refactor: adapt to fhe.rs upstream [skip-line-limit]

[0xjei]

WE NEED TO STABILIZE AND MERGE gnosisguild/fhe.rs#61. THEN, SWITCH TO MAIN FHE.RS AND MOVE ON.

NB. THERE ARE BREAKING CHANGES SINCE WE MOVE TO RUST 1.91.1, RAND 0.9 AND NEW FHE.RS APIS!

Summary by CodeRabbit

• New Features

  • Added browser smoke tests for WASM packages to validate in-browser functionality.

• Chores

  • Upgraded Rust toolchain across the repo to 1.91.1.
  • Updated several dependencies (including rand, ndarray, zeroize and related crates).
  • Refreshed benchmark results and reports.
  • CI/Docker builds now install protoc and run new WASM browser smoke tests.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
crisp	Ready	Preview, Comment	May 29, 2026 2:28pm
enclave-docs	Ready	Preview, Comment	May 29, 2026 2:28pm
enclave-enclave-dashboard	Ready	Preview, Comment	May 29, 2026 2:28pm

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 2c3c3ade-ea35-4da8-b5a9-1a8160c48735

📥 Commits

Reviewing files that changed from the base of the PR and between 66eb28f and 4b76a7e.

⛔ Files ignored due to path filters (3)

• Cargo.lock is excluded by !**/*.lock
• examples/CRISP/Cargo.lock is excluded by !**/*.lock
• templates/default/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (3)

• Cargo.toml
• examples/CRISP/Cargo.toml
• templates/default/Cargo.toml

---

📝 Walkthrough

Walkthrough

This PR modernizes RNG usage (unifying on rand::rng()), introduces ToPowerBasisPoly conversions and explicit PowerBasis/NTT-typed Polys across BFV/ZK modules, migrates ZK circuit computation APIs (context/moduli access and CRT indexing), upgrades toolchains/dependencies and CI/Docker, and adds WASM browser smoke tests and benchmark/report refreshes.

Changes

Dependency and Build Configuration Updates

Layer / File(s)	Summary
Rust toolchain upgrade and dependency pinning Cargo.toml, rust-toolchain.toml, crates/support/Cargo.toml, .github/workflows/ci.yml, crates/Dockerfile, crates/net/tests/Dockerfile, crates/support/Dockerfile, examples/CRISP/server/Dockerfile, examples/CRISP/rust-toolchain.toml, examples/CRISP/Dockerfile, templates/default/flake.nix, README.md, docs/pages/quick-start.mdx	Rust version upgraded from 1.86.0 to 1.91.1 across workspace configs. FHE/workspace dependency declarations adjusted; ndarray bumped 0.15.6→0.17.2, rand_chacha 0.3.1→0.9.0, rand 0.8.5→0.9.2, zeroize 1.8.1→1.8.2. CI/Docker builds now install protobuf-compiler across multiple jobs and Dockerfiles.
Dependency alias and WASM randomness crates/cli/Cargo.toml, crates/cli/src/helpers/compile_id.rs, crates/wasm/Cargo.toml, examples/CRISP/crates/zk-inputs-wasm/Cargo.toml, examples/CRISP/crates/zk-inputs/Cargo.toml, crates/wasm/.cargo/config.toml	rand08 alias added to crates/cli pinning rand 0.8.5 for legacy compatibility; compile_id.rs switched to use rand08::StdRng. getrandom upgraded from 0.2→0.3 with wasm_js feature; getrandom2 alias added for backward compatibility. New .cargo/config.toml for wasm32 target enables getrandom_backend="wasm_js" rustflag.

Polynomial Type System and Helpers

Layer / File(s)	Summary
ToPowerBasisPoly trait abstraction crates/polynomial/src/fhe_poly.rs, crates/polynomial/src/lib.rs, crates/polynomial/src/polynomial.rs, crates/polynomial/src/crt_polynomial.rs	New public trait ToPowerBasisPoly with implementations for Poly<PowerBasis>, Poly<Ntt>, Poly<NttShoup>, and references. Polynomial::from_fhe_polynomial and CrtPolynomial::from_fhe_polynomial now accept &impl ToPowerBasisPoly. CrtPolynomial::to_fhe_polynomial return type changed to Poly<PowerBasis>. Removed ndarray dependency from polynomial crate.
BFV polynomial serialization and conversion helpers crates/trbfv/src/helpers.rs, crates/zk-helpers/src/math.rs, crates/aggregator/src/publickey_aggregator.rs	Replaced try_poly_from_bytes with try_poly_pb_from_bytes (returns Poly<PowerBasis>) and added try_poly_ntt_from_bytes (returns Poly<Ntt>). Sensitive-bytes helpers now return Poly<PowerBasis>. Generalized stringify_poly and hash_poly for Poly<R> with any RepresentationTag. Added public helpers plaintext_poly_u64() to decode plaintext coefficients and array2_u64_to_bigint() for matrix conversion. Removed unused bail import from aggregator.

RNG Modernization

Layer / File(s)	Summary
Core RNG replacement in BFV and crypto operations crates/bfv-client/src/client.rs, crates/crypto/src/cipher.rs, crates/entrypoint/src/start/start.rs, crates/keyshare/Cargo.toml, crates/keyshare/src/threshold_keyshare.rs	BFV encryption/decryption operations switched from thread_rng() to rand::rng(). AES-GCM nonce generation now uses rand::rng().fill_bytes() instead of OsRng. ChaCha20Rng seeding changed to try_from_os_rng() with error context wrapping. UnwrapErr(OsRng) wrapper used in keyshare for BFV operations. Added rand_core dependency to keyshare.
Test helper and utilities RNG updates crates/test-helpers/src/lib.rs, crates/test-helpers/src/usecase_helpers.rs, crates/test-helpers/src/application.rs	SeedableRng import switched to rand. Ethernet address generation uses rand::rng().random() instead of thread_rng().gen(). GeneratedShares now carries bfv_params: Arc<BfvParameters>. generate_ciphertexts and run_application derive parameters from PublicKey.par instead of accepting explicit params argument. get_decryption_keys now takes explicit bfv_params parameter.
ZK circuit sample generator RNG updates crates/zk-helpers/src/circuits/dkg/pk/sample.rs, crates/zk-helpers/src/circuits/dkg/share_computation/sample.rs, crates/zk-helpers/src/circuits/dkg/share_decryption/sample.rs, crates/zk-helpers/src/circuits/dkg/share_encryption/sample.rs, crates/zk-helpers/src/circuits/threshold/*/sample.rs, crates/zk-helpers/src/circuits/commitments.rs, examples/CRISP/crates/zk-inputs/src/lib.rs	All sample generators switched from thread_rng() or OsRng to unified rand::rng() instance. Mutable RNG references passed through key generation and encryption calls. Test fixtures updated to match new RNG patterns. CRISP ZK inputs library uses rand::rng() for key generation and vote encryption.

BFV Witness and Type System Updates

Layer / File(s)	Summary
BFV encryption witness and internal polynomial types crates/trbfv/src/shares/bfv_encrypted.rs, crates/trbfv/src/calculate_decryption_key.rs, crates/trbfv/src/calculate_decryption_share.rs, crates/trbfv/src/calculate_threshold_decryption.rs, crates/trbfv/src/gen_esi_sss.rs	BfvEncryptionWitness fields u_rns, e0_rns, e1_rns changed to Poly<Ntt>. Internal response types use Poly<PowerBasis> for decryption material. Decryption-share calculation transforms sk_poly_sum to NTT form before operation. Share deserialization uses try_poly_pb_from_bytes. Tests updated to use rand::rng() and new plaintext extraction methods.

ZK Circuit Data Structure and Computation Updates

Layer / File(s)	Summary
ZK circuit data model and representation updates crates/zk-helpers/src/circuits/dkg/share_encryption/circuit.rs, crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/circuit.rs, crates/multithread/src/multithread.rs	ShareEncryptionCircuitData RNS polynomial fields changed to Poly<Ntt>. DecryptedSharesAggregationCircuitData.d_share_polys changed to Vec<Poly<PowerBasis>>. ZK proof handlers updated to use domain-specific deserialization: try_poly_ntt_from_bytes for NTT inputs, try_poly_pb_from_bytes for power-basis polynomials. Job ID generation uses rand::rng().random() instead of thread_rng().gen().
ZK computation context and modulus APIs crates/zk-helpers/src/circuits/dkg/share_encryption/computation.rs, crates/zk-helpers/src/circuits/dkg/share_decryption/computation.rs, crates/zk-helpers/src/circuits/threshold/*/computation.rs, crates/zk-helpers/src/circuits/threshold/user_data_encryption/computation.rs, crates/zk-helpers/src/circuits/threshold/user_data_encryption/utils.rs	Replaced ctx_at_level() with context_at_level() across all computation modules. Updated modulus operator access to use **qi dereferencing instead of .modulus() calls. CRT polynomial construction changed to index via ct[0]/ct[1] and pk.c[0]/pk.c[1] instead of nested .c.c[...] access. Plaintext coefficient extraction uses plaintext_poly_u64() helper. Encryption now passes &mut rand::rng() for RNG.
ZK sample generators and test updates crates/zk-helpers/src/circuits/dkg/share_encryption/sample.rs, crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/sample.rs, crates/zk-helpers/src/circuits/threshold/share_decryption/sample.rs	Sample generation uses Poly::<PowerBasis>::zero() and Poly::<Ntt> constructors with context. Decryption shares computed with sk_poly_sum.into_ntt() transformation. Test assertions updated to use new field access patterns (public_key.c.len() vs nested .c.c.len()). Field access for array construction uses new index-based API (array2_u64_to_bigint).

Test Infrastructure and Integration Updates

Layer / File(s)	Summary
Test helper parameter sourcing crates/tests/tests/integration.rs, crates/trbfv/tests/integration.rs	Integration tests updated to use new generate_ciphertexts and run_application signatures that no longer require explicit params_raw argument. Parameters now derived from generated bfv_params and PublicKey. get_decryption_keys call updated to pass explicit bfv_params parameter.
Attestation evidence handling crates/zk-prover/tests/slashing_integration_tests.rs, crates/zk-prover/tests/local_e2e_tests.rs	encode_attestation_evidence now accepts and encodes non-empty evidence: Bytes field. All test scenarios (valid quorum, insufficient attestations, invalid signatures, duplicates, actor parity) updated to generate raw_evidence, compute data_hash via keccak256(raw_evidence), and pass raw_evidence to evidence encoding. Threshold context lookup uses context_at_level(0) and sk_poly applies .into_ntt() transformation.

WASM and Browser Testing

Layer / File(s)

Summary

WASM browser smoke testing infrastructure crates/wasm/smoke.html, crates/wasm/scripts/browser-smoke.mjs, crates/wasm/package.json, examples/CRISP/packages/crisp-zk-inputs/smoke.html, examples/CRISP/packages/crisp-zk-inputs/scripts/browser-smoke.mjs, examples/CRISP/packages/crisp-zk-inputs/package.json

Added static HTML smoke test pages that initialize WASM modules, perform BFV key generation and encryption operations, and validate outputs via window.__wasmSmoke. Node.js/Playwright test runners serve smoke.html via ephemeral HTTP servers, launch headless Chromium, and validate smoke test results. npm test:browser scripts added to both crates/wasm and examples/CRISP. Playwright added as dev dependency.

Benchmark and Configuration Updates

Layer / File(s)

Summary

Benchmark results and deployment metadata circuits/benchmarks/results_insecure_no_agg_micro/benchmark_run_meta.json, circuits/benchmarks/results_insecure_no_agg_micro/crisp_verify_gas.json, circuits/benchmarks/results_insecure_no_agg_micro/integration_summary.json, circuits/benchmarks/results_insecure_no_agg_micro/report.md, templates/default/deployed_contracts.json, templates/default/enclave.config.yaml, tests/integration/enclave.config.yaml

Benchmark operation and phase timings updated with new measurement results. Verify gas values adjusted. Deployment block numbers updated for templates and test configs. Report metadata (timestamp, git branch/commit) refreshed.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• gnosisguild/enclave#1273: Changes touch the decrypted-shares-aggregation circuit; this PR updates polynomial representations used by that circuit.
• gnosisguild/enclave#1356: Related to ShareEncryption proof paths and multithread handler updates.
• gnosisguild/enclave#1500: Overlaps with changes to C6/d_commitment verification deserialization logic.

Suggested labels

ciphernode

Suggested reviewers

• ctrlc03

Poem

🐰 A rabbit's note on code and chance:

PowerBasis blooms where Polys align,
rand::rng() whispers through each line.
WASM wakes with a gentle smoke,
tests pass lightly, proofs bespoke.
Hooray — the build and types entwine!

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fhers/upstream

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

crates/trbfv/src/calculate_decryption_share.rs (1)

116-127: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Guard against empty es_poly_sum before modulo indexing.

index % es_poly_sum.len() will panic when es_poly_sum is empty. Validate once and return an error early.

🐛 Proposed fix

     let sk_poly_sum = req.sk_poly_sum;
     let es_poly_sum = req.es_poly_sum;
+    if es_poly_sum.is_empty() {
+        bail!("es_poly_sum must contain at least one polynomial");
+    }
 
     info!("Calculating d_share_poly...");

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/trbfv/src/calculate_decryption_share.rs` around lines 116 - 127,
Before iterating to build d_share_poly, check that es_poly_sum is non-empty and
return an appropriate Error/Result early instead of doing index %
es_poly_sum.len(); specifically add a guard above the .into_iter().enumerate()
map that validates !es_poly_sum.is_empty() (or returns Err(...) from the
surrounding function) so ShareManager::new and the mapping logic never attempt
modulo with a zero length; ensure the error type matches the surrounding
function's return (e.g., the calculate_decryption_share function's Result) and
include a clear message like "empty smudging polynomial list".

🧹 Nitpick comments (3)

crates/cli/Cargo.toml (1)

45-47: 💤 Low value

Clarify the need for dual rand versions.

Adding rand08 as a separate dependency alongside workspace rand creates a dual-version situation. This is sometimes necessary for compatibility with dependencies that haven't migrated to newer rand versions. Consider adding a comment explaining which dependency requires rand 0.8.5 to help future maintainers understand this setup.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/cli/Cargo.toml` around lines 45 - 47, Explain the dual rand dependency
by adding an inline comment in Cargo.toml next to the rand08 = { package =
"rand", version = "=0.8.5", features = ["std", "std_rng"] } entry that states
which crate (name the dependent crate) requires rand 0.8.5 and why we keep the
workspace rand alongside it (compatibility/shim for that dependency); ensure the
comment mentions the exact dependency name and version constraint so future
maintainers understand why rand08 exists and avoid accidental removal or
unification with the workspace rand.

crates/trbfv/src/calculate_decryption_share.rs (1)

127-131: ⚡ Quick win

Precompute NTT form of sk_poly_sum once.

The NTT conversion is repeated for each ciphertext. Hoist it out of the loop to reduce per-item overhead.

♻️ Proposed refactor

-    let d_share_poly = req
+    let sk_poly_sum_ntt = sk_poly_sum.into_ntt();
+    let d_share_poly = req
         .ciphertexts
         .into_iter()
         .enumerate()
         .map(|(index, ciphertext)| {
@@
             share_manager
                 .decryption_share(
                     Arc::new(ciphertext),
-                    sk_poly_sum.clone().into_ntt(),
+                    sk_poly_sum_ntt.clone(),
                     es_poly_sum[es_idx].clone(),
                 )

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/trbfv/src/calculate_decryption_share.rs` around lines 127 - 131, NTT
conversion of sk_poly_sum is being performed inside the loop for every
ciphertext; compute sk_poly_sum.into_ntt() once before iterating and reuse it in
the call to share_manager.decryption_share to avoid repeated conversions.
Specifically, hoist the result of sk_poly_sum.clone().into_ntt() into a local
variable (e.g., sk_poly_sum_ntt) outside the loop and pass that variable to
share_manager.decryption_share instead of calling into_ntt() repeatedly; keep
using es_poly_sum[es_idx] and ciphertext as before.

Cargo.toml (1)

155-158: ⚡ Quick win

Reminder: FHE dependencies must switch to stable references before merge.

Per the PR description's "DO NOT MERGE" notice, these FHE crates are pinned to the upstream-merge-conflicts branch. Once fhe.rs PR #61 is stabilized and merged, update these to point to main or a versioned tag.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Cargo.toml` around lines 155 - 158, The Cargo.toml currently pins FHE crates
(fhe, fhe-traits, fhe-math, fhe-util) to the temporary branch
"upstream-merge-conflicts"; before merging replace these git branch references
with stable refs (either branch = "main" or a released semver tag) for each
dependency (fhe, fhe-traits, fhe-math, fhe-util) so the project depends on a
stable, versioned commit once fhe.rs PR `#61` is merged and published.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@crates/entrypoint/src/start/start.rs`:
- Line 19: Replace the infallible ChaCha20Rng::from_os_rng() call with the
fallible ChaCha20Rng::try_from_os_rng() and propagate/map the Result into anyhow
so startup fails gracefully on OS RNG errors; e.g., change the initialization of
rng (currently Arc::new(Mutex::new(ChaCha20Rng::from_os_rng()))) to use
ChaCha20Rng::try_from_os_rng().map_err/Context and the ? operator so
Arc::new(Mutex::new(...)) receives a seeded RNG on success or returns an anyhow
error on failure.

In `@examples/CRISP/Cargo.toml`:
- Around line 50-53: Replace the git branch pins for the fhe dependencies (fhe,
fhe-traits, fhe-math, fhe-util) with immutable rev pins: replace branch =
"upstream-merge-conflicts" with rev = "<commit-sha>" for each dependency in the
manifest and then run cargo update / cargo generate-lockfile so Cargo.lock
records the resolved ?rev= references rather than branch= entries; ensure the
chosen commit SHAs are the exact commits you want to lock to and update the rev
values accordingly.

In `@templates/default/Cargo.toml`:
- Around line 10-11: The entries for the git dependencies fhe and fhe-traits
currently use branch = "upstream-merge-conflicts" which makes builds
non-reproducible; update both dependency specifications (the fhe and fhe-traits
entries) to include an immutable rev (commit SHA) alongside the git URL (i.e.,
replace or augment branch with rev = "<commit-sha>") so the template pins to a
specific commit and is reproducible.

---

Outside diff comments:
In `@crates/trbfv/src/calculate_decryption_share.rs`:
- Around line 116-127: Before iterating to build d_share_poly, check that
es_poly_sum is non-empty and return an appropriate Error/Result early instead of
doing index % es_poly_sum.len(); specifically add a guard above the
.into_iter().enumerate() map that validates !es_poly_sum.is_empty() (or returns
Err(...) from the surrounding function) so ShareManager::new and the mapping
logic never attempt modulo with a zero length; ensure the error type matches the
surrounding function's return (e.g., the calculate_decryption_share function's
Result) and include a clear message like "empty smudging polynomial list".

---

Nitpick comments:
In `@Cargo.toml`:
- Around line 155-158: The Cargo.toml currently pins FHE crates (fhe,
fhe-traits, fhe-math, fhe-util) to the temporary branch
"upstream-merge-conflicts"; before merging replace these git branch references
with stable refs (either branch = "main" or a released semver tag) for each
dependency (fhe, fhe-traits, fhe-math, fhe-util) so the project depends on a
stable, versioned commit once fhe.rs PR `#61` is merged and published.

In `@crates/cli/Cargo.toml`:
- Around line 45-47: Explain the dual rand dependency by adding an inline
comment in Cargo.toml next to the rand08 = { package = "rand", version =
"=0.8.5", features = ["std", "std_rng"] } entry that states which crate (name
the dependent crate) requires rand 0.8.5 and why we keep the workspace rand
alongside it (compatibility/shim for that dependency); ensure the comment
mentions the exact dependency name and version constraint so future maintainers
understand why rand08 exists and avoid accidental removal or unification with
the workspace rand.

In `@crates/trbfv/src/calculate_decryption_share.rs`:
- Around line 127-131: NTT conversion of sk_poly_sum is being performed inside
the loop for every ciphertext; compute sk_poly_sum.into_ntt() once before
iterating and reuse it in the call to share_manager.decryption_share to avoid
repeated conversions. Specifically, hoist the result of
sk_poly_sum.clone().into_ntt() into a local variable (e.g., sk_poly_sum_ntt)
outside the loop and pass that variable to share_manager.decryption_share
instead of calling into_ntt() repeatedly; keep using es_poly_sum[es_idx] and
ciphertext as before.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 4f88be63-a1de-45bb-ab71-76ef388668b0

📥 Commits

Reviewing files that changed from the base of the PR and between a817b88 and 9215d84.

⛔ Files ignored due to path filters (3)

• Cargo.lock is excluded by !**/*.lock
• examples/CRISP/Cargo.lock is excluded by !**/*.lock
• templates/default/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (65)

• Cargo.toml
• circuits/benchmarks/results_insecure_no_agg_micro/benchmark_run_meta.json
• circuits/benchmarks/results_insecure_no_agg_micro/crisp_verify_gas.json
• circuits/benchmarks/results_insecure_no_agg_micro/integration_summary.json
• circuits/benchmarks/results_insecure_no_agg_micro/report.md
• crates/aggregator/src/publickey_aggregator.rs
• crates/bfv-client/src/client.rs
• crates/cli/Cargo.toml
• crates/cli/src/helpers/compile_id.rs
• crates/crypto/src/cipher.rs
• crates/entrypoint/src/start/start.rs
• crates/keyshare/src/threshold_keyshare.rs
• crates/multithread/src/multithread.rs
• crates/polynomial/Cargo.toml
• crates/polynomial/src/crt_polynomial.rs
• crates/polynomial/src/fhe_poly.rs
• crates/polynomial/src/lib.rs
• crates/polynomial/src/polynomial.rs
• crates/test-helpers/src/application.rs
• crates/test-helpers/src/lib.rs
• crates/test-helpers/src/usecase_helpers.rs
• crates/tests/tests/integration.rs
• crates/trbfv/src/calculate_decryption_key.rs
• crates/trbfv/src/calculate_decryption_share.rs
• crates/trbfv/src/calculate_threshold_decryption.rs
• crates/trbfv/src/helpers.rs
• crates/trbfv/src/shares/bfv_encrypted.rs
• crates/trbfv/tests/integration.rs
• crates/wasm/Cargo.toml
• crates/zk-helpers/src/circuits/commitments.rs
• crates/zk-helpers/src/circuits/dkg/pk/computation.rs
• crates/zk-helpers/src/circuits/dkg/pk/sample.rs
• crates/zk-helpers/src/circuits/dkg/share_computation/sample.rs
• crates/zk-helpers/src/circuits/dkg/share_decryption/computation.rs
• crates/zk-helpers/src/circuits/dkg/share_decryption/sample.rs
• crates/zk-helpers/src/circuits/dkg/share_encryption/circuit.rs
• crates/zk-helpers/src/circuits/dkg/share_encryption/computation.rs
• crates/zk-helpers/src/circuits/dkg/share_encryption/sample.rs
• crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/circuit.rs
• crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/computation.rs
• crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/sample.rs
• crates/zk-helpers/src/circuits/threshold/pk_aggregation/computation.rs
• crates/zk-helpers/src/circuits/threshold/pk_aggregation/sample.rs
• crates/zk-helpers/src/circuits/threshold/pk_generation/computation.rs
• crates/zk-helpers/src/circuits/threshold/pk_generation/sample.rs
• crates/zk-helpers/src/circuits/threshold/share_decryption/computation.rs
• crates/zk-helpers/src/circuits/threshold/share_decryption/sample.rs
• crates/zk-helpers/src/circuits/threshold/user_data_encryption/computation.rs
• crates/zk-helpers/src/circuits/threshold/user_data_encryption/sample.rs
• crates/zk-helpers/src/circuits/threshold/user_data_encryption/utils.rs
• crates/zk-helpers/src/math.rs
• crates/zk-prover/tests/local_e2e_tests.rs
• crates/zk-prover/tests/slashing_integration_tests.rs
• examples/CRISP/Cargo.toml
• examples/CRISP/crates/zk-inputs-wasm/Cargo.toml
• examples/CRISP/crates/zk-inputs/Cargo.toml
• examples/CRISP/crates/zk-inputs/src/ciphertext_addition.rs
• examples/CRISP/crates/zk-inputs/src/lib.rs
• examples/CRISP/rust-toolchain.toml
• packages/enclave-contracts/deployed_contracts.json
• rust-toolchain.toml
• templates/default/Cargo.toml
• templates/default/deployed_contracts.json
• templates/default/enclave.config.yaml
• tests/integration/enclave.config.yaml

💤 Files with no reviewable changes (1)

• crates/polynomial/Cargo.toml

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/ci.yml (1)

19-19: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Bump CI RUST_TOOLCHAIN to 1.91.1 to match rust-toolchain.toml

• .github/workflows/ci.yml sets RUST_TOOLCHAIN: 1.86.0, and the workflow’s Rust setup steps pass ${{ env.RUST_TOOLCHAIN }} to dtolnay/rust-toolchain@stable, while the repo’s rust-toolchain.toml (and examples/CRISP/rust-toolchain.toml) pin 1.91.1.
• This causes CI to install 1.86.0 even though the manifest expects 1.91.1, risking mismatches and/or extra rustup downloads.

Proposed change

-  RUST_TOOLCHAIN: 1.86.0
+  RUST_TOOLCHAIN: 1.91.1

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml at line 19, The CI env var RUST_TOOLCHAIN in the
workflow is out of sync with the repo manifest; update the RUST_TOOLCHAIN value
in .github/workflows/ci.yml from 1.86.0 to 1.91.1 so the workflow (which passes
${ { env.RUST_TOOLCHAIN } } to the dtolnay/rust-toolchain@stable action) matches
rust-toolchain.toml (and examples/CRISP/rust-toolchain.toml); ensure the
RUST_TOOLCHAIN entry is the same literal "1.91.1".

🧹 Nitpick comments (1)

crates/Dockerfile (1)

20-20: 💤 Low value

Floating rust:1.91 tag vs pinned 1.91.1.

rust:1.91 resolves to the newest 1.91.x patch at build time, while rust-toolchain.toml and support/CRISP Dockerfiles pin 1.91.1. For reproducible images, consider pinning the patch here too. Low priority.

-FROM rust:1.91 AS ciphernode-builder
+FROM rust:1.91.1 AS ciphernode-builder

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/Dockerfile` at line 20, The Dockerfile uses a floating base image tag
"rust:1.91" which can resolve to different patch versions; update the FROM line
in the Dockerfile (the "FROM rust:1.91 AS ciphernode-builder" instruction) to
pin the patch to "rust:1.91.1" so it matches rust-toolchain.toml and other
Dockerfiles for reproducible builds.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In @.github/workflows/ci.yml:
- Line 19: The CI env var RUST_TOOLCHAIN in the workflow is out of sync with the
repo manifest; update the RUST_TOOLCHAIN value in .github/workflows/ci.yml from
1.86.0 to 1.91.1 so the workflow (which passes ${ { env.RUST_TOOLCHAIN } } to
the dtolnay/rust-toolchain@stable action) matches rust-toolchain.toml (and
examples/CRISP/rust-toolchain.toml); ensure the RUST_TOOLCHAIN entry is the same
literal "1.91.1".

---

Nitpick comments:
In `@crates/Dockerfile`:
- Line 20: The Dockerfile uses a floating base image tag "rust:1.91" which can
resolve to different patch versions; update the FROM line in the Dockerfile (the
"FROM rust:1.91 AS ciphernode-builder" instruction) to pin the patch to
"rust:1.91.1" so it matches rust-toolchain.toml and other Dockerfiles for
reproducible builds.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 6223f317-5df0-4033-9bd7-388f00abc6b3

📥 Commits

Reviewing files that changed from the base of the PR and between 9215d84 and f9218bc.

📒 Files selected for processing (7)

• .github/workflows/ci.yml
• crates/Dockerfile
• crates/entrypoint/src/start/start.rs
• crates/net/tests/Dockerfile
• crates/support/Dockerfile
• examples/CRISP/server/Dockerfile
• packages/enclave-contracts/deployed_contracts.json

🚧 Files skipped from review as they are similar to previous changes (1)

• crates/entrypoint/src/start/start.rs

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 1033-1034: The workflow is using an unpinned action reference
browser-actions/setup-chrome@v1; replace both occurrences of
browser-actions/setup-chrome@v1 with the same full commit SHA pin
(browser-actions/setup-chrome@<commit-sha>) to avoid mutable tags. Locate the
two uses of the setup-chrome action and update them to the exact commit SHA
corresponding to v1 (use the current v1 commit SHA from the action repo) so both
places use browser-actions/setup-chrome@<sha> instead of `@v1`.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: daf83c47-418c-42b3-b11c-65b7743ff467

📥 Commits

Reviewing files that changed from the base of the PR and between f9218bc and 66eb28f.

⛔ Files ignored due to path filters (2)

• Cargo.lock is excluded by !**/*.lock
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (23)

• .github/workflows/ci.yml
• Cargo.toml
• README.md
• crates/aggregator/src/threshold_plaintext_aggregator.rs
• crates/keyshare/Cargo.toml
• crates/keyshare/src/threshold_keyshare.rs
• crates/multithread/src/multithread.rs
• crates/support/Cargo.toml
• crates/trbfv/src/calculate_threshold_decryption.rs
• crates/trbfv/src/gen_esi_sss.rs
• crates/trbfv/src/helpers.rs
• crates/wasm/.cargo/config.toml
• crates/wasm/package.json
• crates/wasm/scripts/browser-smoke.mjs
• crates/wasm/smoke.html
• crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/computation.rs
• docs/pages/quick-start.mdx
• examples/CRISP/Dockerfile
• examples/CRISP/packages/crisp-zk-inputs/package.json
• examples/CRISP/packages/crisp-zk-inputs/scripts/browser-smoke.mjs
• examples/CRISP/packages/crisp-zk-inputs/smoke.html
• examples/CRISP/server/Cargo.toml
• templates/default/flake.nix

✅ Files skipped from review due to trivial changes (6)

• templates/default/flake.nix
• examples/CRISP/server/Cargo.toml
• docs/pages/quick-start.mdx
• crates/wasm/.cargo/config.toml
• crates/wasm/smoke.html
• README.md

🚧 Files skipped from review as they are similar to previous changes (3)

• crates/trbfv/src/calculate_threshold_decryption.rs
• Cargo.toml
• crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/computation.rs

[ctrlc03]

utACK