@cofhe/mock-contracts 0.4.0 → 0.5.0

package/CHANGELOG.md

@@ -1,5 +1,31 @@
 # @cofhe/mock-contracts Changelog
 
+## 0.5.0
+
+### Minor Changes
+
+- 50bb3e4: Decode custom errors from deployed mock contracts by name instead of raw hex selectors.
+
+  **`@cofhe/mock-contracts`**
+
+  - Replaced transient storage (`tstore`/`tload`) in `MockACL.sol` with block-number-based storage, removing the EVM `cancun` requirement and lowering the Solidity pragma to `>=0.8.19`.
+  - Removed `bytecode` and `deployedBytecode` fields from published artifacts — they are now sourced at runtime from Hardhat's own compilation output.
+
+  **`@cofhe/hardhat-plugin`**
+
+  - Overrides `TASK_COMPILE_SOLIDITY_GET_SOURCE_PATHS` to inject a stub file that imports all mock contracts, so Hardhat compiles them and registers their artifacts. This lets the Hardhat network decode mock contract custom errors by name (e.g. `PermissionInvalid_Expired`) rather than raw hex.
+  - Deployment bytecode is now fetched from `hre.artifacts.readArtifact()` instead of the pre-built artifact bundle.
+
+  **`@cofhe/hardhat-3-plugin`**
+
+  - Calls `hre.solidity.build()` during the `hre.created` hook to compile mock contracts once at startup, enabling the EDR to decode their custom errors by name.
+  - `deployFixed` and `deployVariable` now source bytecode from `hre.artifacts.readArtifact()`, ensuring the deployed bytecode matches Hardhat's build info — which is required for error decoding on variable-address contracts like `MockACL`.
+
+### Patch Changes
+
+- a685cd4: **Breaking change: upgraded to tfhe v1.5.3.**
+  Previous cofhesdk versions will no longer function.
+
 ## 0.4.0
 
 ## 0.3.2

package/contracts/MockACL.sol

@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: BSD-3-Clause-Clear
-// solhint-disable-next-line transient-storage
-pragma solidity >=0.8.25 <0.9.0;
+pragma solidity >=0.8.19 <0.9.0;
 
 import { Strings } from '@openzeppelin/contracts/utils/Strings.sol';
 import { MockPermissioned, Permission } from './Permissioned.sol';
@@ -44,6 +43,11 @@ contract MockACL is MockPermissioned {
     mapping(uint256 handle => mapping(address account => bool isAllowed)) persistedAllowedPairs;
     mapping(uint256 => bool) allowedForDecryption;
     mapping(address account => mapping(address delegatee => mapping(address contractAddress => bool isDelegate))) delegates;
+    /// @dev Approximates EIP-1153 transient storage: stores the block.number when the allowance
+    ///      was granted. An allowance is considered active only if it was set in the current block,
+    ///      so it auto-expires when the block changes — no explicit cleanup required.
+    ///      In Hardhat automine mode (one tx per block) this faithfully replicates per-tx transience.
+    mapping(bytes32 => uint256) transientAllowanceBlocks;
   }
 
   /// @notice Name of the contract.
@@ -152,17 +156,9 @@ contract MockACL is MockPermissioned {
       revert SenderNotAllowed(requester);
     }
 
+    ACLStorage storage $ = _getACLStorage();
     bytes32 key = keccak256(abi.encodePacked(handle, account));
-    assembly {
-      // solc-ignore-next-line transient-storage
-      tstore(key, 1)
-      let length := tload(0)
-      let lengthPlusOne := add(length, 1)
-      // solc-ignore-next-line transient-storage
-      tstore(lengthPlusOne, key)
-      // solc-ignore-next-line transient-storage
-      tstore(0, lengthPlusOne)
-    }
+    $.transientAllowanceBlocks[key] = block.number;
   }
 
   /**
@@ -217,12 +213,9 @@ contract MockACL is MockPermissioned {
    * @return isAllowedTransient   Whether the account can access transiently the handle.
    */
   function allowedTransient(uint256 handle, address account) public view virtual returns (bool) {
-    bool isAllowedTransient;
+    ACLStorage storage $ = _getACLStorage();
     bytes32 key = keccak256(abi.encodePacked(handle, account));
-    assembly {
-      isAllowedTransient := tload(key)
-    }
-    return isAllowedTransient;
+    return $.transientAllowanceBlocks[key] == block.number;
   }
 
   /**
@@ -276,28 +269,13 @@ contract MockACL is MockPermissioned {
   }
 
   /**
-   * @dev This function removes the transient allowances, which could be useful for integration with
-   *      Account Abstraction when bundling several UserOps calling the TaskManagerCoprocessor.
+   * @dev No-op in the mock: transient allowances auto-expire when the block changes, so explicit
+   *      cleanup is not needed. Kept for interface compatibility with the production ACL.
    */
   function cleanTransientStorage() external virtual {
     if (msg.sender != TASK_MANAGER_ADDRESS_) {
       revert DirectAllowForbidden(msg.sender);
     }
-
-    assembly {
-      let length := tload(0)
-      tstore(0, 0)
-      let lengthPlusOne := add(length, 1)
-      for {
-        let i := 1
-      } lt(i, lengthPlusOne) {
-        i := add(i, 1)
-      } {
-        let handle := tload(i)
-        tstore(i, 0)
-        tstore(handle, 0)
-      }
-    }
   }
 
   /**

package/contracts/MockCoFHE.sol

@@ -6,8 +6,11 @@ import { FHE } from '@fhenixprotocol/cofhe-contracts/FHE.sol';
 import { FunctionId, Utils } from '@fhenixprotocol/cofhe-contracts/ICofhe.sol';
 import { console } from 'hardhat/console.sol';
 
-address constant SIGNER_ADDRESS = 0x6E12D8C87503D4287c294f2Fdef96ACd9DFf6bd2;
-uint256 constant SIGNER_PRIVATE_KEY = 49099792800763675079532137679706322989817545357788440619111868498148356080914;
+address constant ZK_VERIFIER_SIGNER_ADDRESS = 0x6E12D8C87503D4287c294f2Fdef96ACd9DFf6bd2;
+uint256 constant ZK_VERIFIER_SIGNER_PRIVATE_KEY = 49099792800763675079532137679706322989817545357788440619111868498148356080914;
+
+address constant DECRYPT_RESULT_SIGNER_ADDRESS = 0x70997970C51812dc3A010C7d01b50e0d17dc79C8;
+uint256 constant DECRYPT_RESULT_SIGNER_PRIVATE_KEY = 0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d;
 
 /**
  * @dev Mock implementation of the CoFHE coprocessor, used to test FHE ops in isolation.

package/contracts/MockTaskManager.sol

@@ -38,6 +38,12 @@ library TMCommon {
   uint256 private constant UINT_TYPE_MASK = (type(uint8).max >> 1); // 0x7f - 7 bits reserved for uint type in the one before last byte
   uint256 private constant TRIVIALLY_ENCRYPTED_MASK = type(uint8).max - UINT_TYPE_MASK; //0x80  1 bit reserved for isTriviallyEncrypted
   uint256 private constant SHIFTED_TYPE_MASK = UINT_TYPE_MASK << 8; // 0x7f007 bits reserved for uint type in the one before last byte
+  uint256 internal constant SHIFT_ENC_TYPE = 224;
+  uint256 internal constant SHIFT_CHAIN_ID = 192;
+  uint256 internal constant OFFSET_ENC_TYPE = 0x20;
+  uint256 internal constant OFFSET_CHAIN_ID = 0x24;
+  uint256 internal constant OFFSET_CT_HASH = 0x2c;
+  uint256 internal constant MESSAGE_LENGTH = 0x4c;
 
   function uint256ToBytes32(uint256 value) internal pure returns (bytes memory) {
     bytes memory result = new bytes(32);
@@ -155,6 +161,24 @@ library TMCommon {
   function isTriviallyEncryptedFromHash(uint256 hash) internal pure returns (bool) {
     return (hash & TRIVIALLY_ENCRYPTED_MASK) == TRIVIALLY_ENCRYPTED_MASK;
   }
+
+  function computeDecryptResultHash(
+    uint256 ctHash,
+    uint256 result,
+    uint64 chainId
+  ) internal pure returns (bytes32 messageHash) {
+    uint8 encryptionType = getUintTypeFromHash(ctHash);
+
+    assembly {
+      let ptr := mload(0x40)
+      mstore(ptr, result)
+      mstore(add(ptr, OFFSET_ENC_TYPE), shl(SHIFT_ENC_TYPE, encryptionType))
+      mstore(add(ptr, OFFSET_CHAIN_ID), shl(SHIFT_CHAIN_ID, chainId))
+      mstore(add(ptr, OFFSET_CT_HASH), ctHash)
+      messageHash := keccak256(ptr, MESSAGE_LENGTH)
+      mstore(0x40, add(ptr, MESSAGE_LENGTH))
+    }
+  }
 }
 
 contract MockTaskManager is ITaskManager, MockCoFHE {
@@ -512,7 +536,7 @@ contract MockTaskManager is ITaskManager, MockCoFHE {
       return true;
     }
 
-    bytes32 messageHash = keccak256(abi.encodePacked(ctHash, result));
+    bytes32 messageHash = TMCommon.computeDecryptResultHash(ctHash, result, uint64(block.chainid));
     (address recovered, ECDSA.RecoverError err, ) = ECDSA.tryRecover(messageHash, signature);
 
     if (err != ECDSA.RecoverError.NoError || recovered == address(0)) {