newton-core 0.4.16

newton protocol core sdk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

//! This crate provides the functionality for the NEWTON Prover.
//!
//! This includes:
//! - Rego policy types and evaluation (always available, zkVM-compatible)
//! - Auto-generated Solidity contract bindings (only on non-zkVM targets)
//! - Core AVS functionality (entity, IO, keys, utils, ZK)

/// ZK module (requires proving feature, not available in zkVM)
#[cfg(all(feature = "proving", not(feature = "zkvm")))]
pub mod zk;

/// Utils module (requires rpc for full functionality, not available in zkVM)
#[cfg(not(feature = "zkvm"))]
pub mod common;

/// Config module (requires config feature, not available in zkVM)
#[cfg(all(feature = "config", not(feature = "zkvm")))]
pub mod config;

/// IPFS caching module (requires ipfs-cache feature)
#[cfg(feature = "ipfs-cache")]
pub mod ipfs;

/// Key management module (requires signing feature for full functionality, not available in zkVM)
#[cfg(not(feature = "zkvm"))]
pub mod keys;

/// IO module for chain operations and serialization
#[cfg(not(feature = "zkvm"))]
pub mod io;

/// Protocol-level JSON-RPC wire schemas (gateway/operator boundary)
#[cfg(not(feature = "zkvm"))]
pub mod rpc;

/// Rego policy evaluation, re-exported from the version-decoupled
/// `newton-rego-kernel` crate so `newton_core::rego::*` call sites are unchanged.
pub use newton_rego_kernel::rego;

/// zkVM-safe evaluation kernel (intent parsing, calldata decoding, policy-data
/// merging), re-exported from the version-decoupled `newton-rego-kernel` crate so
/// `newton_core::eval::*` call sites are unchanged.
pub use newton_rego_kernel::eval;

/// Database module (requires database feature)
#[cfg(feature = "database")]
pub mod database;

/// Privacy-preserving cryptography module (HPKE, Ed25519, SecureEnvelope)
#[cfg(feature = "privacy")]
pub mod crypto;

/// Threshold decryption infrastructure (Feldman VSS, DLEQ proofs, Lagrange interpolation)
#[cfg(feature = "threshold")]
pub mod dkg;

/// Nitro Enclave attestation document parsing (CBOR, COSE Sign1)
#[cfg(feature = "attestation")]
pub mod attestation;

/// Sentinel PCR0 hashes for development and stub paths (state-commit pipeline).
#[cfg(not(feature = "zkvm"))]
pub mod pcr0_sentinels;

/// PCR0 commitment provider trait (state-commit pipeline).
///
/// Lives in core because both aggregator (orchestrator) and operator
/// (`state_commit_rpc::OperatorContext`) consume the trait — hosting it in
/// `aggregator` would create an `operator → aggregator` cross-edge.
#[cfg(not(feature = "zkvm"))]
pub mod pcr0_provider;

/// Error types module
pub mod error;

/// Merkle tree module for ELIP-008 operator info verification
#[cfg(not(feature = "zkvm"))]
pub mod merkle;

/// Version compatibility module
#[cfg(not(feature = "zkvm"))]
pub mod version;

/// Policy contract caching (Moka async, shared across services)
#[cfg(feature = "policy-cache")]
pub mod cache;

// Bindings are only available on non-zkVM targets (they require networking)
#[cfg(not(target_os = "zkvm"))]
mod generated;

// Re-export all bindings modules at the top level for API compatibility
#[cfg(not(target_os = "zkvm"))]
pub use generated::{
    attestation_proof_verifier, attestation_validator, batch_task_manager, bn254_table_calculator, challenge_verifier,
    confidential_data_registry, ecdsa_operator_table_updater, eip712_upgradeable, enclave_version_registry,
    epoch_registry, identity_registry, mock_newton_policy_client, newton_addresses_provider,
    newton_cross_chain_registry, newton_message, newton_policy, newton_policy_client, newton_policy_data,
    newton_policy_data_factory, newton_policy_factory, newton_prover_dest_task_manager, newton_prover_service_manager,
    newton_prover_task_manager, operator_registry, operator_registry_epoch_governance, operator_table_updater,
    policy_client_registry, rego_verifier, state_commit_registry, view_bn254_certificate_verifier,
};
// Backward-compatible alias: existing code imports types from bn254_certificate_verifier
#[cfg(not(target_os = "zkvm"))]
pub use generated::view_bn254_certificate_verifier as bn254_certificate_verifier;

pub use rego::evaluate;

/// Task ID
pub type TaskId = alloy::primitives::B256;

/// Policy ID
pub type PolicyId = alloy::primitives::B256;

// bn254 certificate digest type for destination chain signature verification
alloy::sol! {
    struct BN254Certificate {
        uint32 referenceTimestamp;
        bytes32 messageHash;
    }
}