chore: update bfv-helpers dependencies [skip-line-limit]

[cedoor]

Closes #865

Depends on: gnosisguild/zkfhe-generator#9 and gnosisguild/zkfhe-generator#10

Summary by CodeRabbit

• Chores

  • Updated several third-party dependencies to newer versions for compatibility and security.
  • Removed workspace-style dependency flags and replaced them with explicit dependency declarations.

• Refactor

  • Streamlined internal input handling and computation flow for cleaner, more consistent processing.

• Documentation

  • Minor README formatting fix.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
crisp	Ready	Preview	Comment	Oct 25, 2025 2:38pm
enclave-docs	Ready	Preview	Comment	Oct 25, 2025 2:38pm

[coderabbitai]

Walkthrough

Update bfv-helpers: swap workspace-based greco/fhe deps for explicit git dependencies, bump several crate versions, and adapt client code to use GrecoVectors and its new compute/standard_form call signatures (no explicit BigInt modulus).

Changes

Cohort / File(s)	Summary
Dependency changes crates/bfv-helpers/Cargo.toml, Cargo.toml, examples/CRISP/Cargo.toml, examples/CRISP/server/Cargo.toml	Replace workspace flags with explicit git deps for fhe-util and greco; remove workspace flags for num-bigint/num-traits; bump alloy and serde versions and extend alloy-primitives features.
Client code updates crates/bfv-helpers/src/client.rs	Replace InputValidationVectors with GrecoVectors; remove explicit BigInt modulus construction; update GrecoVectors::compute call to accept ciphertext, public key, and BFV params; call standard_form() without a modulus to produce circuit inputs.
Documentation/metadata fix README.md	Adjust comment tag from <!-- readme: contributors -end --> to <!-- readme: contributors-end -->.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor Client
    participant BFVHelpers as "bfv-helpers::client"
    participant Greco as "GrecoVectors"
    participant BFV as "BFV params / ciphertext"
    rect #E8F5E9
      Client->>BFVHelpers: request prepare_greco_inputs(...)
      BFVHelpers->>Greco: GrecoVectors::compute(ciphertext, pub_key, bfv_params)
      note right of Greco: compute produces internal vectors
      Greco-->>BFVHelpers: GrecoVectors
      BFVHelpers->>Greco: standard_form()
      Greco-->>BFVHelpers: circuit_inputs
      BFVHelpers-->>Client: circuit_inputs
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20–30 minutes

• Review both Cargo manifest edits for correctness (git dep syntax, feature sets, version bumps).
• Inspect crates/bfv-helpers/src/client.rs changes for correct GrecoVectors::compute usage and that BFV params are passed/used properly.
• Verify examples and server Cargo.toml version consistency.

Possibly related PRs

• fix: remove ci artifacts deep clean #681 — Modifies crates/bfv-helpers/Cargo.toml workspace/dependency declarations; closely related to dependency handling changes.
• feat: add trbfv actor test #660 — Also updates bfv-helpers crate references and adapts to Greco/GRECO vector types and compute changes; strongly related.

Suggested reviewers

• auryn-macmillan

Poem

🐰 I hopped through crates and tidy lines,

swapped workspaces for git-sprung vines.
Greco now computes with fewer knots,
the modulus gone—no heavy thoughts.
A tiny hop, a lighter crate, hooray! 🥕

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Out of Scope Changes Check	⚠️ Warning	Several changes in this PR appear to be out of scope relative to the stated objective in issue #865. The dependency version bumps for alloy (1.0.23 to 1.0.41), serde (1.0.219 to 1.0.228), and the addition of "std" feature to alloy-primitives across multiple Cargo.toml files (root Cargo.toml, examples/CRISP/Cargo.toml, examples/CRISP/server/Cargo.toml) are not directly related to migrating bfv-helpers functions to use the new Greco library. Additionally, the README.md change reformatting the contributor table comment from space-separated to hyphenated end tag is unrelated to the Greco migration objective. While these changes might be coordinated dependency management updates, they fall outside the scope of the linked issue's stated requirements.	Consider removing or separating the out-of-scope changes: the dependency version bumps for alloy and serde in unrelated files and the README.md formatting change should either be justified as necessary for the Greco migration or moved to a separate PR. Keep this PR focused on the core objective of updating bfv-helpers dependencies and functions to use the new Greco library from zkfhe-generator. If the other dependency bumps are necessary for compatibility, document that dependency as part of the Greco migration in the PR description.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "chore: update bfv-helpers dependencies" accurately captures the primary focus of the changeset. The title is specific enough to convey meaningful information about dependency management being updated for bfv-helpers, and it is directly related to the main structural changes in the PR (migrating from workspace-based to explicit dependencies for fhe-util and greco). While the title doesn't explicitly mention the functional updates to client.rs, those changes are a direct consequence of the dependency migration and are appropriately omitted from a concise title. A teammate reviewing the commit history would understand that this PR addresses dependency updates for bfv-helpers.
Linked Issues Check	✅ Passed	The PR directly addresses the requirements from issue #865. The changes to crates/bfv-helpers/Cargo.toml successfully migrate from the old Greco library to the new zkfhe-generator repository by replacing workspace flags with explicit dependencies, including the migration to greco = { package = "zkfhe-greco", git = "https://github.com/gnosisguild/zkfhe-generator" }. The functional updates in crates/bfv-helpers/src/client.rs replace InputValidationVectors with GrecoVectors and update the compute calls to use the new Greco API from the zkfhe-generator repository, which fulfills the objective to update bfv_helpers functions to use the Greco-related code from the zkfhe-generator repository.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/bfv-helpers

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[0xjei]

utACK

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

crates/bfv-helpers/src/client.rs (2)

24-33: Docstring inaccuracies for bfv_encrypt.

• Mentions “Input validation vector computation fails” though this function doesn’t compute them.
• Says “Vector of moduli” but type is [u64; 1].

Suggested fix:

 /// # Errors
 /// Returns error string if:
 /// - Public key deserialization fails
 /// - Plaintext encoding fails  
-/// - Encryption fails
-/// - Input validation vector computation fails
+/// - Encryption fails

And update the arg doc where “Vector of moduli” appears to “Array of moduli (RNS)”.

---

75-84: Return type mismatch in bfv_verifiable_encrypt docs.

Docs say Result<VerifiableEncryptionResult, String>, but function returns anyhow::Result<...>.

Apply:

-/// * `Result<VerifiableEncryptionResult, String>` - Contains encrypted u64 and circuit inputs for ZKP
+/// * `Result<VerifiableEncryptionResult>` - Contains ciphertext bytes and circuit inputs for ZKP

Also, mirror the terminology used (“ciphertext bytes”) for clarity.

🧹 Nitpick comments (4)

crates/bfv-helpers/src/client.rs (2)

118-118: Avoid stringify/parse churn: return JSON Value instead of String.

Prefer serde_json::Value in VerifiableEncryptionResult to avoid extra allocation and future double-parsing.

Apply:

@@
 #[derive(Debug, Clone)]
 pub struct VerifiableEncryptionResult {
     pub encrypted_data: Vec<u8>,
-    pub circuit_inputs: String,
+    pub circuit_inputs: serde_json::Value,
 }
@@
     Ok(VerifiableEncryptionResult {
         encrypted_data: cipher_text.to_bytes(),
-        circuit_inputs: standard_input_val.to_json().to_string(),
+        circuit_inputs: standard_input_val.to_json(),
     })

---

181-200: Tests don’t exercise circuit_inputs; assert it’s valid JSON.

Add minimal checks that circuit_inputs parses and is non-empty. This guards regressions in Greco standard_form/to_json.

Apply:

@@
     fn test_bfv_verifiable_encrypt_a64() {
         use fhe::bfv::{Ciphertext, PublicKey, SecretKey};
         use fhe_traits::{DeserializeParametrized, FheDecrypter, Serialize};
+        use serde_json as json;
@@
-        let encrypted_data =
-            bfv_verifiable_encrypt(num, pk.to_bytes(), degree, plaintext_modulus, moduli).unwrap();
+        let encrypted_data =
+            bfv_verifiable_encrypt(num, pk.to_bytes(), degree, plaintext_modulus, moduli).unwrap();
+
+        // Validate circuit_inputs JSON
+        let v: json::Value = json::from_str(
+            encrypted_data.circuit_inputs.as_str().unwrap_or_default()
+        ).unwrap();
+        assert!(v.is_object());
@@
     fn test_bfv_verifiable_encrypt_v64() {
         use fhe::bfv::{Ciphertext, PublicKey, SecretKey};
         use fhe_traits::{DeserializeParametrized, FheDecrypter, Serialize};
+        use serde_json as json;
@@
-        let encrypted_data = bfv_verifiable_encrypt(
+        let encrypted_data = bfv_verifiable_encrypt(
             num.clone(),
             pk.to_bytes(),
             degree,
             plaintext_modulus,
             moduli,
         )
         .unwrap();
+
+        // Validate circuit_inputs JSON
+        let v: json::Value = json::from_str(
+            encrypted_data.circuit_inputs.as_str().unwrap_or_default()
+        ).unwrap();
+        assert!(v.is_object());

If you adopt the Value-returning API above, drop the as_str() and parsing, and assert!(encrypted_data.circuit_inputs.is_object()) directly.

Also applies to: 202-229

Cargo.toml (1)

99-104: Unify alloy features at workspace level to avoid drift.

examples/CRISP/server requires "rpc-types-eth". Consider enabling it here so dependents can use alloy.workspace = true instead of pinning their own version.

Apply:

-alloy = { version = "=1.0.41", features = ["node-bindings", "full"] }
+alloy = { version = "=1.0.41", features = ["node-bindings", "full", "rpc-types-eth"] }

examples/CRISP/server/Cargo.toml (1)

30-30: Prefer using the workspace alloy to prevent version drift.

Once the root adds "rpc-types-eth", switch to alloy.workspace = true here.

Proposed change (after root update):

-alloy = { version = "=1.0.41", features = ["full", "rpc-types-eth"] }
+alloy.workspace = true

Please confirm that alloy’s "rpc-types-eth" feature API remained stable between 1.0.23 → 1.0.41 for your usages.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between aca8667 and c046f37.

⛔ Files ignored due to path filters (2)

• Cargo.lock is excluded by !**/*.lock
• examples/CRISP/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (6)

• Cargo.toml (2 hunks)
• README.md (1 hunks)
• crates/bfv-helpers/Cargo.toml (1 hunks)
• crates/bfv-helpers/src/client.rs (3 hunks)
• examples/CRISP/Cargo.toml (1 hunks)
• examples/CRISP/server/Cargo.toml (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• README.md

🚧 Files skipped from review as they are similar to previous changes (1)

• crates/bfv-helpers/Cargo.toml

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2024-10-08T19:45:18.209Z

Learnt from: ryardley
PR: gnosisguild/enclave#107
File: packages/ciphernode/sortition/src/distance.rs:1-1
Timestamp: 2024-10-08T19:45:18.209Z
Learning: In `packages/ciphernode/core/src/events.rs`, the import statements use the correct and updated `alloy::primitives` module.

Applied to files:

• Cargo.toml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)

• GitHub Check: integration_prebuild
• GitHub Check: test_net
• GitHub Check: test_contracts
• GitHub Check: rust_unit
• GitHub Check: build_sdk
• GitHub Check: build_e3_support_dev
• GitHub Check: build_enclave_cli
• GitHub Check: rust_integration
• GitHub Check: Build & Push Image
• GitHub Check: Build & Push Image

🔇 Additional comments (4)

crates/bfv-helpers/src/client.rs (2)

12-12: Greco import path change looks right—please confirm crate module path.

If the e3-greco-generator crate re-exports as greco::vectors::GrecoVectors in the referenced git ref, this is good. Otherwise, adjust the path.

Run a quick compile or check the crate docs to confirm the module path is greco::vectors::GrecoVectors and not a renamed namespace.

---

107-116: Verify GrecoVectors::compute parameter order and RNS base expectations.

The code calls GrecoVectors::compute() with parameters: (plaintext, u_rns, e0_rns, e1_rns, cipher_text, pk, params). However, I cannot access the current GrecoVectors::compute signature from the greco crate (https://github.com/gnosisguild/greco, main branch) to verify:

• Whether the parameter order matches the current API.
• Whether u_rns, e0_rns, e1_rns are in the base expected by Greco.

PRs #9 and #10 have been merged to main (Oct 20 & 23, 2025), but without direct access to the greco repository or a pinned commit/ref in Cargo.toml, the exact API cannot be confirmed.

examples/CRISP/Cargo.toml (1)

33-33: LGTM on serde bump.

Version and features align with the root; explicit "std" is fine.

Cargo.toml (1)

153-153: ✅ Verified: No duplicate serde or alloy versions in the workspace build graph.

The cargo tree output shows only serde v1.0.228 in the resolved dependency graph—no duplicates. The note about crates/support v1.0.219 is not a concern: it's explicitly excluded from the workspace with the comment "client needs to be able to build crates/support independently," so it builds outside the workspace independently. The serde bump in the workspace is clean.

[ryardley]

utACK