paritytech · georgepisaltu · Jan 23, 2026 · Jan 30, 2026 · Jan 30, 2026 · Jan 30, 2026
diff --git a/Cargo.toml b/Cargo.toml
@@ -21,17 +21,21 @@ ark-serialize = { version = "0.5", default-features = false, features = ["derive
 ark-scale = { version = "0.0.13", default-features = false }
 ark-vrf = { version = "0.1.0", default-features = false, features = ["bandersnatch", "ring"] }
 spin = { version = "0.9", default-features = false, features = ["once"], optional = true }
-rand = { version = "0.8", features = ["getrandom"] }
+rand = { version = "0.8", features = ["getrandom"], optional = true }
 
 [dev-dependencies]
 rand_core = "0.6"
+paste = "1.0"
 
 [[bin]]
 name = "generate_test_keys"
 path = "src/bin/generate_test_keys.rs"
+required-features = ["generate-keys"]
 
 [features]
 default = ["std"]
+# Enable the generate_test_keys binary. Requires std.
+generate-keys = ["std", "rand"]
 std = [
     "bounded-collections/std",
     "parity-scale-codec/std",
@@ -40,10 +44,12 @@ std = [
     "ark-serialize/std",
     "ark-scale/std",
     "ark-vrf/std",
-    "ark-vrf/parallel"
+    "ark-vrf/parallel",
 ]
-# Small ring 255, default to 16127
-small-ring = []
+# Include ring builder params binary data for building ring commitments.
+# Disable this feature to reduce library size in production environments
+# that only need to validate proofs (not build new ring commitments).
+builder-params = []
 # Prover for no-std environments with deterministic ring-proof.
 # Not for production, may be useful for testing.
 no-std-prover = [

diff --git a/src/demo_impls.rs b/src/demo_impls.rs
@@ -2,6 +2,17 @@ use super::*;
 use bounded_collections::{BoundedVec, ConstU32};
 use schnorrkel::{signing_context, ExpansionMode, MiniSecretKey, PublicKey};
 
+/// Unit type implements DomainSize for demo implementations that don't use ring VRF.
+impl DomainSize for () {
+	fn max_ring_size(&self) -> usize {
+		1024
+	}
+
+	fn exponent(&self) -> u8 {
+		10 // 2^10 = 1024
+	}
+}
+
 // Example impls:
 
 /// Totally insecure Anonymizer: Member and Secret are both the same `[u8; 32]` and the proof is
@@ -18,12 +29,13 @@ impl GenerateVerifiable for Trivial {
 	type Proof = [u8; 32];
 	type Signature = [u8; 32];
 	type StaticChunk = ();
+	type DomainSize = ();
 
 	fn is_member_valid(_member: &Self::Member) -> bool {
 		true
 	}
 
-	fn start_members() -> Self::Intermediate {
+	fn start_members(_domain_size: ()) -> Self::Intermediate {
 		BoundedVec::new()
 	}
 
@@ -50,6 +62,7 @@ impl GenerateVerifiable for Trivial {
 	}
 
 	fn open(
+		_domain_size: (),
 		member: &Self::Member,
 		members: impl Iterator<Item = Self::Member>,
 	) -> Result<Self::Commitment, ()> {
@@ -73,6 +86,7 @@ impl GenerateVerifiable for Trivial {
 	}
 
 	fn validate(
+		_domain_size: (),
 		proof: &Self::Proof,
 		members: &Self::Members,
 		_context: &[u8],
@@ -118,12 +132,13 @@ impl GenerateVerifiable for Simple {
 	type Proof = ([u8; 64], Alias);
 	type Signature = [u8; 64];
 	type StaticChunk = ();
+	type DomainSize = ();
 
 	fn is_member_valid(_member: &Self::Member) -> bool {
 		true
 	}
 
-	fn start_members() -> Self::Intermediate {
+	fn start_members(_domain_size: ()) -> Self::Intermediate {
 		BoundedVec::new()
 	}
 
@@ -152,6 +167,7 @@ impl GenerateVerifiable for Simple {
 	}
 
 	fn open(
+		_domain_size: (),
 		member: &Self::Member,
 		members: impl Iterator<Item = Self::Member>,
 	) -> Result<Self::Commitment, ()> {
@@ -182,6 +198,7 @@ impl GenerateVerifiable for Simple {
 	}
 
 	fn validate(
+		_domain_size: (),
 		proof: &Self::Proof,
 		members: &Self::Members,
 		context: &[u8],
@@ -235,7 +252,7 @@ mod tests {
 		let alice = <Simple as GenerateVerifiable>::member_from_secret(&alice_sec);
 		let bob = <Simple as GenerateVerifiable>::member_from_secret(&bob_sec);
 
-		let mut inter = <Simple as GenerateVerifiable>::start_members();
+		let mut inter = <Simple as GenerateVerifiable>::start_members(());
 		<Simple as GenerateVerifiable>::push_members(
 			&mut inter,
 			[alice.clone()].into_iter(),
@@ -253,23 +270,31 @@ mod tests {
 		let message = b"Hello world";
 
 		let r = SimpleReceipt::create(
+			(),
 			&alice_sec,
 			members.iter().cloned(),
 			context,
 			message.to_vec(),
 		)
 		.unwrap();
-		let (alias, msg) = r.verify(&members, &context).unwrap();
+		let (alias, msg) = r.verify((), &members, context).unwrap();
 		assert_eq!(&message[..], &msg[..]);
 		assert_eq!(alias, alice);
 
-		let r = SimpleReceipt::create(&bob_sec, members.iter().cloned(), context, message.to_vec())
-			.unwrap();
-		let (alias, msg) = r.verify(&members, &context).unwrap();
+		let r = SimpleReceipt::create(
+			(),
+			&bob_sec,
+			members.iter().cloned(),
+			context,
+			message.to_vec(),
+		)
+		.unwrap();
+		let (alias, msg) = r.verify((), &members, context).unwrap();
 		assert_eq!(&message[..], &msg[..]);
 		assert_eq!(alias, bob);
 
 		assert!(SimpleReceipt::create(
+			(),
 			&charlie_sec,
 			members.iter().cloned(),
 			context,

diff --git a/src/lib.rs b/src/lib.rs
@@ -12,6 +12,17 @@ use scale_info::*;
 pub mod demo_impls;
 pub mod ring_vrf_impl;
 
+/// Trait for domain size types used in ring operations.
+///
+/// The domain size determines the maximum ring size that can be supported.
+pub trait DomainSize: Clone + Copy {
+	/// Returns the maximum ring size for this domain.
+	fn max_ring_size(&self) -> usize;
+
+	/// Returns the exponent of the domain size (i.e., `n` where domain size is `2^n`).
+	fn exponent(&self) -> u8;
+}
+
 // Fixed types:
 
 /// Cryptographic identifier for a person within a specific application which deals with people.
@@ -70,8 +81,12 @@ pub trait GenerateVerifiable {
 
 	type StaticChunk: Clone + Eq + PartialEq + FullCodec + Debug + TypeInfo + MaxEncodedLen;
 
+	/// The domain size type used to parametrize ring operations.
+	/// Must implement the `DomainSize` trait which provides `max_ring_size()`.
+	type DomainSize: Clone + Copy + DomainSize;
+
 	/// Begin building a `Members` value.
-	fn start_members() -> Self::Intermediate;
+	fn start_members(domain_size: Self::DomainSize) -> Self::Intermediate;
 
 	/// Introduce a set of new `Member`s into the intermediate value used to build a new `Members`
 	/// value.
@@ -111,6 +126,7 @@ pub trait GenerateVerifiable {
 	/// **WARNING**: This function may panic if called from on-chain or an environment not
 	/// implementing the functionality.
 	fn open(
+		domain_size: Self::DomainSize,
 		member: &Self::Member,
 		members_iter: impl Iterator<Item = Self::Member>,
 	) -> Result<Self::Commitment, ()>;
@@ -146,13 +162,14 @@ pub trait GenerateVerifiable {
 	/// if so, ensure that the member is necessarily associated with `alias` in this `context` and
 	/// that they elected to opine `message`.
 	fn is_valid(
+		domain_size: Self::DomainSize,
 		proof: &Self::Proof,
 		members: &Self::Members,
 		context: &[u8],
 		alias: &Alias,
 		message: &[u8],
 	) -> bool {
-		match Self::validate(proof, members, context, message) {
+		match Self::validate(domain_size, proof, members, context, message) {
 			Ok(a) => &a == alias,
 			Err(()) => false,
 		}
@@ -163,6 +180,7 @@ pub trait GenerateVerifiable {
 
 	/// Like `is_valid`, but `alias` is returned, not provided.
 	fn validate(
+		_domain_size: Self::DomainSize,
 		_proof: &Self::Proof,
 		_members: &Self::Members,
 		_context: &[u8],
@@ -192,6 +210,7 @@ pub struct Receipt<Gen: GenerateVerifiable> {
 
 impl<Gen: GenerateVerifiable> Receipt<Gen> {
 	pub fn create<'a>(
+		domain_size: Gen::DomainSize,
 		secret: &Gen::Secret,
 		members: impl Iterator<Item = Gen::Member>,
 		context: &[u8],
@@ -200,7 +219,7 @@ impl<Gen: GenerateVerifiable> Receipt<Gen> {
 	where
 		Gen::Member: 'a,
 	{
-		let commitment = Gen::open(&Gen::member_from_secret(secret), members)?;
+		let commitment = Gen::open(domain_size, &Gen::member_from_secret(secret), members)?;
 		let (proof, alias) = Gen::create(commitment, secret, context, &message)?;
 		Ok(Self {
 			proof,
@@ -217,19 +236,36 @@ impl<Gen: GenerateVerifiable> Receipt<Gen> {
 	pub fn into_parts(self) -> (Alias, Vec<u8>) {
 		(self.alias, self.message)
 	}
-	pub fn verify(self, members: &Gen::Members, context: &[u8]) -> Result<(Alias, Vec<u8>), Self> {
-		match Gen::validate(&self.proof, members, context, &self.message) {
+	pub fn verify(
+		self,
+		domain_size: Gen::DomainSize,
+		members: &Gen::Members,
+		context: &[u8],
+	) -> Result<(Alias, Vec<u8>), Self> {
+		match Gen::validate(domain_size, &self.proof, members, context, &self.message) {
 			Ok(alias) => Ok((alias, self.message)),
 			Err(()) => {
-				if self.is_valid(members, context) {
+				if self.is_valid(domain_size, members, context) {
 					Ok(self.into_parts())
 				} else {
 					Err(self)
 				}
 			}
 		}
 	}
-	pub fn is_valid(&self, members: &Gen::Members, context: &[u8]) -> bool {
-		Gen::is_valid(&self.proof, members, context, &self.alias, &self.message)
+	pub fn is_valid(
+		&self,
+		domain_size: Gen::DomainSize,
+		members: &Gen::Members,
+		context: &[u8],
+	) -> bool {
+		Gen::is_valid(
+			domain_size,
+			&self.proof,
+			members,
+			context,
+			&self.alias,
+			&self.message,
+		)
 	}
 }
diff --git a/src/ring-data/ring-builder-small.bin → src/ring-data/ring-builder-domain11.bin b/src/ring-data/ring-builder-small.bin → src/ring-data/ring-builder-domain11.bin
diff --git a/src/ring-data/ring-builder-domain12.bin b/src/ring-data/ring-builder-domain12.bin
diff --git a/src/ring-data/ring-builder-full.bin → src/ring-data/ring-builder-domain16.bin b/src/ring-data/ring-builder-full.bin → src/ring-data/ring-builder-domain16.bin
diff --git a/src/ring-data/ring-builder-params-small.bin → ...ing-data/ring-builder-params-domain11.bin b/src/ring-data/ring-builder-params-small.bin → ...ing-data/ring-builder-params-domain11.bin
diff --git a/src/ring-data/ring-builder-params-domain12.bin b/src/ring-data/ring-builder-params-domain12.bin
diff --git a/src/ring-data/ring-builder-params-full.bin → ...ing-data/ring-builder-params-domain16.bin b/src/ring-data/ring-builder-params-full.bin → ...ing-data/ring-builder-params-domain16.bin