refactor: extracting prism-keys, prism-serde, slashing unused deps

[distractedm1nd]

• Adds some rustdoc to tree components
• Adds Jonas to Cargo.toml contributors
• Removes zk deps from groth16/nova
• Comments out rocksdb dep for now (very heavy dependency, and the impl is not finished yet)
• Extracts prism-keys and prism-serde out of prism-common
• Reorganizes tree components in prism-common to live in a subdirectory
• Slashed tons of unused dependencies
• Organized Cargo.toml for biggest crates
• Adds a very important todo to InsertProof

Summary by CodeRabbit

• New Features

  • Introduced a new KeyDirectoryTree for managing Hashchain data with efficient batch processing.
  • Added robust validation methods for entries in the Hashchain structure.
  • Enhanced serialization capabilities with new base64 support in the prism-serde module.
  • Added new SigningKey and VerifyingKey types for improved cryptographic operations.
  • Implemented a new Signature enum to encapsulate various cryptographic signatures.

• Bug Fixes

  • Improved error handling across various modules, particularly in Redis connection management and transaction processing.

• Refactor

  • Restructured dependencies across multiple packages, including the addition of the prism-keys package and removal of several unused dependencies.
  • Updated import statements to reflect changes in module structure and improve clarity.

• Chores

  • Removed outdated files and modules that are no longer needed, streamlining the codebase.
  • Updated CI configuration to check for unused dependencies and modified integration test commands.

[coderabbitai]

Walkthrough

The changes in this pull request involve significant modifications to the project's structure and dependencies. The .github/FUNDING.yml file has been removed, indicating a shift in funding management. The Cargo.toml files across various crates have been updated to add and remove dependencies, reflecting a reorganization of the project's modular structure. New modules for cryptographic keys and signatures have been introduced, while several existing modules and files have been deleted or modified to enhance functionality and improve error handling.

Changes

File Path	Change Summary
.github/FUNDING.yml	File removed. Contains funding configuration settings.
Cargo.toml	Updated dependencies, added new authors, and new workspace members.
crates/cli/Cargo.toml	Removed multiple dependencies, added prism-keys.
crates/cli/src/main.rs	Updated import for VerifyingKey from prism_common to prism_keys.
crates/common/Cargo.toml	Added new dependencies and removed several others.
crates/common/src/digest.rs	Removed conversion implementation for Digest to Scalar.
crates/common/src/hashchain.rs	Added methods for entry validation in Hashchain.
crates/common/src/keys.rs	File removed. Contained cryptographic key implementations.
crates/common/src/lib.rs	Removed public module declarations for keys and serde.
crates/common/src/operation.rs	Updated imports for Signature, SigningKey, and VerifyingKey.
crates/common/src/test_utils.rs	Updated imports and removed mock signing key creation function.
crates/common/src/transaction_builder.rs	Updated imports and replaced mock signing key creation with direct instantiation.
crates/common/src/tree.rs	File removed. Implemented a key-value store using a Jellyfish Merkle Tree.
crates/common/src/tree/key_directory_tree.rs	New file introduced for managing Hashchain objects.
crates/common/src/tree/mod.rs	New module structure for tree-related components.
crates/common/src/tree/proofs.rs	New file for cryptographic proofs related to hashchains.
crates/common/src/tree/snarkable_tree.rs	New trait for managing hashchain entries with methods for transactions.
crates/keys/Cargo.toml	New package configuration for prism-keys with dependencies.
crates/keys/src/lib.rs	New module structure with tests for signing and verifying keys.
crates/keys/src/signatures.rs	New file for Signature enum and related methods.
crates/keys/src/signing_keys.rs	New file for SigningKey enum and related methods.
crates/keys/src/verifying_keys.rs	New file for VerifyingKey enum and related methods.
crates/node_types/lightclient/Cargo.toml	Removed several dependencies.
crates/node_types/prover/Cargo.toml	Removed multiple dependencies and added prism-keys.
crates/node_types/prover/src/prover/tests.rs	Updated imports and changed signing key creation method in tests.
crates/node_types/prover/src/webserver.rs	Updated data structures and imports related to hashing and proofs.
crates/serde/Cargo.toml	New package configuration for prism-serde with dependencies.
crates/serde/src/lib.rs	New modules for handling serialization in base64 and hex formats.
crates/storage/Cargo.toml	Commented out rocksdb dependency.
crates/storage/src/redis.rs	Enhanced error handling in RedisConnection methods.
crates/storage/src/rocksdb.rs	Complete removal of RocksDBConnection struct and its methods.
crates/tests/Cargo.toml	Removed dependencies and a test section.
crates/zk/groth16/Cargo.toml	Commented out all dependencies.
crates/zk/nova/Cargo.toml	Re-added dependencies with a different prefix.

Possibly related PRs

• refactor: refactoring into crates and adding nova, sp1 #115: The restructuring of the Cargo.toml file to a workspace configuration may relate to the removal of the .github/FUNDING.yml file, as both changes reflect a shift in project organization and management.
• storage: refactor and rocksdb implementation #123: The modifications to the Cargo.toml file and the introduction of new dependencies in this PR may connect with the changes in the main PR regarding the removal of the .github/FUNDING.yml file, as both involve updates to project structure and dependencies.
• feat: replace ed25519-dalek with ed25519-consensus #138: The changes in dependency management and the transition to ed25519-consensus may relate to the overall restructuring of project files, including the removal of .github/FUNDING.yml, as both reflect updates in the project's handling of cryptographic functionalities.
• refactor(common): use underlying VK types instead of Vec<u8> #150: The refactor to use underlying verification key types instead of Vec<u8> may relate to the changes in the main PR, as both involve improvements in the project's structure and handling of cryptographic elements.
• feat(common): secp256r1 support #152: The addition of secp256r1 support and updates to the SigningKey class may connect with the main PR's changes, as both involve enhancements to the project's cryptographic capabilities.
• feature(common): better serialization of cryptographic payloads #161: The introduction of better serialization for cryptographic payloads may relate to the main PR's focus on improving project organization and functionality, as both aim to enhance the project's overall structure and usability.

Suggested reviewers

• jns-ps
• sebasti810

🐰 In the meadow where bunnies play,
Our code has changed in a wondrous way.
With keys and signatures now refined,
A brighter future, we will find!
Let's hop along, with joy and cheer,
For all the changes that bring us near! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

🧹 Outside diff range and nitpick comments (26)

crates/common/src/tree/mod.rs (2)

11-19: Consider implementing standard traits for better error handling.

The enum is well-designed and documented. To enhance its utility, consider implementing:

• std::error::Error for error handling integration
• Clone, PartialEq for better testing support

-#[derive(Debug)]
+#[derive(Debug, Clone, PartialEq)]
 pub enum HashchainResponse {
     Found(Hashchain, MembershipProof),
     NotFound(NonMembershipProof),
 }

---

225-235: Remove debug print statements from test code.

The batch_writing test contains multiple debug print statements that should be removed from the production code.

-        println!("Inserting key1: {:?}", account1.key_hash);
         tree_state.insert_account(account1.clone()).unwrap();

-        println!(
-            "Tree state after first insert: {:?}",
-            tree_state.tree.get_commitment()
-        );
-        println!(
-            "Tree state after first write_batch: {:?}",
-            tree_state.tree.get_commitment()
-        );

         // Try to get the first value immediately
         let get_result1 = tree_state.tree.get(account1.key_hash);
-        println!("Get result for key1 after first write: {:?}", get_result1);

-        println!("Inserting key2: {:?}", account2.key_hash);
         tree_state.insert_account(account2.clone()).unwrap();

-        println!(
-            "Tree state after second insert: {:?}",
-            tree_state.tree.get_commitment()
-        );
-        println!(
-            "Tree state after second write_batch: {:?}",
-            tree_state.tree.get_commitment()
-        );

         // Try to get both values
         let get_result1 = tree_state.tree.get(account1.key_hash);
         let get_result2 = tree_state.tree.get(account2.key_hash);

-        println!("Final get result for key1: {:?}", get_result1);
-        println!("Final get result for key2: {:?}", get_result2);

Also applies to: 237-240, 241-251, 257-259

crates/keys/src/signatures.rs (3)

8-8: Remove unnecessary import of std::{self}

The import use std::{self}; is unnecessary because the standard library is included by default. This line can be safely removed to clean up the code.

Apply this diff to remove the redundant import:

-use std::{self};

---

16-17: Reconsider implementing Default for Signature

Providing a default variant like Placeholder may lead to unintentional use of an uninitialized or invalid signature, which could introduce security risks. It's safer to avoid implementing Default for critical enums like Signature to prevent accidental misuse.

Consider removing the Default derive and the #[default] attribute:

-#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, Eq, Default)]
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, Eq)]

-    #[default]
     Placeholder,

---

41-41: Enhance error message with the unexpected algorithm name

Including the algorithm name in the error message provides better context and aids in debugging when an unexpected algorithm is encountered.

Apply this diff to include the algorithm in the error message:

-            _ => bail!("Unexpected algorithm for Signature"),
+            _ => bail!("Unexpected algorithm for Signature: {}", algorithm),

crates/keys/src/signing_keys.rs (2)

51-54: Improve error message for unsupported algorithms

The error message in from_algorithm_and_bytes references VerifyingKey instead of SigningKey. This could cause confusion when debugging.

Update the error message to correctly reference SigningKey:

-        _ => bail!("Unexpected algorithm for VerifyingKey"),
+        _ => bail!("Unexpected algorithm for SigningKey: {}", algorithm),

---

87-97: Derive Eq trait for SigningKey

While PartialEq is implemented for SigningKey, deriving the Eq trait ensures that the equality relation is reflexive, symmetric, and transitive, which is appropriate for keys.

Add Eq to the derive attributes:

-#[derive(Clone, Debug)]
+#[derive(Clone, Debug, Eq)]

Also, since you have a custom PartialEq implementation, ensure it satisfies the requirements for Eq.

crates/common/src/tree/proofs.rs (2)

37-39: Remove outdated TODO comment or address it

The TODO comment refers to verifying the service's challenge input via a Merkle proof, which may have been addressed in the code below. Leaving outdated TODOs can cause confusion.

Either remove the TODO comment if it's no longer relevant or update it to reflect the current state of the implementation.

-// TODO(CRITICAL): Verify service's challenge input via a merkle proof of
-// the service, and then signature verification with the contained VK.

---

88-107: Ensure proper error handling in UpdateProof::verify

The verify method could benefit from more detailed error contexts to aid in debugging issues during proof verification.

Update the error handling to include contexts:

-    pub fn verify(&self) -> Result<()> {
+    pub fn verify(&self) -> Result<()> {
         // Verify existence of old value.
         // Otherwise, any arbitrary hashchain could be set as old_hashchain.
         let old_serialized_hashchain = bincode::serialize(&self.old_hashchain)
+            .context("Failed to serialize old hashchain")?;
         self.inclusion_proof.verify_existence(self.old_root, self.key, old_serialized_hashchain)
+            .context("Inclusion proof verification failed")?;
         // ... rest of the code ...
     }

crates/common/src/hashchain.rs (1)

105-106: Correct grammatical errors in method documentation

The comments contain a minor grammatical error. Replace "This method is ran in circuit." with "This method is run in circuit." for clarity.

Apply this change:

-/// This method is ran in circuit.
+/// This method is run in circuit.

Also applies to: 178-179

crates/serde/src/lib.rs (4)

Line range hint 1-8: Add documentation for the CryptoPayload struct

Consider adding rustdoc comments to explain the purpose and usage of this struct, especially since it's public.

 #![allow(dead_code)]
 use serde::{Deserialize, Serialize};
 
+/// A structure representing cryptographic payload with its algorithm and raw bytes.
+/// The bytes are serialized using base64 encoding for human-readable formats.
 #[derive(Serialize, Deserialize)]
 pub struct CryptoPayload {
+    /// The cryptographic algorithm identifier
     pub algorithm: String,
+    /// The raw bytes of the payload, encoded as base64 in human-readable formats
     #[serde(with = "raw_or_b64")]
     pub bytes: Vec<u8>,
 }

---

Line range hint 10-39: Add documentation for the raw_or_hex module

The module implementation looks good, but adding documentation would improve maintainability.

+/// Module for serializing and deserializing bytes as hexadecimal strings in human-readable formats
 pub mod raw_or_hex {
     use serde::{self, Deserialize, Deserializer, Serializer};
 
+    /// Serializes bytes as hexadecimal strings in human-readable formats
     pub fn serialize<S, T: AsRef<[u8]>>(bytes: T, serializer: S) -> Result<S::Ok, S::Error>

---

Line range hint 63-89: Enhance base64 decoding error message

The implementation is good, but consider providing more descriptive error messages for base64 decoding failures.

     pub fn deserialize<'de, D>(deserializer: D) -> Result<Vec<u8>, D::Error>
     where
         D: Deserializer<'de>,
     {
         if deserializer.is_human_readable() {
             let base64_string = String::deserialize(deserializer)?;
-            BASE64.decode(base64_string.as_bytes()).map_err(serde::de::Error::custom)
+            BASE64
+                .decode(base64_string.as_bytes())
+                .map_err(|e| serde::de::Error::custom(format!("Invalid base64: {}", e)))
         } else {
             Vec::<u8>::deserialize(deserializer)
         }
     }

---

Line range hint 41-61: Consider adding type-level size validation

The fixed-size implementations are good, but consider using const generics constraints to prevent invalid sizes at compile-time.

-    pub fn deserialize<'de, D, const N: usize>(deserializer: D) -> Result<[u8; N], D::Error>
+    pub fn deserialize<'de, D, const N: usize>(deserializer: D) -> Result<[u8; N], D::Error>
+    where
+        [u8; N]: Default,  // Ensures N is a valid size for array initialization

Also applies to: 91-111

Cargo.toml (1)

62-62: Document the reason for commenting out rocksdb

The comment about rocksdb being commented out until implementation is finished should be more descriptive.

-# rocksdb = { version = "0.21.0", features = ["multi-threaded-cf"] } commented until impl is finished
+# TODO(#issue): Temporarily disabled rocksdb dependency until the storage implementation is complete
+# rocksdb = { version = "0.21.0", features = ["multi-threaded-cf"] }

crates/keys/src/lib.rs (2)

1-7: Add module-level documentation

Consider adding comprehensive documentation for the public API of this crate.

+//! Cryptographic key management for the Prism project.
+//! 
+//! This module provides implementations for various cryptographic keys,
+//! including Ed25519, Secp256k1, and Secp256r1.
+
 mod signatures;
 mod signing_keys;
 mod verifying_keys;

---

9-134: Excellent test coverage, but consider adding negative test cases

The test suite is comprehensive for the happy path, but could benefit from additional negative test cases:

• Invalid signatures
• Corrupted keys
• Cross-algorithm verification attempts

Example negative test:

#[test]
fn test_signature_verification_fails_with_wrong_key() {
    let message = b"test message";
    let signing_key1 = SigningKey::new_ed25519();
    let signing_key2 = SigningKey::new_ed25519();
    let signature = signing_key1.sign(message);
    
    assert!(!signature.verify(message, &signing_key2.verifying_key()));
}

crates/node_types/prover/src/prover/tests.rs (1)

66-66: Good improvement: Using real keys instead of mocks.

Replacing mock key generation with SigningKey::new_ed25519() provides more realistic test scenarios.

Consider extracting the key generation into a test helper function since it's used in multiple tests:

+fn create_test_signing_key() -> SigningKey {
+    SigningKey::new_ed25519()
+}

crates/common/src/test_utils.rs (6)

48-49: Consider adding documentation for key purposes

It would be helpful to add comments explaining the distinct purposes of service_challenge_key and service_signing_key for better maintainability.

+// Key used for service challenges and verification
 let service_challenge_key = SigningKey::new_ed25519();
+// Key used for signing service operations
 let service_signing_key = SigningKey::new_ed25519();

---

79-81: Consider adding error handling for key generation

The key generation and storage operations should handle potential errors to make the test utility more robust.

-        let signing_key = SigningKey::new_ed25519();
-        let vk: VerifyingKey = signing_key.clone().into();
-        self.signing_keys.insert(id.clone(), signing_key.clone());
+        let signing_key = SigningKey::new_ed25519();
+        let vk: VerifyingKey = signing_key.clone().into();
+        self.signing_keys
+            .insert(id.clone(), signing_key.clone())
+            .map_err(|e| anyhow!("Failed to store signing key: {}", e))?;

---

144-145: Optimize key conversion to avoid clone

The key conversion can be optimized by avoiding the intermediate clone operation.

-        let signing_key_to_add = SigningKey::new_ed25519();
-        let key_to_add = signing_key_to_add.into();
+        let key_to_add: VerifyingKey = SigningKey::new_ed25519().into();

---

167-169: Consider renaming method for clarity

The method name could better reflect that it signs data with a random key rather than the account's key.

-    pub fn add_signed_data_to_account(
+    pub fn add_randomly_signed_data_to_account(

---

Line range hint 206-238: Consider extracting account creation logic

The method is handling multiple responsibilities and could be simplified by extracting the account creation logic into a separate method.

+    fn create_account_entry(
+        random_string: &str,
+        service: &Service,
+        sk: &SigningKey
+    ) -> HashchainEntry {
+        let vk: VerifyingKey = sk.clone().into();
+        let hash = Digest::hash_items(&[
+            random_string.as_bytes(),
+            service.id.as_bytes(),
+            &vk.to_bytes(),
+        ]);
+        let signature = service.sk.sign(&hash.to_bytes());
+
+        Hashchain::empty()
+            .create_account(
+                random_string.clone(),
+                service.id.clone(),
+                ServiceChallengeInput::Signed(signature),
+                vk,
+                sk,
+            )
+            .unwrap()
+    }

---

257-259: Improve error handling in key operations

The key generation and conversion operations should handle potential errors more gracefully.

-    let signing_key = SigningKey::new_ed25519();
-    let verifying_key = signing_key.into();
+    let signing_key = SigningKey::new_ed25519();
+    let verifying_key = signing_key.into();
+    
+    // Verify key conversion was successful
+    if verifying_key.to_bytes().is_empty() {
+        return Err(anyhow!("Failed to convert signing key to verifying key"));
+    }

crates/common/src/transaction_builder.rs (2)

85-86: Add documentation for key purposes

Document the distinct purposes of the challenge and signing keys for better maintainability.

+        // Key used for service challenge verification
         let random_service_challenge_key = SigningKey::new_ed25519();
+        // Key used for signing service operations
         let random_service_signing_key = SigningKey::new_ed25519();

---

170-170: Optimize key generation and conversion

The key generation and conversion can be more concise.

-        let random_key = SigningKey::new_ed25519().into();
+        let random_key: VerifyingKey = SigningKey::new_ed25519().into();

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 976a354 and 113bf74.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (34)

• .github/FUNDING.yml (0 hunks)
• Cargo.toml (3 hunks)
• crates/cli/Cargo.toml (1 hunks)
• crates/cli/src/main.rs (1 hunks)
• crates/common/Cargo.toml (1 hunks)
• crates/common/src/digest.rs (1 hunks)
• crates/common/src/hashchain.rs (3 hunks)
• crates/common/src/keys.rs (0 hunks)
• crates/common/src/lib.rs (0 hunks)
• crates/common/src/operation.rs (1 hunks)
• crates/common/src/test_utils.rs (7 hunks)
• crates/common/src/transaction_builder.rs (4 hunks)
• crates/common/src/tree.rs (0 hunks)
• crates/common/src/tree/key_directory_tree.rs (1 hunks)
• crates/common/src/tree/mod.rs (1 hunks)
• crates/common/src/tree/proofs.rs (1 hunks)
• crates/common/src/tree/snarkable_tree.rs (1 hunks)
• crates/keys/Cargo.toml (1 hunks)
• crates/keys/src/lib.rs (1 hunks)
• crates/keys/src/signatures.rs (1 hunks)
• crates/keys/src/signing_keys.rs (1 hunks)
• crates/keys/src/verifying_keys.rs (1 hunks)
• crates/node_types/lightclient/Cargo.toml (0 hunks)
• crates/node_types/prover/Cargo.toml (1 hunks)
• crates/node_types/prover/src/prover/tests.rs (3 hunks)
• crates/node_types/prover/src/webserver.rs (2 hunks)
• crates/serde/Cargo.toml (1 hunks)
• crates/serde/src/lib.rs (1 hunks)
• crates/storage/Cargo.toml (1 hunks)
• crates/storage/src/redis.rs (0 hunks)
• crates/storage/src/rocksdb.rs (1 hunks)
• crates/tests/Cargo.toml (0 hunks)
• crates/zk/groth16/Cargo.toml (1 hunks)
• crates/zk/nova/Cargo.toml (1 hunks)

💤 Files with no reviewable changes (7)

• crates/tests/Cargo.toml
• crates/common/src/lib.rs
• .github/FUNDING.yml
• crates/common/src/keys.rs
• crates/node_types/lightclient/Cargo.toml
• crates/common/src/tree.rs
• crates/storage/src/redis.rs

✅ Files skipped from review due to trivial changes (8)

• crates/serde/Cargo.toml
• crates/storage/Cargo.toml
• crates/common/src/digest.rs
• crates/common/src/operation.rs
• crates/zk/groth16/Cargo.toml
• crates/keys/Cargo.toml
• crates/zk/nova/Cargo.toml
• crates/storage/src/rocksdb.rs

🔇 Additional comments (17)

crates/common/src/tree/mod.rs (2)

1-9: Well-organized module structure!

The module organization follows Rust's best practices with clear separation of concerns and appropriate re-exports for better API accessibility.

---

21-263: Excellent test coverage with comprehensive scenarios!

The test suite is well-structured and covers:

• Basic operations (insert, get)
• Error cases (non-existent service, invalid challenges)
• Edge cases (duplicates, updates)
• Batch operations
• State verification (root hash changes)

This ensures robust validation of the tree implementation.

crates/common/src/tree/snarkable_tree.rs (1)

35-43: Handle potential mismatches in transaction ID and operation ID

The code checks for equality between transaction.id and id but could provide a more informative error message or handle mismatches more gracefully.

Run the following script to check for all occurrences where transaction.id and operation IDs might mismatch:

crates/keys/src/verifying_keys.rs (1)

223-228: Display implementation provides a clear key representation

The implementation correctly encodes the verifying key in base64, facilitating straightforward display and logging.

crates/common/src/hashchain.rs (2)

2-2: Updated imports align with new module structure

The adjustment to import Signature, SigningKey, and VerifyingKey from prism_keys reflects the reorganization of cryptographic components.

---

178-182: Validation logic in validate_new_entry is sound

The method effectively ensures that new entries are valid before adding them to the hashchain, maintaining integrity.

crates/common/Cargo.toml (1)

10-13: Dependency updates and reorganization enhance clarity

Adding prism-errors, prism-keys, and prism-serde as workspace dependencies is appropriate. Categorizing dependencies improves readability and maintenance.

Also applies to: 14-19

crates/node_types/prover/Cargo.toml (1)

30-30: Inclusion of prism-keys aligns with refactoring

Adding prism-keys as a dependency centralizes key management and reflects the refactoring objectives.

crates/cli/Cargo.toml (1)

34-34: Adding prism-keys ensures consistent key handling

Including prism-keys in the dependencies facilitates uniform cryptographic operations across the CLI.

Cargo.toml (1)

47-52: Verify security implications of fixed dependency versions

The specified versions of serde-related dependencies should be reviewed for known vulnerabilities:

• serde 1.0.151
• serde_json 1.0.79
• base64 0.22.0

✅ Verification successful

Let me check the base64 package for vulnerabilities as well before making the final determination.

---

Dependencies are secure at specified versions

The security check reveals:

• No known vulnerabilities for serde 1.0.151
• No known vulnerabilities for serde_json 1.0.79
• base64 0.22.0 is well above the vulnerable version range (< 0.5.2) that had a critical integer overflow issue

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for security advisories in the dependencies
gh api graphql -f query='
{
  securityVulnerabilities(first: 10, ecosystem: RUST, package: "serde") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
    }
  }
}
'

gh api graphql -f query='
{
  securityVulnerabilities(first: 10, ecosystem: RUST, package: "serde_json") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
    }
  }
}
'

Length of output: 577

---

Script:

#!/bin/bash
# Check for security advisories in base64
gh api graphql -f query='
{
  securityVulnerabilities(first: 10, ecosystem: RUST, package: "base64") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
    }
  }
}
'

Length of output: 434

crates/cli/src/main.rs (1)

7-7: LGTM! Import path updated correctly.

The import change aligns with the module extraction refactoring, moving from prism_common::keys::VerifyingKey to prism_keys::VerifyingKey.

Let's verify that all VerifyingKey usages are updated consistently:

✅ Verification successful

Let me verify if there are any usages of VerifyingKey that might still reference the old path.

---

Import path updated correctly and all usages are consistent

The verification shows that:

1. No instances of the old import path prism_common::keys::VerifyingKey remain in the codebase
2. The new import path prism_keys::VerifyingKey is used correctly in crates/cli/src/main.rs
3. All other usages of VerifyingKey are either within the prism_keys crate itself or are properly importing it from prism_keys

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for any remaining old imports of VerifyingKey
rg "use prism_common::keys::VerifyingKey" 

# Check for new imports to ensure consistency
rg "use prism_keys::VerifyingKey"

Length of output: 132

---

Script:

#!/bin/bash
# Search for any remaining references to prism_common::keys::VerifyingKey in the code
rg "prism_common::keys::VerifyingKey" -g '!target/'

# Search for all usages of VerifyingKey to ensure they're using the new path
rg "VerifyingKey" -g '!target/'

Length of output: 10965

crates/node_types/prover/src/webserver.rs (2)

12-16: LGTM! Imports reorganized correctly.

The imports have been updated to use the new module structure, properly importing Digest and tree-related types.

---

64-64: Verify API compatibility after changing Hash type.

The Hash struct has been modified to use Digest instead of TreeHash. Since this struct is used in API responses, we should ensure this change maintains backward compatibility.

Let's verify the impact:

✅ Verification successful

Let me gather more information about the Hash type and its usage.

---

Let me gather one final piece of information about the serialization attributes.

---

The Hash type change is safe and maintains API compatibility

The Hash struct in webserver.rs is properly decorated with #[derive(Serialize, Deserialize, ToSchema)] attributes, ensuring consistent serialization. The change from TreeHash to Digest is an internal implementation detail that doesn't affect the external API contract since:

1. The struct maintains its newtype pattern Hash(Digest)
2. It's only used in API responses with proper serialization attributes
3. No direct client dependencies on the internal type were found

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for any API clients that might be affected by the Hash type change
rg -A 5 "Hash\(" --type rust

# Check if there are any serialization/deserialization implementations that need updates
ast-grep --pattern 'impl $_ for Hash {
  $$$
}'

Length of output: 917

---

Script:

#!/bin/bash
# Check for Hash type serialization/deserialization attributes and implementations
rg -B 2 -A 2 "struct Hash" --type rust

# Check for Hash type usage in API routes or responses
rg -B 2 -A 2 "-> .*Hash" --type rust
rg -B 2 -A 2 "Hash::" --type rust

# Look for any tests involving Hash
rg "Hash" --type rust "*test*.rs"

Length of output: 8947

---

Script:

#!/bin/bash
# Check for serialization attributes and implementations for the Hash type
rg -B 3 -A 3 "struct Hash" --type rust
rg -B 3 -A 3 "impl.*for Hash" --type rust

# Check if Hash is used in any API response types
rg -B 2 -A 2 "Hash.*Response" --type rust

Length of output: 10031

crates/node_types/prover/src/prover/tests.rs (2)

2-3: LGTM! Imports updated for better modularity.

The imports have been properly reorganized to use the new prism_keys module, improving code organization.

---

94-95: LGTM! Consistent use of real key generation.

The change maintains consistency with the new approach of using real key generation instead of mocks.

crates/common/src/test_utils.rs (1)

13-13: LGTM: Import change aligns with module extraction

The import statement correctly uses the newly extracted prism-keys module.

crates/common/src/transaction_builder.rs (1)

119-119: LGTM: Clean and concise implementation

The key generation is implemented correctly and follows the module's conventions.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (1)

justfile (1)

68-68: Consider enhancing error handling in the integration test recipe.

While the command change aligns well with the CI workflow, consider improving the recipe's robustness.

Here's a suggested enhancement:

-  cargo test -p prism-tests --lib --release --features mock_prover
+  # Ensure cleanup runs even if tests fail
+  if ! cargo test -p prism-tests --lib --release --features mock_prover; then
+    just celestia-down
+    exit 1
+  fi

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 113bf74 and 0d54d11.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (3)

• .github/workflows/ci.yml (1 hunks)
• crates/storage/Cargo.toml (1 hunks)
• justfile (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• crates/storage/Cargo.toml

🔇 Additional comments (2)

.github/workflows/ci.yml (2)

Line range hint 93-114: Excellent addition of unused dependencies check.

The new job for checking unused dependencies is a valuable addition that:

• Perfectly aligns with the PR's objective of slashing unused deps
• Uses the appropriate nightly toolchain
• Checks all features and targets comprehensively

---

91-91: Integration test command change looks good.

The change to target the specific prism-tests package aligns well with the PR's module restructuring objective.

Let's verify the package exists and contains the tests:

✅ Verification successful

Integration test command change is correctly targeting the test package

The verification confirms that:

• The prism-tests package exists at crates/tests/
• The package has proper test configuration with required features including mock_prover
• Contains integration tests in lib.rs marked with #[cfg(test)]
• The test file includes comprehensive integration tests that verify light client and prover communication

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Verify prism-tests package configuration
fd -t f "Cargo.toml" | xargs rg "name = \"prism-tests\""

# Check for integration tests in the package
fd -t f -e rs . | rg "prism-tests" -A 5

Length of output: 139

---

Script:

#!/bin/bash
# Check contents of prism-tests Cargo.toml
cat crates/tests/Cargo.toml

# Look for test files in prism-tests directory
fd -t f -e rs . crates/tests/

# Check for test modules and integration tests
rg "mod tests|#\[test\]" crates/tests/ -A 3

Length of output: 806

---

Script:

#!/bin/bash
# Check contents of the lib.rs file
cat crates/tests/src/lib.rs

# Look for test attributes in any rs file under tests
rg "#\[cfg\(test\)\]|#\[test\]" crates/tests/src/ -A 5

Length of output: 4734

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (1)

crates/node_types/prover/src/webserver.rs (1)

Line range hint 1-200: Excellent implementation with robust error handling and documentation.

The web server implementation demonstrates several strong points:

• Comprehensive OpenAPI documentation
• Proper error handling with meaningful messages
• Clean separation of concerns
• Well-structured endpoint handlers

Consider adding integration tests to verify the behavior with the new types.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 0d54d11 and 397b58a.

📒 Files selected for processing (1)

• crates/node_types/prover/src/webserver.rs (2 hunks)

🔇 Additional comments (2)

crates/node_types/prover/src/webserver.rs (2)

12-16: LGTM! Verify removed dependency usage.

The import changes align with the PR's objective of restructuring the codebase. The shift from TreeHash to Digest type is consistent with the module reorganization.

Let's verify no remaining usages of the removed indexed_merkle_tree imports:

---

64-64: ⚠️ Potential issue

Document the breaking change in Hash struct.

The change from TreeHash to Digest as the underlying type is a breaking change that affects API responses. While the change aligns with the codebase restructuring, it needs proper documentation.

Let's verify the impact on API consumers:

Consider adding a comment above the struct to document this change:

+/// Represents a hash value in the API responses.
+/// Note: In version X.Y.Z, the underlying type was changed from TreeHash to Digest.
 #[derive(Serialize, Deserialize, ToSchema)]
 pub struct Hash(Digest);

[sebasti810]

fishing for no. of changed lines