misspelled phrase "Guarenteed Copy Elision" with the
correct spelling "Guaranteed Copy Elision" where it appears (specifically in the
text "GCE (Guarenteed Copy Elision) and NRVO/RVO(Named) Return Value
Optimization") so the line reads "GCE (Guaranteed Copy Elision) and NRVO/RVO
(Named) Return Value Optimization".

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 32b05830-3382-45c3-9245-2e695f515c26

📥 Commits

Reviewing files that changed from the base of the PR and between a90eaaf and 9d49d91.

📒 Files selected for processing (1)

• ARCHITECTURE.md