chore: update risc0 to v3

[hmzakhalid]

Summary by CodeRabbit

• New Features

  • Added option to deploy CRISP with a mock input validator.
  • Consolidated deployment logs into a single summary.
  • CRISP example now ignores local enclave cache.

• Refactor

  • Factory now accepts an externally provided validator implementation.
  • Renamed input-root query method for clarity.
  • Updated plaintext output publishing to accept a proof argument.
  • Optimized bytes-typed contract parameters to reduce gas.

• Chores

  • Upgraded RISC Zero stack and toolchain; updated submodule and artifacts.
  • Updated program IDs and example contract addresses.

• Documentation

  • Clarified dev-mode config comments.

• Bug Fixes

  • Dev mode now activates only when the environment variable equals "1".

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
crisp	Ready	Preview	Comment	Oct 9, 2025 10:07am
enclave-docs	Ready	Preview	Comment	Oct 9, 2025 10:07am

[coderabbitai]

Walkthrough

Solidity Enclave interface and Rust bindings updated (bytes memory→calldata; getRoot→getInputRoot). RISC0 toolchain/dependencies bumped to 3.x. CRISP: ImageID constant renamed/changed, factory now accepts an implementation address, mock validator added, deploy flow/logging adjusted, dev-mode host behavior tightened to "1".

Changes

Cohort / File(s)	Summary
Enclave interface & Rust bindings packages/enclave-contracts/contracts/interfaces/IEnclave.sol, crates/evm-helpers/src/contracts.rs	Change bytes parameters from memory→calldata; rename getRoot→getInputRoot in Solidity and corresponding Rust trait/impl/signatures; adjust calls and transaction builders to pass new proof parameter for plaintext output.
RISC0 pins & toolchain crates/support/Cargo.toml, crates/support/Dockerfile, crates/support/methods/guest/Cargo.toml, examples/CRISP/Cargo.toml, examples/CRISP/lib/risc0-ethereum	Bump risc0-related crates to 3.x and update toolchain/Docker ARGs; remove some risc0 deps from CRISP workspace; update subproject ref.
CRISP validator, factory, deploy examples/CRISP/contracts/CRISPInputValidatorFactory.sol, examples/CRISP/contracts/Mocks/MockCRISPInputValidator.sol, examples/CRISP/deploy/Deploy.s.sol	Factory constructor now accepts an address for the validator; add MockCRISPInputValidator; deploy script selects mock/real validator, passes its address to factory, and uses ImageID.PROGRAM_ID.
ImageID & licensing crates/support/contracts/ImageID.sol, examples/CRISP/contracts/ImageID.sol	License header adjusted (LGPL→Apache) in support copy; rename VOTING_ID→PROGRAM_ID and change the bytes32 literal.
Host dev-mode behavior crates/support/host/src/lib.rs	Dev-mode trigger changed to require RISC0_DEV_MODE == "1"; prints which path taken; real Groth16 proof generated otherwise.
Env, ignores, and config comments examples/CRISP/client/.env.example, examples/CRISP/server/.env.example, examples/CRISP/.gitignore, examples/CRISP/enclave.config.yaml, templates/default/enclave.config.yaml	Update example E3 program addresses; add .enclave/caches/ to gitignore; add explanatory comments for risc0_dev_mode.
Artifacts & deploy logging packages/enclave-contracts/artifacts/.../*.json, packages/enclave-contracts/scripts/deployEnclave.ts	Artifact buildInfoId fields updated (compiler metadata only); consolidate individual console.logs into a single deployments block.
CLI callsite update examples/CRISP/server/src/cli/commands.rs	Update to pass new proof: Bytes argument when calling publish_plaintext_output on EnclaveContract.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Deployer
  participant DS as Deploy.s.sol
  participant V as Validator (Mock/Real)
  participant F as CRISPInputValidatorFactory
  participant P as CRISPProgram

  Deployer->>DS: run deployment
  DS->>DS: check USE_MOCK_INPUT_VALIDATOR
  alt USE_MOCK_INPUT_VALIDATOR == true
    DS->>V: deploy MockCRISPInputValidator
  else
    DS->>V: deploy CRISPInputValidator
  end
  DS->>F: deploy Factory(address V)
  DS->>P: deploy CRISPProgram(ImageID.PROGRAM_ID)
  DS-->>Deployer: log deployed addresses (consolidated)

Loading

sequenceDiagram
  autonumber
  participant App as Caller
  participant H as support::host (lib.rs)
  App->>H: generate_seal(...)
  alt RISC0_DEV_MODE == "1"
    H-->>App: return empty seal (dev-mode)
  else
    H->>H: compute Groth16 proof
    H-->>App: return real seal
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• fix: risc0 dev mode env var #810 — Mirrors Enclave interface and Rust binding changes (calldata, getRoot→getInputRoot) and related callsite updates.
• chore: allow mock input validator in CRISP #782 — Related CRISP validator/factory changes and addition of a mock input validator plus deploy adjustments.
• chore: update risc0 version v3.0.3 #793 — Related RISC0 dependency and toolchain version bumps across Cargo.toml and Dockerfile.

Suggested reviewers

• ctrlc03
• ryardley

Poem

hop-hop! I tweak my bytes, then bound—
calldata swift, new roots are found.
Mock or real, the factory knows,
PROGRAM_ID points where it goes.
dev mode hushes proof to “1” — onward, nibble — run! 🥕

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Title Check	⚠️ Warning	The provided title only mentions updating the RISC0 dependency but the changeset also includes substantial EVM interface adjustments, Rust trait updates, new mock contracts, and various example and script modifications, so it does not accurately summarize the main scope of this PR.	Consider revising the title to capture both the RISC0 upgrade and the associated contract interface refactors and Rust API changes, for example “chore: upgrade RISC0 to v3 and adapt Enclave contracts to calldata with matching Rust API updates.”
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/update-risc0-stable

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b802987 and 85f7223.

⛔ Files ignored due to path filters (1)

• examples/CRISP/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (3)

• crates/evm-helpers/src/contracts.rs (5 hunks)
• crates/support/tests/Elf.sol (0 hunks)
• examples/CRISP/server/src/cli/commands.rs (2 hunks)

💤 Files with no reviewable changes (1)

• crates/support/tests/Elf.sol

🧰 Additional context used

🧬 Code graph analysis (2)

examples/CRISP/server/src/cli/commands.rs (1)

crates/evm-helpers/src/contracts.rs (1)

• new (181-187)

crates/evm-helpers/src/contracts.rs (1)

packages/enclave-sdk/src/contract-client.ts (3)

• publishInput (183-223)
• publishCiphertextOutput (229-272)
• getE3 (278-295)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: test_contracts
• GitHub Check: integration_prebuild
• GitHub Check: rust_unit
• GitHub Check: build_sdk
• GitHub Check: build_enclave_cli
• GitHub Check: test_net
• GitHub Check: Build & Push Image
• GitHub Check: Build & Push Image

🔇 Additional comments (6)

examples/CRISP/server/src/cli/commands.rs (2)

13-15: LGTM!

Import formatting simplified with no semantic impact.

---

212-225: Validate the placeholder proof
The CLI uses Bytes::from(vec![0]) as a dummy proof in publish_plaintext_output. Confirm this is intentional for testing and integrate a real proof‐generation mechanism before production.

crates/evm-helpers/src/contracts.rs (4)

78-82: LGTM!

The Solidity interface correctly uses calldata for external function parameters, which is more gas-efficient than memory for read-only parameters. The addition of the proof parameter to publishPlaintextOutput addresses the previous review concern.

---

104-104: LGTM!

The trait method signatures correctly reflect the Solidity interface changes:

• get_root renamed to get_input_root for clarity
• publish_plaintext_output now includes the proof parameter

Also applies to: 150-151

---

317-320: LGTM!

The implementations correctly reflect the updated signatures:

• get_input_root properly calls getInputRoot on the contract
• publish_plaintext_output now accepts and passes the proof parameter to the contract call

This addresses the previous review concern about the incomplete publishPlaintextOutput signature.

Also applies to: 423-439

---

84-84: No stale references to getRoot detected
Recursive search (excluding contracts.rs) only returned get_root_dir occurrences, which are unrelated. Renaming is complete.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (3)

crates/support/host/src/lib.rs (1)

62-65: Consider using a structured logging framework.

The println! statements for dev mode tracking go directly to stdout. For better observability in production, consider using a logging framework (e.g., tracing, log) with appropriate log levels.

examples/CRISP/contracts/Mocks/MockCRISPInputValidator.sol (1)

38-48: Consider validating all decoded components.

The mock validator only extracts the vote component from the decoded data tuple (bytes, bytes, bytes32[], bytes) and ignores the other three components. While this may be intentional for a mock, consider whether this adequately mimics the real validator's behavior for testing purposes.

Additionally, the declared but unused state variables policy and noirVerifier (initialized in _initialize) suggest incomplete validation logic.

Apply this diff if you want to add validation using the initialized components:

 function validate(address sender, bytes memory data) external returns (bytes memory input) {
     if (data.length == 0) revert EmptyInputData();
 
-    (,,, bytes memory vote) = abi.decode(data, (bytes, bytes, bytes32[], bytes));
+    (bytes memory proof, bytes memory publicInputs, bytes32[] memory merkleProof, bytes memory vote) = abi.decode(data, (bytes, bytes, bytes32[], bytes));
+    
+    // Validate proof (example - adjust based on actual requirements)
+    if (!noirVerifier.verify(proof, publicInputs)) {
+        revert InvalidNoirProof();
+    }
+    
+    // Validate policy (example - adjust based on actual requirements)
+    try policy.check(sender, vote) {
+        // Policy check passed
+    } catch (bytes memory reason) {
+        revert InvalidInputData(reason);
+    }
 
     input = vote;
 }

examples/CRISP/contracts/CRISPInputValidatorFactory.sol (1)

14-15: Update the comment to reflect the new constructor signature.

The comment on line 14 states "Initializes the factory with the CRISPInputValidator implementation" but doesn't mention that the implementation must now be provided externally rather than being created internally.

Consider updating the comment to clarify the new behavior:

-    /// @notice Initializes the factory with the CRISPInputValidator implementation.
+    /// @notice Initializes the factory with an external CRISPInputValidator implementation.
+    /// @param inputValidator Address of the CRISPInputValidator implementation contract.
     constructor(address inputValidator) Factory(inputValidator) {

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3951543 and b802987.

⛔ Files ignored due to path filters (2)

• crates/support/Cargo.lock is excluded by !**/*.lock
• crates/support/methods/guest/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (22)

• crates/evm-helpers/src/contracts.rs (3 hunks)
• crates/support/Cargo.toml (1 hunks)
• crates/support/Dockerfile (1 hunks)
• crates/support/contracts/ImageID.sol (1 hunks)
• crates/support/host/src/lib.rs (1 hunks)
• crates/support/methods/guest/Cargo.toml (1 hunks)
• examples/CRISP/.gitignore (1 hunks)
• examples/CRISP/Cargo.toml (0 hunks)
• examples/CRISP/client/.env.example (1 hunks)
• examples/CRISP/contracts/CRISPInputValidatorFactory.sol (1 hunks)
• examples/CRISP/contracts/ImageID.sol (1 hunks)
• examples/CRISP/contracts/Mocks/MockCRISPInputValidator.sol (1 hunks)
• examples/CRISP/deploy/Deploy.s.sol (3 hunks)
• examples/CRISP/enclave.config.yaml (1 hunks)
• examples/CRISP/lib/risc0-ethereum (1 hunks)
• examples/CRISP/server/.env.example (1 hunks)
• packages/enclave-contracts/artifacts/contracts/interfaces/ICiphernodeRegistry.sol/ICiphernodeRegistry.json (1 hunks)
• packages/enclave-contracts/artifacts/contracts/interfaces/IEnclave.sol/IEnclave.json (1 hunks)
• packages/enclave-contracts/artifacts/contracts/registry/NaiveRegistryFilter.sol/NaiveRegistryFilter.json (1 hunks)
• packages/enclave-contracts/contracts/interfaces/IEnclave.sol (3 hunks)
• packages/enclave-contracts/scripts/deployEnclave.ts (1 hunks)
• templates/default/enclave.config.yaml (1 hunks)

💤 Files with no reviewable changes (1)

• examples/CRISP/Cargo.toml

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2024-09-26T03:11:29.311Z

Learnt from: ryardley
PR: gnosisguild/enclave#107
File: packages/ciphernode/sortition/src/distance.rs:1-1
Timestamp: 2024-09-26T03:11:29.311Z
Learning: In `packages/ciphernode/core/src/events.rs`, the import statements use the correct and updated `alloy::primitives` module.

Applied to files:

• crates/support/methods/guest/Cargo.toml

🧬 Code graph analysis (1)

crates/evm-helpers/src/contracts.rs (1)

packages/enclave-sdk/src/contract-client.ts (3)

• publishInput (183-223)
• publishCiphertextOutput (229-272)
• getE3 (278-295)

🪛 dotenv-linter (3.3.0)

examples/CRISP/client/.env.example

[warning] 4-4: [UnorderedKey] The VITE_E3_PROGRAM_ADDRESS key should go before the VITE_ENCLAVE_API key

(UnorderedKey)

---

[warning] 4-4: [ValueWithoutQuotes] This value needs to be surrounded in quotes

(ValueWithoutQuotes)

examples/CRISP/server/.env.example

[warning] 16-16: [UnorderedKey] The E3_PROGRAM_ADDRESS key should go before the ENCLAVE_ADDRESS key

(UnorderedKey)

🪛 GitHub Actions: Build Crisp Server

crates/support/Dockerfile

[error] 119-125: Cargo build failed due to lock file update requirement while building the server binary. The command failed: 'cargo build --locked --release --bin server'. See log for details.

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: build_sdk
• GitHub Check: build_enclave_cli
• GitHub Check: integration_prebuild
• GitHub Check: test_net
• GitHub Check: test_contracts
• GitHub Check: build_e3_support_risc0
• GitHub Check: rust_unit
• GitHub Check: Build & Push Image

🔇 Additional comments (27)

packages/enclave-contracts/artifacts/contracts/registry/NaiveRegistryFilter.sol/NaiveRegistryFilter.json (1)

308-308: Build artifact metadata update.

The buildInfoId change reflects recompilation of the contract. This is expected when Solidity source files or compiler settings are updated.

packages/enclave-contracts/artifacts/contracts/interfaces/ICiphernodeRegistry.sol/ICiphernodeRegistry.json (1)

222-222: Build artifact metadata update.

The buildInfoId change reflects recompilation of the contract. This is expected when Solidity source files or compiler settings are updated.

packages/enclave-contracts/scripts/deployEnclave.ts (1)

72-78: Improved deployment output formatting.

The consolidated logging output improves readability by grouping all deployment addresses under a single "Deployments" section. All three addresses are still being logged as before.

packages/enclave-contracts/artifacts/contracts/interfaces/IEnclave.sol/IEnclave.json (1)

707-707: Build artifact metadata update.

The buildInfoId change reflects recompilation after the IEnclave interface updates (memory→calldata, getRoot→getInputRoot).

crates/evm-helpers/src/contracts.rs (6)

78-78: LGTM! Gas optimization with calldata.

The change from bytes memory to bytes calldata for the publicKey parameter is a gas optimization for external functions, as calldata avoids copying data to memory.

---

80-80: LGTM! Gas optimization with calldata.

The change from bytes memory to bytes calldata for the data parameter improves gas efficiency.

---

81-81: LGTM! Gas optimization with calldata.

Both parameters (ciphertextOutput and proof) correctly use bytes calldata for gas efficiency.

---

84-84: LGTM! Method renamed for clarity.

The rename from getRoot to getInputRoot provides better clarity about what root is being retrieved (the input merkle tree root).

---

104-104: LGTM! Rust trait updated consistently.

The trait method renamed from get_root to get_input_root correctly mirrors the Solidity interface change.

---

316-318: LGTM! Implementation updated consistently.

The implementation correctly:

1. Updates the method name to get_input_root
2. Calls the renamed Solidity function getInputRoot

This maintains consistency with the Solidity interface changes.

packages/enclave-contracts/contracts/interfaces/IEnclave.sol (3)

141-141: LGTM! Gas optimization with calldata.

Changing from bytes memory to bytes calldata for external function parameters reduces gas costs by avoiding unnecessary memory copies. This is a best practice for external functions that don't modify the parameter data.

---

163-164: LGTM! Gas optimization with calldata.

Both ciphertextOutput and proof parameters correctly use bytes calldata to optimize gas usage in this external function.

---

175-176: LGTM! Gas optimization with calldata.

Both plaintextOutput and proof parameters correctly use bytes calldata to optimize gas usage in this external function.

examples/CRISP/.gitignore (1)

49-49: LGTM!

Adding .enclave/caches/ to the ignore list is consistent with the existing pattern for other .enclave/ subdirectories and appropriately excludes generated cache files from version control.

templates/default/enclave.config.yaml (1)

13-13: LGTM!

The inline comment clarifies the behavior of the risc0_dev_mode flag, improving documentation for users configuring the system.

examples/CRISP/enclave.config.yaml (1)

12-12: LGTM!

The inline comment consistently documents the risc0_dev_mode flag behavior across configuration files.

examples/CRISP/contracts/Mocks/MockCRISPInputValidator.sol (2)

15-27: LGTM!

The contract structure is clean with appropriate state variables and custom errors. The use of Clone pattern for initialization is a good practice for factory-deployed contracts.

---

29-36: LGTM!

The initialization logic correctly decodes the appended configuration data and sets up the policy and verifier instances.

examples/CRISP/server/.env.example (1)

16-16: LGTM!

The E3_PROGRAM_ADDRESS update aligns with the new ImageID.PROGRAM_ID constant value introduced in this PR. The address consistency across client, server, and contract deployments ensures proper integration.

examples/CRISP/client/.env.example (1)

4-4: LGTM!

The E3_PROGRAM_ADDRESS update maintains consistency with the server configuration and the new ImageID.PROGRAM_ID value.

examples/CRISP/deploy/Deploy.s.sol (4)

35-36: LGTM!

The imports for both real and mock input validators are properly added to support the conditional deployment logic.

---

184-194: LGTM!

The conditional deployment logic cleanly selects between mock and real validators based on the USE_MOCK_INPUT_VALIDATOR environment variable, with appropriate logging for each case.

---

215-215: LGTM!

The update from ImageID.VOTING_ID to ImageID.PROGRAM_ID aligns with the naming convention changes in the ImageID library for RISC0 v3.

---

196-202: CRISPInputValidatorFactory constructor accepts address parameter
Constructor in examples/CRISP/contracts/CRISPInputValidatorFactory.sol is

constructor(address inputValidator) Factory(inputValidator) {}

which matches the deployed call. No changes needed.

crates/support/contracts/ImageID.sol (1)

22-22: Approve PROGRAM_ID update: consistency verified

The new PROGRAM_ID is now consistent across all ImageID.sol definitions (crates/support/contracts, examples/CRISP/contracts, templates/default/contracts).

examples/CRISP/contracts/CRISPInputValidatorFactory.sol (1)

15-15: Deployment scripts updated to new constructor signature All CRISPInputValidatorFactory instances now receive inputValidatorAddress.

examples/CRISP/contracts/ImageID.sol (1)

22-25: No leftover VOTING_ID references detected. All Solidity files now reference PROGRAM_ID.