DomainSeparator::derive: mandatory (protocol_id, sponge_info, session) and remove new / .session()#114
Open
ricardo-perello wants to merge 2 commits into
Conversation
ricardo-perello
commented
Apr 22, 2026
| license = "MIT OR Apache-2.0" | ||
| version = "0.7.0" | ||
| readme = "README.md" | ||
| version = "0.6.1" |
Collaborator
Author
There was a problem hiding this comment.
isnt this a breaking change? should be 0.7 no?
ricardo-perello
force-pushed
the
dsfs/domain-separator-derive
branch
2 times, most recently
from
15724ef to
092a2cf
Compare
This was referenced May 7, 2026
ricardo-perello
force-pushed
the
dsfs/domain-separator-derive
branch
from
092a2cf to
bc9012c
Compare
Collaborator
Author
|
On the let prefix = DomainSeparatorPrefix::new(protocol_id, sponge_info);
let domsep = prefix.with_session(session).instance(&instance);So the runtime-session flow is still possible, just surfaced through |
ricardo-perello
force-pushed
the
dsfs/domain-separator-derive
branch
from
bc9012c to
6037fef
Compare
This was referenced May 14, 2026
ricardo-perello
added a commit
to ricardo-perello/spongefish
that referenced
this pull request
May 15, 2026
The ia-core → spongefish → ia-core → spongefish round trip left cosmetic
reformatting (doc-comment rewrites, import reordering, comment deletions) in
files that are otherwise upstream's own and functionally unchanged. Reverted
to `upstream/main` exact content:
- spongefish/src/{codecs,io,error}.rs
- spongefish/src/drivers/{ark_ec_impl,ark_ff_impl,bls12_381_impl,
curve25519_dalek_impl,p256_impl,secp256k1_impl,p3_baby_bear,p3_koala_bear,
p3_mersenne31,tests}.rs
Also reverted spongefish/src/domain_separator.rs to PR arkworks-rs#114's exact version
(dropped a stray blank line, two `#[allow(dead_code)]`, and a `const fn
instance` tweak that don't belong in this PR — that file is PR arkworks-rs#114's).
Net result: this PR's spongefish/ diff vs upstream is now only:
- spongefish/src/deserialize.rs — new channel-side `Deserialize` shim
- ~5 lines of spongefish/src/lib.rs (declare/export `deserialize`, drop the
moved-out `pub mod dsfs`)
- domain_separator.rs / narg_prover.rs / narg_verifier.rs / tests.rs /
lib.rs-macro — byte-identical to PR arkworks-rs#114 (arkworks-rs#153 stacks on arkworks-rs#114; this part
of the diff disappears once arkworks-rs#114 merges to main)
cargo test --workspace --all-features still passes.
mmaker
added a commit
that referenced
this pull request
May 29, 2026
This PR takes out the cosmetic changes of #114
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR updates spongefish domain separation so Fiat-Shamir transcript initialization is derived from three explicit inputs:
protocol_id: identifies the proof/protocol family;sponge_info: identifies the transcript / sponge / compilation context;session: identifies the invocation or application session.The old
DomainSeparator::new([u8; 64])plus optional.session(...)path is removed. Callers now build a domain separator through:This keeps session binding mandatory at the spongefish API layer while still absorbing the instance separately before protocol messages.
Scope
This PR is intentionally scoped to the spongefish domain-separator API and its direct tests/examples.
It does not include DSFS packaging,
ia-core, Argus integration, or codec relocation. Those are downstream / separate design work.The cosmetic documentation/example preference changes from the earlier noisy branch were split out separately in #147.
Derivation
DomainSeparator::derivelength-prefixes the triple:and absorbs it into spongefish's existing standard hash transcript. It then squeezes 32 bytes and places them in the existing 64-byte protocol tag slot as:
This avoids adding a new default dependency and matches the agreed 32-byte derivation with zero padding for the existing 64-byte interface.
API Changes
DomainSeparator::derive(protocol_id, sponge_info, session).DomainSeparator::new..session(...)/.without_session()construction..instance(...)as the transition from domain data to prover/verifier transcript state.DOMAIN_SEPARATOR_MACRO_SPONGE_INFOfor thedomain_separator!macro's default compilation tag.DomainSeparatorPrefixfor precomputing the(protocol_id, sponge_info)prefix when only the session varies.Tests
StdHashand duplex transcript tests to use the derived tag.Locally checked with: