Merge branch 'na-release/candidate' into jb/no-wrap-tank

* na-release/candidate: (31 commits)
  pill: change to ropsten
  zuse: change to ropsten
  pill: all
  u3: fix accidental neologism in comments
  pill: solid
  u3: refactors dynamic hint bytecodes, documents protocol
  u3: adds dynamic hint bytecodes and implementation
  u3: moves _n_swap() next to other stack ops
  u3: adds ghetto +mook replacement
  u3: moves |ut battery to the rightmost cache key position
  u3: adds |ut battery to jet cache keys
  pill: solid
  pill: solid.pill
  hoon: bscl to bccl, etc
  pill: solid
  hoon: modernizes syntax in the rest of |co
  hoon: updates @p rendering to avoid intermediate right-shifts
  hoon: refactors @da/@dr coin printing
  hoon: comments, modernizes syntax for all +*-co:co gates
  hoon: refactors +r-co:co, modernizing syntax
  ...

bin/brass.pill

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:f4a6a782b2193a16dc10340e40787522ec34df50eb517fef849bc32b87a3e512
-size 4508418
+oid sha256:a0a913185fc286fed27b3a6297e6917c65db26e8798b54e2c98a5c2bbf847eb1
+size 4495580

bin/ivory.pill

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:db42476704efdbb5c2cbf81ea67f15603da5b848850b538081e7b108f969fa19
-size 1315294
+oid sha256:20057d491e10d2ba0afce72833dd45e78b746fc3a33122337ad346f9addfca66
+size 1320607

bin/solid.pill

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:d9a13b9dfa256559712b3d80c0de6cef74082c60de011cb9525a298f36fd0f13
-size 6296730
+oid sha256:1f7e5913134048073737c5ba380fabc9c3819a37038a1db8b657c9605d9e9bc9
+size 6324130

pkg/arvo/app/dojo.hoon

@@ -897,7 +897,7 @@
     ++  dy-hoon-var
       =+  ^=  ope
           |=  gen/hoon  ^-  hoon
-          ?:  ?=(?($sgld $sgbn) -.gen)
+          ?:  ?=(?($sggl $sggr) -.gen)
             $(gen q.gen)
           =+  ~(open ap gen)
           ?.(=(gen -) $(gen -) gen)

pkg/arvo/gen/ivory.hoon

@@ -33,8 +33,8 @@
 ::    Parsed with a static path for reproducibility.
 ::
 =/  whole-hoon=hoon
-  :+  %tsbn  compiler-hoon
-  :+  %tsld  (rain /sys/arvo/hoon arvo-source)
+  :+  %tsgr  compiler-hoon
+  :+  %tsgl  (rain /sys/arvo/hoon arvo-source)
   [%$ 7]
 ::  compile the whole schmeer
 ::

pkg/arvo/gen/solid.hoon

@@ -35,7 +35,7 @@
     ::  compile arvo against hoon, with our current compiler
     ::
     =/  whole-hoon=hoon
-      [%tsbn compiler-hoon [%tsbn [%$ 7] (rain arvo-path arvo-src)]]
+      [%tsgr compiler-hoon [%tsgr [%$ 7] (rain arvo-path arvo-src)]]
     ~&  %solid-parsed
     =/  whole-formula  q:(~(mint ut %noun) %noun whole-hoon)
     ~&  %solid-arvo

pkg/arvo/lib/bip32.hoon

@@ -16,7 +16,7 @@
 ::  dep:  depth in chain
 ::  ind:  index at depth
 ::  pif:  parent fingerprint (4 bytes)
-|_  [prv=@ pub=pont cad=@ dep=@ud ind=@ud pif=@]
+|_  [prv=@ pub=point.ecc cad=@ dep=@ud ind=@ud pif=@]
 ::
 +=  keyc  [key=@ cai=@]  ::  prv/pub key + chain code
 ::
@@ -26,7 +26,7 @@
 ::
 ++  ser-p  compress-point.ecc
 ::
-++  n      ^n:ecc
+++  n      n:t.ecc
 ::
 ::  core initialization
 ::
@@ -46,7 +46,7 @@
   +>(pub (decompress-point.ecc key), cad cai)
 ::
 ++  from-public-point
-  |=  [pon=pont cai=@]
+  |=  [pon=point.ecc cai=@]
   +>(pub pon, cad cai)
 ::
 ++  from-extended
@@ -150,7 +150,7 @@
   ::  rare exception, invalid key, go to the next one
   ?:  (gte left n)  $(i +(i))  ::TODO  or child key is "point at infinity"
   %_  +>.$
-    pub   (jc-add.ecc (point left) pub)
+    pub   (add-points.ecc (point left) pub)
     cad   right
     dep   +(dep)
     ind   i

pkg/arvo/lib/language-server/complete.hoon

@@ -144,7 +144,7 @@
       [^ *]      (both p.gen q.gen)
       [%ktcn *]  loop(gen p.gen)
       [%brcn *]  (grow q.gen)
-      [%brvt *]  (grow q.gen)
+      [%brpt *]  (grow q.gen)
       [%cnts *]
     |-  ^-  (unit [term type])
     =*  inner-loop  $
@@ -165,13 +165,13 @@
       [%hand *]  ~
       [%ktbr *]  loop(gen p.gen)
       [%ktls *]  (both p.gen q.gen)
-      [%ktpd *]  loop(gen p.gen)
+      [%ktpm *]  loop(gen p.gen)
       [%ktsg *]  loop(gen p.gen)
       [%ktwt *]  loop(gen p.gen)
       [%note *]  loop(gen q.gen)
       [%sgzp *]  (both p.gen q.gen)
-      [%sgbn *]  loop(gen q.gen)  ::  should check for hoon in p.gen
-      [%tsbn *]  (change p.gen q.gen)
+      [%sggr *]  loop(gen q.gen)  ::  should check for hoon in p.gen
+      [%tsgr *]  (change p.gen q.gen)
       [%tscm *]
     %+  replace
       loop(gen p.gen)
@@ -185,7 +185,7 @@
       [%lost *]  loop(gen p.gen)
       [%zpmc *]  (both p.gen q.gen)
       [%zpts *]  loop(gen p.gen)
-      [%zpvt *]  (both q.gen r.gen)
+      [%zppt *]  (both q.gen r.gen)
       [%zpzp *]  ~
       *
     =+  doz=~(open ap gen)

pkg/arvo/lib/language-server/easy-print.hoon

@@ -17,7 +17,7 @@
           {$face p/term q/wine}
           {$list p/term q/wine}
           {$pear p/term q/@}
-          {$bswt p/(list wine)}
+          {$bcwt p/(list wine)}
           {$plot p/(list wine)}
           {$stop p/@ud}
           {$tree p/term q/wine}
@@ -122,7 +122,7 @@
       =^  cox  gid  $(q.ham q.q.ham)
       :_(gid [%rose [" " (weld (trip p.q.ham) "(") ")"] cox ~])
     ::
-        {$bswt *}
+        {$bcwt *}
       =^  coz  gid  (many p.q.ham)
       :_(gid [%rose [[' ' ~] ['?' '(' ~] [')' ~]] coz])
     ::
@@ -265,7 +265,7 @@
       ~
     [~ u.for u.aft]
   ::
-      {$bswt *}
+      {$bcwt *}
     |-  ^-  (unit tank)
     ?~  p.q.ham
       ~
@@ -354,7 +354,7 @@
   ^=  woz
   ^-  wine
   ?.  ?=({$stop *} q.ham)
-    ?:  ?&  ?=  {$bswt {$pear $n $0} {$plot {$pear $n $0} {$face *} ~} ~}
+    ?:  ?&  ?=  {$bcwt {$pear $n $0} {$plot {$pear $n $0} {$face *} ~} ~}
               q.ham
             =(1 (met 3 p.i.t.p.i.t.p.q.ham))
         ==
@@ -364,7 +364,7 @@
   ?~  may
     q.ham
   =+  nul=[%pear %n 0]
-  ?.  ?&  ?=({$bswt *} u.may)
+  ?.  ?&  ?=({$bcwt *} u.may)
           ?=({* * ~} p.u.may)
           |(=(nul i.p.u.may) =(nul i.t.p.u.may))
       ==
@@ -458,7 +458,7 @@
   ::
       {$fork *}
     =+  yed=(sort ~(tap in p.sut) aor)
-    =-  [p [%bswt q]]
+    =-  [p [%bcwt q]]
     |-  ^-  {p/{p/(map type @) q/(map @ wine)} q/(list wine)}
     ?~  yed
       [dex ~]

pkg/arvo/lib/pprint.hoon

@@ -346,7 +346,7 @@
       [%brsg *]  (rune '|~' ~ ~ (spec p.x) (hn q.x) ~)
       [%brtr *]  (rune '|*' ~ ~ (spec p.x) (hn q.x) ~)
       [%brts *]  (rune '|=' ~ ~ (spec p.x) (hn q.x) ~)
-      [%brvt *]  (chapter '|@' ~ q.x)                 ::  Ignoring p.x
+      [%brpt *]  (chapter '|@' ~ q.x)                 ::  Ignoring p.x
       [%brwt *]  (rune '|?' ~ ~ (hn p.x) ~)
       [%clcb *]  (rune ':_' ~ ~ (hoons ~[p q]:x))
       [%clkt *]  (rune ':^' ~ ~ (hoons ~[p q r s]:x))
@@ -376,7 +376,7 @@
       [%ktdt *]  (rune '^.' ~ ~ (hoons ~[p q]:x))
       [%ktls *]  (rune '^+' ~ ~ (hoons ~[p q]:x))
       [%kthp *]  (rune '^-' ~ ~ ~[(spec p.x) (hn q.x)])
-      [%ktpd *]  (rune '^&' ~ ~ (hoons ~[p]:x))
+      [%ktpm *]  (rune '^&' ~ ~ (hoons ~[p]:x))
       [%ktsg *]  (rune '^~' ~ ~ (hoons ~[p]:x))
       [%ktts *]  (rune '^=' ~ `['' '=' ''] ~[(skin p.x) (hn q.x)])
       [%ktwt *]  (rune '^?' ~ ~ (hoons ~[p]:x))
@@ -385,56 +385,58 @@
       [%sgbr *]  (rune '~|' ~ ~ (hoons ~[p q]:x))
       [%sgcb *]  (rune '~_' ~ ~ (hoons ~[p q]:x))
       [%sgcn *]  (rune '~%' ~ ~ (chum p.x) (hn q.x) (tyre r.x) (hn s.x) ~)
-      [%sgnt *]  (rune '~/' ~ ~ (chum p.x) (hn q.x) ~)
-      [%sgld *]  (rune '~<' ~ ~ (hint p.x) (hn q.x) ~)
-      [%sgbn *]  (rune '~>' ~ ~ (hint p.x) (hn q.x) ~)
-      [%sgbs *]  (rune '~$' ~ ~ p.x (hn q.x) ~)
+      [%sgfs *]  (rune '~/' ~ ~ (chum p.x) (hn q.x) ~)
+      [%sggl *]  (rune '~<' ~ ~ (hint p.x) (hn q.x) ~)
+      [%sggr *]  (rune '~>' ~ ~ (hint p.x) (hn q.x) ~)
+      [%sgbc *]  (rune '~$' ~ ~ p.x (hn q.x) ~)
       [%sgls *]  (rune '~+' ~ ~ (hn q.x) ~)           ::  Ignoring p.x
-      [%sgpd *]  (rune '~&' ~ ~ (hoons ~[q r]:x))     ::  Ignoring p.x
+      [%sgpm *]  (rune '~&' ~ ~ (hoons ~[q r]:x))     ::  Ignoring p.x
       [%sgts *]  (rune '~=' ~ ~ (hoons ~[p q]:x))
       [%sgwt *]  (rune '~?' ~ ~ (hoons ~[q r s]:x))   ::  Ignoring p.x
       [%sgzp *]  (rune '~!' ~ ~ (hoons ~[p q]:x))
       [%mcts *]  %ast-node-mcts
       [%mccl *]  (rune ';:' `'==' `[':(' spc ')'] (hoons [p q]:x))
-      [%mcnt *]  (rune ';/' ~ ~ (hoons ~[p]:x))
+      [%mcfs *]  (rune ';/' ~ ~ (hoons ~[p]:x))
       [%mcgl *]  (rune ';<' ~ ~ (spec p.x) (hoons ~[q r s]:x))
       [%mcsg *]  (rune ';~' `'==' ~ (hoons [p q]:x))
       [%mcmc *]  (rune ';;' ~ ~ ~[(spec p.x) (hn q.x)])
       [%tsbr *]  (rune '=|' ~ ~ ~[(spec p.x) (hn q.x)])
       [%tscl *]  (tiscol-to-plum p.x q.x)
-      [%tsnt *]  (rune '=/' ~ ~ (skin p.x) (hn q.x) (hn r.x) ~)
+      [%tsfs *]  (rune '=/' ~ ~ (skin p.x) (hn q.x) (hn r.x) ~)
       [%tsmc *]  (rune '=;' ~ ~ [(skin p.x) (hoons ~[q r]:x)])
       [%tsdt *]  (rune '=.' ~ ~ [(wing p.x) (hoons ~[q r]:x)])
       [%tswt *]  (rune '=?' ~ ~ [(wing p.x) (hoons ~[q r s]:x)])
-      [%tsld *]  (rune '=>' ~ `['' ':' ''] (hoons ~[p q]:x))
+::  XX %tsld to %tsgl, but should be %tsgr? (to match =>)
+      [%tsgl *]  (rune '=>' ~ `['' ':' ''] (hoons ~[p q]:x))
       [%tshp *]  (rune '=-' ~ ~ (hoons ~[p q]:x))
-      [%tsbn *]  (rune '=<' ~ ~ (hoons ~[p q]:x))
+::  XX %tsbn to %tsgr, but should be %tsgl? (to match =<)
+      [%tsgr *]  (rune '=<' ~ ~ (hoons ~[p q]:x))
       [%tskt *]  (rune '=^' ~ ~ [(skin p.x) (wing q.x) (hoons ~[r s]:x)])
       [%tsls *]  (rune '=+' ~ ~ (hoons ~[p q]:x))
       [%tssg *]  (rune '=~' `'==' ~ (hoons p:x))
       [%tstr *]  ?~  q.p.x
                    (rune '=*' ~ ~ p.p.x (hoons ~[q r]:x))
-                 (rune '=*' ~ ~ (spec [%bsts p.p.x u.q.p.x]) (hoons ~[q r]:x))
+                 (rune '=*' ~ ~ (spec [%bcts p.p.x u.q.p.x]) (hoons ~[q r]:x))
       [%tscm *]  (rune '=,' ~ ~ (hoons ~[p q]:x))
       [%wtbr *]  (rune '?|' `'--' `['|(' ' ' ')'] (hoons p:x))
       [%wthp *]  (rune '?-' `'==' ~ (wing p.x) (matches q.x))
       [%wtcl *]  (rune '?:' ~ ~ (hoons ~[p q r]:x))
       [%wtdt *]  (rune '?.' ~ ~ (hoons ~[p q r]:x))
       [%wtkt *]  (rune '?^' ~ ~ [(wing p.x) (hoons ~[q r]:x)])
-      [%wtld *]  (rune '?<' ~ ~ (hoons ~[p q]:x))
-      [%wtbn *]  (rune '?>' ~ ~ (hoons ~[p q]:x))
+      [%wtgl *]  (rune '?<' ~ ~ (hoons ~[p q]:x))
+      [%wtgr *]  (rune '?>' ~ ~ (hoons ~[p q]:x))
       [%wtls *]  (rune '?+' `'==' ~ (wing p.x) (hn q.x) (matches r.x))
-      [%wtpd *]  (rune '?&' `'==' `['&(' ' ' ')'] (hoons p:x))
-      [%wtvt *]  (rune '?@' ~ ~ (wing p.x) (hoons ~[q r]:x))
+      [%wtpm *]  (rune '?&' `'==' `['&(' ' ' ')'] (hoons p:x))
+      [%wtpt *]  (rune '?@' ~ ~ (wing p.x) (hoons ~[q r]:x))
       [%wtsg *]  (rune '?~' ~ ~ (wing p.x) (hoons ~[q r]:x))
       [%wthx *]  (rune '?#' ~ ~ (skin p.x) (wing q.x) ~)
       [%wtts *]  (rune '?=' ~ ~ (spec p.x) (wing q.x) ~)
       [%wtzp *]  (rune '?!' ~ `['!' '' ''] (hoons ~[p]:x))
       [%zpcm *]  (rune '!,' ~ ~ (hoons ~[p q]:x))
-      [%zpbn *]  (rune '!>' ~ ~ (hoons ~[p]:x))
+      [%zpgr *]  (rune '!>' ~ ~ (hoons ~[p]:x))
       [%zpmc *]  (rune '!;' ~ ~ (hoons ~[p q]:x))
       [%zpts *]  (rune '!=' ~ ~ (hoons ~[p]:x))
-      [%zpvt *]  (rune '!@' ~ ~ (wingseq p.x) (hoons ~[q r]:x))
+      [%zppt *]  (rune '!@' ~ ~ (wingseq p.x) (hoons ~[q r]:x))
       [%zpwt *]  (hn q.x)                             ::  Ignore p.x
       [%zpzp ~]  '!!'
     ==
@@ -648,37 +650,37 @@
                  ?:  =(- 3)  '%^'
                  ?:  =(- 2)  '%+'  '%-'
                [(dohoon p.spec) (turn q.spec ..$)]
-        %bsbs  (core-spec-to-plum '$$' p.spec q.spec)
-        %bsbr  (subtree (fixed '$|') $(spec p.spec) (dohoon q.spec) ~)
-        %bscb  (dohoon p.spec)
-        %bscl  :-  %sbrk
+        %bcbc  (core-spec-to-plum '$$' p.spec q.spec)
+        %bcbr  (subtree (fixed '$|') $(spec p.spec) (dohoon q.spec) ~)
+        %bccb  (dohoon p.spec)
+        %bccl  :-  %sbrk
                :+  %tree
                  [`[' ' `['[' ']']] `['$:' `['' '==']]]
                (turn `(list ^spec)`+.spec ..$)
-        %bscn  (subtree (varying '$%' '==') (turn `(list ^spec)`+.spec ..$))
-        %bsdt  (core-spec-to-plum '$.' p.spec q.spec)
-        %bsld  (subtree (fixed '$<') $(spec p.spec) $(spec q.spec) ~)
-        %bsbn  (subtree (fixed '$>') $(spec p.spec) $(spec q.spec) ~)
-        %bshp  (subtree (fixed '$-') $(spec p.spec) $(spec q.spec) ~)
-        %bskt  (subtree (fixed '$^') $(spec p.spec) $(spec q.spec) ~)
-        %bsls  (subtree (fixed '$+') (stud-to-plum p.spec) $(spec q.spec) ~)
-        %bsnt  (core-spec-to-plum '$/' p.spec q.spec)
-        %bsmc  (subtree (fixed '$;') (dohoon p.spec) ~)
-        %bspd  (subtree (fixed '$&') $(spec p.spec) (dohoon q.spec) ~)
-        %bssg  (subtree (fixed '$~') (dohoon p.spec) $(spec q.spec) ~)
-        %bstc  (core-spec-to-plum '$`' p.spec q.spec)
-        %bsts  :-  %sbrk
+        %bccn  (subtree (varying '$%' '==') (turn `(list ^spec)`+.spec ..$))
+        %bcdt  (core-spec-to-plum '$.' p.spec q.spec)
+        %bcgl  (subtree (fixed '$<') $(spec p.spec) $(spec q.spec) ~)
+        %bcgr  (subtree (fixed '$>') $(spec p.spec) $(spec q.spec) ~)
+        %bchp  (subtree (fixed '$-') $(spec p.spec) $(spec q.spec) ~)
+        %bckt  (subtree (fixed '$^') $(spec p.spec) $(spec q.spec) ~)
+        %bcls  (subtree (fixed '$+') (stud-to-plum p.spec) $(spec q.spec) ~)
+        %bcfs  (core-spec-to-plum '$/' p.spec q.spec)
+        %bcmc  (subtree (fixed '$;') (dohoon p.spec) ~)
+        %bcpm  (subtree (fixed '$&') $(spec p.spec) (dohoon q.spec) ~)
+        %bcsg  (subtree (fixed '$~') (dohoon p.spec) $(spec q.spec) ~)
+        %bctc  (core-spec-to-plum '$`' p.spec q.spec)
+        %bcts  :-  %sbrk
                :+  %tree
                  [`['=' ~] `['$=' ~]]
                :~  (skin-to-plum p.spec)
                    $(spec q.spec)
                ==
-        %bsvt  (subtree (fixed '$@') $(spec p.spec) $(spec q.spec) ~)
-        %bswt  :-  %sbrk
+        %bcpt  (subtree (fixed '$@') $(spec p.spec) $(spec q.spec) ~)
+        %bcwt  :-  %sbrk
                :+  %tree
                   [`[' ' `['?(' ')']] `['$?' `['' '==']]]
                (turn `(list ^spec)`+.spec ..$)
-        %bszp  (core-spec-to-plum '$.' p.spec q.spec)
+        %bczp  (core-spec-to-plum '$.' p.spec q.spec)
       ==
   ::
   ++  varying
@@ -856,7 +858,7 @@
     |=  [=sample=xkey =product=xkey]
     ^-  plum
     %-  spec-to-plum  :*
-      %bshp
+      %bchp
       (ximage-to-spec:libxray sample-xkey img)
       (ximage-to-spec:libxray product-xkey img)
     ==

pkg/arvo/lib/xray.hoon

@@ -356,8 +356,8 @@
                =^  params=(list xkey)  st
                  |-  ^-  [(list xkey) xtable]
                  ?~  u.q.note  [~ st]
-                 =/  tsld  [%tsld [%limb %$] [%wing i.u.q.note]]
-                 =/  part  (~(play ut subject-of-note) tsld)
+                 =/  tsgl  [%tsgl [%limb %$] [%wing i.u.q.note]]
+                 =/  part  (~(play ut subject-of-note) tsgl)
                  =^  this  st  (main st part)
                  =^  more  st  $(u.q.note t.u.q.note)
                  [[this more] st]
@@ -1775,34 +1775,34 @@
              =/  tl  `spec`$(i tail.d)
              =/  both-basic  &(=([%base %noun] hd) =([%base %noun] tl))
              ?:  both-basic      [%base %cell]
-             ?:  ?=(%bscl -.tl)  [%bscl hd +.tl]
-             [%bscl hd tl ~]
+             ?:  ?=(%bccl -.tl)  [%bccl hd +.tl]
+             [%bccl hd tl ~]
       %core  =/  payld  $(i xray.d)
              =/  batt   ^-  (map term spec)
                         %-  ~(run by (flatten-battery batt.d))
                         |=  =xkey  ^$(i xkey)
              ?-  r.garb.d
-               %lead  [%bszp payld batt]
-               %gold  [%bsdt payld batt]
-               %zinc  [%bstc payld batt]
-               %iron  [%bsnt payld batt]
+               %lead  [%bczp payld batt]
+               %gold  [%bcdt payld batt]
+               %zinc  [%bctc payld batt]
+               %iron  [%bcfs payld batt]
              ==
       %pntr  !!
       %face  =/  =spec  $(i xray.d)
-             ?^(face.d spec [%bsts face.d spec])
+             ?^(face.d spec [%bcts face.d spec])
       %fork  =/  =xrole  (need xrole.x)
              |^  ?+  xrole
                      ~&  [%unexpected-fork-xrole xkey.x d xrole choices]
-                     [%bswt choices]
+                     [%bcwt choices]
                    %noun             [%base %noun]
                    %void             [%base %void]
-                   [%option *]       [%bswt choices]
-                   [%union *]        [%bscn choices]
-                   [%misjunction *]  [%bswt choices]
-                   [%junction *]     :+  %bsvt
+                   [%option *]       [%bcwt choices]
+                   [%union *]        [%bccn choices]
+                   [%misjunction *]  [%bcwt choices]
+                   [%junction *]     :+  %bcpt
                                        ^$(i flat.xrole)
                                      ^$(i deep.xrole)
-                   [%conjunction *]  :+  %bskt
+                   [%conjunction *]  :+  %bckt
                                        ^$(i wide.xrole)
                                      ^$(i tall.xrole)
                  ==
@@ -1822,7 +1822,7 @@
     ^-  spec
     ?.  (need loop.xr)  sp
     =/  nm  (synthetic xkey.xr)
-    [%bsbs [%loop nm] [[nm sp] ~ ~]]
+    [%bcbc [%loop nm] [[nm sp] ~ ~]]
   ::
   ::  If we have a `recipe`, we can generate much nicer output.
   ::

pkg/arvo/sur/plum.hoon

@@ -34,7 +34,7 @@
 ::  A `wide` is a description of how to render a plum in a single
 ::  line. The nested (`kids`) sub-plums will be interleaved with `delimit`
 ::  strings, and, if `enclose` is set, then the output will be enclosed
-::  with `p.u.enclose` abnd `q.u.enclose`.
+::  with `p.u.enclose` and `q.u.enclose`.
 ::
 ::  For example, to build a plumfmt for string literals, we could write:
 ::

pkg/arvo/sys/vane/clay.hoon

@@ -654,7 +654,7 @@
           (with-faces old+old sam+sam ~)
         :+  %sgzp  !,(*hoon old=old)
         :+  %sgzp  !,(*hoon sam=sam)
-        :+  %tsld  [%limb b]
+        :+  %tsgl  [%limb b]
         !,  *hoon
         ~(grow old sam)
       ::  try direct +grab
@@ -663,7 +663,7 @@
       =/  rab
         %-  mule  |.
         %+  slap  new
-        :+  %tsld  [%limb a]
+        :+  %tsgl  [%limb a]
         [%limb %grab]
       ?:  &(?=(%& -.rab) ?=(^ q.p.rab))
         :_(nub |=(sam=vase ~|([%grab a b] (slam p.rab sam))))
@@ -672,7 +672,7 @@
       =/  jum
         %-  mule  |.
         %+  slap  old
-        :+  %tsld  [%limb b]
+        :+  %tsgl  [%limb b]
         [%limb %jump]
       ?:  ?=(%& -.jum)
         (compose-casts a !<(mark p.jum) b)

pkg/arvo/sys/zuse.hoon

@@ -4226,185 +4226,296 @@
   ::                                                    ::
   ::::                    ++secp:crypto                 ::  (2b9) secp family
     ::                                                  ::::
-  ++  secp
-    ~%  %secp  ..is  ~
+  ++  secp  !.
+    ::  TODO: as-octs and hmc are outside of jet parent
+    =>  :+  ..is
+          hmc=hmac-sha256l:hmac:crypto
+        as-octs=as-octs:mimes:html
+    ~%  %secp  +<  ~
     |%
-    +=  jaco  [x=@ y=@ z=@]                             ::  jacobian point
-    +=  pont  [x=@ y=@]                                 ::  curve point
-    ::
-    ++  secp256k1
-      %+  secp  32
-      :*  p=0xffff.ffff.ffff.ffff.ffff.ffff.ffff.ffff.  ::  modulo
-              ffff.ffff.ffff.ffff.ffff.fffe.ffff.fc2f
-          a=0                                           ::  y^2=x^3+ax+b
-          b=7
-          ^=  g                                         ::  "prime" point
-          :*  x=0x79be.667e.f9dc.bbac.55a0.6295.ce87.0b07.
-                  029b.fcdb.2dce.28d9.59f2.815b.16f8.1798
-              y=0x483a.da77.26a3.c465.5da4.fbfc.0e11.08a8.
-                  fd17.b448.a685.5419.9c47.d08f.fb10.d4b8
-          ==
-          n=0xffff.ffff.ffff.ffff.ffff.ffff.ffff.fffe.  ::  prime order of g
-              baae.dce6.af48.a03b.bfd2.5e8c.d036.4141
+    +=  jacobian   [x=@ y=@ z=@]                    ::  jacobian point
+    +=  point      [x=@ y=@]                        ::  curve point
+    +=  domain
+      $:  p=@                                       ::  prime modulo
+          a=@                                       ::  y^2=x^3+ax+b
+          b=@                                       ::
+          g=point                                   ::  base point
+          n=@                                       ::  prime order of g
       ==
-    ::
     ++  secp
-      ~/  %secp
-      |=  [w=@ p=@ a=@ b=@ g=pont n=@]  :: being passed in from above
-      =/  p  ~(. fo p)
-      =/  n  ~(. fo n)
-      ~%  %helper  ..$  ~
-      |%
+      |_  [bytes=@ =domain]
+      ++  field-p  ~(. fo p.domain)
+      ++  field-n  ~(. fo n.domain)
       ++  compress-point
-        ~/  %compress-point
-        |=  pont
+        |=  =point
         ^-  @
-        (can 3 ~[w^x 1^(add 0x2 (cut 0 [0 1] y))])
-      ::
-      ++  serialize-point
-        ~/  %serialize-point
-        |=  pont
-        ^-  @
-        (can 3 ~[w^y w^x 1^0x4])
-      ::
-      ++  decompress-point
-        ~/  %decompress-point
-        |=  dat=@
-        ^-  pont
-        =+  x=(end 3 w a)
-        =+  y=:(add (pow x 3) (mul a x) b)
-        =+  s=(rsh 3 32 dat)
-        :-  x
-        ?:  =(0x2 s)  y
-        ?:  =(0x3 s)  y
-        ~|  [`@ux`s `@ux`dat]
-        !!
-      ::
-      ++  priv-to-pub                                   ::  get pub from priv
-        ~/  %priv-to-pub
-        |=  prv=@
-        ^-  pont
-        (jc-mul g prv)
-      ::
-      ++  make-k                                        ::  deterministic nonce
-        ~/  %make-k
-        =,  mimes:html
-        |=  [has=@uvI prv=@]
-        ^-  @
-        =*  hmc  hmac-sha256l:hmac
-        =/  v  (fil 3 w 1)
-        =/  k  0
-        =.  k  (hmc w^k (as-octs (can 3 [w has] [w prv] [1 0x0] [w v] ~)))
-        =.  v  (hmc w^k w^v)
-        =.  k  (hmc w^k (as-octs (can 3 [w has] [w prv] [1 0x1] [w v] ~)))
-        =.  v  (hmc w^k w^v)
-        (hmc w^k w^v)
-      ::
-      ++  ecdsa-raw-sign                                ::  generate signature
-        ~/  %ecdsa-raw-sign
-        |=  [has=@uvI prv=@]
-        ^-  [v=@ r=@ s=@]
-        =/  z  has
-        =/  k  (make-k has prv)
-        =+  [r y]=(jc-mul g k)
-        =/  s  (pro.n `@`(inv.n k) `@`(sum.n z (mul r prv)))
-        =/  big-s  (gte (mul 2 s) ^n)
-        :*  v=(mix (end 0 1 y) ?:(big-s 1 0))
-            r=r
-            s=?.(big-s s (sub ^n s))
+        %+  can  3
+        :~  [bytes x.point]
+            [1 (add 2 (cut 0 [0 1] y.point))]
         ==
       ::
-      ++  ecdsa-raw-recover                             ::  get pubkey from sig
-        ~/  %ecdsa-raw-recover
-        |=  [has=@uvI sig=[v=@ r=@ s=@]]
-        ^-  pont
-        ?>  (lte v.sig 7)
-        =/  x  r.sig
-        =/  ysq  (sum.p b (exp.p 3 x))               ::  omits A=0
-        =/  bet  (exp.p (div +(^p) 4) ysq)
-        =/  y  ?:(=(1 (end 0 1 (mix v.sig bet))) bet (dif.p 0 bet))
-        ?>  =(0 (dif.p ysq (pro.p y y)))
-        ?<  =(0 (sit.n r.sig))
-        ?<  =(0 (sit.n s.sig))
-        =/  gz  (mul:jc [x y 1]:g (dif.n 0 has))
-        =/  xy  (mul:jc [x y 1] s.sig)
-        =/  qr  (add:jc gz xy)
-        (from:jc (mul:jc qr (inv.n r.sig)))
+      ++  serialize-point
+        |=  =point
+        ^-  @
+        %+  can  3
+        :~  [bytes y.point]
+            [bytes x.point]
+            [1 4]
+        ==
       ::
-      ++  jc-mul                                        ::  point x scalar
-        |=  [a=pont n=@]
-        ^-  pont
-        (from:jc (mul:jc (into:jc a) n))
+      ++  decompress-point
+        |=  compressed=@
+        ^-  point
+        =/  x=@  (end 3 bytes compressed)
+        ?>  =(3 (mod p.domain 4))
+        =/  fop  field-p
+        =+  [fadd fmul fpow]=[sum.fop pro.fop exp.fop]
+        =/  y=@  %+  fpow  (rsh 0 2 +(p.domain))
+                 %+  fadd  b.domain
+                 %+  fadd  (fpow 3 x)
+                (fmul a.domain x)
+        =/  s=@  (rsh 3 bytes compressed)
+        ~|  [`@ux`s `@ux`compressed]
+        ?>  |(=(2 s) =(3 s))
+        ::  check parity
+        ::
+        =?  y  !=((sub s 2) (mod y 2))
+          (sub p.domain y)
+        [x y]
       ::
-      ++  jc-add                                        ::  add points
-        |=  [a=pont b=pont]
-        ^-  pont
-        (from:jc (add:jc (into:jc a) (into:jc b)))
-      ::
-      ++  jc                                            ::  jacobian core
+      ++  jc                                        ::  jacobian math
         |%
-        ++  add                                         ::  addition
-          |=  [a=jaco b=jaco]
-          ^-  jaco
+        ++  from
+          |=  a=jacobian
+          ^-  point
+          =/  fop   field-p
+          =+  [fmul fpow finv]=[pro.fop exp.fop inv.fop]
+          =/  z  (finv z.a)
+          :-  (fmul x.a (fpow 2 z))
+          (fmul y.a (fpow 3 z))
+        ::
+        ++  into
+          |=  point
+          ^-  jacobian
+          [x y 1]
+        ::
+        ++  double
+          |=  jacobian
+          ^-  jacobian
+          ?:  =(0 y)  [0 0 0]
+          =/  fop  field-p
+          =+  [fadd fsub fmul fpow]=[sum.fop dif.fop pro.fop exp.fop]
+          =/  s    :(fmul 4 x (fpow 2 y))
+          =/  m    %+  fadd
+                     (fmul 3 (fpow 2 x))
+                   (fmul a.domain (fpow 4 z))
+          =/  nx   %+  fsub
+                     (fpow 2 m)
+                   (fmul 2 s)
+          =/  ny  %+  fsub
+                    (fmul m (fsub s nx))
+                  (fmul 8 (fpow 4 y))
+          =/  nz  :(fmul 2 y z)
+          [nx ny nz]
+        ::
+        ++  add
+          |=  [a=jacobian b=jacobian]
+          ^-  jacobian
           ?:  =(0 y.a)  b
           ?:  =(0 y.b)  a
-          =/  u1  :(pro.p x.a z.b z.b)
-          =/  u2  :(pro.p x.b z.a z.a)
-          =/  s1  :(pro.p y.a z.b z.b z.b)
-          =/  s2  :(pro.p y.b z.a z.a z.a)
+          =/  fop  field-p
+          =+  [fadd fsub fmul fpow]=[sum.fop dif.fop pro.fop exp.fop]
+          =/  u1  :(fmul x.a z.b z.b)
+          =/  u2  :(fmul x.b z.a z.a)
+          =/  s1  :(fmul y.a z.b z.b z.b)
+          =/  s2  :(fmul y.b z.a z.a z.a)
           ?:  =(u1 u2)
             ?.  =(s1 s2)
               [0 0 1]
-            (dub a)
-          =/  h  (dif.p u2 u1)
-          =/  r  (dif.p s2 s1)
-          =/  h2  (pro.p h h)
-          =/  h3  (pro.p h2 h)
-          =/  u1h2  (pro.p u1 h2)
-          =/  nx  (dif.p (pro.p r r) :(sum.p h3 u1h2 u1h2))
-          =/  ny  (dif.p (pro.p r (dif.p u1h2 nx)) (pro.p s1 h3))
-          =/  nz  :(pro.p h z.a z.b)
+            (double a)
+          =/  h     (fsub u2 u1)
+          =/  r     (fsub s2 s1)
+          =/  h2    (fmul h h)
+          =/  h3    (fmul h2 h)
+          =/  u1h2  (fmul u1 h2)
+          =/  nx    %+  fsub
+                      (fmul r r)
+                    :(fadd h3 u1h2 u1h2)
+          =/  ny    %+  fsub
+                      (fmul r (fsub u1h2 nx))
+                    (fmul s1 h3)
+          =/  nz    :(fmul h z.a z.b)
           [nx ny nz]
         ::
-        ++  dub                                         ::  double
-          |=  a=jaco
-          ^-  jaco
-          ?:  =(0 y.a)
-            [0 0 0]
-          =/  ysq  (pro.p y.a y.a)
-          =/  s  :(pro.p 4 x.a ysq)
-          =/  m  :(pro.p 3 x.a x.a)                     ::  omits A=0
-          =/  nx  (dif.p (pro.p m m) (sum.p s s))
-          =/  ny  (dif.p (pro.p m (dif.p s nx)) :(pro.p 8 ysq ysq))
-          =/  nz  :(pro.p 2 y.a z.a)
-          [nx ny nz]
-        ::
-        ++  mul                                         :: jaco x scalar
-          |=  [a=jaco n=@]
-          ^-  jaco
+        ++  mul
+          |=  [a=jacobian scalar=@]
+          ^-  jacobian
           ?:  =(0 y.a)
             [0 0 1]
-          ?:  =(0 n)
+          ?:  =(0 scalar)
             [0 0 1]
-          ?:  =(1 n)
+          ?:  =(1 scalar)
             a
-          ?:  (gte n ^^n)
-            $(n (mod n ^^n))
-          ?:  =(0 (mod n 2))
-            (dub $(n (div n 2)))
-          (add a (dub $(n (div n 2))))
-        ::
-        ++  from                                        :: jaco -> point
-          |=  a=jaco
-          ^-  pont
-          =/  z  (inv.p z.a)
-          [:(pro.p x.a z z) :(pro.p y.a z z z)]
-        ::
-        ++  into                                        :: point -> jaco
-          |=  pont
-          ^-  jaco
-          [x y z=1]
+          ?:  (gte scalar n.domain)
+            $(scalar (mod scalar n.domain))
+          ?:  =(0 (mod scalar 2))
+            (double $(scalar (rsh 0 1 scalar)))
+          (add a (double $(scalar (rsh 0 1 scalar))))
         --
+      ++  add-points
+        |=  [a=point b=point]
+        ^-  point
+        =/  j  jc
+        (from.j (add.j (into.j a) (into.j b)))
+      ++  mul-point-scalar
+        |=  [p=point scalar=@]
+        ^-  point
+        =/  j  jc
+        %-  from.j
+        %+  mul.j
+          (into.j p)
+        scalar
+      ::
+      ++  valid-hash
+        |=  has=@
+        (lte (met 3 has) bytes)
+      ::
+      ++  in-order
+        |=  i=@
+        ?&  (gth i 0)
+            (lth i n.domain)
+        ==
+      ++  priv-to-pub
+        |=  private-key=@
+        ^-  point
+        ?>  (in-order private-key)
+        (mul-point-scalar g.domain private-key)
+      ::
+      ++  make-k
+        |=  [hash=@ private-key=@]
+        ^-  @
+        ?>  (in-order private-key)
+        ?>  (valid-hash hash)
+        =/  v  (fil 3 bytes 1)
+        =/  k  0
+        =.  k  %+  hmc  [bytes k]
+               %-  as-octs
+               %+  can  3
+               :~  [bytes hash]
+                   [bytes private-key]
+                   [1 0]
+                   [bytes v]
+               ==
+        =.  v  (hmc bytes^k bytes^v)
+        =.  k  %+  hmc  [bytes k]
+               %-  as-octs
+               %+  can  3
+               :~  [bytes hash]
+                   [bytes private-key]
+                   [1 1]
+                   [bytes v]
+               ==
+        =.  v  (hmc bytes^k bytes^v)
+        (hmc bytes^k bytes^v)
+      ::
+      ++  ecdsa-raw-sign
+        |=  [hash=@ private-key=@]
+        ^-  [r=@ s=@ y=@]
+        ::  make-k and priv-to pub will validate inputs
+        =/  k   (make-k hash private-key)
+        =/  rp  (priv-to-pub k)
+        =*  r   x.rp
+        ?<  =(0 r)
+        =/  fon  field-n
+        =+  [fadd fmul finv]=[sum.fon pro.fon inv.fon]
+        =/  s  %+  fmul  (finv k)
+               %+  fadd  hash
+               %+  fmul  r
+               private-key
+        ?<  =(0 s)
+        [r s y.rp]
+      ::  general recovery omitted, but possible
+      --
+    ++  secp256k1
+      ~%  %secp256k1  +  ~
+      |%
+      ++  t  :: in the battery for jet matching
+        ^-  domain
+        :*  0xffff.ffff.ffff.ffff.ffff.ffff.ffff.ffff.
+            ffff.ffff.ffff.ffff.ffff.fffe.ffff.fc2f
+            0
+            7
+            :-  0x79be.667e.f9dc.bbac.55a0.6295.ce87.0b07.
+                  029b.fcdb.2dce.28d9.59f2.815b.16f8.1798
+                0x483a.da77.26a3.c465.5da4.fbfc.0e11.08a8.
+                  fd17.b448.a685.5419.9c47.d08f.fb10.d4b8
+            0xffff.ffff.ffff.ffff.ffff.ffff.ffff.fffe.
+              baae.dce6.af48.a03b.bfd2.5e8c.d036.4141
+        ==
+      ::
+      ++  curve             ~(. secp 32 t)
+      ++  serialize-point   serialize-point:curve
+      ++  compress-point    compress-point:curve
+      ++  decompress-point  decompress-point:curve
+      ++  add-points        add-points:curve
+      ++  mul-point-scalar  mul-point-scalar:curve
+      ++  make-k
+        ~/  %make
+        |=  [hash=@uvI private-key=@]
+        ::  checks sizes
+        (make-k:curve hash private-key)
+      ++  priv-to-pub
+        |=  private-key=@
+        ::  checks sizes
+        (priv-to-pub:curve private-key)
+      ::
+      ++  ecdsa-raw-sign
+        ~/  %sign
+        |=  [hash=@uvI private-key=@]
+        ^-  [v=@ r=@ s=@]
+        =/  c  curve
+        ::  raw-sign checks sizes
+        =+  (ecdsa-raw-sign.c hash private-key)
+        =/  rp=point  [r y]
+        =/  s-high  (gte (mul 2 s) n.domain.c)
+        =?  s   s-high
+          (sub n.domain.c s)
+        =?  rp  s-high
+          [x.rp (sub p.domain.c y.rp)]
+        =/  v   (end 0 1 y.rp)
+        =?  v   (gte x.rp n.domain.c)
+          (add v 2)
+        [v x.rp s]
+      ::
+      ++  ecdsa-raw-recover
+        ~/  %reco
+        |=  [hash=@ sig=[v=@ r=@ s=@]]
+        ^-  point
+        ?>  (lte v.sig 3)
+        =/  c   curve
+        ?>  (valid-hash.c hash)
+        ?>  (in-order.c r.sig)
+        ?>  (in-order.c s.sig)
+        =/  x  ?:  (gte v.sig 2)
+                 (add r.sig n.domain.c)
+               r.sig
+        =/  fop  field-p.c
+        =+  [fadd fmul fpow]=[sum.fop pro.fop exp.fop]
+        =/  ysq   (fadd (fpow 3 x) b.domain.c)
+        =/  beta  (fpow (rsh 0 2 +(p.domain.c)) ysq)
+        =/  y  ?:  =((end 0 1 v.sig) (end 0 1 beta))
+                 beta
+               (sub p.domain.c beta)
+        ?>  =(0 (dif.fop ysq (fmul y y)))
+        =/  nz   (sub n.domain.c hash)
+        =/  j    jc.c
+        =/  gz   (mul.j (into.j g.domain.c) nz)
+        =/  xy   (mul.j (into.j x y) s.sig)
+        =/  qr   (add.j gz xy)
+        =/  qj   (mul.j qr (inv:field-n.c x))
+        =/  pub  (from.j qj)
+        ?<  =([0 0] pub)
+        pub
       --
     --
   ::
@@ -7902,7 +8013,7 @@
       ::  #  constants
       ::
       ::  contract addresses
-      ++  contracts  mainnet-contracts
+      ++  contracts  ropsten-contracts
       ++  mainnet-contracts
         |%
         ::  azimuth: data contract

pkg/arvo/tests/sys/zuse/crypto/secp256k1.hoon

@@ -0,0 +1,119 @@
+::  tests for secp256k1 elliptic curve cryptography
+::
+/+  *test
+=/  ecc  secp256k1:secp:crypto
+|%
+::  from libsecp256k1 src/modules/recovery/tests_impl.h
+::  there are more tests there, ports would be welcome
+++  test-ecdsa-recovery-end-to-end
+  =/  util
+    =/  eny=@  'ecdsa recovery test "entropy"'
+    =/  rnd  ~(. og eny)
+    =/  dom  t.ecc
+    |%
+    ++  random-scalar-order
+      =*  core  .
+      =^  z  rnd  (rads:rnd (dec n.dom))
+      [`@`.+(z) core]
+    --
+  ::  generate a random key and message
+  %+  category  "random"
+  %-  zing
+  =|  [i=@ out=(list tang)]
+  |-  ^+  out
+  ?:  =(i 64)  out
+  =^  message  util  random-scalar-order:util
+  =^  privkey  util  random-scalar-order:util
+  =/  pubkey   (priv-to-pub.ecc privkey)
+  =/  msghash  (shax (shax message))
+  =/  sig      (ecdsa-raw-sign.ecc msghash privkey)
+  =/  reckey   (ecdsa-raw-recover.ecc msghash sig)
+  %=  $
+    i    .+(i)
+    out  :_  out
+         %+  expect-eq
+           !>  pubkey
+           !>  reckey
+  ==
+  ::
+++  test-ecdsa-recovery-edge-cases
+  =<  %+  category  "edge cases"
+     (zing ~[t1 t2 t3 t4 t5])
+  =/  msg32=@  '...egassem terces yrev a si sihT'
+  =/  r=@ux    0x67cb.285f.9cd1.94e8.
+                 40d6.2939.7af5.5696.
+                 62fd.e446.4999.5963.
+                 179a.7dd1.7bd2.3532
+  =/  s=@ux    0x4b1b.7df3.4ce1.f68e.
+                 694f.f6f1.1ac7.51dd.
+                 7dd7.3e38.7ee4.fc86.
+                 6e1b.e8ec.c7dd.9557
+  =/  r   %+  turn  (gulf 0 3)
+          |=  v=@
+          (mule |.((ecdsa-raw-recover.ecc msg32 v r s)))
+  =/  t1  %+  expect-eq
+            !>  %.n
+            !>  -.&1.r
+  =/  t3  %+  expect-eq
+            !>  %.n
+            !>  -.&3.r
+  =/  t4  %+  expect-eq
+            !>  %.n
+            !>  -.&4.r
+  =/  t2  %+  expect-eq
+            !>  :+  %.y
+                  0x8687.4a6b.24a7.5462.
+                    7116.560e.7ae1.5cd6.
+                    9eb3.3e73.b4d8.c810.
+                    33b2.7c2f.a9cf.5d1c
+                  0xe13f.19fa.8dea.0d1a.
+                    e3e8.4c91.146c.3386.
+                    8f87.730e.31bb.486e.
+                    b370.05d1.40cc.7a55
+            !>  &2.r
+  ::  (4,4) should recover with all 4 recids
+  :_  .
+  ^=  t5
+  %-  expect-eq  :_
+    !>  %+  turn  (gulf 0 3)
+        |=  v=@
+        (mule |.((ecdsa-raw-recover.ecc msg32 v 4 4)))
+    !>
+    :~  :+  %.y
+           0x8a3d.70c0.4104.68e4.
+             5739.39af.01b9.9ea7.
+             b206.4910.6d55.acf9.
+             f558.eba2.8ed5.9a2e
+           0x77eb.58dd.36ed.385b.
+             3dcf.e7d3.62c8.16f3.
+             7d3b.ef3e.4a34.94b8.
+             6fcc.8357.5184.9329
+         :+  %.y
+           0x3e99.0254.a50d.6599.
+             26c9.28ef.8b54.181e.
+             e67e.27ff.bf63.eb69.
+             294b.9ab6.d27b.a225
+           0xa898.847e.931e.9b10.
+             2c0f.9b0f.9597.07ba.
+             f9b8.5e93.6425.fc72.
+             e80c.a868.e535.dfb4
+         :+  %.y
+           0x7e15.24fa.06ba.fd6e.
+             b9c0.2f27.9e13.1314.
+             be93.0570.0fc6.9e80.
+             d54d.29ab.3606.3f23
+           0x3f86.a967.33e7.723d.
+             fdde.4e03.382d.8c45.
+             3493.fa88.9050.5ba5.
+             cfc4.0a8b.226b.1b00
+         :+  %.y
+           0xb337.c9b7.4ca9.9ea9.
+             63c6.560d.2558.cdf0.
+             9c73.0120.8409.649a.
+             8a6d.1fb1.0e1c.b946
+           0x11df.5391.ee11.6de0.
+             a722.bc0f.be5f.6575.
+             3d07.03a9.9925.0581.
+             f7de.cd5e.f0f4.f809
+    ==
+--

pkg/urbit/include/noun/zave.h

@@ -18,6 +18,7 @@
       u3_noun u3z_key_2(c3_m, u3_noun, u3_noun);
       u3_noun u3z_key_3(c3_m, u3_noun, u3_noun, u3_noun);
       u3_noun u3z_key_4(c3_m, u3_noun, u3_noun, u3_noun, u3_noun);
+      u3_noun u3z_key_5(c3_m, u3_noun, u3_noun, u3_noun, u3_noun, u3_noun);
 
     /* u3z_find*(): find in memo cache. Arguments retained
     */

pkg/urbit/jets/f/ut_crop.c

@@ -6,16 +6,18 @@
 u3_noun
 u3wfu_crop(u3_noun cor)
 {
-  u3_noun sut, ref, van;
+  u3_noun bat, sut, ref, van;
 
-  if ( (c3n == u3r_mean(cor, u3x_sam, &ref, u3x_con, &van, 0)) ||
-       (u3_none == (sut = u3r_at(u3x_sam, van))) )
+  if (  (c3n == u3r_mean(cor, u3x_sam, &ref, u3x_con, &van, 0))
+     || (u3_none == (bat = u3r_at(u3x_bat, van)))
+     || (u3_none == (sut = u3r_at(u3x_sam, van))) )
   {
     return u3m_bail(c3__fail);
   }
   else {
-    c3_m  fun_m = 141 + c3__crop + ((!!u3r_at(u3qfu_van_vet, van)) << 8);
-    u3_noun key = u3z_key_2(fun_m, sut, ref);
+    u3_weak vet = u3r_at(u3qfu_van_vet, van);
+    c3_m  fun_m = 141 + c3__crop + ((!!vet) << 8);
+    u3_noun key = u3z_key_3(fun_m, sut, ref, bat);
     u3_weak pro = u3z_find(key);
 
     if ( u3_none != pro ) {

pkg/urbit/jets/f/ut_fish.c

@@ -6,17 +6,19 @@
 u3_noun
 u3wfu_fish(u3_noun cor)
 {
-  u3_noun sut, axe, van;
+  u3_noun bat, sut, axe, van;
 
-  if ( (c3n == u3r_mean(cor, u3x_sam, &axe, u3x_con, &van, 0)) ||
-       (c3n == u3ud(axe)) ||
-       (u3_none == (sut = u3r_at(u3x_sam, van))) )
+  if (  (c3n == u3r_mean(cor, u3x_sam, &axe, u3x_con, &van, 0))
+     || (c3n == u3ud(axe))
+     || (u3_none == (bat = u3r_at(u3x_bat, van)))
+     || (u3_none == (sut = u3r_at(u3x_sam, van))) )
   {
     return u3m_bail(c3__fail);
   }
   else {
-    c3_m  fun_m = 141 + c3__fish + ((!!u3r_at(u3qfu_van_vet, van)) << 8);
-    u3_noun key = u3z_key_2(fun_m, sut, axe);
+    u3_weak vet = u3r_at(u3qfu_van_vet, van);
+    c3_m  fun_m = 141 + c3__fish + ((!!vet) << 8);
+    u3_noun key = u3z_key_3(fun_m, sut, axe, bat);
     u3_weak pro = u3z_find(key);
 
     if ( u3_none != pro ) {

pkg/urbit/jets/f/ut_fuse.c

@@ -6,16 +6,18 @@
 u3_noun
 u3wfu_fuse(u3_noun cor)
 {
-  u3_noun sut, ref, van;
+  u3_noun bat, sut, ref, van;
 
-  if ( (c3n == u3r_mean(cor, u3x_sam, &ref, u3x_con, &van, 0)) ||
-       (u3_none == (sut = u3r_at(u3x_sam, van))) )
+  if (  (c3n == u3r_mean(cor, u3x_sam, &ref, u3x_con, &van, 0))
+     || (u3_none == (bat = u3r_at(u3x_bat, van)))
+     || (u3_none == (sut = u3r_at(u3x_sam, van))) )
   {
     return u3m_bail(c3__fail);
   }
   else {
-    c3_m  fun_m = 141 + c3__fuse + ((!!u3r_at(u3qfu_van_vet, van)) << 8);
-    u3_noun key = u3z_key_2(fun_m, sut, ref);
+    u3_weak vet = u3r_at(u3qfu_van_vet, van);
+    c3_m  fun_m = 141 + c3__fuse + ((!!vet) << 8);
+    u3_noun key = u3z_key_3(fun_m, sut, ref, bat);
     u3_weak pro = u3z_find(key);
 
     if ( u3_none != pro ) {

pkg/urbit/jets/f/ut_mint.c

@@ -6,20 +6,20 @@
 u3_noun
 u3wfu_mint(u3_noun cor)
 {
-  u3_noun sut, gol, gen, van;
+  u3_noun bat, sut, gol, gen, van;
 
-  if ( (c3n == u3r_mean(cor, u3x_sam_2, &gol,
-                             u3x_sam_3, &gen,
-                             u3x_con, &van,
-                             0)) ||
-       (u3_none == (sut = u3r_at(u3x_sam, van))) )
+  if (  (c3n == u3r_mean(cor, u3x_sam_2, &gol,
+                              u3x_sam_3, &gen,
+                              u3x_con, &van, 0))
+     || (u3_none == (bat = u3r_at(u3x_bat, van)))
+     || (u3_none == (sut = u3r_at(u3x_sam, van))) )
   {
     return u3m_bail(c3__fail);
   }
   else {
     c3_m  fun_m = 141 + c3__mint;
     u3_noun vrf = u3r_at(u3qfu_van_vrf, van);
-    u3_noun key = u3z_key_4(fun_m, vrf, sut, gol, gen);
+    u3_noun key = u3z_key_5(fun_m, vrf, sut, gol, gen, bat);
     u3_weak pro = u3z_find(key);
 
     if ( u3_none != pro ) {

pkg/urbit/jets/f/ut_mull.c

@@ -6,20 +6,21 @@
 u3_noun
 u3wfu_mull(u3_noun cor)
 {
-  u3_noun sut, gol, dox, gen, van;
+  u3_noun bat, sut, gol, dox, gen, van;
 
-  if ( (c3n == u3r_mean(cor, u3x_sam_2, &gol,
-                             u3x_sam_6, &dox,
-                             u3x_sam_7, &gen,
-                             u3x_con, &van,
-                             0)) ||
-       (u3_none == (sut = u3r_at(u3x_sam, van))) )
+  if (  (c3n == u3r_mean(cor, u3x_sam_2, &gol,
+                              u3x_sam_6, &dox,
+                              u3x_sam_7, &gen,
+                              u3x_con, &van, 0))
+     || (u3_none == (bat = u3r_at(u3x_bat, van)))
+     || (u3_none == (sut = u3r_at(u3x_sam, van))) )
   {
     return u3m_bail(c3__fail);
   }
   else {
-    c3_m  fun_m = 141 + c3__mull + ((!!u3r_at(u3qfu_van_vet, van)) << 8);
-    u3_noun key = u3z_key_4(fun_m, sut, gol, dox, gen);
+    u3_weak vet = u3r_at(u3qfu_van_vet, van);
+    c3_m  fun_m = 141 + c3__mull + ((!!vet) << 8);
+    u3_noun key = u3z_key_5(fun_m, sut, gol, dox, gen, bat);
     u3_weak pro = u3z_find(key);
 
     if ( u3_none != pro ) {

pkg/urbit/jets/f/ut_nest.c

@@ -7,24 +7,24 @@ u3_noun
 u3wfu_nest_dext(u3_noun dext_core)
 {
   u3_noun nest_in_core, nest_core;
-  u3_noun sut, ref, van, seg, reg, gil;
+  u3_noun bat, sut, ref, van, seg, reg, gil;
 
-  if ( (u3_none == (nest_in_core = u3r_at(3, dext_core))) ||
-       (c3n == u3r_mean(nest_in_core, u3x_sam_2, &seg,
-                                      u3x_sam_6, &reg,
-                                      u3x_sam_7, &gil,
-                                      7, &nest_core,
-                                      0)) ||
-       (c3n == u3r_mean(nest_core, u3x_sam_3, &ref,
-                                   u3x_con, &van,
-                                   0)) ||
-       (u3_none == (sut = u3r_at(u3x_sam, van))) )
+  if (  (u3_none == (nest_in_core = u3r_at(3, dext_core)))
+     || (c3n == u3r_mean(nest_in_core, u3x_sam_2, &seg,
+                                       u3x_sam_6, &reg,
+                                       u3x_sam_7, &gil,
+                                       u3x_con, &nest_core, 0))
+     || (c3n == u3r_mean(nest_core, u3x_sam_3, &ref,
+                                    u3x_con, &van, 0))
+     || (u3_none == (bat = u3r_at(u3x_bat, van)))
+     || (u3_none == (sut = u3r_at(u3x_sam, van))) )
   {
     return u3m_bail(c3__fail);
   }
   else {
-    c3_m  fun_m = 141 + c3__dext + ((!!u3r_at(u3qfu_van_vet, van)) << 8);
-    u3_noun key = u3z_key_2(fun_m, sut, ref);
+    u3_weak vet = u3r_at(u3qfu_van_vet, van);
+    c3_m  fun_m = 141 + c3__dext + ((!!vet) << 8);
+    u3_noun key = u3z_key_3(fun_m, sut, ref, bat);
     u3_weak pro = u3z_find(key);
 
     if ( u3_none != pro ) {

pkg/urbit/jets/f/ut_rest.c

@@ -6,16 +6,18 @@
 u3_noun
 u3wfu_rest(u3_noun cor)
 {
-  u3_noun sut, leg, van;
+  u3_noun bat, sut, leg, van;
 
-  if ( (c3n == u3r_mean(cor, u3x_sam, &leg, u3x_con, &van, 0)) ||
-       (u3_none == (sut = u3r_at(u3x_sam, van))) )
+  if ( (c3n == u3r_mean(cor, u3x_sam, &leg, u3x_con, &van, 0))
+     || (u3_none == (bat = u3r_at(u3x_bat, van)))
+     || (u3_none == (sut = u3r_at(u3x_sam, van))) )
   {
     return u3m_bail(c3__fail);
   }
   else {
-    c3_m  fun_m = 141 + c3__rest + ((!!u3r_at(u3qfu_van_vet, van)) << 8);
-    u3_noun key = u3z_key_2(fun_m, sut, leg);
+    u3_weak vet = u3r_at(u3qfu_van_vet, van);
+    c3_m  fun_m = 141 + c3__rest + ((!!vet) << 8);
+    u3_noun key = u3z_key_3(fun_m, sut, leg, bat);
     u3_weak pro = u3z_find(key);
 
     if ( u3_none != pro ) {

pkg/urbit/jets/tree.c

@@ -342,49 +342,26 @@ static c3_c* _141_hex_argon_ha[] = {
   0
 };
 
-  static u3j_harm _141_hex_secp_make_a[] = {{".2", u3we_make, c3y}, {}};
-  static c3_c* _141_hex_secp_make_ha[] = {
-    "171cae298e8f73b6b77c72f957d9d7afd495ed1ca7d78fe9d5f869ea2203bada",
-    0
-  };
-  static u3j_harm _141_hex_secp_sign_a[] = {{".2", u3we_sign, c3y}, {}};
-  static c3_c* _141_hex_secp_sign_ha[] = {
-    "aac58cd537481d41fc4d941a7a0ed247552d64af6c9dce71e0d74c39384e2d60",
-    0
-  };
-  static u3j_harm _141_hex_secp_reco_a[] = {{".2", u3we_reco, c3y}, {}};
-  static c3_c* _141_hex_secp_reco_ha[] = {
-    "390d4cd3a04817b6436035a6fa77fe3008008afa164db732c8f4d5c52954fbee",
-    0
-  };
-static u3j_core _141_hex_secp_secp_helper_d[] =
-  { { "make-k",            7, _141_hex_secp_make_a, 0, _141_hex_secp_make_ha },
-    { "ecdsa-raw-sign",    7, _141_hex_secp_sign_a, 0, _141_hex_secp_sign_ha },
-    { "ecdsa-raw-recover", 7, _141_hex_secp_reco_a, 0, _141_hex_secp_reco_ha },
+static c3_c* _141_hex_secp_secp256k1_make_ha[] = { 0 };
+static u3j_harm _141_hex_secp_secp256k1_make_a[] = {{".2", u3we_make, c3y}, {}};
+static c3_c* _141_hex_secp_secp256k1_sign_ha[] = { 0 };
+static u3j_harm _141_hex_secp_secp256k1_sign_a[] = {{".2", u3we_sign, c3y}, {}};
+static c3_c* _141_hex_secp_secp256k1_reco_ha[] = { 0 };
+static u3j_harm _141_hex_secp_secp256k1_reco_a[] = {{".2", u3we_reco, c3y}, {}};
+
+static c3_c* _141_hex_secp_secp256k1_ha[] = { 0 };
+static u3j_core _141_hex_secp_secp256k1_d[] =
+  { { "make", 7, _141_hex_secp_secp256k1_make_a, 0, _141_hex_secp_secp256k1_make_ha },
+    { "sign", 7, _141_hex_secp_secp256k1_sign_a, 0, _141_hex_secp_secp256k1_sign_ha },
+    { "reco", 7, _141_hex_secp_secp256k1_reco_a, 0, _141_hex_secp_secp256k1_reco_ha },
     {}
   };
-static c3_c* _141_hex_secp_secp_helper_ha[] = {
-  "24175b141f1efc2e2de00c39a2b70cf3491f2b82371e0e15f63dfb6d2d86eac5",
-  0
-};
-
-static u3j_core _141_hex_secp_secp_d[] =
-  { { "helper", 15, 0, _141_hex_secp_secp_helper_d, _141_hex_secp_secp_helper_ha },
-    {}
-  };
-static c3_c* _141_hex_secp_secp_ha[] = {
-  "42f57966a293fdadbce8b0cc2108039f1f7fafe0b12f1fec52b2d1937a8347d7",
-  0
-};
 
+static c3_c* _141_hex_secp_ha[] = { 0 };
 static u3j_core _141_hex_secp_d[] =
-  { { "secp", 7, 0, _141_hex_secp_secp_d, _141_hex_secp_secp_ha },
+  { { "secp256k1", 3, 0, _141_hex_secp_secp256k1_d, _141_hex_secp_secp256k1_ha },
     {}
   };
-static c3_c* _141_hex_secp_ha[] = {
-  "e153a8c88f04bfed03dc882f560f912eaf3f5e3911f55dbb054519c2e1b4d778",
-  0
-};
 
   static u3j_harm _141_hex_blake2b_a[] = {{".2", u3we_blake, c3y}, {}};
   static c3_c* _141_hex_blake2b_ha[] = {
@@ -428,7 +405,7 @@ static u3j_core _141_hex_d[] =
   { "argon",  31, 0, _141_hex_argon_d, _141_hex_argon_ha },
   { "blake",  31, 0, _141_hex_blake_d, _141_hex_blake_ha },
   { "ripemd", 31, 0, _141_hex_ripe_d,  _141_hex_ripe_ha  },
-  { "secp",   31, 0, _141_hex_secp_d,  _141_hex_secp_ha  },
+  { "secp",    6, 0, _141_hex_secp_d, _141_hex_secp_ha },
   { "mimes",  31, 0, _141_hex_mimes_d, _141_hex_mimes_ha  },
   {}
 };

pkg/urbit/noun/manage.c

@@ -1215,6 +1215,32 @@ u3m_soft(c3_w    mil_w,
     //    XX produce specific error motes instead of %2?
     //
     if ( 0 == u3A->roc ) {
+
+      {
+        u3_noun tax = u3t(u3t(why));
+
+        u3m_p("mote", u3h(u3t(why)));
+
+        while ( u3_nul != tax ) {
+          u3_noun dat, mot, val;
+          u3x_cell(tax, &dat, &tax);
+
+          if ( c3y == u3r_cell(dat, &mot, &val) ) {
+            if ( c3__spot == mot ) {
+              u3m_p("tax", val);
+            }
+            else if (  (c3__mean == mot)
+                    && (c3y == u3a_is_atom(val)) )
+            {
+              u3m_p("men", val);
+            }
+            else {
+              u3m_p("mot", mot);
+            }
+          }
+        }
+      }
+
       u3z(why);
       return u3nc(c3__fail, u3_nul);
     }

pkg/urbit/noun/nock.c

@@ -475,22 +475,32 @@ _n_nock_on(u3_noun bus, u3_noun fol)
 #define SLIB 70
 #define SLIS 71
 #define SAVE 72
+// before formula
+#define HILB 73  //  atomic,    byte
+#define HILS 74  //  atomic,    short
+#define HINB 75  //  arbitrary, byte
+#define HINS 76  //  arbitrary, short
+// after formula
+#define HILK 77  //  atomic,    keep
+#define HILL 78  //  atomic,    lose
+#define HINK 79  //  arbitrary, keep
+#define HINL 80  //  arbitrary, lose
 // nock 10
-#define MUTH 73
-#define KUTH 74
-#define MUTT 75
-#define KUTT 76
-#define MUSM 77
-#define KUSM 78
-#define MUTB 79
-#define MUTS 80
-#define MITB 81
-#define MITS 82
-#define KUTB 83
-#define KUTS 84
-#define KITB 85
-#define KITS 86
-#define LAST 87
+#define MUTH 81
+#define KUTH 82
+#define MUTT 83
+#define KUTT 84
+#define MUSM 85
+#define KUSM 86
+#define MUTB 87
+#define MUTS 88
+#define MITB 89
+#define MITS 90
+#define KUTB 91
+#define KUTS 92
+#define KITB 93
+#define KITS 94
+#define LAST 95
 
 /* _n_arg(): return the size (in bytes) of an opcode's argument
  */
@@ -605,6 +615,7 @@ _n_melt(u3_noun ops, c3_w* byc_w, c3_w* cal_w,
         case SAST: case SALT: case KICS: case TICS:
         case FISK: case FISL: case SUSH: case SANS:
         case LISL: case LISK: case SKIS: case SLIS:
+        case HILS: case HINS:
           c3_assert(0); //overflows
           break;
 
@@ -625,6 +636,7 @@ _n_melt(u3_noun ops, c3_w* byc_w, c3_w* cal_w,
         case BUSH: case FIBK: case FIBL:
         case SANB: case LIBL: case LIBK:
         case KITB: case MITB:
+        case HILB: case HINB:
           a_w = (*lit_w)++;
           if ( a_w <= 0xFF ) {
             siz_y[i_w] = 2;
@@ -856,6 +868,7 @@ _n_prog_asm(u3_noun ops, u3n_prog* pog_u, u3_noun sip)
         case LIBK: case LIBL:
         case BUSH: case SANB:
         case KITB: case MITB:
+        case HILB: case HINB:
           _n_prog_asm_inx(buf_y, &i_w, lit_s, cod);
           pog_u->lit_u.non[lit_s++] = u3k(u3t(op));
           break;
@@ -963,6 +976,8 @@ static char* opcode_names[] = {
   "balt", "salt",
   "skib", "skis", "slib", "slis",
   "save",
+  "hilb", "hils", "hinb", "hins"
+  "hilk", "hill", "hink", "hinl"
   "muth", "kuth", "mutt", "kutt",
   "musm", "kusm",
   "mutb", "muts", "mitb", "mits",
@@ -995,21 +1010,64 @@ static c3_w _n_comp(u3_noun*, u3_noun, c3_o, c3_o);
 static c3_w
 _n_bint(u3_noun* ops, u3_noun hif, u3_noun nef, c3_o los_o, c3_o tel_o)
 {
+  c3_w tot_w = 0;
+
   if ( c3n == u3du(hif) ) {
-    // no currently recognized static hints
-    return _n_comp(ops, nef, los_o, tel_o);
+    //  compile whitelisted atomic hints to dispatch protocol;
+    //  compute and drop all others;
+    //
+    switch ( hif ) {
+      default: {
+        return _n_comp(ops, nef, los_o, tel_o);
+      }
+
+      //  no currently recognized static hints
+      //
+      case u3_none: {
+        u3_noun fen = u3_nul;
+        c3_w  nef_w = _n_comp(&fen, nef, los_o, tel_o);
+
+        //  HILB overflows to HILS
+        //
+        ++tot_w; _n_emit(ops, u3nc(HILB, u3nc(u3k(hif), u3k(nef))));
+        ++tot_w; _n_emit(ops, u3nc(SBIN, nef_w + 1));
+        tot_w += nef_w; _n_apen(ops, fen);
+        ++tot_w; _n_emit(ops, ( c3y == los_o ) ? HILL : HILK);
+      } break;
+    }
   }
   else {
-    c3_w tot_w = 0;
     u3_noun zep, hod;
     u3x_cell(hif, &zep, &hod);
 
     switch ( zep ) {
-      default:
-        tot_w += _n_comp(ops, hod, c3n, c3n);
-        ++tot_w; _n_emit(ops, TOSS);
-        tot_w += _n_comp(ops, nef, los_o, tel_o);
-        break;
+      default: {
+        //  compile whitelisted dynamic hints to dispatch protocol;
+        //  compute and drop all others;
+        //
+        switch ( zep ) {
+          default: {
+            tot_w += _n_comp(ops, hod, c3n, c3n);
+            ++tot_w; _n_emit(ops, TOSS);
+            tot_w += _n_comp(ops, nef, los_o, tel_o);
+          } break;
+
+          //  no currently recognized dynamic hints
+          //
+          case u3_none: {
+            u3_noun fen = u3_nul;
+            c3_w  nef_w = _n_comp(&fen, nef, los_o, tel_o);
+
+            tot_w += _n_comp(ops, hod, c3n, c3n);
+            //  HINB overflows to HINS
+            //
+            ++tot_w; _n_emit(ops, u3nc(HINB, u3nc(u3k(zep), u3k(nef))));
+            ++tot_w; _n_emit(ops, u3nc(SBIN, nef_w + 1));
+            tot_w += nef_w; _n_apen(ops, fen);
+            ++tot_w; _n_emit(ops, ( c3y == los_o ) ? HINL : HINK);
+          } break;
+        }
+      } break;
 
       case c3__hunk:
       case c3__lose:
@@ -1062,8 +1120,9 @@ _n_bint(u3_noun* ops, u3_noun hif, u3_noun nef, c3_o los_o, c3_o tel_o)
         break;
       }
     }
-    return tot_w;
   }
+
+  return tot_w;
 }
 
 static c3_t
@@ -1485,6 +1544,19 @@ _n_rewo(c3_y* buf, c3_w* ip_w)
   return one | (two << 8) | (tre << 16) | (qua << 24);
 }
 
+/* _n_swap(): swap two items on the top of the stack, return pointer to top
+ */
+static inline u3_noun*
+_n_swap(c3_ys mov, c3_ys off)
+{
+  u3_noun* top = _n_peek(off);
+  u3_noun*  up = _n_peet(mov, off);
+  u3_noun  tmp = *up;
+  *up  = *top;
+  *top = tmp;
+  return top;
+}
+
 #ifdef VERBOSE_BYTECODE
 /* _n_print_byc(): print bytecode. used for debugging.
  */
@@ -1604,17 +1676,59 @@ u3n_find(u3_noun key, u3_noun fol)
   return pog_p;
 }
 
-/* _n_swap(): swap two items on the top of the stack, return pointer to top
- */
-static inline u3_noun*
-_n_swap(c3_ys mov, c3_ys off)
+/* _n_hilt_fore(): literal (atomic) dynamic hint, before formula evaluation.
+**            lit: hint atom. TRANSFER
+**            bus: subject. RETAIN
+**            out: token for _n_hilt_hind();
+**                 conventionally, [lit] or [lit data]. ~ if unused.
+**
+**                 any hints herein must be whitelisted in _n_burn().
+*/
+static c3_o
+_n_hilt_fore(u3_atom lit, u3_noun bus, u3_noun* out) // transfer, retain, n/a
 {
-  u3_noun* top = _n_peek(off);
-  u3_noun* up   = _n_peet(mov, off);
-  u3_noun  tmp  = *up;
-  *up  = *top;
-  *top = tmp;
-  return top;
+  u3z(lit);
+  *out = u3_nul;
+  return c3y;
+}
+
+/* _n_hilt_hind(): literal (atomic) dynamic hint, after formula evaluation.
+**            tok: token from _n_hilt_fore(). TRANSFER
+**            pro: product of formula evaluation. RETAIN
+*/
+static void
+_n_hilt_hind(u3_noun tok, u3_noun pro)  // transfer, retain
+{
+  c3_assert( u3_nul == tok );
+  u3z(tok);
+}
+
+/* _n_hint_fore(): arbitrary dynamic hint, before formula evaluation
+**            hin: [hint-atom, formula]. TRANSFER
+**            bus: subject. RETAIN
+**            clu: product of the hint-formula. TRANSFER
+**                 also, token for _n_hint_hind();
+**                 conventionally, [hint-atom] or [hint-atom data]. ~ if unused.
+**
+**                 any hints herein must be whitelisted in _n_burn().
+*/
+static c3_o
+_n_hint_fore(u3_cell hin, u3_noun bus, u3_noun* clu)
+{
+  u3z(hin); u3z(*clu);
+  *clu = u3_nul;
+  return c3y;
+}
+
+/* _n_hint_hind(): arbitrary dynamic hint, after formula evaluation.
+**            tok: token from _n_hint_fore(). TRANSFER
+**            pro: product of formula evaluation. RETAIN
+*/
+static void
+_n_hint_hind(u3_noun tok, u3_noun pro)
+{
+  c3_assert( u3_nul == tok );
+  u3z(tok);
 }
 
 /* _n_kick(): stop tracing noc and kick a u3j_site.
@@ -1680,6 +1794,8 @@ _n_burn(u3n_prog* pog_u, u3_noun bus, c3_ys mov, c3_ys off)
     &&do_balt, &&do_salt,
     &&do_skib, &&do_skis, &&do_slib, &&do_slis,
     &&do_save,
+    &&do_hilb, &&do_hils, &&do_hinb, &&do_hins,
+    &&do_hilk, &&do_hill, &&do_hink, &&do_hinl,
     &&do_muth, &&do_kuth, &&do_mutt, &&do_kutt,
     &&do_musm, &&do_kusm,
     &&do_mutb, &&do_muts, &&do_mitb, &&do_mits,
@@ -2270,6 +2386,67 @@ _n_burn(u3n_prog* pog_u, u3_noun bus, c3_ys mov, c3_ys off)
       u3z(o);
       BURN();
 
+    do_hilb:
+      x = pog[ip_w++];
+      goto hilt_fore_in;
+
+    do_hils:
+      x = _n_resh(pog, &ip_w);
+    hilt_fore_in:
+      x   = u3k(pog_u->lit_u.non[x]);
+      top = _n_peek(off);   // bus
+      x   = _n_hilt_fore(x, *top, &o);
+      _n_push(mov, off, o);
+      _n_swap(mov, off);    // bus
+      _n_push(mov, off, x); // shortcircuit if c3n
+      BURN();
+
+    do_hinb:
+      x = pog[ip_w++];
+      goto hint_fore_in;
+
+    do_hins:
+      x = _n_resh(pog, &ip_w);
+    hint_fore_in:               //  [clu bus]
+      x   = u3k(pog_u->lit_u.non[x]);
+      o   = _n_pep(mov, off);   //  [bus]
+      top = _n_peek(off);
+      x   = _n_hint_fore(x, *top, &o);
+      _n_push(mov, off, o);     //  [tok bus]
+      _n_swap(mov, off);        //  [bus tok]
+      _n_push(mov, off, x);     //  [kip bus tok]
+      BURN();
+
+    do_hilk:                    //  [pro bus tok]
+      x   = _n_pep(mov, off);   //  [bus tok]
+      _n_swap(mov, off);        //  [tok bus]
+      o   = _n_pep(mov, off);   //  [bus]
+      _n_push(mov, off, x);     //  [pro bus]
+      _n_hilt_hind(o, x);
+      BURN();
+
+    do_hill:                    //  [pro tok]
+      top = _n_swap(mov, off);  //  [tok pro]
+      o   = _n_pep(mov, off);   //  [pro]
+      top = _n_peek(off);
+      _n_hilt_hind(o, *top);
+      BURN();
+
+    do_hink:                    //  [pro bus tok]
+      x   = _n_pep(mov, off);   //  [bus tok]
+      _n_swap(mov, off);        //  [tok bus]
+      o   = _n_pep(mov, off);   //  [bus]
+      _n_push(mov, off, x);     //  [pro bus]
+      _n_hint_hind(o, x);
+      BURN();
+
+    do_hinl:                    //  [pro tok]
+      top = _n_swap(mov, off);  //  [tok pro]
+      o   = _n_pep(mov, off);   //  [pro]
+      top = _n_peek(off);
+      _n_hint_hind(o, *top);
+      BURN();
+
     do_kuth:
       x    = _n_pep(mov, off);
       top  = _n_swap(mov, off);

pkg/urbit/noun/zave.c

@@ -25,6 +25,11 @@ u3z_key_4(c3_m fun, u3_noun one, u3_noun two, u3_noun tri, u3_noun qua)
 {
   return u3nc(fun, u3nq(u3k(one), u3k(two), u3k(tri), u3k(qua)));
 }
+u3_noun
+u3z_key_5(c3_m fun, u3_noun one, u3_noun two, u3_noun tri, u3_noun qua, u3_noun qin)
+{
+  return u3nc(fun, u3nq(u3k(one), u3k(two), u3k(tri), u3nc(u3k(qua), u3k(qin))));
+}
 
 /* u3z_find(): find in memo cache.  Arguments retained.
 */