Merged
Conversation
ECVRF was added to enable "verification with only a key hash," but VRF verification fundamentally requires the full public key (RFC 9381), making it functionally identical to Ed25519 which the project already supports. Removes: vrf-r255 dependency, Algorithm::EcVrf, KeyIdType::FullKeyHash, KeyIdentifier::FullKeyHash, SignedToken.proof field, and all ECVRF signing/ verification/key/CLI/serialization code and tests (-681 lines). 106 tests pass (89 unit + 4 reference + 13 integration). https://claude.ai/code/session_01LJyL1uYXD1JHMq8Q3v7shM
Replaces the removed ECVRF with a true symmetric key proof using Groth16 zero-knowledge SNARKs on BN254 (arkworks ecosystem). The prover demonstrates knowledge of key K such that SHA-256(K) = key_hash and HMAC-SHA256(K, SHA-256(payload)) = signature, without revealing K. Circuit design: - Fixed-size R1CS circuit with SHA-256 gadgets for key hash and HMAC - Public inputs: key_hash + payload_hash + hmac_output (96 bytes / 768 bits) - Private witness: 32-byte symmetric key - 128-byte compressed Groth16 proof Changes: - New src/snark.rs: circuit, setup/prove/verify, key serialization (7 tests) - types.rs: Algorithm::Groth16Sha256, KeyIdType::FullKeyHash, proof field - sign.rs: sign_groth16() function - verify.rs: verify_groth16() function - serialize.rs: FullKeyHash + proof field serialization/deserialization - keys.rs: Groth16Sha256 key validation - main.rs: Groth16 display in inspect, algorithm handling in CLI - Cargo.toml: arkworks v0.5 dependencies 96 tests pass (89 existing + 7 SNARK tests). https://claude.ai/code/session_01LJyL1uYXD1JHMq8Q3v7shM
The Groth16 SNARK tests take ~4 min (SHA-256 circuit setup is expensive). Split the test job so fast tests always run, and SNARK tests only trigger on changes to src/snark.rs. SNARK tests run single-threaded with 64MB stack to avoid OOM from parallel circuit setups. Also update Makefile with separate test/test-snark targets. https://claude.ai/code/session_01LJyL1uYXD1JHMq8Q3v7shM
Replace all ECVRF references with Groth16-SHA256. Add a library API section with setup/sign/verify and key serialization examples since Groth16 requires trusted setup and is not available via the CLI. https://claude.ai/code/session_01LJyL1uYXD1JHMq8Q3v7shM
Ignore RUSTSEC-2024-0388 (derivative) and RUSTSEC-2024-0436 (paste), both unmaintained informational warnings for transitive dependencies inside the arkworks ecosystem (ark-crypto-primitives, ark-ff). No replacement available until arkworks migrates upstream. https://claude.ai/code/session_01LJyL1uYXD1JHMq8Q3v7shM
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.