Extract arm_core crate: pure types with no risc0-zkvm or k256 deps#213
Merged
Conversation
Introduces a new `anoma-rm-core` crate containing all types that can be expressed without risc0-zkvm or k256: Digest, ArmError, Resource, NullifierKey/Commitment, MerklePath, ComplianceInstance, ComplianceUnit, Action, Transaction, Delta, LogicInstance/AppData/ExpirableBlob, and opaque DeltaProof/DeltaWitness byte wrappers. Constants are split into raw byte arrays (arm_core) vs lazy_static Digest wrappers and ELF keys (arm). Extension traits (NullifierKeyExt, MerklePathExt, ActionExt, ComplianceUnitExt, TransactionExt, etc.) in arm add the zkvm/k256 operations on top of arm_core types. `cargo tree -p anoma-rm-core | grep -E "risc0|k256"` produces no output. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…gic constants - Delete `pub mod prelude` (verbatim duplicate of the crate-root trait re-exports) - `hash_two`: stack array instead of Vec — eliminates one heap alloc per Merkle node - `to_journal`: use `bytemuck::cast_vec` to reinterpret Vec<u32> in-place as Vec<u8>, avoiding a second allocation on every compliance proof verification - `get_logic_verifiers`: drop intermediate `compliance_intances` clone Vec; iterate `compliance_units` directly and replace `vec![a, b]` flat_maps with `[a, b]` arrays - `padding_leaf()`: delegate to `initial_root()` — removes the duplicate `Digest::try_from(EMPTY_HASH_BYTES)` decode - `COMMITMENT_TREE_DEPTH`: replace magic `10` with a named pub const - `NullifierKeyExt::random_pair`: use `DIGEST_BYTES` instead of bare `32` - `LogicVerifierInputs` in `logic_proof`: private use (already re-exported at crate root) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- arm_test_app: import LogicVerifierInputs from crate root, not logic_proof module (which was made private during simplify) - compliance: revert cast_vec back to words_to_bytes().to_vec(); bytemuck::cast_vec panics at runtime for u32->u8 in version 1.23.2 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
bytemuck::from_bytes requires the input &[u8] to be aligned to align_of::<[u32; 8]>() = 4. Byte slices from constants and Vec<u8> carry only 1-byte alignment, which panics on aarch64 (CI) but passes by coincidence on x86_64 (local dev). Replace with u32::from_ne_bytes in a loop: no alignment requirement, same byte interpretation as bytemuck::cast_slice. Also deduplicate FromHex by delegating to TryFrom. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
DeltaWitness::Serialize uses serialize_bytes which writes a u64 length prefix in bincode. DeltaWitness::Deserialize was reading [u8; 32] which expects no prefix, causing silent data corruption on roundtrip. Change Deserialize to use Vec::deserialize (matching what DeltaProof already does), with an explicit length check. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…merge The cherry-pick of the bincode roundtrip tests left them with wrong indentation and a stray closing brace, causing a parse error. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The cherry-pick of f73271b fixed the DeltaWitness Deserialize in arm/src/delta_proof.rs but missed the identical bug in arm_core/src/delta_types.rs (the opaque newtype version). serialize_bytes writes a u64 length prefix; <[u8; 32]>::deserialize reads raw bytes without it, corrupting the byte stream. Use Vec::deserialize + try_into, matching what DeltaProof already does. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Provides a canonical conversion from structured ComplianceInstance to the u32 word array representation used by the aggregation circuit. Eliminates the need for downstream consumers to hand-roll field-by-field copies. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
XuyangSong
reviewed
Mar 14, 2026
XuyangSong
left a comment
Collaborator
There was a problem hiding this comment.
LGTM
Thank you for the work!
I’ve also left a comment about the constants dependency issue.
Could you help add a README for the arm_core crate too?
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
XuyangSong
approved these changes
Mar 31, 2026
Resolved conflicts in arm/src/action.rs and arm/src/transaction.rs: - action.rs: dropped develop's duplicate verify/delta/get_delta_msg methods (already provided by ActionExt trait); changed verify signature to &self - transaction.rs: kept crate-split architecture (DeltaProof::from_bytes, non-Result get_delta_msg); changed verify signature to &self to match - delta_proof.rs: auto-merged (mod tests reorganization) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
anoma-rm-corecrate containing all types that can be expressed withoutrisc0-zkvmork256:Digest,ArmError,Resource,NullifierKey/Commitment,MerklePath,ComplianceInstance,ComplianceUnit,Action,Transaction,Delta,LogicInstance/AppData/ExpirableBlob/LogicVerifierInputs, and opaqueDeltaProof/DeltaWitnessbyte wrappers*_VK_BYTESarrays inarm_core, lazy_staticDigestwrappers and ELF keys stay inarmNullifierKeyExt,MerklePathExt,ActionExt,ComplianceUnitExt,TransactionExt, etc.) inarmadd the zkvm/k256 operations on top ofarm_coretypesDependency isolation verified
Motivation
Follow-up to
anthony/arm-dep-minimum(PR #206). The repo owner's feedback was that feature flags make maintenance harder because the same crate is used across circuits, clients, and multiple chains/servers. This PR replaces that approach with a proper crate split.🤖 Generated with Claude Code