Support crypton >= 1.1.0: switch from memory to ram

[Copilot]

crypton 1.1.0 replaced its memory dependency with ram (a maintained fork with identical API/modules). This causes a GHC type error because memory:Data.ByteArray.ByteArrayAccess and ram:Data.ByteArray.ByteArrayAccess are distinct types across package boundaries, making hashUpdate calls fail to type-check.

Changes

• merkle-tree-incremental.cabal: memory >=0.18.0 → ram >=0.20.1; update crypton lower bound to >=1.1.0 (lib + test-suite)
• scls-format.cabal: memory → ram >=0.20.1
• mempack-scls.cabal: memory → ram >=0.20.1
• flake.lock: Updated hackage entry to 8b3d2dd4 (Hackage index state 2026-03-15T22:47:41Z) so Nix builds can resolve crypton >= 1.1.0 and ram >= 0.20.1; updated cips entry to the snapshot-update branch
• flake.nix: Updated cips input URL to github:tweag/CIPs/snapshot-update
• scls-cardano: Incorporated snapshots/v0 → snapshots/{mark,set,go}/v0 namespace split from main

No Haskell source changes required for the memory → ram migration — ram exposes the same Data.ByteArray module and API as memory.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Support: support crypton >= 1.1.0</issue_title>
<issue_description>Crypton changes API and does not builds. It would be nice to support newer versions.</issue_description>

<agent_instructions>You need to support a new version of crypton, in order to see the error you need can use image with ghc and cabal:

image ubuntu-24.04

install:
apt-get update
apt-get install -y --no-install-recommends gnupg ca-certificates dirmngr curl git software-properties-common libtinfo5
mkdir -p "$HOME/.ghcup/bin"
curl -sL https://downloads.haskell.org/ghcup/0.1.50.1/x86_64-linux-ghcup-0.1.50.1 > "$HOME/.ghcup/bin/ghcup"
chmod a+x "$HOME/.ghcup/bin/ghcup"
"$HOME/.ghcup/bin/ghcup" install cabal 3.16.0.0 || (cat "$HOME"/.ghcup/logs/. && false)
echo "CABAL=$HOME/.ghcup/bin/cabal-3.16.0.0 -vnormal+nowrap" >> "$GITHUB_ENV"

to see the problem or validate the solution run:

cabal install merke-tree-incremental

Error is:

Could not deduce ‘ram-0.21.1:Data.ByteArray.Types.ByteArrayAccess
b’
arising from a use of ‘hashUpdate’
from the context: (HashAlgorithm a, ByteArrayAccess b)
bound by the type signature for:
add :: forall a b.
(HashAlgorithm a, ByteArrayAccess b) =>
MerkleTreeState a -> b -> MerkleTreeState a
at src/Crypto/Hash/MerkleTree/Incremental.hs:(91,1)-(98,19)
Possible fix:
add (ram-0.21.1:Data.ByteArray.Types.ByteArrayAccess
b) to the context of
the type signature for:
add :: forall a b.
(HashAlgorithm a, ByteArrayAccess b) =>
MerkleTreeState a -> b -> MerkleTreeState a
• In the second argument of ‘(.)’, namely ‘hashUpdate leafHashInit’
In the second argument of ‘(.)’, namely
‘hashFinalize . hashUpdate leafHashInit’
In the expression:
addLeafHash state . hashFinalize . hashUpdate leafHashInit
|
100 | addLeafHash state . hashFinalize . hashUpdate leafHashInit</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes Support: support crypton >= 1.1.0 #253

---

💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

[qnikst]

@copilot Good cabal is working now, but not nix one, we need to update hackageNix in flake.lock as well

[Copilot]

@copilot Good cabal is working now, but not nix one, we need to update hackageNix in flake.lock as well

Updated in commit 2c24a69. The hackage entry in flake.lock now points to 8b3d2dd4cb9de9458bf041a2d5d1da438762bbad (Hackage index state 2026-03-15T22:47:41Z), which includes crypton >= 1.1.0 and ram >= 0.20.1. The narHash was taken from haskell.nix's own flake.lock to ensure correctness.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• cache.iog.io
  • Triggering command: /usr/bin/curl curl -sI --max-time 5 REDACTED (dns block)
• https://api.github.com/repos/input-output-hk/hackage.nix/commits/c426d3527d9db0c16c32aa27ba91996e4aa423c1
  • Triggering command: /usr/bin/curl curl -s --max-time 10 REDACTED (http block)
• https://api.github.com/repos/input-output-hk/hackage.nix/contents
  • Triggering command: /usr/bin/curl curl -sL REDACTED (http block)
• install.determinate.systems
  • Triggering command: /usr/bin/curl curl --connect-timeout 5 -s https://install.determinate.systems/nix (dns block)
• nixos.org
  • Triggering command: /usr/bin/curl curl -sI --max-time 5 REDACTED (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[qnikst]

Ok for me. But I think it's too early to merge as it's not supported by the cardano-ledger.

[qnikst]

@copilot rebase and resolve conflicts, please

[Copilot]

@copilot rebase and resolve conflicts, please

Done in 5ac3c3e. Incorporated the snapshots/v0 → snapshots/{mark,set,go}/v0 namespace split from main, updated the cips ref to snapshot-update across flake.nix, flake.lock, and .github/workflows/haskell-ci.yml, and resolved the crypton version conflict (keeping >=1.1.0 without the upper bound that main had added).