diff --git a/Cargo.lock b/Cargo.lock
index 7f04c65..fbc2a20 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -898,11 +898,9 @@ dependencies = [
  "julianday",
  "lazy_static",
  "lox",
+ "lox_utils",
  "rand 0.7.3",
- "serde",
- "serde-wasm-bindgen",
  "serde_json",
- "serde_with",
  "time 0.3.21",
  "wasm-bindgen",
  "zkp",
@@ -915,6 +913,7 @@ dependencies = [
  "lox",
  "serde",
  "serde_with",
+ "zkp",
 ]
 
 [[package]]
@@ -1524,17 +1523,6 @@ dependencies = [
  "serde_derive",
 ]
 
-[[package]]
-name = "serde-wasm-bindgen"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f3b143e2833c57ab9ad3ea280d21fd34e285a42837aeb0ee301f4f41890fa00e"
-dependencies = [
- "js-sys",
- "serde",
- "wasm-bindgen",
-]
-
 [[package]]
 name = "serde_bytes"
 version = "0.11.9"
diff --git a/crates/lox-utils/Cargo.toml b/crates/lox-utils/Cargo.toml
index 14a17cb..1ca76cf 100644
--- a/crates/lox-utils/Cargo.toml
+++ b/crates/lox-utils/Cargo.toml
@@ -15,6 +15,7 @@ repository = "https://gitlab.torproject.org/tpo/anti-censorship/lox.git/"
 lox = {path = "../lox-library", version = "0.1.0"}
 serde = "1"
 serde_with = "3.0.0"
+zkp = "0.8.0"
 
 
 [features]
@@ -22,5 +23,4 @@ full = []
 
 [package.metadata.docs.rs]
 all-features = true
-rustdoc-args = ["--cfg", "docsrs"]
-
+rustdoc-args = ["--cfg", "docsrs"]
\ No newline at end of file
diff --git a/crates/lox-utils/src/lib.rs b/crates/lox-utils/src/lib.rs
index f976794..3c759bc 100644
--- a/crates/lox-utils/src/lib.rs
+++ b/crates/lox-utils/src/lib.rs
@@ -1,7 +1,10 @@
+/*! A small util library for Lox credential helpers
+useful across many Lox crates
+*/
 use lox::bridge_table::{BridgeLine, ENC_BUCKET_BYTES};
 use lox::cred::{Invitation, Lox};
-use lox::proto;
 use lox::IssuerPubKey;
+use lox::{proto, scalar_u32};
 use serde::{Deserialize, Serialize};
 use serde_with::serde_as;
 
diff --git a/crates/lox-wasm/Cargo.toml b/crates/lox-wasm/Cargo.toml
index 1bd7f60..30e0dc2 100644
--- a/crates/lox-wasm/Cargo.toml
+++ b/crates/lox-wasm/Cargo.toml
@@ -13,12 +13,10 @@ crate-type = ["cdylib"]
 julianday = "1.2.0"
 lazy_static = "1.4.0"
 lox = { path = "../lox-library", version = "0.1.0" }
+lox_utils = { path = "../lox-utils", version = "0.1.0" }
 wasm-bindgen = "0.2"
 time = "0.3.21"
 serde_json = "1.0.87"
-serde = "1"
-serde_with = "3.0.0"
-serde-wasm-bindgen = "0.5.0"
 
 console_error_panic_hook = "0.1.7"
 js-sys = "0.3.61"
diff --git a/crates/lox-wasm/src/lib.rs b/crates/lox-wasm/src/lib.rs
index 57b56a4..5158a65 100644
--- a/crates/lox-wasm/src/lib.rs
+++ b/crates/lox-wasm/src/lib.rs
@@ -1,90 +1,17 @@
 use chrono::{Duration, Utc};
 use julianday::JulianDay;
-use lox::bridge_table::{from_scalar, BridgeLine, BridgeTable, ENC_BUCKET_BYTES};
+use lox::bridge_table::{from_scalar, BridgeTable};
 use lox::cred::{BucketReachability, Invitation, Lox, Migration};
 use lox::proto::{
     blockage_migration, check_blockage, issue_invite, level_up, migration, open_invite,
     redeem_invite, trust_promotion,
 };
-use lox::{scalar_u32, IssuerPubKey, OPENINV_LENGTH};
-use serde::{Deserialize, Serialize};
-use serde_with::serde_as;
+use lox::{scalar_u32, OPENINV_LENGTH};
 use std::array::TryFromSliceError;
 use std::panic;
 use wasm_bindgen::prelude::*;
 use zkp::ProofError;
 
-#[derive(Deserialize, Serialize)]
-struct OpenReqState {
-    request: open_invite::Request,
-    state: open_invite::State,
-}
-
-#[derive(Deserialize, Serialize)]
-struct TrustReqState {
-    request: trust_promotion::Request,
-    state: trust_promotion::State,
-}
-
-#[derive(Deserialize, Serialize)]
-struct MigReqState {
-    request: migration::Request,
-    state: migration::State,
-}
-
-#[derive(Deserialize, Serialize)]
-struct LevelupReqState {
-    request: level_up::Request,
-    state: level_up::State,
-}
-
-#[derive(Deserialize, Serialize)]
-struct IssueInviteReqState {
-    request: issue_invite::Request,
-    state: issue_invite::State,
-}
-
-#[derive(Deserialize, Serialize)]
-struct RedeemReqState {
-    request: redeem_invite::Request,
-    state: redeem_invite::State,
-}
-
-#[derive(Deserialize, Serialize)]
-struct CheckBlockageReqState {
-    request: check_blockage::Request,
-    state: check_blockage::State,
-}
-
-#[derive(Deserialize, Serialize)]
-struct BlockageMigReqState {
-    request: blockage_migration::Request,
-    state: blockage_migration::State,
-}
-
-#[derive(Debug, Deserialize, Serialize)]
-struct PubKeys {
-    lox_pub: IssuerPubKey,
-    migration_pub: IssuerPubKey,
-    migrationkey_pub: IssuerPubKey,
-    reachability_pub: IssuerPubKey,
-    invitation_pub: IssuerPubKey,
-}
-
-#[serde_as]
-#[derive(Serialize, Deserialize)]
-pub struct EncBridgeTable {
-    #[serde_as(as = "Vec<[_; ENC_BUCKET_BYTES]>")]
-    pub etable: Vec<[u8; ENC_BUCKET_BYTES]>,
-}
-
-#[derive(Debug, Deserialize, Serialize)]
-struct LoxCredential {
-    lox_credential: Lox,
-    bridgeline: Option<BridgeLine>,
-    invitation: Option<Invitation>,
-}
-
 fn today() -> u32 {
     let naive_now = Utc::now().date_naive();
     JulianDay::from(naive_now).inner().try_into().unwrap()
@@ -133,7 +60,7 @@ pub fn open_invite(invite: &[u8]) -> Result<String, JsValue> {
         Err(e) => return Err(JsValue::from(e.to_string())),
     };
     let (request, state) = open_invite::request(&token);
-    let req_state = OpenReqState { request, state };
+    let req_state = lox_utils::OpenReqState { request, state };
     unsafe {
         log(&format!(
             "Formatted open invite request: {}",
@@ -149,10 +76,10 @@ pub fn handle_new_lox_credential(
     open_lox_response: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let req_state: OpenReqState = serde_json::from_str(&open_lox_result).unwrap();
+    let req_state: lox_utils::OpenReqState = serde_json::from_str(&open_lox_result).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&open_lox_response).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let lox_cred = match open_invite::handle_response(
         deserialized_state,
         deserialized_response,
@@ -164,7 +91,7 @@ pub fn handle_new_lox_credential(
             return Err(JsValue::from(e.to_string()));
         }
     };
-    let lox_cred = LoxCredential {
+    let lox_cred = lox_utils::LoxCredential {
         lox_credential: lox_cred.0,
         bridgeline: Some(lox_cred.1),
         invitation: None,
@@ -184,8 +111,8 @@ pub fn handle_new_lox_credential(
 
 #[wasm_bindgen]
 pub fn trust_promotion(open_lox_cred: String, lox_pub: String) -> Result<String, JsValue> {
-    let lox_cred: LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let lox_cred: lox_utils::LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     // To test creation of the credential we need to advance the day to 30
     // in production this should just use the today() function
     log(&format!(
@@ -201,7 +128,7 @@ pub fn trust_promotion(open_lox_cred: String, lox_pub: String) -> Result<String,
                 return Err(JsValue::from(e.to_string()));
             }
         };
-    let req_state = TrustReqState {
+    let req_state = lox_utils::TrustReqState {
         request: tp_result.0,
         state: tp_result.1,
     };
@@ -219,7 +146,7 @@ pub fn handle_trust_promotion(
     trust_promo_request: String,
     trust_promo_response: String,
 ) -> Result<String, JsValue> {
-    let req_state: TrustReqState = serde_json::from_str(&trust_promo_request).unwrap();
+    let req_state: lox_utils::TrustReqState = serde_json::from_str(&trust_promo_request).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&trust_promo_response).unwrap();
     let migration_cred =
@@ -245,8 +172,8 @@ pub fn trust_migration(
     trust_promo_cred: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let lox_cred: LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let lox_cred: lox_utils::LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let mig_cred: Migration = serde_json::from_str(&trust_promo_cred).unwrap();
     let tm_result = match migration::request(
         &lox_cred.lox_credential,
@@ -260,7 +187,7 @@ pub fn trust_migration(
             return Err(JsValue::from(e.to_string()));
         }
     };
-    let req_state = MigReqState {
+    let req_state = lox_utils::MigReqState {
         request: tm_result.0,
         state: tm_result.1,
     };
@@ -279,8 +206,8 @@ pub fn handle_trust_migration(
     trust_migration_response: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
-    let req_state: MigReqState = serde_json::from_str(&trust_migration_request).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let req_state: lox_utils::MigReqState = serde_json::from_str(&trust_migration_request).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&trust_migration_response).unwrap();
     let level_one_cred = match migration::handle_response(
@@ -288,7 +215,7 @@ pub fn handle_trust_migration(
         deserialized_response,
         &pubkeys.lox_pub,
     ) {
-        Ok(level_1_cred) => LoxCredential {
+        Ok(level_1_cred) => lox_utils::LoxCredential {
             lox_credential: level_1_cred,
             bridgeline: None,
             invitation: None,
@@ -309,7 +236,7 @@ pub fn handle_trust_migration(
 
 fn generate_reachability_cred(lox_cred: &Lox, encrypted_table: String) -> BucketReachability {
     let (id, key) = from_scalar(lox_cred.bucket).unwrap();
-    let enc_buckets: EncBridgeTable = serde_json::from_str(&encrypted_table).unwrap();
+    let enc_buckets: lox_utils::EncBridgeTable = serde_json::from_str(&encrypted_table).unwrap();
     let bucket = BridgeTable::decrypt_bucket(id, &key, &enc_buckets.etable[id as usize]).unwrap();
     bucket.1.unwrap()
 }
@@ -320,8 +247,8 @@ pub fn level_up(
     encrypted_table: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let lox_cred: LoxCredential = serde_json::from_str(&level_one_cred).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let lox_cred: lox_utils::LoxCredential = serde_json::from_str(&level_one_cred).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let reach_cred = generate_reachability_cred(&lox_cred.lox_credential, encrypted_table);
 
     // To test level up of the credential we need to advance the day to the correct interval
@@ -350,7 +277,7 @@ pub fn level_up(
                 return Err(JsValue::from(e.to_string()));
             }
         };
-    let req_state = LevelupReqState {
+    let req_state = lox_utils::LevelupReqState {
         request: lu_result.0,
         state: lu_result.1,
     };
@@ -369,8 +296,8 @@ pub fn handle_level_up(
     levelup_response: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
-    let req_state: LevelupReqState = serde_json::from_str(&levelup_request).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let req_state: lox_utils::LevelupReqState = serde_json::from_str(&levelup_request).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&levelup_response).unwrap();
     let level_up_cred = match level_up::handle_response(
@@ -378,7 +305,7 @@ pub fn handle_level_up(
         deserialized_response,
         &pubkeys.lox_pub,
     ) {
-        Ok(level_up_cred) => LoxCredential {
+        Ok(level_up_cred) => lox_utils::LoxCredential {
             lox_credential: level_up_cred,
             bridgeline: None,
             invitation: None,
@@ -403,8 +330,8 @@ pub fn issue_invite(
     encrypted_table: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let lox_cred: LoxCredential = serde_json::from_str(&trusted_cred).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let lox_cred: lox_utils::LoxCredential = serde_json::from_str(&trusted_cred).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let reach_cred = generate_reachability_cred(&lox_cred.lox_credential, encrypted_table);
 
     let issue_result = match issue_invite::request(
@@ -420,7 +347,7 @@ pub fn issue_invite(
             return Err(JsValue::from(e.to_string()));
         }
     };
-    let req_state = IssueInviteReqState {
+    let req_state = lox_utils::IssueInviteReqState {
         request: issue_result.0,
         state: issue_result.1,
     };
@@ -439,8 +366,9 @@ pub fn handle_issue_invite(
     issue_invite_response: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
-    let req_state: IssueInviteReqState = serde_json::from_str(&issue_invite_request).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let req_state: lox_utils::IssueInviteReqState =
+        serde_json::from_str(&issue_invite_request).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&issue_invite_response).unwrap();
     let issue_invite_cred = match issue_invite::handle_response(
@@ -455,7 +383,7 @@ pub fn handle_issue_invite(
             return Err(JsValue::from(e.to_string()));
         }
     };
-    let invitation_cred = LoxCredential {
+    let invitation_cred = lox_utils::LoxCredential {
         lox_credential: issue_invite_cred.0,
         bridgeline: None,
         invitation: Some(issue_invite_cred.1),
@@ -473,7 +401,7 @@ pub fn handle_issue_invite(
 // Separate Trusted Invite from credential prior to passing it to friend
 #[wasm_bindgen]
 pub fn prepare_invite(invitation_cred: String) -> String {
-    let cred: LoxCredential = serde_json::from_str(&invitation_cred).unwrap();
+    let cred: lox_utils::LoxCredential = serde_json::from_str(&invitation_cred).unwrap();
     log(&format!(
         "Prepared Invitation: {}",
         serde_json::to_string(&cred.invitation).unwrap()
@@ -485,7 +413,7 @@ pub fn prepare_invite(invitation_cred: String) -> String {
 #[wasm_bindgen]
 pub fn redeem_invite(invitation: String, lox_pub: String) -> Result<String, JsValue> {
     let invitation_cred: Invitation = serde_json::from_str(&invitation).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let redeem_result =
         match redeem_invite::request(&invitation_cred, &pubkeys.invitation_pub, test_today(371)) {
             Ok(redeem_result) => redeem_result,
@@ -494,7 +422,7 @@ pub fn redeem_invite(invitation: String, lox_pub: String) -> Result<String, JsVa
                 return Err(JsValue::from(e.to_string()));
             }
         };
-    let req_state = RedeemReqState {
+    let req_state = lox_utils::RedeemReqState {
         request: redeem_result.0,
         state: redeem_result.1,
     };
@@ -513,8 +441,9 @@ pub fn handle_redeem_invite(
     redeem_invite_response: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
-    let req_state: RedeemReqState = serde_json::from_str(&redeem_invite_request).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let req_state: lox_utils::RedeemReqState =
+        serde_json::from_str(&redeem_invite_request).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&redeem_invite_response).unwrap();
     let redeem_invite_cred = match redeem_invite::handle_response(
@@ -522,7 +451,7 @@ pub fn handle_redeem_invite(
         deserialized_response,
         &pubkeys.lox_pub,
     ) {
-        Ok(issue_invite_cred) => LoxCredential {
+        Ok(issue_invite_cred) => lox_utils::LoxCredential {
             lox_credential: issue_invite_cred,
             bridgeline: None,
             invitation: None,
@@ -543,8 +472,8 @@ pub fn handle_redeem_invite(
 
 #[wasm_bindgen]
 pub fn check_blockage(lox_cred: String, lox_pub: String) -> Result<String, JsValue> {
-    let lox: LoxCredential = serde_json::from_str(&lox_cred).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let lox: lox_utils::LoxCredential = serde_json::from_str(&lox_cred).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let cb_result = match check_blockage::request(&lox.lox_credential, &pubkeys.lox_pub) {
         Ok(cb_result) => cb_result,
         Err(e) => {
@@ -552,7 +481,7 @@ pub fn check_blockage(lox_cred: String, lox_pub: String) -> Result<String, JsVal
             return Err(JsValue::from(e.to_string()));
         }
     };
-    let req_state = CheckBlockageReqState {
+    let req_state = lox_utils::CheckBlockageReqState {
         request: cb_result.0,
         state: cb_result.1,
     };
@@ -570,7 +499,8 @@ pub fn handle_check_blockage(
     check_blockage_request: String,
     check_blockage_response: String,
 ) -> Result<String, JsValue> {
-    let req_state: CheckBlockageReqState = serde_json::from_str(&check_blockage_request).unwrap();
+    let req_state: lox_utils::CheckBlockageReqState =
+        serde_json::from_str(&check_blockage_request).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&check_blockage_response).unwrap();
     let migration_cred =
@@ -596,8 +526,8 @@ pub fn blockage_migration(
     check_migration_cred: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let lox_cred: LoxCredential = serde_json::from_str(&lox_cred).unwrap();
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let lox_cred: lox_utils::LoxCredential = serde_json::from_str(&lox_cred).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let mig_cred: Migration = serde_json::from_str(&check_migration_cred).unwrap();
     let bm_result = match blockage_migration::request(
         &lox_cred.lox_credential,
@@ -611,7 +541,7 @@ pub fn blockage_migration(
             return Err(JsValue::from(e.to_string()));
         }
     };
-    let req_state = BlockageMigReqState {
+    let req_state = lox_utils::BlockageMigReqState {
         request: bm_result.0,
         state: bm_result.1,
     };
@@ -630,8 +560,9 @@ pub fn handle_blockage_migration(
     blockage_migration_response: String,
     lox_pub: String,
 ) -> Result<String, JsValue> {
-    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
-    let req_state: BlockageMigReqState = serde_json::from_str(&blockage_migration_request).unwrap();
+    let pubkeys: lox_utils::PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let req_state: lox_utils::BlockageMigReqState =
+        serde_json::from_str(&blockage_migration_request).unwrap();
     let deserialized_state = req_state.state;
     let deserialized_response = serde_json::from_str(&blockage_migration_response).unwrap();
     let lox_cred = match blockage_migration::handle_response(
@@ -639,7 +570,7 @@ pub fn handle_blockage_migration(
         deserialized_response,
         &pubkeys.lox_pub,
     ) {
-        Ok(lox_cred) => LoxCredential {
+        Ok(lox_cred) => lox_utils::LoxCredential {
             lox_credential: lox_cred,
             bridgeline: None,
             invitation: None,