chore: bump ntt requirement which should have been 0.7.1 already

.cargo/audit.toml

@@ -4,6 +4,9 @@ ignore = [
     "RUSTSEC-2024-0436",
     # Ignoring unmaintained 'bincode' crate. Getting rid of it would be too complex on the short term.
     "RUSTSEC-2025-0141",
+    # Ignoring unsoundness in 'rand' with custom logger. Rand update is currently blocked by
+    # arkworks and we do not use custom loggers.
+    "RUSTSEC-2026-0097",
 ]
 
 [output]

.github/workflows/benchmark_gpu.yml

@@ -6,13 +6,6 @@ run-name: ${{ inputs.command }}::${{ inputs.bench_type}} (${{ inputs.profile }},
 on:
   workflow_dispatch:
     inputs:
-      backend:
-        description: "Backends to use"
-        default: hyperstack
-        type: choice
-        options:
-          - hyperstack
-          - scaleway (terraform)
       profile:
         description: "Instance type"
         required: true
@@ -93,42 +86,27 @@ jobs:
     name: benchmark_gpu/parse-inputs
     runs-on: ubuntu-latest
     outputs:
-      backend: ${{ steps.parse_profile_and_hardware_name.outputs.backend }}
-      profile: ${{ steps.parse_profile_and_hardware_name.outputs.profile }}
-      hardware_name: ${{ steps.parse_profile_and_hardware_name.outputs.hardware }}
+      profile: ${{ steps.parse_profile.outputs.profile }}
+      hardware_name: ${{ steps.parse_hardware_name.outputs.name }}
       additional_file_to_parse: ${{ steps.set_file_to_parse.outputs.additional_file_to_parse }}
+    env:
+      INPUTS_PROFILE: ${{ inputs.profile }}
     steps:
-      - name: Parse profile and hardware name
-        id: parse_profile_and_hardware_name
-        shell: python
-        env:
-          INPUTS_BACKEND: ${{ inputs.backend }}
-          INPUTS_PROFILE: ${{ inputs.profile }}
+      - name: Parse profile
+        id: parse_profile
         run: |
-          import os
+          # Use Sed to extract a value from a string, this cannot be done with the ${variable//search/replace} pattern.
+          # shellcheck disable=SC2001
+          PROFILE=$(echo "${INPUTS_PROFILE}" | sed 's|\(.*\)[[:space:]](.*)|\1|')
+          echo "profile=${PROFILE}" >> "${GITHUB_OUTPUT}"
 
-          inputs_backend = os.environ["INPUTS_BACKEND"]
-          inputs_profile = os.environ["INPUTS_PROFILE"]
-          output_file = os.environ["GITHUB_OUTPUT"]
-
-          split_profile = inputs_profile.split()
-          parsed_profile = split_profile[0]
-          parsed_hardware = split_profile[1].strip("(").strip(")")
-
-          backend_name = inputs_backend
-
-          if "terraform" in inputs_backend:
-            backend_name = "terraform"
-            provider_name = inputs_backend.split()[0]
-            parsed_profile = provider_name + "-" + parsed_profile
-
-          with open(output_file, "a") as f:
-            for var_name, value in [
-              ("backend", backend_name),
-              ("profile", parsed_profile),
-              ("hardware", parsed_hardware),
-            ]:
-              f.write(f"""{var_name}={value}\n""")
+      - name: Parse hardware name
+        id: parse_hardware_name
+        run: |
+          # Use Sed to extract a value from a string, this cannot be done with the ${variable//search/replace} pattern.
+          # shellcheck disable=SC2001
+          NAME=$(echo "${INPUTS_PROFILE}" | sed 's|.*[[:space:]](\(.*\))|\1|')
+          echo "name=${NAME}" >> "${GITHUB_OUTPUT}"
 
       - name: Get additional file to parse
         id: set_file_to_parse
@@ -165,7 +143,6 @@ jobs:
     needs: parse-inputs
     uses: ./.github/workflows/benchmark_gpu_common.yml
     with:
-      backend: ${{ needs.parse-inputs.outputs.backend }}
       profile: ${{ needs.parse-inputs.outputs.profile }}
       hardware_name: ${{ needs.parse-inputs.outputs.hardware_name }}
       command: ${{ inputs.command }}

.github/workflows/benchmark_gpu_common.yml

@@ -143,7 +143,6 @@ jobs:
   install-dependencies:
     name: benchmark_gpu_common/install-dependencies
     needs: [ setup-instance ]
-    if: inputs.backend != 'terraform'
     runs-on: ${{ needs.setup-instance.outputs.runner-name }}
     strategy:
       matrix:

Makefile

@@ -360,7 +360,7 @@ check_fmt_toml: install_taplo
 
 .PHONY: check_typos # Check for typos in codebase
 check_typos: install_typos_checker
-	@git ls-files ":!*.png" ":!*.cbor" ":!*.bcode" ":!*.ico" ":!*/twiddles.cu" ":!*.hpu" | typos --file-list - && echo "No typos found"
+	@git ls-files ":!*.png" ":!*.cbor" ":!*.bcode" ":!*.ico" ":!*/twiddles.cu" | typos --file-list - && echo "No typos found"
 
 .PHONY: clippy_gpu # Run clippy lints on tfhe with "gpu" enabled
 clippy_gpu: install_rs_check_toolchain

backends/tfhe-hpu-backend/src/interface/variable.rs

@@ -156,7 +156,7 @@ impl HpuVarWrapped {
         {
             let mut inner = var.inner.lock().unwrap();
 
-            for (slot, ct) in std::iter::zip(inner.bundle.iter_mut(), ct) {
+            for (slot, ct) in std::iter::zip(inner.bundle.iter_mut(), ct.into_iter()) {
                 #[cfg(feature = "io-dump")]
                 let params = ct.params().clone();
                 for (id, cut) in ct.into_container().iter().enumerate() {

ci/slab.toml

@@ -112,8 +112,3 @@ environment_name = "canada"
 image_name = "Ubuntu Server 22.04 LTS R570 CUDA 12.8"
 flavor_name = "n3-L40x8"
 user = "ubuntu"
-
-[backend.terraform.scaleway-multi-h100-sxm5]
-script_path = "ci/terraform_scripts/scaleway/multi-h100-sxm5/terraform.tf"
-instance_type = "H100-SXM-8-80G"
-user ="ubuntu"

ci/terraform_scripts/scaleway/multi-h100-sxm5/terraform.tf

@@ -1,62 +0,0 @@
-terraform {
-  required_providers {
-    scaleway = {
-      source  = "scaleway/scaleway"
-      version = "~> 2.73"
-    }
-  }
-  required_version = ">= 0.13"
-}
-provider "scaleway" {
-  zone   = "fr-par-2"
-  region = "fr-par"
-}
-
-variable "instance_type" {
-  type        = string
-  description = "Scaleway instance type to be used"
-}
-
-variable "instance_label" {
-  type        = string
-  description = "Instance name to display in console"
-}
-
-variable "user_data" {
-  type        = string
-  description = "Script that will be run at instance startup"
-}
-
-locals {
-  project_id = "7af36573-4180-41de-8c27-890ed9d919fa"
-}
-
-resource "scaleway_instance_ip" "github_runner" {
-  project_id = local.project_id
-}
-
-resource "scaleway_instance_security_group" "github_runner" {
-  project_id              = local.project_id
-  inbound_default_policy  = "drop"
-  outbound_default_policy = "accept"
-}
-
-resource "scaleway_instance_server" "multi-h100-sxm5" {
-  project_id = local.project_id
-  image      = "ba7d8136-7ec3-4efb-8e36-b891a4685a36" // Local image: tfhe-rs-ubuntu-noble-cuda
-  type       = var.instance_type
-  name       = var.instance_label
-
-  ip_id = scaleway_instance_ip.github_runner.id
-
-  user_data = {
-    "cloud-init" = var.user_data
-  }
-
-  security_group_id = scaleway_instance_security_group.github_runner.id
-}
-
-output "instance_id" {
-  value       = scaleway_instance_server.multi-h100-sxm5.id
-  description = "Unique ID of the Scaleway instance"
-}

nightly-toolchain.txt

@@ -1 +1 @@
-nightly-2026-04-22
+nightly-2026-01-14

tfhe-csprng/src/seeders/mod.rs

@@ -168,7 +168,7 @@ mod generic_tests {
     fn test_xof_seed_getters() {
         let seed_bytes = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];
         let bits = u128::from_le_bytes(seed_bytes);
-        let dsep = *b"tfheksps";
+        let dsep = [b't', b'f', b'h', b'e', b'k', b's', b'p', b's'];
         let seed = XofSeed::new_u128(bits, dsep);
 
         let s = u128::from_le_bytes(seed.seed().try_into().unwrap());

tfhe/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "tfhe"
-version = "1.6.0"
+version = "1.6.1"
 edition = "2021"
 readme = "../README.md"
 keywords = ["fully", "homomorphic", "encryption", "fhe", "cryptography"]
@@ -64,7 +64,7 @@ tfhe-fft = { version = "0.10.1", path = "../tfhe-fft", features = [
     "serde",
     "fft128",
 ] }
-tfhe-ntt = { version = "0.7.0", path = "../tfhe-ntt" }
+tfhe-ntt = { version = "0.7.1", path = "../tfhe-ntt" }
 pulp = { workspace = true, features = ["default"] }
 tfhe-cuda-backend = { version = "0.14.0", path = "../backends/tfhe-cuda-backend", optional = true }
 aligned-vec = { workspace = true, features = ["default", "serde"] }

tfhe/docs/configuration/gpu-acceleration/run-on-gpu.md

@@ -74,7 +74,7 @@ To compile and execute GPU TFHE-rs programs, make sure your system has the follo
 To use the **TFHE-rs** GPU backend in your project, add the following dependency in your `Cargo.toml`.
 
 ```toml
-tfhe = { version = "~1.6.0", features = ["boolean", "shortint", "integer", "gpu"] }
+tfhe = { version = "~1.6.1", features = ["boolean", "shortint", "integer", "gpu"] }
 ```
 
 If none of the supported backends is configured in `Cargo.toml`, the CPU backend is used.

tfhe/docs/configuration/gpu-acceleration/zk-pok.md

@@ -85,7 +85,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
 
     let public_key = tfhe::CompactPublicKey::try_new(&client_key).unwrap();
     // This can be left empty, but if provided allows to tie the proof to arbitrary data
-    let metadata = b"TFHE-rs";
+    let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 
     let clear_a = random::<u64>();
     let clear_b = random::<u64>();
@@ -93,7 +93,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let proven_compact_list = tfhe::ProvenCompactCiphertextList::builder(&public_key)
         .push(clear_a)
         .push(clear_b)
-        .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Verify)?;
+        .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Verify)?;
 
     // Server side
     let result = {
@@ -101,7 +101,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
 
         // Verify the proofs and expand the ciphertexts
         let expander =
-            proven_compact_list.verify_and_expand(&crs, &public_key, metadata)?;
+            proven_compact_list.verify_and_expand(&crs, &public_key, &metadata)?;
         let a: tfhe::FheUint64 = expander.get(0)?.unwrap();
         let b: tfhe::FheUint64 = expander.get(1)?.unwrap();
 

tfhe/docs/configuration/hpu-acceleration/run-on-hpu.md

@@ -17,7 +17,7 @@ This guide explains how to update your existing program to leverage HPU accelera
 To use the **TFHE-rs** HPU backend in your project, add the following dependency in your `Cargo.toml`.
 
 ```toml
-tfhe = { version = "~1.6.0", features = ["integer", "hpu-v80"] }
+tfhe = { version = "~1.6.1", features = ["integer", "hpu-v80"] }
 ```
 
 {% hint style="success" %}

tfhe/docs/fhe-computation/advanced-features/rerand.md

@@ -120,7 +120,7 @@ pub fn main() {
     let rerand_domain_separator = *b"TFHE_Rrd";
 
     let crs = CompactPkeCrs::from_config(config, 2048).unwrap();
-    let metadata = b"rerand";
+    let metadata = [b'r', b'e', b'r', b'a', b'n', b'd'];
 
     set_server_key(sks);
 
@@ -132,7 +132,7 @@ pub fn main() {
         .push(clear_a)
         .push(clear_b)
         .push(false)
-        .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+        .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
         .unwrap();
 
     // Simulate a 256 bits nonce
@@ -151,7 +151,7 @@ pub fn main() {
 
     // Verify, re_randomize and expand
     let expander = compact_list
-        .verify_re_randomize_and_expand(&crs, &cpk, metadata, seed_gen.next_seed().unwrap())
+        .verify_re_randomize_and_expand(&crs, &cpk, &metadata, seed_gen.next_seed().unwrap())
         .unwrap();
 
     let a: FheUint64 = expander.get(0).unwrap().unwrap();

tfhe/docs/fhe-computation/advanced-features/zk-pok.md

@@ -46,7 +46,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let server_key = tfhe::ServerKey::new(&client_key);
     let public_key = tfhe::CompactPublicKey::try_new(&client_key).unwrap();
     // This can be left empty, but if provided allows to tie the proof to arbitrary data
-    let metadata = b"TFHE-rs";
+    let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 
     let clear_a = rng.gen::<u64>();
     let clear_b = rng.gen::<u64>();
@@ -54,7 +54,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let proven_compact_list = tfhe::ProvenCompactCiphertextList::builder(&public_key)
         .push(clear_a)
         .push(clear_b)
-        .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Verify)?;
+        .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Verify)?;
 
     // Server side
     let result = {
@@ -62,7 +62,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
 
         // Verify the ciphertexts
         let expander =
-            proven_compact_list.verify_and_expand(&crs, &public_key, metadata)?;
+            proven_compact_list.verify_and_expand(&crs, &public_key, &metadata)?;
         let a: tfhe::FheUint64 = expander.get(0)?.unwrap();
         let b: tfhe::FheUint64 = expander.get(1)?.unwrap();
 
@@ -118,7 +118,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let server_key = tfhe::ServerKey::new(&client_key);
     let public_key = tfhe::CompactPublicKey::try_new(&client_key).unwrap();
     // This can be left empty, but if provided allows to tie the proof to arbitrary data
-    let metadata = b"TFHE-rs";
+    let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 
     let clear_a = rng.gen::<u64>();
     let clear_b = rng.gen::<u64>();
@@ -126,7 +126,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let proven_compact_list = tfhe::ProvenCompactCiphertextList::builder(&public_key)
         .push(clear_a)
         .push(clear_b)
-        .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Verify)?;
+        .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Verify)?;
 
     // Server side
     let result = {
@@ -134,7 +134,7 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
 
         // Verify the ciphertexts
         let expander =
-            proven_compact_list.verify_and_expand(&crs, &public_key, metadata)?;
+            proven_compact_list.verify_and_expand(&crs, &public_key, &metadata)?;
         let a: tfhe::FheUint64 = expander.get(0)?.unwrap();
         let b: tfhe::FheUint64 = expander.get(1)?.unwrap();
 

tfhe/docs/fhe-computation/data-handling/data-versioning.md

@@ -16,7 +16,7 @@ You can load serialized data with the `unversionize` function, even in newer ver
 
 [dependencies]
 # ...
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 tfhe-versionable = "0.6.0"
 bincode = "1.3.3"
 ```

tfhe/docs/fhe-computation/data-handling/serialization.md

@@ -161,7 +161,7 @@ In the following example, we use [bincode](https://crates.io/crates/bincode) for
 
 [dependencies]
 # ...
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 bincode = "1.3.3"
 ```
 

tfhe/docs/fhe-computation/types/array.md

@@ -19,7 +19,7 @@ The following example shows a complete workflow of working with encrypted arrays
 # Cargo.toml
 
 [dependencies]
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 ```
 
 ```rust

tfhe/docs/fhe-computation/types/kv-store.md

@@ -36,7 +36,7 @@ To serialize a `KVStore`, it must first be compressed.
 # Cargo.toml
 
 [dependencies]
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 ```
 
 ```rust

tfhe/docs/fhe-computation/types/strings.md

@@ -29,7 +29,7 @@ Here is an example:
 # Cargo.toml
 
 [dependencies]
-tfhe = { version = "~1.6.0", features = ["integer", "strings"] }
+tfhe = { version = "~1.6.1", features = ["integer", "strings"] }
 ```
 
 ```rust

tfhe/docs/getting-started/installation.md

@@ -7,7 +7,7 @@ This document provides instructions to set up **TFHE-rs** in your project.
 First, add **TFHE-rs** as a dependency in your `Cargo.toml`.
 
 ```toml
-tfhe = { version = "~1.6.0", features = ["boolean", "shortint", "integer"] }
+tfhe = { version = "~1.6.1", features = ["boolean", "shortint", "integer"] }
 ```
 
 {% hint style="info" %}
@@ -35,7 +35,7 @@ By default, **TFHE-rs** makes the assumption that hardware AES features are enab
 To add support for older CPU, import **TFHE-rs** with the `software-prng` feature in your `Cargo.toml`:
 
 ```toml
-tfhe = { version = "~1.6.0", features = ["boolean", "shortint", "integer", "software-prng"] }
+tfhe = { version = "~1.6.1", features = ["boolean", "shortint", "integer", "software-prng"] }
 ```
 
 ## Hardware acceleration

tfhe/docs/getting-started/quick-start.md

@@ -59,7 +59,7 @@ edition = "2021"
 Then add the following configuration to include **TFHE-rs**:
 
 ```toml
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 ```
 
 Your updated `Cargo.toml` file should look like this:
@@ -71,7 +71,7 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 ```
 
 If you are on a different platform please refer to the [installation documentation](installation.md) for configuration options of other supported platforms.

tfhe/docs/references/core-crypto-api/tutorial.md

@@ -9,7 +9,7 @@ Welcome to this tutorial about `TFHE-rs` `core_crypto` module.
 To use `TFHE-rs`, it first has to be added as a dependency in the `Cargo.toml`:
 
 ```toml
-tfhe = { version = "~1.6.0" }
+tfhe = { version = "~1.6.1" }
 ```
 
 ### Commented code to double a 2-bit message in a leveled fashion and using a PBS with the `core_crypto` module.

tfhe/docs/tutorials/ascii-fhe-string.md

@@ -28,7 +28,7 @@ To use the `FheUint8` type, enable the `integer` feature:
 # Cargo.toml
 
 [dependencies]
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 ```
 
 The `MyFheString::encrypt` function performs data validation to ensure the input string contains only ASCII characters.
@@ -167,7 +167,7 @@ First, add the feature in your `Cargo.toml`
 # Cargo.toml
 
 [dependencies]
-tfhe = { version = "~1.6.0", features = ["strings"] }
+tfhe = { version = "~1.6.1", features = ["strings"] }
 ```
 
 The `FheAsciiString` type allows to simply do homomorphic case changing of encrypted strings (and much more!):

tfhe/docs/tutorials/parity-bit.md

@@ -17,7 +17,7 @@ This function returns a Boolean (`true` or `false`) so that the total count of `
 ```toml
 # Cargo.toml
 
-tfhe = { version = "~1.6.0", features = ["integer"] }
+tfhe = { version = "~1.6.1", features = ["integer"] }
 ```
 
 First, define the verification function.

tfhe/examples/regex_engine/parser.rs

@@ -252,7 +252,9 @@ where
     ))
 }
 
-const NON_ESCAPABLE_SYMBOLS: [u8; 14] = *b"&;:,`~-_!@#%'\"";
+const NON_ESCAPABLE_SYMBOLS: [u8; 14] = [
+    b'&', b';', b':', b',', b'`', b'~', b'-', b'_', b'!', b'@', b'#', b'%', b'\'', b'\"',
+];
 
 fn atom<Input>() -> impl Parser<Input, Output = RegExpr>
 where

tfhe/src/core_crypto/algorithms/lwe_encryption.rs

@@ -1251,7 +1251,7 @@ pub fn encrypt_lwe_ciphertext_iterator_with_seeded_public_key<Scalar, KeyCont, O
         }
     }
 
-    for (output_ct, plaintext) in output.iter_mut().zip(encoded) {
+    for (output_ct, plaintext) in output.iter_mut().zip(encoded.into_iter()) {
         lwe_ciphertext_plaintext_add_assign(output_ct, plaintext);
     }
 }
@@ -2123,7 +2123,7 @@ pub fn encrypt_lwe_ciphertext_with_compact_public_key<
 ///
 /// // We can add custom metadata that will be required for verification, allowing to tie the proof
 /// // to some arbitrary data.
-/// let metadata = b"TFHE-rs";
+/// let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 ///
 /// // Create the PRNG
 /// let mut seeder = new_seeder();
@@ -2170,14 +2170,14 @@ pub fn encrypt_lwe_ciphertext_with_compact_public_key<
 ///     glwe_noise_distribution,
 ///     encryption_generator.noise_generator_mut(),
 ///     &crs,
-///     metadata,
+///     &metadata,
 ///     ZkComputeLoad::Proof,
 /// )
 /// .unwrap();
 ///
 /// // verify the ciphertext list with the proof
 /// assert!(
-///     verify_lwe_ciphertext(&lwe, &lwe_compact_public_key, &proof, &crs, metadata).is_valid()
+///     verify_lwe_ciphertext(&lwe, &lwe_compact_public_key, &proof, &crs, &metadata).is_valid()
 /// );
 ///
 /// let decrypted_plaintext = decrypt_lwe_ciphertext(&lwe_secret_key, &lwe);
@@ -2572,7 +2572,7 @@ pub fn encrypt_lwe_compact_ciphertext_list_with_compact_public_key<
 ///
 /// // We can add custom metadata that will be required for verification, allowing to tie the proof
 /// // to some arbitrary data.
-/// let metadata = b"TFHE-rs";
+/// let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 ///
 /// // Create the PRNG
 /// let mut seeder = new_seeder();
@@ -2623,7 +2623,7 @@ pub fn encrypt_lwe_compact_ciphertext_list_with_compact_public_key<
 ///     glwe_noise_distribution,
 ///     encryption_generator.noise_generator_mut(),
 ///     &crs,
-///     metadata,
+///     &metadata,
 ///     ZkComputeLoad::Proof,
 /// )
 /// .unwrap();
@@ -2634,7 +2634,7 @@ pub fn encrypt_lwe_compact_ciphertext_list_with_compact_public_key<
 ///     &lwe_compact_public_key,
 ///     &proof,
 ///     &crs,
-///     metadata,
+///     &metadata,
 /// )
 /// .is_valid());
 ///
@@ -3045,7 +3045,7 @@ pub fn par_encrypt_lwe_compact_ciphertext_list_with_compact_public_key<
 ///
 /// // We can add custom metadata that will be required for verification, allowing to tie the proof
 /// // to some arbitrary data.
-/// let metadata = b"TFHE-rs";
+/// let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 ///
 /// // Create the PRNG
 /// let mut seeder = new_seeder();
@@ -3096,7 +3096,7 @@ pub fn par_encrypt_lwe_compact_ciphertext_list_with_compact_public_key<
 ///     glwe_noise_distribution,
 ///     encryption_generator.noise_generator_mut(),
 ///     &crs,
-///     metadata,
+///     &metadata,
 ///     ZkComputeLoad::Proof,
 /// )
 /// .unwrap();
@@ -3107,7 +3107,7 @@ pub fn par_encrypt_lwe_compact_ciphertext_list_with_compact_public_key<
 ///     &lwe_compact_public_key,
 ///     &proof,
 ///     &crs,
-///     metadata,
+///     &metadata,
 /// )
 /// .is_valid());
 ///

tfhe/src/core_crypto/algorithms/test/lwe_encryption.rs

@@ -1010,7 +1010,7 @@ fn lwe_compact_public_encrypt_prove_verify_decrypt_custom_mod<Scalar>(
     let message_modulus_log = params.message_modulus_log;
     let encoding_with_padding = get_encoding_with_padding(ciphertext_modulus);
 
-    let metadata = b"core";
+    let metadata = [b'c', b'o', b'r', b'e'];
 
     let mut rsc = TestResources::new();
     let mut random_generator = RandomGenerator::<DefaultRandomGenerator>::new(rsc.seeder.seed());
@@ -1073,7 +1073,7 @@ fn lwe_compact_public_encrypt_prove_verify_decrypt_custom_mod<Scalar>(
                     glwe_noise_distribution,
                     rsc.encryption_random_generator.noise_generator_mut(),
                     crs,
-                    metadata,
+                    &metadata,
                     ZkComputeLoad::Proof,
                 )
                 .unwrap();
@@ -1090,13 +1090,13 @@ fn lwe_compact_public_encrypt_prove_verify_decrypt_custom_mod<Scalar>(
                 assert_eq!(msg, decoded);
 
                 // Verify the proof
-                assert!(verify_lwe_ciphertext(&ct, &pk, &proof, crs, metadata).is_valid());
+                assert!(verify_lwe_ciphertext(&ct, &pk, &proof, crs, &metadata).is_valid());
 
                 // verify proof with invalid ciphertext
                 let index = random_generator.gen::<usize>() % ct.as_ref().len();
                 let value_to_add = random_generator.gen::<Scalar>();
                 ct.as_mut()[index] = ct.as_mut()[index].wrapping_add(value_to_add);
-                assert!(verify_lwe_ciphertext(&ct, &pk, &proof, crs, metadata).is_invalid());
+                assert!(verify_lwe_ciphertext(&ct, &pk, &proof, crs, &metadata).is_invalid());
             }
 
             // In coverage, we break after one while loop iteration, changing message values does
@@ -1122,7 +1122,7 @@ fn test_par_compact_lwe_list_public_key_encryption_and_proof() {
     let glwe_noise_distribution = TUniform::new(9);
     let ciphertext_modulus = CiphertextModulus::new_native();
 
-    let metadata = b"core";
+    let metadata = [b'c', b'o', b'r', b'e'];
 
     let delta_log = 59;
     let delta = 1u64 << delta_log;
@@ -1195,7 +1195,7 @@ fn test_par_compact_lwe_list_public_key_encryption_and_proof() {
                 glwe_noise_distribution,
                 encryption_random_generator.noise_generator_mut(),
                 &crs,
-                metadata,
+                &metadata,
                 ZkComputeLoad::Proof,
             )
             .unwrap();
@@ -1205,7 +1205,7 @@ fn test_par_compact_lwe_list_public_key_encryption_and_proof() {
                 &compact_lwe_pk,
                 &proof,
                 &crs,
-                metadata
+                &metadata
             )
             .is_valid());
 
@@ -1236,7 +1236,7 @@ fn test_par_compact_lwe_list_public_key_encryption_and_proof() {
                 &compact_lwe_pk,
                 &proof,
                 &crs,
-                metadata
+                &metadata
             )
             .is_invalid());
 
@@ -1284,7 +1284,7 @@ fn test_par_compact_lwe_list_public_key_encryption_and_proof() {
                 glwe_noise_distribution,
                 encryption_random_generator.noise_generator_mut(),
                 &crs,
-                metadata,
+                &metadata,
                 ZkComputeLoad::Proof,
             )
             .unwrap();
@@ -1294,7 +1294,7 @@ fn test_par_compact_lwe_list_public_key_encryption_and_proof() {
                 &compact_lwe_pk,
                 &proof,
                 &crs,
-                metadata
+                &metadata
             )
             .is_valid());
 
@@ -1325,7 +1325,7 @@ fn test_par_compact_lwe_list_public_key_encryption_and_proof() {
                 &compact_lwe_pk,
                 &proof,
                 &crs,
-                metadata
+                &metadata
             )
             .is_invalid());
 

tfhe/src/core_crypto/algorithms/test/mod.rs

@@ -538,5 +538,4 @@ macro_rules! create_parameterized_test_with_non_native_parameters {
     };
 }
 
-pub(crate) use create_parameterized_test;
-pub(crate) use create_parameterized_test_with_non_native_parameters;
+pub(crate) use {create_parameterized_test, create_parameterized_test_with_non_native_parameters};

tfhe/src/core_crypto/algorithms/test/noise_distribution/variance_formula/lwe_programmable_bootstrap.rs

@@ -19,7 +19,7 @@ pub fn pbs_variance_132_bits_security_gaussian(
         lwe_dimension.0 as f64,
         glwe_dimension.0 as f64,
         polynomial_size.0 as f64,
-        var_min.0,
+        var_min.0 as f64,
         decomposition_level_count.0 as f64,
         decomposition_base_log.0 as f64,
         ciphertext_modulus,
@@ -45,7 +45,7 @@ pub fn pbs_variance_132_bits_security_tuniform(
         lwe_dimension.0 as f64,
         glwe_dimension.0 as f64,
         polynomial_size.0 as f64,
-        var_min.0,
+        var_min.0 as f64,
         decomposition_level_count.0 as f64,
         decomposition_base_log.0 as f64,
         ciphertext_modulus,

tfhe/src/core_crypto/commons/math/random/gaussian.rs

@@ -53,7 +53,7 @@ macro_rules! implement_gaussian {
                     for a in uniform_rand_bytes_v.iter_mut() {
                         *a = generator.generate_next();
                     }
-                    let size = <$T as crate::core_crypto::commons::numeric::Numeric>::BITS as i32;
+                    let size = <$T>::BITS as i32;
                     let mut u: $T = <$S>::from_le_bytes(uniform_rand_bytes_u).cast_into();
                     u *= <$T>::TWO.powi(-size + 1);
                     let mut v: $T = <$S>::from_le_bytes(uniform_rand_bytes_v).cast_into();

tfhe/src/core_crypto/commons/numeric/float.rs

@@ -102,7 +102,7 @@ macro_rules! implement {
                 self.floor()
             }
             fn to_bit_string(&self) -> String {
-                if <Self as Numeric>::BITS == 32 {
+                if Self::BITS == 32 {
                     let mut bit_string = format!("{:032b}", self.to_bits());
                     bit_string.insert(1, ' ');
                     bit_string.insert(10, ' ');

tfhe/src/core_crypto/gpu/algorithms/test/mod.rs

@@ -99,6 +99,7 @@ macro_rules! create_gpu_multi_bit_ks32_parameterized_test{
 }
 use crate::core_crypto::gpu::algorithms::test::params::MultiBitTestKS32Params;
 use crate::core_crypto::gpu::lwe_packing_keyswitch_key::CudaLwePackingKeyswitchKey;
-use create_gpu_multi_bit_ks32_parameterized_test;
-use create_gpu_multi_bit_parameterized_test;
-use create_gpu_parameterized_test;
+use {
+    create_gpu_multi_bit_ks32_parameterized_test, create_gpu_multi_bit_parameterized_test,
+    create_gpu_parameterized_test,
+};

tfhe/src/high_level_api/compact_list.rs

@@ -870,7 +870,7 @@ mod zk {
             let crs = CompactPkeCrs::from_config(config.into(), 64).unwrap();
             let public_key = crate::CompactPublicKey::try_new(&client_key).unwrap();
 
-            let metadata = b"TFHE-rs";
+            let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 
             let clear_a = rng.gen::<u64>();
             let clear_b = rng.gen::<bool>();
@@ -878,7 +878,7 @@ mod zk {
             let proven_compact_list = crate::ProvenCompactCiphertextList::builder(&public_key)
                 .push(clear_a)
                 .push(clear_b)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             let params =
@@ -1628,7 +1628,7 @@ mod tests {
         // Intentionally low so that we test when multiple lists and proofs are needed
         let crs = CompactPkeCrs::from_config(config, 32).unwrap();
 
-        let metadata = b"hlapi";
+        let metadata = [b'h', b'l', b'a', b'p', b'i'];
 
         let compact_list = ProvenCompactCiphertextList::builder(&pk)
             .push(17u32)
@@ -1636,12 +1636,14 @@ mod tests {
             .push(false)
             .push_with_num_bits(3u32, 2)
             .unwrap()
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
         let serialized = bincode::serialize(&compact_list).unwrap();
         let compact_list: ProvenCompactCiphertextList = bincode::deserialize(&serialized).unwrap();
-        let expander = compact_list.verify_and_expand(&crs, &pk, metadata).unwrap();
+        let expander = compact_list
+            .verify_and_expand(&crs, &pk, &metadata)
+            .unwrap();
 
         {
             let a: FheUint32 = expander.get(0).unwrap().unwrap();
@@ -1707,7 +1709,7 @@ mod tests {
         set_server_key(sks);
 
         let crs = CompactPkeCrs::from_config(config, 32).unwrap();
-        let metadata = b"seed";
+        let metadata = [b's', b'e', b'e', b'd'];
 
         let mut rng = thread_rng();
         let seed_a: [u8; 16] = rng.gen();
@@ -1719,7 +1721,7 @@ mod tests {
                 .push(17u32)
                 .push(-1i64)
                 .push(false)
-                .build_with_proof_packed_seeded(&crs, metadata, ZkComputeLoad::Proof, seed)
+                .build_with_proof_packed_seeded(&crs, &metadata, ZkComputeLoad::Proof, seed)
                 .unwrap()
         };
 
@@ -1736,7 +1738,7 @@ mod tests {
             "different seeds must produce different output"
         );
 
-        let expander = list_a1.verify_and_expand(&crs, &pk, metadata).unwrap();
+        let expander = list_a1.verify_and_expand(&crs, &pk, &metadata).unwrap();
         let a: FheUint32 = expander.get(0).unwrap().unwrap();
         let b: FheInt64 = expander.get(1).unwrap().unwrap();
         let c: FheBool = expander.get(2).unwrap().unwrap();
@@ -1767,13 +1769,15 @@ mod tests {
 
         let crs = CompactPkeCrs::from_config(config, 32).unwrap();
 
-        let metadata = b"hlapi";
+        let metadata = [b'h', b'l', b'a', b'p', b'i'];
 
         let compact_list = CompactCiphertextList::builder(&pk)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
-        let expander = compact_list.verify_and_expand(&crs, &pk, metadata).unwrap();
+        let expander = compact_list
+            .verify_and_expand(&crs, &pk, &metadata)
+            .unwrap();
 
         assert!(expander.get::<FheBool>(0).unwrap().is_none());
     }
@@ -1814,7 +1818,7 @@ mod tests {
             // Intentionally low so that we test when multiple lists and proofs are needed
             let crs = CompactPkeCrs::from_config(config, 32).unwrap();
 
-            let metadata = b"hlapi";
+            let metadata = [b'h', b'l', b'a', b'p', b'i'];
 
             let compact_list = ProvenCompactCiphertextList::builder(&pk)
                 .push(17u32)
@@ -1822,13 +1826,15 @@ mod tests {
                 .push(false)
                 .push_with_num_bits(3u32, 2)
                 .unwrap()
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             let serialized = bincode::serialize(&compact_list).unwrap();
             let compact_list: ProvenCompactCiphertextList =
                 bincode::deserialize(&serialized).unwrap();
-            let expander = compact_list.verify_and_expand(&crs, &pk, metadata).unwrap();
+            let expander = compact_list
+                .verify_and_expand(&crs, &pk, &metadata)
+                .unwrap();
 
             {
                 let a: FheUint32 = expander.get(0).unwrap().unwrap();

tfhe/src/high_level_api/integers/signed/inner.rs

@@ -260,7 +260,7 @@ impl SignedRadixCiphertext {
             }
             #[cfg(feature = "hpu")]
             (_, Device::Hpu) => {
-                panic!("Hpu device do not support signed integer yet")
+                panic!("Hpu device do not support signed integer yet",)
             }
         }
     }

tfhe/src/high_level_api/tests/cpk_re_randomization.rs

@@ -347,7 +347,7 @@ mod zk {
 
         // Intentionally low so that we test when multiple lists and proofs are needed
         let crs = CompactPkeCrs::from_config(config, 32).unwrap();
-        let metadata = b"rerand";
+        let metadata = [b'r', b'e', b'r', b'a', b'n', b'd'];
 
         // Case where we want to re-randomize a CompactCiphertextList containing
         // FheUint64, FheInt8, and FheBool
@@ -359,7 +359,7 @@ mod zk {
                 .push(clear_a)
                 .push(clear_b)
                 .push(false)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             // Simulate a 256 bits nonce
@@ -378,7 +378,12 @@ mod zk {
 
             // Verify, re_randomize and expand
             let expander = compact_list
-                .verify_re_randomize_and_expand(&crs, &cpk, metadata, seed_gen.next_seed().unwrap())
+                .verify_re_randomize_and_expand(
+                    &crs,
+                    &cpk,
+                    &metadata,
+                    seed_gen.next_seed().unwrap(),
+                )
                 .unwrap();
 
             let a: FheUint64 = expander.get(0).unwrap().unwrap();
@@ -402,7 +407,7 @@ mod zk {
                 .push(clear_a)
                 .push(clear_b)
                 .push(false)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             let nonce: [u8; 256 / 8] = core::array::from_fn(|_| rand::random());

tfhe/src/high_level_api/tests/tags_on_entities.rs

@@ -47,7 +47,7 @@ fn test_tag_propagation_zk_pok() {
             .build();
     let crs = crate::zk::CompactPkeCrs::from_config(config, (2 * 32) + (2 * 64) + 2).unwrap();
 
-    let metadata = b"hlapi";
+    let metadata = [b'h', b'l', b'a', b'p', b'i'];
 
     let mut cks = ClientKey::generate(config);
     let tag_value = random();
@@ -70,13 +70,15 @@ fn test_tag_propagation_zk_pok() {
         .push(i64::MIN)
         .push(false)
         .push(true)
-        .build_with_proof_packed(&crs, metadata, crate::zk::ZkComputeLoad::Proof)
+        .build_with_proof_packed(&crs, &metadata, crate::zk::ZkComputeLoad::Proof)
         .unwrap();
 
     let list_packed: ProvenCompactCiphertextList = serialize_then_deserialize(&list_packed);
     assert_eq!(list_packed.tag(), cks.tag());
 
-    let expander = list_packed.verify_and_expand(&crs, &cpk, metadata).unwrap();
+    let expander = list_packed
+        .verify_and_expand(&crs, &cpk, &metadata)
+        .unwrap();
 
     {
         let au32: FheUint32 = expander.get(0).unwrap().unwrap();
@@ -155,7 +157,7 @@ fn test_tag_propagation_zk_pok_gpu() {
             .build();
     let crs = crate::zk::CompactPkeCrs::from_config(config, (2 * 32) + (2 * 64) + 2).unwrap();
 
-    let metadata = b"hlapi";
+    let metadata = [b'h', b'l', b'a', b'p', b'i'];
 
     let mut cks = ClientKey::generate(config);
     let tag_value = random();
@@ -180,10 +182,12 @@ fn test_tag_propagation_zk_pok_gpu() {
         .push(i64::MIN)
         .push(false)
         .push(true)
-        .build_with_proof_packed(&crs, metadata, crate::zk::ZkComputeLoad::Proof)
+        .build_with_proof_packed(&crs, &metadata, crate::zk::ZkComputeLoad::Proof)
         .unwrap();
 
-    let expander = list_packed.verify_and_expand(&crs, &cpk, metadata).unwrap();
+    let expander = list_packed
+        .verify_and_expand(&crs, &cpk, &metadata)
+        .unwrap();
 
     {
         let au32: FheUint32 = expander.get(0).unwrap().unwrap();

tfhe/src/integer/ciphertext/compact_list.rs

@@ -1403,7 +1403,7 @@ mod zk_pok_tests {
         let ksk_params = PARAM_KEYSWITCH_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
         let fhe_params = PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
-        let metadata = b"integer";
+        let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
         let num_blocks = 4usize;
         let modulus = pke_params
@@ -1433,11 +1433,11 @@ mod zk_pok_tests {
 
         let proven_ct = if is_packed {
             builder
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap()
         } else {
             builder
-                .build_with_proof(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap()
         };
 
@@ -1452,7 +1452,7 @@ mod zk_pok_tests {
             .verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view()),
             )
             .unwrap();
@@ -1495,7 +1495,7 @@ mod zk_pok_tests {
         let ksk_params = PARAM_KEYSWITCH_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
         let fhe_params = PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
-        let metadata = b"integer";
+        let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
         let crs = CompactPkeCrs::from_shortint_params(pke_params, LweCiphertextCount(512)).unwrap();
         let cks = ClientKey::new(fhe_params);
@@ -1514,13 +1514,13 @@ mod zk_pok_tests {
             let proven_ct = CompactCiphertextList::builder(&pk)
                 .push_with_num_blocks(1u8, 0)
                 .push_with_num_blocks(-1i8, 0)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             assert!(proven_ct.is_empty());
             assert_eq!(proven_ct.len(), 0);
             assert_eq!(
-                proven_ct.verify(&crs, &pk, metadata),
+                proven_ct.verify(&crs, &pk, &metadata),
                 ZkVerificationOutcome::Valid
             );
             assert!(proven_ct.is_conformant(&conformance_params));
@@ -1528,7 +1528,7 @@ mod zk_pok_tests {
                 proven_ct.verify_and_expand(
                     &crs,
                     &pk,
-                    metadata,
+                    &metadata,
                     IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view()),
                 ),
                 Ok(vec) if vec.is_empty()
@@ -1538,13 +1538,13 @@ mod zk_pok_tests {
         // Test by pushing with nothing
         {
             let proven_ct = CompactCiphertextList::builder(&pk)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             assert!(proven_ct.is_empty());
             assert_eq!(proven_ct.len(), 0);
             assert_eq!(
-                proven_ct.verify(&crs, &pk, metadata),
+                proven_ct.verify(&crs, &pk, &metadata),
                 ZkVerificationOutcome::Valid
             );
             assert!(proven_ct.is_conformant(&conformance_params));
@@ -1552,7 +1552,7 @@ mod zk_pok_tests {
                 proven_ct.verify_and_expand(
                     &crs,
                     &pk,
-                    metadata,
+                    &metadata,
                     IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view()),
                 ),
                 Ok(vec) if vec.is_empty()
@@ -1564,7 +1564,7 @@ mod zk_pok_tests {
             let mut proven_ct = CompactCiphertextList::builder(&pk)
                 .push(1u8)
                 .push(-1i8)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             proven_ct.ct_list.proved_lists = Vec::new();
@@ -1577,7 +1577,7 @@ mod zk_pok_tests {
             let mut proven_ct = CompactCiphertextList::builder(&pk)
                 .push(1u8)
                 .push(-1i8)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             proven_ct.info = Vec::new();
@@ -1647,7 +1647,7 @@ mod zk_pok_tests {
         let ksk_params = PARAM_KEYSWITCH_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
         let fhe_params = PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
-        let metadata = b"integer";
+        let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
         let crs = CompactPkeCrs::from_shortint_params(pke_params, LweCiphertextCount(2)).unwrap();
         let cks = ClientKey::new(fhe_params);
@@ -1664,7 +1664,7 @@ mod zk_pok_tests {
         let mut proven_ct = CompactCiphertextList::builder(&pk)
             .push_with_num_blocks(1u8, 4)
             .push_with_num_blocks(-1i8, 4)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
         assert_eq!(proven_ct.len(), 2);
@@ -1684,14 +1684,14 @@ mod zk_pok_tests {
         assert!(!proven_ct.is_conformant(&conformance_params));
         assert!(proven_ct.is_empty());
         assert_eq!(
-            proven_ct.verify(&crs, &pk, metadata),
+            proven_ct.verify(&crs, &pk, &metadata),
             ZkVerificationOutcome::Valid
         );
         assert!(matches!(
             proven_ct.verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.
                     as_view()),
             ),
@@ -1706,14 +1706,14 @@ mod zk_pok_tests {
         assert!(!proven_ct.is_empty());
         assert!(proven_ct.is_packed());
         assert_eq!(
-            proven_ct.verify(&crs, &pk, metadata),
+            proven_ct.verify(&crs, &pk, &metadata),
             ZkVerificationOutcome::Valid
         );
         assert!(proven_ct
             .verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view())
             )
             .is_err());
@@ -1729,14 +1729,14 @@ mod zk_pok_tests {
         assert!(!proven_ct.is_empty());
         assert!(proven_ct.is_packed());
         assert_eq!(
-            proven_ct.verify(&crs, &pk, metadata),
+            proven_ct.verify(&crs, &pk, &metadata),
             ZkVerificationOutcome::Valid
         );
         assert!(proven_ct
             .verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view())
             )
             .is_ok());
@@ -1748,14 +1748,14 @@ mod zk_pok_tests {
         assert!(!proven_ct.is_empty());
         assert!(proven_ct.is_packed());
         assert_eq!(
-            proven_ct.verify(&crs, &pk, metadata),
+            proven_ct.verify(&crs, &pk, &metadata),
             ZkVerificationOutcome::Valid
         );
         assert!(proven_ct
             .verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view())
             )
             .is_err());
@@ -1767,7 +1767,7 @@ mod zk_pok_tests {
         let ksk_params = PARAM_KEYSWITCH_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
         let fhe_params = PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
-        let metadata = b"integer";
+        let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
         let crs = CompactPkeCrs::from_shortint_params(pke_params, LweCiphertextCount(2)).unwrap();
         let cks = ClientKey::new(fhe_params);
@@ -1784,7 +1784,7 @@ mod zk_pok_tests {
         let mut proven_ct = CompactCiphertextList::builder(&pk)
             .push_with_num_blocks(1u8, 4)
             .push_with_num_blocks(-1i8, 4)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
         assert!(proven_ct.is_conformant(&conformance_params));
@@ -1803,7 +1803,7 @@ mod zk_pok_tests {
         let expander = proven_ct.verify_and_expand(
             &crs,
             &pk,
-            metadata,
+            &metadata,
             IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view()),
         );
         assert!(expander.is_err());
@@ -1817,7 +1817,7 @@ mod zk_pok_tests {
             TEST_PARAM_KEYSWITCH_PKE_TO_BIG_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128_ZKV1;
         let fhe_params = PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
-        let metadata = b"integer";
+        let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
         let num_blocks = 4usize;
         let modulus = pke_params
@@ -1839,14 +1839,14 @@ mod zk_pok_tests {
 
         let proven_ct = CompactCiphertextList::builder(&pk)
             .extend_with_num_blocks(msgs.iter().copied(), num_blocks)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
         let expander = proven_ct
             .verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view()),
             )
             .unwrap();
@@ -1879,7 +1879,7 @@ mod zk_pok_tests {
         let ksk_params = PARAM_KEYSWITCH_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
         let fhe_params = PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
-        let metadata = b"integer";
+        let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
         let crs_blocks_for_64_bits =
             64 / ((pke_params.message_modulus.0 * pke_params.carry_modulus.0).ilog2() as usize);
@@ -1900,14 +1900,14 @@ mod zk_pok_tests {
 
         let proven_ct = CompactCiphertextList::builder(&pk)
             .extend_with_num_blocks(msgs.iter().copied(), encryption_num_blocks)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
         let expander = proven_ct
             .verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view()),
             )
             .unwrap();
@@ -1942,7 +1942,7 @@ mod zk_pok_tests {
         let ksk_params = PARAM_KEYSWITCH_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
         let fhe_params = PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
-        let metadata = b"integer";
+        let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
         let crs_blocks_for_64_bits =
             64 / ((pke_params.message_modulus.0 * pke_params.carry_modulus.0).ilog2() as usize);
@@ -1963,7 +1963,7 @@ mod zk_pok_tests {
 
         let proven_ct = CompactCiphertextList::builder(&pk)
             .extend_with_num_blocks(msgs.iter().copied(), encryption_num_blocks)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
         let infos_block_count = {
@@ -2023,7 +2023,7 @@ mod zk_pok_tests {
             .verify_and_expand(
                 &crs,
                 &pk,
-                metadata,
+                &metadata,
                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(ksk.as_view()),
             )
             .unwrap();

tfhe/src/integer/ciphertext/test.rs

@@ -245,7 +245,7 @@ mod zk {
         let fhe_params = TEST_PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128;
 
         let num_blocks = 4usize;
-        let metadata = *b"test";
+        let metadata = [b't', b'e', b's', b't'];
         let rerand_domain_separator = *b"TFHE_Rrd";
         let compact_public_encryption_domain_separator = *b"TFHE_Enc";
 
@@ -403,7 +403,7 @@ mod zk {
 
         // Intentionally low so that we test when multiple lists and proofs are needed
         let crs = CompactPkeCrs::from_shortint_params(pke_params, LweCiphertextCount(8)).unwrap();
-        let metadata = b"rerand";
+        let metadata = [b'r', b'e', b'r', b'a', b'n', b'd'];
 
         let clear_a = rand::random::<u64>();
         let clear_b = rand::random::<i8>();
@@ -412,7 +412,7 @@ mod zk {
             .push(clear_a)
             .push(clear_b)
             .push(false)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
             .unwrap();
 
         // Clone the list so both CPU and GPU start from the same state

tfhe/src/integer/gpu/server_key/radix/tests_unsigned/mod.rs

@@ -68,9 +68,8 @@ macro_rules! create_gpu_parameterized_stringified_test{
 }
 
 use crate::integer::gpu::server_key::radix::tests_signed::GpuMultiDeviceFunctionExecutor;
-pub(crate) use create_gpu_parameterized_stringified_test;
-pub(crate) use create_gpu_parameterized_test;
 use tfhe_csprng::seeders::Seed;
+pub(crate) use {create_gpu_parameterized_stringified_test, create_gpu_parameterized_test};
 
 pub(crate) struct GpuContext {
     pub(crate) streams: CudaStreams,

tfhe/src/integer/gpu/zk/mod.rs

@@ -271,7 +271,7 @@ mod tests {
         ];
 
         for (ksk_params, pke_params, fhe_params) in params {
-            let metadata = b"integer";
+            let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
             let num_blocks = 4usize;
             let modulus = pke_params
@@ -304,7 +304,7 @@ mod tests {
 
             let proven_ct = CompactCiphertextList::builder(&pk)
                 .extend_with_num_blocks(msgs.iter().copied(), num_blocks)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
             let gpu_proven_ct =
                 CudaProvenCompactCiphertextList::from_proven_compact_ciphertext_list(
@@ -312,7 +312,7 @@ mod tests {
                 );
 
             let gpu_expander = gpu_proven_ct
-                .verify_and_expand(&crs, &pk, metadata, &d_ksk, &streams)
+                .verify_and_expand(&crs, &pk, &metadata, &d_ksk, &streams)
                 .unwrap();
 
             for (idx, msg) in msgs.iter().copied().enumerate() {
@@ -362,7 +362,7 @@ mod tests {
         ];
 
         for (ksk_params, pke_params, fhe_params) in params {
-            let metadata = b"integer";
+            let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
             let crs_blocks_for_64_bits =
                 64 / ((pke_params.message_modulus.0 * pke_params.carry_modulus.0).ilog2() as usize);
@@ -392,7 +392,7 @@ mod tests {
 
             let proven_ct = CompactCiphertextList::builder(&pk)
                 .extend_with_num_blocks(msgs.iter().copied(), encryption_num_blocks)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
             let gpu_proven_ct =
                 CudaProvenCompactCiphertextList::from_proven_compact_ciphertext_list(
@@ -400,7 +400,7 @@ mod tests {
                 );
 
             let gpu_expander = gpu_proven_ct
-                .verify_and_expand(&crs, &pk, metadata, &d_ksk, &streams)
+                .verify_and_expand(&crs, &pk, &metadata, &d_ksk, &streams)
                 .unwrap();
 
             for (idx, msg) in msgs.iter().copied().enumerate() {
@@ -452,7 +452,7 @@ mod tests {
         ];
 
         for (ksk_params, pke_params, fhe_params) in params {
-            let metadata = b"integer";
+            let metadata = [b'i', b'n', b't', b'e', b'g', b'e', b'r'];
 
             let crs_blocks_for_64_bits =
                 64 / ((pke_params.message_modulus.0 * pke_params.carry_modulus.0).ilog2() as usize);
@@ -482,7 +482,7 @@ mod tests {
 
             let proven_ct = CompactCiphertextList::builder(&pk)
                 .extend_with_num_blocks(msgs.iter().copied(), encryption_num_blocks)
-                .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Proof)
+                .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)
                 .unwrap();
 
             let infos_block_count = {
@@ -543,7 +543,7 @@ mod tests {
                 );
 
             let gpu_expander = gpu_proven_ct
-                .verify_and_expand(&crs, &pk, metadata, &d_ksk, &streams)
+                .verify_and_expand(&crs, &pk, &metadata, &d_ksk, &streams)
                 .unwrap();
 
             for idx in boolean_block_idx.iter().copied() {
@@ -595,7 +595,7 @@ mod tests {
 
         let crs = CompactPkeCrs::from_config(config, 64).unwrap();
         let public_key = crate::CompactPublicKey::try_new(&client_key).unwrap();
-        let metadata = b"TFHE-rs";
+        let metadata = [b'T', b'F', b'H', b'E', b'-', b'r', b's'];
 
         // Create a proven compact list with 6 items (matching user's scenario)
         let m0 = true;
@@ -611,7 +611,7 @@ mod tests {
             .push(m3)
             .push(m4)
             .push(m5)
-            .build_with_proof_packed(&crs, metadata, ZkComputeLoad::Verify)
+            .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Verify)
             .unwrap();
 
         // Set GPU server key
@@ -619,7 +619,7 @@ mod tests {
 
         // Verify and expand on GPU
         let expander = proven_compact_list
-            .verify_and_expand(&crs, &public_key, metadata)
+            .verify_and_expand(&crs, &public_key, &metadata)
             .unwrap();
 
         // The expander should have length 6 (number of data items), not 66 (total blocks)

tfhe/src/integer/server_key/radix_parallel/count_consecutive_bits.rs

@@ -570,7 +570,7 @@ mod test {
                 for num_blocks in 1..64 {
                     let num_bits = 2 * num_blocks;
 
-                    println!("num_bits: {num_bits}");
+                    println!("num_bits: {num_bits}",);
 
                     for target_result in 0..=num_bits {
                         for _ in 0..10 {

tfhe/src/integer/tests.rs

@@ -75,5 +75,4 @@ macro_rules! create_parameterized_test_classical_params {
         });
     };
 }
-pub(crate) use create_parameterized_test;
-pub(crate) use create_parameterized_test_classical_params;
+pub(crate) use {create_parameterized_test, create_parameterized_test_classical_params};

tfhe/src/shortint/ciphertext/re_randomization.rs

@@ -667,7 +667,7 @@ mod test {
         let pubk = CompactPublicKey::new(&privk);
 
         let crs = CompactPkeCrs::from_shortint_params(cpk_params, LweCiphertextCount(4)).unwrap();
-        let metadata = b"shortint";
+        let metadata = [b's', b'h', b'o', b'r', b't', b'i', b'n', b't'];
 
         let ksk_builder = KeySwitchingKeyBuildHelper::new((&privk, None), (&cks, &sks), ks_params);
         let casting_key: KeySwitchingKeyView<'_> = ksk_builder.as_key_switching_key_view();
@@ -688,7 +688,7 @@ mod test {
             .encrypt_and_prove_slice(
                 &messages,
                 &crs,
-                metadata,
+                &metadata,
                 ZkComputeLoad::Verify,
                 cpk_params.message_modulus.0,
             )

tfhe/src/shortint/ciphertext/zk.rs

@@ -192,7 +192,7 @@ impl ProvenCompactCiphertextList {
         let expanded = self
             .proved_lists
             .iter()
-            .zip(per_list_casting_mode)
+            .zip(per_list_casting_mode.into_iter())
             .map(|((ct_list, _proof), casting_mode)| ct_list.expand(casting_mode))
             .collect::<Result<Vec<Vec<_>>, _>>()?
             .into_iter()
@@ -385,7 +385,7 @@ mod tests {
 
         let functions = vec![Some(vec![dyn_id; 1]); 1];
 
-        let metadata = b"shortint";
+        let metadata = [b's', b'h', b'o', b'r', b't', b'i', b'n', b't'];
 
         let msg = random::<u64>() % pke_params.message_modulus.0;
         // No packing
@@ -395,7 +395,7 @@ mod tests {
             .encrypt_and_prove(
                 msg,
                 &crs,
-                metadata,
+                &metadata,
                 ZkComputeLoad::Proof,
                 encryption_modulus,
             )
@@ -417,7 +417,7 @@ mod tests {
         let proven_ct = proven_ct.verify_and_expand(
             &crs,
             &pub_key,
-            metadata,
+            &metadata,
             ShortintCompactCiphertextListCastingMode::CastIfNecessary {
                 casting_key: ksk.as_view(),
                 functions: Some(functions.as_slice()),
@@ -447,7 +447,7 @@ mod tests {
 
         let functions = vec![Some(vec![dyn_id; 1]); 512];
 
-        let metadata = b"shortint";
+        let metadata = [b's', b'h', b'o', b'r', b't', b'i', b'n', b't'];
 
         let msgs = (0..512)
             .map(|_| random::<u64>() % params.message_modulus.0)
@@ -457,18 +457,18 @@ mod tests {
             .encrypt_and_prove_slice(
                 &msgs,
                 &crs,
-                metadata,
+                &metadata,
                 ZkComputeLoad::Proof,
                 params.message_modulus.0,
             )
             .unwrap();
-        assert!(proven_ct.verify(&crs, &pub_key, metadata).is_valid());
+        assert!(proven_ct.verify(&crs, &pub_key, &metadata).is_valid());
 
         let expanded = proven_ct
             .verify_and_expand(
                 &crs,
                 &pub_key,
-                metadata,
+                &metadata,
                 ShortintCompactCiphertextListCastingMode::CastIfNecessary {
                     casting_key: ksk.as_view(),
                     functions: Some(functions.as_slice()),
@@ -496,7 +496,7 @@ mod tests {
         let sk = ServerKey::new(&ck);
         let ksk = KeySwitchingKey::new((&priv_key, None), (&ck, &sk), ksk_params);
 
-        let metadata = b"shortint";
+        let metadata = [b's', b'h', b'o', b'r', b't', b'i', b'n', b't'];
 
         let msgs = (0..512)
             .map(|_| random::<u64>() % params.message_modulus.0)
@@ -506,18 +506,18 @@ mod tests {
             .encrypt_and_prove_slice(
                 &msgs,
                 &crs,
-                metadata,
+                &metadata,
                 ZkComputeLoad::Proof,
                 params.message_modulus.0,
             )
             .unwrap();
-        assert!(proven_ct.verify(&crs, &pub_key, metadata).is_valid());
+        assert!(proven_ct.verify(&crs, &pub_key, &metadata).is_valid());
 
         let expanded = proven_ct
             .verify_and_expand(
                 &crs,
                 &pub_key,
-                metadata,
+                &metadata,
                 ShortintCompactCiphertextListCastingMode::CastIfNecessary {
                     casting_key: ksk.as_view(),
                     functions: None,
@@ -544,7 +544,7 @@ mod tests {
         let priv_key = CompactPrivateKey::new(pke_params);
         let pub_key = CompactPublicKey::new(&priv_key);
 
-        let metadata = b"shortint";
+        let metadata = [b's', b'h', b'o', b'r', b't', b'i', b'n', b't'];
 
         let msgs = (0..total_lwe_count)
             .map(|_| random::<u64>() % params.message_modulus.0)
@@ -554,12 +554,12 @@ mod tests {
             .encrypt_and_prove_slice(
                 &msgs,
                 &crs,
-                metadata,
+                &metadata,
                 ZkComputeLoad::Verify,
                 params.message_modulus.0 * params.carry_modulus.0,
             )
             .unwrap();
-        assert!(proven_ct.verify(&crs, &pub_key, metadata).is_valid());
+        assert!(proven_ct.verify(&crs, &pub_key, &metadata).is_valid());
 
         let zk_conformance_params = CompactPkeProofConformanceParams::new(crs.scheme_version());
 

tfhe/src/shortint/parameters/meta.rs

@@ -167,7 +167,7 @@ impl MetaParameters {
             return self;
         }
 
-        panic!("Invalid MetaParameters");
+        panic!("Invalid MetaParameters",);
     }
 }
 

tfhe/src/shortint/server_key/div_mod.rs

@@ -179,7 +179,7 @@ impl<AP: AtomicPattern> GenericServerKey<AP> {
     pub fn unchecked_div_assign(&self, ct_left: &mut Ciphertext, ct_right: &Ciphertext) {
         let value_on_div_by_zero = ct_left.message_modulus.0 - 1;
         self.unchecked_evaluate_bivariate_function_assign(ct_left, ct_right, |x, y| {
-            x.checked_div(y).unwrap_or(value_on_div_by_zero)
+            safe_division(x, y, value_on_div_by_zero)
         });
     }
 
@@ -218,7 +218,7 @@ impl<AP: AtomicPattern> GenericServerKey<AP> {
     pub fn smart_div(&self, ct_left: &mut Ciphertext, ct_right: &mut Ciphertext) -> Ciphertext {
         let value_on_div_by_zero = ct_left.message_modulus.0 - 1;
         self.smart_evaluate_bivariate_function(ct_left, ct_right, |x, y| {
-            x.checked_div(y).unwrap_or(value_on_div_by_zero)
+            safe_division(x, y, value_on_div_by_zero)
         })
     }
 
@@ -257,7 +257,16 @@ impl<AP: AtomicPattern> GenericServerKey<AP> {
     pub fn smart_div_assign(&self, ct_left: &mut Ciphertext, ct_right: &mut Ciphertext) {
         let value_on_div_by_zero = ct_left.message_modulus.0 - 1;
         self.smart_evaluate_bivariate_function_assign(ct_left, ct_right, |x, y| {
-            x.checked_div(y).unwrap_or(value_on_div_by_zero)
+            safe_division(x, y, value_on_div_by_zero)
         });
     }
 }
+
+// Specific division function returning value_on_div_by_zero in case of a division by 0
+pub(crate) fn safe_division(x: u64, y: u64, value_on_div_by_zero: u64) -> u64 {
+    if y == 0 {
+        value_on_div_by_zero
+    } else {
+        x / y
+    }
+}

tfhe/src/shortint/server_key/tests/parameterized_test.rs

@@ -97,8 +97,7 @@ macro_rules! create_parameterized_test{
     };
 }
 
-pub(crate) use create_parameterized_stringified_test;
-pub(crate) use create_parameterized_test;
+pub(crate) use {create_parameterized_stringified_test, create_parameterized_test};
 
 //These functions are compatible with all parameter sets.
 create_parameterized_test!(shortint_encrypt_decrypt);

tfhe/src/strings/server_key/pattern/replace.rs

@@ -266,15 +266,15 @@ impl<T: Borrow<IntegerServerKey> + Sync> ServerKey<T> {
         match self.length_checks(str, &trivial_or_enc_from) {
             IsMatch::Clear(false) => return result,
 
-            // If `from` is empty and str too, there's only one match and one replacement
-            IsMatch::Clear(true) if str.is_empty() => {
-                match count {
-                    UIntArg::Clear(_) => {
+            IsMatch::Clear(true) => {
+                // If `from` is empty and str too, there's only one match and one replacement
+                if str.is_empty() {
+                    if let UIntArg::Clear(_) = count {
                         return to.clone();
                     }
 
                     // We have to take into account that encrypted n could be 0
-                    UIntArg::Enc(enc_n) => {
+                    if let UIntArg::Enc(enc_n) = count {
                         let n_is_zero = sk.scalar_eq_parallelized(enc_n.cipher(), 0);
 
                         let mut re = self.conditional_string(&n_is_zero, &result, to);
@@ -290,22 +290,21 @@ impl<T: Borrow<IntegerServerKey> + Sync> ServerKey<T> {
             // This happens when str is empty, so it's again one replacement if there's match or
             // if there isn't we return the str
             IsMatch::Cipher(val) => {
-                match count {
-                    UIntArg::Clear(_) => {
-                        return self.conditional_string(&val, to, str);
-                    }
-                    UIntArg::Enc(enc_n) => {
-                        let n_not_zero = sk.scalar_ne_parallelized(enc_n.cipher(), 0);
-                        let and_val = sk.boolean_bitand(&n_not_zero, &val);
+                if let UIntArg::Clear(_) = count {
+                    return self.conditional_string(&val, to, str);
+                }
 
-                        let mut re = self.conditional_string(&and_val, to, str);
+                if let UIntArg::Enc(enc_n) = count {
+                    let n_not_zero = sk.scalar_ne_parallelized(enc_n.cipher(), 0);
+                    let and_val = sk.boolean_bitand(&n_not_zero, &val);
 
-                        // When result or to are empty we get padding via the conditional_string
-                        // (pad_ciphertexts_lsb). And the condition result may or may not have
-                        // padding in this case.
-                        re.append_null(self);
-                        return re;
-                    }
+                    let mut re = self.conditional_string(&and_val, to, str);
+
+                    // When result or to are empty we get padding via the conditional_string
+                    // (pad_ciphertexts_lsb). And the condition result may or may not have
+                    // padding in this case.
+                    re.append_null(self);
+                    return re;
                 }
             }
             _ => (),
@@ -384,9 +383,11 @@ impl<T: Borrow<IntegerServerKey> + Sync> ServerKey<T> {
 
         match self.length_checks(str, &trivial_or_enc_from) {
             IsMatch::Clear(false) => return result,
-            // If `from` is empty and str too, there's only one match and one replacement
-            IsMatch::Clear(true) if str.is_empty() => {
-                return to.clone();
+            IsMatch::Clear(true) => {
+                // If `from` is empty and str too, there's only one match and one replacement
+                if str.is_empty() {
+                    return to.clone();
+                }
             }
             // This happens when str is empty, so it's again one replacement if there's match or
             // if there isn't we return the str

tfhe/tests/zk_wasm_x86_test.rs

@@ -16,7 +16,7 @@ use tfhe::zk::CompactPkeCrs;
 use tfhe::{ClientKey, CompactPublicKey, ConfigBuilder, ProvenCompactCiphertextList};
 
 const SIZE_LIMIT: u64 = 1024 * 1024 * 1024;
-const METADATA: [u8; 6] = *b"wasm64";
+const METADATA: [u8; 6] = [b'w', b'a', b's', b'm', b'6', b'4'];
 
 fn gen_key_and_crs() -> (CompactPublicKey, CompactPkeCrs) {
     println!("Generating keys");

utils/tfhe-backward-compat-data/crates/generate_0_10/Cargo.lock

@@ -635,9 +635,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_0_11/Cargo.lock

@@ -710,9 +710,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_0_8/Cargo.lock

@@ -635,9 +635,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_1_0/Cargo.lock

@@ -719,9 +719,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_1_1/Cargo.lock

@@ -721,9 +721,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_1_3/Cargo.lock

@@ -721,9 +721,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_1_4/Cargo.lock

@@ -763,9 +763,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_1_5/Cargo.lock

@@ -779,9 +779,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",

utils/tfhe-backward-compat-data/crates/generate_1_6/Cargo.lock

@@ -781,9 +781,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.6"
+version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
  "libc",
  "rand_chacha",
@@ -976,8 +976,7 @@ dependencies = [
 
 [[package]]
 name = "tfhe"
-version = "1.6.0"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
+version = "1.6.1"
 dependencies = [
  "aligned-vec",
  "bincode",
@@ -1016,7 +1015,6 @@ dependencies = [
 [[package]]
 name = "tfhe-csprng"
 version = "0.9.0"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
 dependencies = [
  "aes",
  "getrandom",
@@ -1029,7 +1027,6 @@ dependencies = [
 [[package]]
 name = "tfhe-fft"
 version = "0.10.1"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
 dependencies = [
  "aligned-vec",
  "bytemuck",
@@ -1043,7 +1040,6 @@ dependencies = [
 [[package]]
 name = "tfhe-ntt"
 version = "0.7.1"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
 dependencies = [
  "aligned-vec",
  "bytemuck",
@@ -1053,7 +1049,6 @@ dependencies = [
 [[package]]
 name = "tfhe-safe-serialize"
 version = "0.1.0"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
 dependencies = [
  "bincode",
  "serde",
@@ -1063,7 +1058,6 @@ dependencies = [
 [[package]]
 name = "tfhe-versionable"
 version = "0.7.0"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
 dependencies = [
  "aligned-vec",
  "num-complex",
@@ -1074,7 +1068,6 @@ dependencies = [
 [[package]]
 name = "tfhe-versionable-derive"
 version = "0.7.0"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -1084,7 +1077,6 @@ dependencies = [
 [[package]]
 name = "tfhe-zk-pok"
 version = "0.8.1"
-source = "git+https://github.com/zama-ai/tfhe-rs.git?tag=tfhe-rs-1.6.0#7b174b1865736e3291b5e35294acfe02946c42db"
 dependencies = [
  "ark-bls12-381",
  "ark-ec",

utils/tfhe-backward-compat-data/crates/generate_1_6/Cargo.toml

@@ -10,13 +10,23 @@ license = "BSD-3-Clause-Clear"
 clap = { version = "4.5", features = ["derive"] }
 
 # TFHE-rs
-tfhe = { git = "https://github.com/zama-ai/tfhe-rs.git", tag = "tfhe-rs-1.6.0", features = [
+tfhe = { features = [
     "boolean",
     "integer",
     "shortint",
     "zk-pok",
     "experimental-force_fft_algo_dif4",
-] }
-tfhe-versionable = { git = "https://github.com/zama-ai/tfhe-rs.git", tag = "tfhe-rs-1.6.0" }
+], path = "../../../../tfhe" }
+tfhe-versionable = { path = "../../../tfhe-versionable" }
+
+# Uncomment this and remove the lines above once the current tfhe-rs version has been released
+# tfhe = { git = "https://github.com/zama-ai/tfhe-rs.git", tag = "tfhe-rs-1.6.0", features = [
+#     "boolean",
+#     "integer",
+#     "shortint",
+#     "zk-pok",
+#     "experimental-force_fft_algo_dif4",
+# ] }
+# tfhe-versionable = { git = "https://github.com/zama-ai/tfhe-rs.git", tag = "tfhe-rs-1.6.0" }
 
 tfhe-backward-compat-data = { path = "../.." }