feat: remove hashbrown dep

.github/workflows/lint.yml

@@ -46,7 +46,7 @@ jobs:
         uses: ./.github/actions/cleanup-runner
       # Added: LLVM/Clang for RocksDB/bindgen
       - name: Install LLVM/Clang
-        uses: KyleMayes/install-llvm-action@v2
+        uses: ./.github/actions/install-llvm
         with:
           version: "17"
       - name: Rustup
@@ -124,3 +124,26 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: make check-fuzz
+
+  check-features:
+    name: check all feature combinations
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Cleanup large tools for build space
+        uses: ./.github/actions/cleanup-runner
+      # Added: LLVM/Clang for RocksDB/bindgen (needed for rocksdb feature)
+      - name: Install LLVM/Clang
+        uses: ./.github/actions/install-llvm
+        with:
+          version: "17"
+      - name: Rustup
+        run: rustup update --no-self-update
+      - uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-hack
+      - uses: Swatinem/rust-cache@v2
+        with:
+          save-if: ${{ github.event_name == 'push' && github.ref == format('refs/heads/{0}', inputs.target_branch) }}
+      - name: Check all feature combinations
+        run: ./scripts/check-features.sh

CHANGELOG.md

@@ -8,6 +8,8 @@
 - Added validation to `PartialMerkleTree::with_leaves()` to reject internal nodes ([#684](https://github.com/0xMiden/crypto/pull/684)).
 - [BREAKING] Moved `LargeSmt` root ownership from storage to in-memory layer ([#694](https://github.com/0xMiden/crypto/pull/694)). 
 - Remove use of `transmute()` in blake3 implementation ([#704](https://github.com/0xMiden/crypto/pull/704)).
+- [BREAKING] Removed the direct `hashbrown` dependency and now use `std::collections::{HashMap, HashSet}` whenever `std` is enabled (falling back to `BTreeMap`/`BTreeSet` in `no_std`) ([#696](https://github.com/0xMiden/crypto/issues/696)).
+- [BREAKING] Imported miden-serde-utils crate for serialization ([#715](https://github.com/0xMiden/crypto/pull/715)).
 
 ## 0.19.2 (2025-12-04)
 

Cargo.toml

@@ -1,6 +1,6 @@
 [workspace]
 exclude  = ["miden-crypto-fuzz"]
-members  = ["miden-crypto", "miden-crypto-derive"]
+members  = ["miden-crypto", "miden-crypto-derive", "miden-serde-utils"]
 resolver = "3"
 
 [workspace.package]
@@ -15,7 +15,14 @@ version      = "0.20.0"
 
 [workspace.dependencies]
 miden-crypto-derive = { path = "miden-crypto-derive", version = "0.20" }
+miden-serde-utils   = { features = ["winter-compat"], path = "miden-serde-utils", version = "0.20" }
 
 [workspace.lints.rust]
 # Suppress warnings about `cfg(fuzzing)`, which is automatically set when using `cargo-fuzz`.
 unexpected_cfgs = { check-cfg = ['cfg(fuzzing)'], level = "warn" }
+
+[profile.test-release]
+debug            = 2
+debug-assertions = true
+inherits         = "release"
+overflow-checks  = true

Makefile

@@ -6,7 +6,7 @@ help:
 
 # -- variables --------------------------------------------------------------------------------------
 
-ALL_FEATURES_EXCEPT_ROCKSDB="concurrent executable hashmaps internal serde std"
+ALL_FEATURES_EXCEPT_ROCKSDB="concurrent executable internal serde std"
 DEBUG_OVERFLOW_INFO=RUSTFLAGS="-C debug-assertions -C overflow-checks -C debuginfo=2"
 WARNINGS=RUSTDOCFLAGS="-D warnings"
 
@@ -68,30 +68,26 @@ doc: ## Generate and check documentation
 
 .PHONY: test-default
 test-default: ## Run tests with default features
-	$(DEBUG_OVERFLOW_INFO) cargo nextest run --profile default --release --features ${ALL_FEATURES_EXCEPT_ROCKSDB}
-
-.PHONY: test-hashmaps
-test-hashmaps: ## Run tests with `hashmaps` feature enabled
-	$(DEBUG_OVERFLOW_INFO) cargo nextest run --profile default --release --features hashmaps
+	cargo nextest run --profile default --cargo-profile test-release --features ${ALL_FEATURES_EXCEPT_ROCKSDB}
 
 .PHONY: test-no-std
 test-no-std: ## Run tests with `no-default-features` (std)
-	$(DEBUG_OVERFLOW_INFO) cargo nextest run --profile default --release --no-default-features
+	cargo nextest run --profile default --cargo-profile test-release --no-default-features
 
 .PHONY: test-smt-concurrent
 test-smt-concurrent: ## Run only concurrent SMT tests
-	$(DEBUG_OVERFLOW_INFO) cargo nextest run --profile smt-concurrent --release
+	cargo nextest run --profile smt-concurrent --cargo-profile test-release
 
 .PHONY: test-docs
 test-docs:
-	$(DEBUG_OVERFLOW_INFO) cargo test --doc --all-features
+	cargo test --doc --all-features --profile test-release
 
 .PHONY: test-large-smt
 test-large-smt: ## Run only large SMT tests
-	$(DEBUG_OVERFLOW_INFO) cargo nextest run --success-output immediate  --profile large-smt --release --features hashmaps,rocksdb
+	cargo nextest run --success-output immediate --profile large-smt --cargo-profile test-release --features rocksdb
 
 .PHONY: test
-test: test-default test-hashmaps test-no-std test-docs test-large-smt ## Run all tests except concurrent SMT tests
+test: test-default test-no-std test-docs test-large-smt ## Run all tests except concurrent SMT tests
 
 # --- checking ------------------------------------------------------------------------------------
 
@@ -137,15 +133,15 @@ bench-smt-concurrent: ## Run SMT benchmarks with concurrent feature
 
 .PHONY: bench-large-smt-memory
 bench-large-smt-memory: ## Run large SMT benchmarks with memory storage
-	cargo run --release --features concurrent,hashmaps,executable -- --size 1000000
+	cargo run --release --features concurrent,executable -- --size 1000000
 
 .PHONY: bench-large-smt-rocksdb
 bench-large-smt-rocksdb: ## Run large SMT benchmarks with rocksdb storage
-	cargo run --release --features concurrent,hashmaps,rocksdb,executable -- --storage rocksdb --size 1000000
+	cargo run --release --features concurrent,rocksdb,executable -- --storage rocksdb --size 1000000
 
 .PHONY: bench-large-smt-rocksdb-open
 bench-large-smt-rocksdb-open: ## Run large SMT benchmarks with rocksdb storage and open existing database
-	cargo run --release --features concurrent,hashmaps,rocksdb,executable -- --storage rocksdb --open
+	cargo run --release --features concurrent,rocksdb,executable -- --storage rocksdb --open
 
 # --- fuzzing --------------------------------------------------------------------------------
 

README.md

@@ -136,9 +136,8 @@ make
 This crate can be compiled with the following features:
 
 - `concurrent`- enabled by default; enables multi-threaded implementation of `Smt::with_entries()` which significantly improves performance on multi-core CPUs.
-- `std` - enabled by default and relies on the Rust standard library.
+- `std` - enabled by default and relies on the Rust standard library. When enabled, the crate uses `HashMap`/`HashSet`; when disabled (`no_std`), it uses `BTreeMap`/`BTreeSet` with ordered iteration.
 - `no_std` does not rely on the Rust standard library and enables compilation to WebAssembly.
-- `hashmaps` - uses hashbrown hashmaps in SMT and Merkle Store implementation which significantly improves performance of updates. Keys ordering in iterators is not guaranteed when this feature is enabled.
 - `rocksdb` - enables the RocksDB-backed storage for `LargeSmt` and related utilities. Implies `concurrent`.
 All of these features imply the use of [alloc](https://doc.rust-lang.org/alloc/) to support heap-allocated collections.
 

THIRD_PARTY_NOTICES.txt

@@ -0,0 +1,38 @@
+THIRD PARTY NOTICES
+===================
+
+This project includes code from the following third-party projects:
+
+--------------------------------------------------------------------------------
+
+1. Winterfell (facebook/winterfell)
+   https://github.com/facebook/winterfell
+
+   The following files contain code derived from Winterfell's winter-utils crate:
+   - miden-serde-utils/src/lib.rs
+   - miden-serde-utils/src/byte_reader.rs
+   - miden-serde-utils/src/byte_writer.rs
+
+   Original Copyright Notice and License:
+
+   Copyright (c) Facebook, Inc. and its affiliates.
+
+   Permission is hereby granted, free of charge, to any person obtaining a copy
+   of this software and associated documentation files (the "Software"), to deal
+   in the Software without restriction, including without limitation the rights
+   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+   copies of the Software, and to permit persons to whom the Software is
+   furnished to do so, subject to the following conditions:
+
+   The above copyright notice and this permission notice shall be included in all
+   copies or substantial portions of the Software.
+
+   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+   SOFTWARE.
+
+--------------------------------------------------------------------------------

miden-crypto/Cargo.toml

@@ -50,8 +50,9 @@ harness = false
 name    = "store"
 
 [[bench]]
-harness = false
-name    = "dsa"
+harness           = false
+name              = "dsa"
+required-features = ["std"]
 
 [[bench]]
 harness = false
@@ -62,17 +63,18 @@ harness = false
 name    = "rand"
 
 [features]
-concurrent = ["dep:rayon", "hashbrown?/rayon"]
+concurrent = ["dep:rayon", "std"]
 default = ["concurrent", "std"]
-executable = ["dep:clap", "dep:rand-utils", "std"]
+executable = ["concurrent", "dep:clap", "dep:rand-utils"]
 fuzzing = []
-hashmaps = ["dep:hashbrown"]
-internal = []
+internal = ["concurrent"]
 rocksdb = ["concurrent", "dep:rocksdb"]
 serde = ["dep:serde", "serde?/alloc", "winter-math/serde"]
 std = [
   "blake3/std",
   "dep:cc",
+  "miden-serde-utils/std",
+  "miden-serde-utils/winter-compat",
   "rand/std",
   "rand/thread_rng",
   "winter-crypto/std",
@@ -87,10 +89,10 @@ clap                          = { features = ["derive"], optional = true, versio
 curve25519-dalek              = { default-features = false, version = "4" }
 ed25519-dalek                 = { features = ["zeroize"], version = "2" }
 flume                         = { version = "0.11" }
-hashbrown                     = { features = ["serde"], optional = true, version = "0.16" }
 hkdf                          = { default-features = false, version = "0.12" }
 k256                          = { features = ["ecdh", "ecdsa"], version = "0.13" }
 miden-crypto-derive.workspace = true
+miden-serde-utils.workspace   = true
 num                           = { default-features = false, features = ["alloc", "libm"], version = "0.4" }
 num-complex                   = { default-features = false, version = "0.4" }
 rand                          = { default-features = false, version = "0.9" }

miden-crypto/benches/README.md

@@ -80,7 +80,7 @@ For each algorithm, we benchmark three core operations:
 
 ### Sparse Merkle Tree
 
-We build cryptographic data structures incorporating these hash functions. What follows are benchmarks of operations on sparse Merkle trees (SMTs) which use the above `RPO_256` hash function. We perform a batched modification of 1,000 values in a tree with 1,000,000 leaves (with the `hashmaps` feature to use the `hashbrown` crate).
+We build cryptographic data structures incorporating these hash functions. What follows are benchmarks of operations on sparse Merkle trees (SMTs) which use the above `RPO_256` hash function. We perform a batched modification of 1,000 values in a tree with 1,000,000 leaves using the default `HashMap` implementation (enabled with the `std` feature).
 
 ### Scenario 1: SMT Construction (1M pairs)
 
@@ -151,7 +151,7 @@ cargo run --features=executable
 The `concurrent` feature enables the concurrent benchmark, and is enabled by default. To run a sequential benchmark, disable the crate's default features:
 
 ```
-cargo run --no-default-features --features=executable,hashmaps
+cargo run --no-default-features --features=executable
 ```
 
 The benchmark parameters may also be customized with the `-s`/`--size`, `-i`/`--insertions`, and `-u`/`--updates` options.

miden-crypto/src/dsa/ecdsa_k256_keccak/tests.rs

@@ -115,7 +115,7 @@ fn test_secret_key_debug_redaction() {
 #[cfg(feature = "std")]
 #[test]
 fn test_signature_serde() {
-    use winter_utils::SliceReader;
+    use crate::utils::SliceReader;
     let sig0 = SecretKey::new().sign(Word::from([5, 0, 0, 0u32]));
     let sig_bytes = sig0.to_bytes();
     let mut slice_reader = SliceReader::new(&sig_bytes);

miden-crypto/src/dsa/falcon512_rpo/hash_to_point.rs

@@ -46,7 +46,7 @@ pub fn hash_to_point_rpo256(message: Word, nonce: &Nonce) -> Polynomial<FalconFe
 
 /// Returns a polynomial in Z_p[x]/(phi) representing the hash of the provided message and
 /// nonce using SHAKE256. This is the hash-to-point algorithm used in the reference implementation.
-#[cfg(test)]
+#[cfg(all(test, feature = "std"))]
 pub fn hash_to_point_shake256(message: &[u8], nonce: &Nonce) -> Polynomial<FalconFelt> {
     use sha3::{
         Shake256,
@@ -93,7 +93,7 @@ fn felt_to_falcon_felt(value: Felt) -> FalconFelt {
 /// Note that since `FalconFelt::new` accepts `i16`, we first reduce the `u32` value modulo
 /// the Falcon prime and then cast the resulting value to an `i16`.
 /// Note that this final cast is safe as the Falcon prime is less than `i16::MAX`.
-#[cfg(test)]
+#[cfg(all(test, feature = "std"))]
 fn u32_to_falcon_felt(value: u32) -> FalconFelt {
     FalconFelt::new((value % MODULUS as u32) as i16)
 }

miden-crypto/src/dsa/falcon512_rpo/keys/mod.rs

@@ -18,9 +18,12 @@ mod tests {
     use rand::SeedableRng;
     use rand_chacha::ChaCha20Rng;
     use winter_math::FieldElement;
-    use winter_utils::{Deserializable, Serializable};
 
-    use crate::{ONE, Word, dsa::falcon512_rpo::SecretKey};
+    use crate::{
+        ONE, Word,
+        dsa::falcon512_rpo::SecretKey,
+        utils::{Deserializable, Serializable},
+    };
 
     #[test]
     fn test_falcon_verification() {

miden-crypto/src/dsa/falcon512_rpo/keys/secret_key.rs

@@ -2,8 +2,6 @@ use alloc::{string::ToString, vec::Vec};
 
 use miden_crypto_derive::{SilentDebug, SilentDisplay};
 use num::Complex;
-#[cfg(not(feature = "std"))]
-use num::Float;
 use num_complex::Complex64;
 use rand::Rng;
 

miden-crypto/src/dsa/falcon512_rpo/math/ffsampling.rs

@@ -1,7 +1,5 @@
 use alloc::boxed::Box;
 
-#[cfg(not(feature = "std"))]
-use num::Float;
 use num::Zero;
 use num_complex::{Complex, Complex64};
 use rand::Rng;

miden-crypto/src/dsa/falcon512_rpo/math/fft.rs

@@ -4,8 +4,6 @@ use core::{
     ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign},
 };
 
-#[cfg(not(feature = "std"))]
-use num::Float;
 use num::{One, Zero};
 use num_complex::Complex64;