feat: bind to on chain data [skip-line-limit]#1544
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughBinds aggregator proofs to on‑chain committee ordering: committee keccak256 is split into hi/lo limbs, threaded through actors/provers/circuits, verified by BFV verifiers and stored in the registry; adds per-preset incremental circuit build, artifact checks, and benchmark tooling updates. ChangesCommittee Hash Binding & Wiring
Build / Benchmarks / Tooling
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes Possibly related PRs
Suggested reviewers
✨ Finishing Touches🧪 Generate unit tests (beta)
|
0xjei
changed the title
0xjei
changed the title
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 11
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
crates/events/src/enclave_event/compute_request/zk.rs (1)
75-80:⚠️ Potential issue | 🟠 Major | ⚡ Quick winPreserve replay compatibility for older serialized requests.
These types are serialized event payloads, so making
committee_addressesrequired will break deserialization for any pre-upgradeDkgAggregationRequest/DecryptionAggregationRequestalready in storage or in flight. Add a compat path here and reject missing data later at the consumption boundary instead.Compatibility-safe change
pub struct DkgAggregationRequest { pub node_fold_proofs: Vec<Proof>, pub c5_proof: Proof, pub party_ids: Vec<u64>, /// Ordered committee addresses (`topNodes`) for `committee_hash_*` public inputs. + #[serde(default)] pub committee_addresses: Vec<String>, pub params_preset: BfvPreset, } ... pub struct DecryptionAggregationRequest { pub c6_total_slots: usize, pub jobs: Vec<DecryptionAggregationJobRequest>, /// Ordered committee addresses (`topNodes`) for `committee_hash_*` public inputs. + #[serde(default)] pub committee_addresses: Vec<String>, pub params_preset: BfvPreset, }Also applies to: 86-90
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@crates/events/src/enclave_event/compute_request/zk.rs` around lines 75 - 80, The change made `committee_addresses` required breaks deserialization for pre-upgrade payloads; make the field optional and add a compatibility path: change DkgAggregationRequest (and the analogous DecryptionAggregationRequest) to use Option<Vec<String>> for committee_addresses (or annotate with serde(default) into an Option) so older serialized requests without that field still deserialize, and move the rejection/validation of a missing committee_addresses to the consumption boundary where you currently use committee_addresses (validate and return an explicit error if None) so runtime behavior stays strict but storage compatibility is preserved.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@agent/flow-trace/04_DKG_AND_COMPUTATION.md`:
- Around line 612-620: The on-chain flow block still describes the old
nodes-based call shape and missing pkCommitment in the event — update the text
to reflect the new publishCommittee(interface) signature by removing any
nodes.length validation and any references to the old nodes parameter, ensure
the emitted event tuple and subsequent state writes include pkCommitment (e.g.,
set publicKeyHashes[e3Id] = pkHash and also store/emit pkCommitment), and update
the enclave callback to match the new arguments (call
enclave.onCommitteePublished(e3Id, pkHash, pkCommitment) or the correct new
signature). Also mention that verifier redeployment logic pins the same
publicInputs and continues to check last PI == pkCommitment where
proofAggregationEnabled is used.
In `@circuits/bin/recursive_aggregation/decryption_aggregator/src/main.nr`:
- Around line 46-47: The public inputs committee_hash_hi and committee_hash_lo
are declared but never used; wire them into the circuit by asserting they equal
the circuit's computed committee hash values (or by incorporating them into
existing arithmetic constraints) so the proof is bound to those values. Locate
where the committee hash is produced (the code computing the committee digest,
e.g., computed_committee_hash_hi/lo or the function that folds committee
members) and add checks that computed_committee_hash_hi == committee_hash_hi and
computed_committee_hash_lo == committee_hash_lo (or include committee_hash_hi/lo
into the final accumulator expression) so the public inputs are enforced;
alternatively remove the unusued public inputs if they are not required.
In `@circuits/bin/recursive_aggregation/dkg_aggregator/src/main.nr`:
- Around line 55-56: The public inputs committee_hash_hi and committee_hash_lo
are never constrained; compute the keccak/sha-like digest over topNodes inside
main (use the same packing used in the docs, e.g.,
keccak256(abi.encodePacked(topNodes))), split the resulting 256-bit digest into
high and low Field-sized words, and add assertions that committee_hash_hi ==
digest_hi and committee_hash_lo == digest_lo so the public inputs are bound to
topNodes; locate this logic around where topNodes is computed and add the digest
calculation and equality checks referencing committee_hash_hi and
committee_hash_lo.
In `@crates/aggregator/src/threshold_plaintext_aggregator.rs`:
- Around line 665-682: maybe_start_decryption_aggregation currently returns
early when proof_aggregation_enabled is false, which prevents initialization of
decryption_aggregator_proofs and decryption_aggregation_correlation and leads
try_publish_complete (after AggregationProofSigned) to wait forever because
dec_ready never becomes true; to fix, ensure that when proof_aggregation_enabled
is false you still initialize the same state that
dispatch_decryption_aggregation would set (e.g., set
self.decryption_aggregator_proofs = Some(Vec::new()) and initialize
self.decryption_aggregation_correlation to the appropriate sentinel/correlation
value) so the completion path can proceed, or call
dispatch_decryption_aggregation even in the disabled mode (with an appropriate
None/placeholder reply) instead of returning early.
- Around line 1076-1080: The handle method for CommitteeMembersResponse
currently drops the Results returned by maybe_start_decryption_aggregation and
try_publish_complete; update handle (in threshold_plaintext_aggregator::handle)
to check both Results and surface failures instead of swallowing them: call
maybe_start_decryption_aggregation(&ec, ctx.address().recipient()) and match its
Result, logging the error (or using ctx.stop()/ctx.notify on failure) and
returning/propagating as appropriate, then do the same for
try_publish_complete() so any Err is logged/handled (use the crate's
logger/error macros or actor context to stop/retry) — ensure you reference the
same symbols (handle, maybe_start_decryption_aggregation, try_publish_complete,
CommitteeMembersResponse, last_ec) and do not ignore the returned Result values.
In `@crates/sortition/src/sortition.rs`:
- Around line 737-742: The current handle in sortition::handle for
GetCommitteeMembersRequest collapses missing committees into an empty Vec via
unwrap_or_default() (see get_committee, CommitteeMembersResponse, and
msg.reply.do_send), which hides "committee not yet finalized" vs an actually
empty committee; change the behaviour so you do not call unwrap_or_default():
check get_committee()'s Option result explicitly and, if None, send an explicit
error/absent signal instead of an empty members list (e.g., add a
CommitteeNotFound/CommitteeMissing variant or make CommitteeMembersResponse
carry Option<Vec<Member>> or Result<Vec<Member>, Error>) and use
msg.reply.do_send to send that explicit response so callers can retry or fail
instead of proceeding with an empty committee hash.
In `@packages/enclave-contracts/contracts/verifiers/bfv/BfvPkVerifier.sol`:
- Around line 62-64: The length check using COMMITTEE_HASH_LO_IDX is off-by-one
and can accept an array where the last element is committee_hash_lo instead of
pkCommitment; update the validation in the function that inspects publicInputs
to require at least COMMITTEE_HASH_LO_IDX + 2 elements (i.e., ensure
publicInputs.length >= COMMITTEE_HASH_LO_IDX + 2) so that
publicInputs[publicInputs.length - 1] can safely be treated as pkCommitment;
adjust any related early-return (the if using publicInputs.length <
COMMITTEE_HASH_LO_IDX + 1) to the new boundary and keep using the same
identifiers (publicInputs, COMMITTEE_HASH_LO_IDX, pkCommitment) so all
subsequent indexing remains correct.
In `@packages/enclave-contracts/scripts/benchmarkGasFromRaw.ts`:
- Around line 122-137: The code accesses fixed indices of dkgPublicInputs and
decPublicInputs without bounds checks; add explicit length guards before any
fixed-index reads (e.g., before dkgPublicInputs[0], [1] and decPublicInputs[0],
[1]) to verify the arrays have at least 2 elements and, if not, throw a clear
Error that includes which artifact and required length (e.g., "dkgPublicInputs
length < 2: ..."). Apply the same pattern to the other occurrences mentioned
(the later checks around the dec/dkg comparisons at the other sites), updating
the checks in the same function/script (benchmarkGasFromRaw.ts) so any truncated
or malformed publicInputs produce actionable diagnostics instead of runtime
exceptions.
In `@packages/enclave-contracts/test/BfvVkBindingIntegration.spec.ts`:
- Around line 353-356: The test calls bfvPk.verify.staticCall with
ethers.ZeroHash as the VK/committee hash which can mask a committee-hash
mismatch; replace ethers.ZeroHash with the committee hash derived from the proof
(e.g., the computed/encoded committee hash tied to dkgEncoded or the test's
proofCommitteeHash variable) so the negative test exercises the VK-hash check
properly when invoking bfvPk.verify.staticCall(pkCommitment, <committeeHash>,
dkgEncoded).
In `@scripts/build-circuits.ts`:
- Around line 226-235: The skip logic uses computeSourceHash and
isPresetUpToDate to skip building a preset, but computeSourceHash (used at lines
with computeSourceHash and at its definition) only hashes circuit directories
and omits preset identity/config, allowing --skip-if-built to wrongly skip a
different preset; update the skip key to be preset-bound by including the preset
identifier/config in the computed hash or by changing isPresetUpToDate to accept
and compare a combined key (e.g., computeSourceHash(...)+preset or
computePresetBoundKey(preset)) so that methods computeSourceHash and
isPresetUpToDate (and any call sites that construct result.sourceHash)
incorporate the preset name/config before deciding to skip.
- Around line 251-253: The preset stamp is written even when some circuits
failed; change the logic around writePresetStamp so it only runs when the build
had no failures: after the build completes (where you currently call
this.copyArtifacts and this.writePresetStamp), check result for failure
indicators (e.g., result.failed, result.failures, result.errors, or
result.failedCircuits) and only call this.writePresetStamp(preset, sourceHash)
when those arrays are empty (or, if such properties don’t exist, when
result.compiled.length matches the expected total sources count). Keep the
copyArtifacts call as-is but guard the writePresetStamp invocation to avoid
creating .build-stamp.json on partial/failed builds.
---
Outside diff comments:
In `@crates/events/src/enclave_event/compute_request/zk.rs`:
- Around line 75-80: The change made `committee_addresses` required breaks
deserialization for pre-upgrade payloads; make the field optional and add a
compatibility path: change DkgAggregationRequest (and the analogous
DecryptionAggregationRequest) to use Option<Vec<String>> for committee_addresses
(or annotate with serde(default) into an Option) so older serialized requests
without that field still deserialize, and move the rejection/validation of a
missing committee_addresses to the consumption boundary where you currently use
committee_addresses (validate and return an explicit error if None) so runtime
behavior stays strict but storage compatibility is preserved.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: fd05caff-64cd-469c-bd81-f9f7384e79b2
📒 Files selected for processing (62)
agent/flow-trace/00_INDEX.mdagent/flow-trace/04_DKG_AND_COMPUTATION.mdcircuits/benchmarks/README.mdcircuits/benchmarks/results_insecure/crisp_verify_gas.jsoncircuits/benchmarks/results_insecure/integration_summary.jsoncircuits/benchmarks/results_insecure/report.mdcircuits/benchmarks/scripts/check_circuit_preset_artifacts.shcircuits/benchmarks/scripts/ensure_circuit_preset_built.shcircuits/benchmarks/scripts/extract_crisp_verify_gas.shcircuits/benchmarks/scripts/replay_folded_verify_gas.shcircuits/benchmarks/scripts/run_benchmarks.shcircuits/bin/recursive_aggregation/decryption_aggregator/src/main.nrcircuits/bin/recursive_aggregation/dkg_aggregator/src/main.nrcrates/aggregator/src/committee_hash.rscrates/aggregator/src/lib.rscrates/aggregator/src/publickey_aggregator.rscrates/aggregator/src/threshold_plaintext_aggregator.rscrates/events/src/enclave_event/compute_request/zk.rscrates/evm/src/ciphernode_registry_sol.rscrates/multithread/src/multithread.rscrates/sortition/src/sortition.rscrates/utils/src/committee_hash.rscrates/utils/src/lib.rscrates/zk-prover/src/circuits/aggregation/node_dkg_fold.rsexamples/CRISP/packages/crisp-contracts/deployed_contracts.jsonpackages/enclave-contracts/artifacts/contracts/Enclave.sol/Enclave.jsonpackages/enclave-contracts/artifacts/contracts/interfaces/IBondingRegistry.sol/IBondingRegistry.jsonpackages/enclave-contracts/artifacts/contracts/interfaces/ICiphernodeRegistry.sol/ICiphernodeRegistry.jsonpackages/enclave-contracts/artifacts/contracts/interfaces/IEnclave.sol/IEnclave.jsonpackages/enclave-contracts/artifacts/contracts/interfaces/ISlashingManager.sol/ISlashingManager.jsonpackages/enclave-contracts/artifacts/contracts/registry/CiphernodeRegistryOwnable.sol/CiphernodeRegistryOwnable.jsonpackages/enclave-contracts/contracts/Enclave.solpackages/enclave-contracts/contracts/interfaces/ICiphernodeRegistry.solpackages/enclave-contracts/contracts/interfaces/IDecryptionVerifier.solpackages/enclave-contracts/contracts/interfaces/IPkVerifier.solpackages/enclave-contracts/contracts/lib/CommitteeHashLib.solpackages/enclave-contracts/contracts/registry/CiphernodeRegistryOwnable.solpackages/enclave-contracts/contracts/test/MockCiphernodeRegistry.solpackages/enclave-contracts/contracts/test/MockDecryptionVerifier.solpackages/enclave-contracts/contracts/test/MockPkVerifier.solpackages/enclave-contracts/contracts/test/RevertOnVerifyCircuitVerifier.solpackages/enclave-contracts/contracts/verifiers/bfv/BfvDecryptionVerifier.solpackages/enclave-contracts/contracts/verifiers/bfv/BfvPkVerifier.solpackages/enclave-contracts/contracts/verifiers/bfv/honk/DecryptionAggregatorVerifier.solpackages/enclave-contracts/contracts/verifiers/bfv/honk/DkgAggregatorVerifier.solpackages/enclave-contracts/ignition/modules/bfvDecryptionVerifier.tspackages/enclave-contracts/ignition/modules/bfvPkVerifier.tspackages/enclave-contracts/scripts/benchmarkGasFromRaw.tspackages/enclave-contracts/scripts/deployAndSave/bfvDecryptionVerifier.tspackages/enclave-contracts/scripts/deployAndSave/bfvPkVerifier.tspackages/enclave-contracts/scripts/utils.tspackages/enclave-contracts/tasks/enclave.tspackages/enclave-contracts/test/BfvDecryptionVerifier.spec.tspackages/enclave-contracts/test/BfvPkVerifier.spec.tspackages/enclave-contracts/test/BfvVkBindingIntegration.spec.tspackages/enclave-contracts/test/E3Lifecycle/E3Integration.spec.tspackages/enclave-contracts/test/Enclave.spec.tspackages/enclave-contracts/test/Pricing/Pricing.spec.tspackages/enclave-contracts/test/Registry/CiphernodeRegistryOwnable.spec.tspackages/enclave-contracts/test/Slashing/CommitteeExpulsion.spec.tsscripts/build-circuits.tsscripts/generate-verifiers.ts
💤 Files with no reviewable changes (1)
- packages/enclave-contracts/tasks/enclave.ts
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (1)
packages/enclave-contracts/test/BfvPkVerifier.spec.ts (1)
88-149: ⚡ Quick winAdd a regression test for trailing
publicInputs.Current negative tests cover undersized/malformed arrays, but not extra trailing fields. Add one case with
minimalDkgPublicInputs(...)plus an extrabytes32and assertfalseto lock fixed-layout behavior.Suggested test addition
+ it("returns false when publicInputs has trailing fields", async function () { + const { bfvPkVerifier } = await loadFixture(deployWithMockCircuit); + const pkCommitment = ethers.keccak256("0xabcd"); + const proof = encodeProof("0x01", [ + ...minimalDkgPublicInputs(pkCommitment), + ethers.ZeroHash, + ]); + + const result = await bfvPkVerifier.verify.staticCall( + pkCommitment, + ethers.ZeroHash, + proof, + ); + expect(result).to.equal(false); + });🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@packages/enclave-contracts/test/BfvPkVerifier.spec.ts` around lines 88 - 149, Add a negative test that ensures trailing publicInputs cause verification to fail: in BfvPkVerifier.spec.ts, within the existing describe block use loadFixture(deployWithMockCircuit) to get bfvPkVerifier, build a pkCommitment (ethers.keccak256), call minimalDkgPublicInputs(...) to produce the canonical publicInputs array, append one extra bytes32 (e.g. ethers.ZeroHash) to that array, encode the proof with encodeProof("0x01", [...publicInputs, extra]) and call bfvPkVerifier.verify.staticCall(pkCommitment, ethers.ZeroHash, proof) and assert the result equals false; this exercise targets the fixed-layout behavior around minimalDkgPublicInputs, encodeProof and bfvPkVerifier.verify.staticCall.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@crates/sortition/src/sortition.rs`:
- Around line 739-740: The reply to CommitteeMembersResponse currently uses
msg.reply.do_send(...) and discards the result, which can hide a dead recipient;
change this to use msg.reply.try_send(CommitteeMembersResponse { members }) and
handle the Err by reporting it through self.bus.err(...) (or using the existing
trap pattern/macro used elsewhere in this file) so send failures are
logged/reported; locate the send near get_committee(&msg.e3_id) and mirror the
error handling used for E3CommitteeContainsRequest/ThresholdPlaintextAggregator
responses.
In `@packages/enclave-contracts/contracts/verifiers/bfv/BfvPkVerifier.sol`:
- Around line 65-67: The current check uses "publicInputs.length <
MIN_PUBLIC_INPUTS_LEN" which permits extra trailing elements and breaks the
assumption that the last element is pkCommitment; change the validation to
require exact length (publicInputs.length == MIN_PUBLIC_INPUTS_LEN or
computedExpectedLength) so slot semantics cannot drift. Update both the initial
length guard that uses MIN_PUBLIC_INPUTS_LEN and the code path that reads
pkCommitment (the code that indexes the final element) to rely on this
exact-length assertion; if the expected length is derived (circuit public inputs
+ public outputs), compute that value and compare equality rather than a
minimum.
---
Nitpick comments:
In `@packages/enclave-contracts/test/BfvPkVerifier.spec.ts`:
- Around line 88-149: Add a negative test that ensures trailing publicInputs
cause verification to fail: in BfvPkVerifier.spec.ts, within the existing
describe block use loadFixture(deployWithMockCircuit) to get bfvPkVerifier,
build a pkCommitment (ethers.keccak256), call minimalDkgPublicInputs(...) to
produce the canonical publicInputs array, append one extra bytes32 (e.g.
ethers.ZeroHash) to that array, encode the proof with encodeProof("0x01",
[...publicInputs, extra]) and call bfvPkVerifier.verify.staticCall(pkCommitment,
ethers.ZeroHash, proof) and assert the result equals false; this exercise
targets the fixed-layout behavior around minimalDkgPublicInputs, encodeProof and
bfvPkVerifier.verify.staticCall.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 5f59a554-19ab-4180-b34a-eab3788a6e5b
📒 Files selected for processing (28)
agent/flow-trace/04_DKG_AND_COMPUTATION.mdcircuits/benchmarks/results_insecure/crisp_verify_gas.jsoncircuits/benchmarks/results_insecure/integration_summary.jsoncircuits/benchmarks/results_insecure/report.mdcircuits/bin/recursive_aggregation/decryption_aggregator/src/main.nrcircuits/bin/recursive_aggregation/dkg_aggregator/src/main.nrcircuits/lib/src/configs/default/mod.nrcircuits/lib/src/math/committee_hash.nrcircuits/lib/src/math/mod.nrcrates/aggregator/src/threshold_plaintext_aggregator.rscrates/sortition/src/sortition.rscrates/utils/src/committee_hash.rscrates/zk-prover/src/circuits/aggregation/helpers.rscrates/zk-prover/src/circuits/aggregation/node_dkg_fold.rsexamples/CRISP/enclave.config.yamlexamples/CRISP/packages/crisp-contracts/deploy/deploy.tsexamples/CRISP/packages/crisp-contracts/deployed_contracts.jsonexamples/CRISP/server/.env.examplepackages/enclave-contracts/contracts/verifiers/bfv/BfvPkVerifier.solpackages/enclave-contracts/contracts/verifiers/bfv/honk/DecryptionAggregatorVerifier.solpackages/enclave-contracts/contracts/verifiers/bfv/honk/DkgAggregatorVerifier.solpackages/enclave-contracts/scripts/benchmarkGasFromRaw.tspackages/enclave-contracts/scripts/utils.tspackages/enclave-contracts/test/BfvPkVerifier.spec.tspackages/enclave-contracts/test/BfvVkBindingIntegration.spec.tspackages/enclave-contracts/test/fixtures/bfv_vk_binding/README.mdpackages/enclave-contracts/test/fixtures/bfv_vk_binding/folded_artifacts.jsonscripts/build-circuits.ts
✅ Files skipped from review due to trivial changes (5)
- circuits/lib/src/math/mod.nr
- circuits/lib/src/configs/default/mod.nr
- packages/enclave-contracts/test/fixtures/bfv_vk_binding/README.md
- packages/enclave-contracts/test/fixtures/bfv_vk_binding/folded_artifacts.json
- circuits/benchmarks/results_insecure/report.md
🚧 Files skipped from review as they are similar to previous changes (7)
- agent/flow-trace/04_DKG_AND_COMPUTATION.md
- packages/enclave-contracts/test/BfvVkBindingIntegration.spec.ts
- scripts/build-circuits.ts
- crates/zk-prover/src/circuits/aggregation/node_dkg_fold.rs
- packages/enclave-contracts/scripts/utils.ts
- crates/utils/src/committee_hash.rs
- crates/aggregator/src/threshold_plaintext_aggregator.rs
Contributor
Author
|
I have to update the circuits for this PR fyi @hmzakhalid - after merging #1543 I will do that! |
hmzakhalid
added a commit
that referenced
this pull request
May 21, 2026
Merge commit e82d4bd (feat: bind to on chain data #1544) into the contract-audit-fix branch. All conflicts resolved: - BfvPkVerifier / BfvDecryptionVerifier: merged new h/threshold constructor params and committee hash hi/lo circuit layout from main with HEAD's revert-on-failure semantics (InvalidProof, VkHashMismatch, etc.) and 6/8-param verify signatures. - Enclave.sol: kept 8-param decryptionVerifier.verify call with committeeHash sourced from ciphernodeRegistry.getCommitteeHash(e3Id). - CiphernodeRegistryOwnable: kept 6-param pkVerifier.verify call; removed caller-supplied nodes param from publishCommittee (now computed on-chain). - IDecryptionVerifier / IPkVerifier: kept HEAD's full NatSpec and custom errors. - Test specs rewritten to use new 6/8-param verify and main's circuit helpers. - utils.ts VkReader interfaces updated to camelCase immutable names. - fixtures/helpers.ts: removed nodes param from setupAndPublishCommittee. - Benchmark JSONs and flow-trace doc updated from main.
This was referenced May 22, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
closes #1525
requires #1543 to be merged first
Summary by CodeRabbit
New Features
Improvements
Documentation
Tests