[agent] Update MSRV to 1.91.1 and preserve zeroization for secret key conversions #365

tlepoint · 2026-02-01T23:27:38Z

Bump the workspace minimum Rust version because a dependency (tfhe-ntt) requires a newer compiler.
Restore and preserve zeroization behavior when converting secret-key-derived polynomials to avoid exposing secret-dependent coefficients in memory.
Add a unit test to validate that measured noise stays within the ciphertext modulus bit-size.

Update the workspace rust-version in Cargo.toml to 1.91.1 and update the README minimum toolchain reference to 1.91.1.
Keep conversions to power-basis wrapped in Zeroizing in crates/fhe/src/bfv/keys/secret_key.rs and use as_ref() when building Vec::<BigUint>::from(...) to avoid exposing inner secret values.
Use std::mem::replace(..., Poly::<Ntt>::zero(&ctx)) and immediate Zeroizing::new(...) wrapping to avoid moving a Zeroizing value out.
Add a unit test measure_noise_within_modulus_bits that generates a keypair, encrypts a random plaintext, measures noise, and asserts the noise is bounded by the ciphertext modulus bit-size.

Ran cargo test and all tests completed successfully.
Ran cargo +nightly fmt --all which completed successfully.
Ran cargo clippy --all-targets -- -D warnings which completed with no warnings.

Update MSRV to 1.91.1

a096be8

tlepoint added the codex label Feb 1, 2026 — with ChatGPT Codex Connector

tlepoint merged commit fe889e8 into main Feb 2, 2026
6 checks passed

tlepoint deleted the codex/preserve-zeroization-in-power-basis-conversion branch February 2, 2026 00:05

Provide feedback