@cofhe/sdk 0.1.0 → 0.1.1

package/dist/types-bB7wLj0q.d.cts

@@ -0,0 +1,953 @@
+import { P as Permit, S as SerializedPermit, C as CreateSelfPermitOptions, d as CreateSharingPermitOptions, I as ImportSharedPermitOptions, g as PermitUtils } from './permit-S9CnI6MF.cjs';
+import { WalletClient, PublicClient } from 'viem';
+import { C as CofheChain } from './types-KImPrEIe.cjs';
+import { z } from 'zod';
+import { StoreApi } from 'zustand/vanilla';
+
+/**
+ * Usable config type inferred from the schema
+ */
+type CofhesdkConfig = {
+    supportedChains: CofheChain[];
+    /**
+     * Strategy for fetching FHE keys
+     * - CONNECTED_CHAIN: Fetch keys for the connected chain (provided by the publicClient)
+     * - SUPPORTED_CHAINS: Fetch keys for all supported chains (provided by the supportedChains config)
+     * - OFF: Do not fetch keys (fetching occurs during encryptInputs)
+     * */
+    fheKeysPrefetching: 'CONNECTED_CHAIN' | 'SUPPORTED_CHAINS' | 'OFF';
+    /**
+     * How permits are generated
+     * - ON_CONNECT: Generate a permit when client.connect() is called
+     * - ON_DECRYPT_HANDLES: Generate a permit when client.decryptHandles() is called
+     * - MANUAL: Generate a permit manually using client.generatePermit()
+     */
+    permitGeneration: 'ON_CONNECT' | 'ON_DECRYPT_HANDLES' | 'MANUAL';
+    /** Default permit expiration in seconds, default is 30 days */
+    defaultPermitExpiration: number;
+    /**
+     * Storage scheme for the fetched fhe keys
+     * FHE keys are large, and caching prevents re-fetching them on each encryptInputs call
+     * (defaults to indexedDB on web, filesystem on node)
+     */
+    fheKeyStorage: IStorage | null;
+    /** Mocks configs */
+    mocks: {
+        /**
+         * Length of the simulated seal output delay in milliseconds
+         * Default 1000ms on web
+         * Default 0ms on hardhat (will be called during tests no need for fake delay)
+         */
+        sealOutputDelay: number;
+    };
+    _internal?: CofhesdkInternalConfig;
+};
+type CofhesdkInternalConfig = {
+    zkvWalletClient?: WalletClient;
+};
+/**
+ * Zod schema for configuration validation
+ */
+declare const CofhesdkConfigSchema: z.ZodObject<{
+    /** List of supported chain configurations */
+    supportedChains: z.ZodArray<z.ZodType<{
+        name: string;
+        id: number;
+        network: string;
+        coFheUrl: string;
+        verifierUrl: string;
+        thresholdNetworkUrl: string;
+        environment: "MOCK" | "TESTNET" | "MAINNET";
+    }, z.ZodTypeDef, {
+        name: string;
+        id: number;
+        network: string;
+        coFheUrl: string;
+        verifierUrl: string;
+        thresholdNetworkUrl: string;
+        environment: "MOCK" | "TESTNET" | "MAINNET";
+    }>, "many">;
+    /** Strategy for fetching FHE keys */
+    fheKeysPrefetching: z.ZodDefault<z.ZodOptional<z.ZodEnum<["CONNECTED_CHAIN", "SUPPORTED_CHAINS", "OFF"]>>>;
+    /** How permits are generated */
+    permitGeneration: z.ZodDefault<z.ZodOptional<z.ZodEnum<["ON_CONNECT", "ON_DECRYPT_HANDLES", "MANUAL"]>>>;
+    /** Default permit expiration in seconds, default is 30 days */
+    defaultPermitExpiration: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+    /** Storage method for fhe keys (defaults to indexedDB on web, filesystem on node) */
+    fheKeyStorage: z.ZodDefault<z.ZodUnion<[z.ZodObject<{
+        getItem: z.ZodFunction<z.ZodTuple<[z.ZodString], z.ZodUnknown>, z.ZodPromise<z.ZodAny>>;
+        setItem: z.ZodFunction<z.ZodTuple<[z.ZodString, z.ZodAny], z.ZodUnknown>, z.ZodPromise<z.ZodVoid>>;
+        removeItem: z.ZodFunction<z.ZodTuple<[z.ZodString], z.ZodUnknown>, z.ZodPromise<z.ZodVoid>>;
+    }, "strip", z.ZodTypeAny, {
+        getItem: (args_0: string, ...args_1: unknown[]) => Promise<any>;
+        setItem: (args_0: string, args_1: any, ...args_2: unknown[]) => Promise<void>;
+        removeItem: (args_0: string, ...args_1: unknown[]) => Promise<void>;
+    }, {
+        getItem: (args_0: string, ...args_1: unknown[]) => Promise<any>;
+        setItem: (args_0: string, args_1: any, ...args_2: unknown[]) => Promise<void>;
+        removeItem: (args_0: string, ...args_1: unknown[]) => Promise<void>;
+    }>, z.ZodNull]>>;
+    /** Mocks configs */
+    mocks: z.ZodDefault<z.ZodOptional<z.ZodObject<{
+        sealOutputDelay: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+    }, "strip", z.ZodTypeAny, {
+        sealOutputDelay: number;
+    }, {
+        sealOutputDelay?: number | undefined;
+    }>>>;
+    /** Internal configuration */
+    _internal: z.ZodOptional<z.ZodObject<{
+        zkvWalletClient: z.ZodOptional<z.ZodAny>;
+    }, "strip", z.ZodTypeAny, {
+        zkvWalletClient?: any;
+    }, {
+        zkvWalletClient?: any;
+    }>>;
+}, "strip", z.ZodTypeAny, {
+    supportedChains: {
+        name: string;
+        id: number;
+        network: string;
+        coFheUrl: string;
+        verifierUrl: string;
+        thresholdNetworkUrl: string;
+        environment: "MOCK" | "TESTNET" | "MAINNET";
+    }[];
+    fheKeysPrefetching: "CONNECTED_CHAIN" | "SUPPORTED_CHAINS" | "OFF";
+    permitGeneration: "ON_CONNECT" | "ON_DECRYPT_HANDLES" | "MANUAL";
+    defaultPermitExpiration: number;
+    fheKeyStorage: {
+        getItem: (args_0: string, ...args_1: unknown[]) => Promise<any>;
+        setItem: (args_0: string, args_1: any, ...args_2: unknown[]) => Promise<void>;
+        removeItem: (args_0: string, ...args_1: unknown[]) => Promise<void>;
+    } | null;
+    mocks: {
+        sealOutputDelay: number;
+    };
+    _internal?: {
+        zkvWalletClient?: any;
+    } | undefined;
+}, {
+    supportedChains: {
+        name: string;
+        id: number;
+        network: string;
+        coFheUrl: string;
+        verifierUrl: string;
+        thresholdNetworkUrl: string;
+        environment: "MOCK" | "TESTNET" | "MAINNET";
+    }[];
+    fheKeysPrefetching?: "CONNECTED_CHAIN" | "SUPPORTED_CHAINS" | "OFF" | undefined;
+    permitGeneration?: "ON_CONNECT" | "ON_DECRYPT_HANDLES" | "MANUAL" | undefined;
+    defaultPermitExpiration?: number | undefined;
+    fheKeyStorage?: {
+        getItem: (args_0: string, ...args_1: unknown[]) => Promise<any>;
+        setItem: (args_0: string, args_1: any, ...args_2: unknown[]) => Promise<void>;
+        removeItem: (args_0: string, ...args_1: unknown[]) => Promise<void>;
+    } | null | undefined;
+    mocks?: {
+        sealOutputDelay?: number | undefined;
+    } | undefined;
+    _internal?: {
+        zkvWalletClient?: any;
+    } | undefined;
+}>;
+/**
+ * Input config type inferred from the schema
+ */
+type CofhesdkInputConfig = z.input<typeof CofhesdkConfigSchema>;
+/**
+ * Creates and validates a cofhesdk configuration (base implementation)
+ * @param config - The configuration object to validate
+ * @returns The validated configuration
+ * @throws {Error} If the configuration is invalid
+ */
+declare function createCofhesdkConfigBase(config: CofhesdkInputConfig): CofhesdkConfig;
+/**
+ * Access the CofhesdkConfig object directly by providing the key.
+ * This is powerful when you use OnchainKit utilities outside of the React context.
+ */
+declare const getCofhesdkConfigItem: <K extends keyof CofhesdkConfig>(config: CofhesdkConfig, key: K) => CofhesdkConfig[K];
+
+declare enum CofhesdkErrorCode {
+    InternalError = "INTERNAL_ERROR",
+    UnknownEnvironment = "UNKNOWN_ENVIRONMENT",
+    InitTfheFailed = "INIT_TFHE_FAILED",
+    InitViemFailed = "INIT_VIEM_FAILED",
+    InitEthersFailed = "INIT_ETHERS_FAILED",
+    NotConnected = "NOT_CONNECTED",
+    MissingPublicClient = "MISSING_PUBLIC_CLIENT",
+    MissingWalletClient = "MISSING_WALLET_CLIENT",
+    MissingProviderParam = "MISSING_PROVIDER_PARAM",
+    EmptySecurityZonesParam = "EMPTY_SECURITY_ZONES_PARAM",
+    InvalidPermitData = "INVALID_PERMIT_DATA",
+    InvalidPermitDomain = "INVALID_PERMIT_DOMAIN",
+    PermitNotFound = "PERMIT_NOT_FOUND",
+    CannotRemoveLastPermit = "CANNOT_REMOVE_LAST_PERMIT",
+    AccountUninitialized = "ACCOUNT_UNINITIALIZED",
+    ChainIdUninitialized = "CHAIN_ID_UNINITIALIZED",
+    SealOutputFailed = "SEAL_OUTPUT_FAILED",
+    SealOutputReturnedNull = "SEAL_OUTPUT_RETURNED_NULL",
+    InvalidUtype = "INVALID_UTYPE",
+    DecryptFailed = "DECRYPT_FAILED",
+    DecryptReturnedNull = "DECRYPT_RETURNED_NULL",
+    ZkMocksInsertCtHashesFailed = "ZK_MOCKS_INSERT_CT_HASHES_FAILED",
+    ZkMocksCalcCtHashesFailed = "ZK_MOCKS_CALC_CT_HASHES_FAILED",
+    ZkMocksVerifySignFailed = "ZK_MOCKS_VERIFY_SIGN_FAILED",
+    ZkMocksCreateProofSignatureFailed = "ZK_MOCKS_CREATE_PROOF_SIGNATURE_FAILED",
+    ZkVerifyFailed = "ZK_VERIFY_FAILED",
+    ZkPackFailed = "ZK_PACK_FAILED",
+    ZkProveFailed = "ZK_PROVE_FAILED",
+    EncryptRemainingInItems = "ENCRYPT_REMAINING_IN_ITEMS",
+    ZkUninitialized = "ZK_UNINITIALIZED",
+    ZkVerifierUrlUninitialized = "ZK_VERIFIER_URL_UNINITIALIZED",
+    ThresholdNetworkUrlUninitialized = "THRESHOLD_NETWORK_URL_UNINITIALIZED",
+    MissingConfig = "MISSING_CONFIG",
+    UnsupportedChain = "UNSUPPORTED_CHAIN",
+    MissingZkBuilderAndCrsGenerator = "MISSING_ZK_BUILDER_AND_CRS_GENERATOR",
+    MissingTfhePublicKeyDeserializer = "MISSING_TFHE_PUBLIC_KEY_DESERIALIZER",
+    MissingCompactPkeCrsDeserializer = "MISSING_COMPACT_PKE_CRS_DESERIALIZER",
+    MissingFheKey = "MISSING_FHE_KEY",
+    MissingCrs = "MISSING_CRS",
+    FetchKeysFailed = "FETCH_KEYS_FAILED",
+    PublicWalletGetChainIdFailed = "PUBLIC_WALLET_GET_CHAIN_ID_FAILED",
+    PublicWalletGetAddressesFailed = "PUBLIC_WALLET_GET_ADDRESSES_FAILED",
+    RehydrateKeysStoreFailed = "REHYDRATE_KEYS_STORE_FAILED"
+}
+type CofhesdkErrorParams = {
+    code: CofhesdkErrorCode;
+    message: string;
+    cause?: Error;
+    hint?: string;
+    context?: Record<string, unknown>;
+};
+/**
+ * CofhesdkError class
+ * This class is used to create errors that are specific to the CoFHE SDK
+ * It extends the Error class and adds a code, cause, hint, and context
+ * The code is used to identify the type of error
+ * The cause is used to indicate the inner error that caused the CofhesdkError
+ * The hint is used to provide a hint about how to fix the error
+ * The context is used to provide additional context about the state that caused the error
+ * The serialize method is used to serialize the error to a JSON string
+ * The toString method is used to provide a human-readable string representation of the error
+ */
+declare class CofhesdkError extends Error {
+    readonly code: CofhesdkErrorCode;
+    readonly cause?: Error;
+    readonly hint?: string;
+    readonly context?: Record<string, unknown>;
+    constructor({ code, message, cause, hint, context }: CofhesdkErrorParams);
+    /**
+     * Creates a CofhesdkError from an unknown error
+     * If the error is a CofhesdkError, it is returned unchanged, else a new CofhesdkError is created
+     * If a wrapperError is provided, it is used to create the new CofhesdkError, else a default is used
+     */
+    static fromError(error: unknown, wrapperError?: CofhesdkErrorParams): CofhesdkError;
+    /**
+     * Serializes the error to JSON string with proper handling of Error objects
+     */
+    serialize(): string;
+    /**
+     * Returns a human-readable string representation of the error
+     */
+    toString(): string;
+}
+declare const isCofhesdkError: (error: unknown) => error is CofhesdkError;
+
+type Result<T> = {
+    success: true;
+    data: T;
+    error: null;
+} | {
+    success: false;
+    data: null;
+    error: CofhesdkError;
+};
+declare const ResultErr: <T>(error: CofhesdkError) => Result<T>;
+declare const ResultOk: <T>(data: T) => Result<T>;
+declare const ResultErrOrInternal: <T>(error: unknown) => Result<T>;
+declare const ResultHttpError: (error: unknown, url: string, status?: number) => CofhesdkError;
+declare const ResultValidationError: (message: string) => CofhesdkError;
+declare const resultWrapper: <T>(tryFn: () => Promise<T>, catchFn?: (error: CofhesdkError) => void, finallyFn?: () => void) => Promise<Result<T>>;
+declare const resultWrapperSync: <T>(fn: () => T) => Result<T>;
+
+/**
+ * Base parameters that all builders need
+ */
+type BaseBuilderParams = {
+    config: CofhesdkConfig | undefined;
+    publicClient: PublicClient | undefined;
+    walletClient: WalletClient | undefined;
+    chainId: number | undefined;
+    account: string | undefined;
+    requireConnected: (() => void) | undefined;
+};
+/**
+ * Abstract base class for builders that provides common functionality
+ * for working with clients, config, and chain IDs
+ */
+declare abstract class BaseBuilder {
+    protected config: CofhesdkConfig | undefined;
+    protected publicClient: PublicClient | undefined;
+    protected walletClient: WalletClient | undefined;
+    protected chainId: number | undefined;
+    protected account: string | undefined;
+    protected requireConnected: (() => void) | undefined;
+    constructor(params: BaseBuilderParams);
+    /**
+     * Gets the chain ID from the instance or fetches it from the public client
+     * @returns The chain ID
+     * @throws {CofhesdkError} If chainId is not set and publicClient is not available
+     */
+    protected getChainIdOrThrow(): Promise<number>;
+    /**
+     * Gets the account address from the instance or fetches it from the wallet client
+     * @returns The account address
+     * @throws {CofhesdkError} If account is not set and walletClient is not available
+     */
+    protected getAccountOrThrow(): Promise<string>;
+    /**
+     * Gets the config or throws an error if not available
+     * @returns The config
+     * @throws {CofhesdkError} If config is not set
+     */
+    protected getConfigOrThrow(): CofhesdkConfig;
+    /**
+     * Gets the public client or throws an error if not available
+     * @returns The public client
+     * @throws {CofhesdkError} If publicClient is not set
+     */
+    protected getPublicClientOrThrow(): PublicClient;
+    /**
+     * Gets the wallet client or throws an error if not available
+     * @returns The wallet client
+     * @throws {CofhesdkError} If walletClient is not set
+     */
+    protected getWalletClientOrThrow(): WalletClient;
+    /**
+     * Requires the client to be connected
+     * @throws {CofhesdkError} If client is not connected
+     */
+    protected requireConnectedOrThrow(): void;
+}
+
+/**
+ * API
+ *
+ * await client.decryptHandle(ctHash, utype)
+ *   .setChainId(chainId)
+ *   .setAccount(account)
+ *   .setPermitHash(permitHash)
+ *   .setPermit(permit)
+ *   .decrypt()
+ *
+ * If chainId not set, uses client's chainId
+ * If account not set, uses client's account
+ * If permitHash not set, uses chainId and account to get active permit
+ * If permit is set, uses permit to decrypt regardless of chainId, account, or permitHash
+ *
+ * Returns a Result<UnsealedItem<U>>
+ */
+type DecryptHandlesBuilderParams<U extends FheTypes> = BaseBuilderParams & {
+    ctHash: bigint;
+    utype: U;
+    permitHash?: string;
+    permit?: Permit;
+};
+declare class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
+    private ctHash;
+    private utype;
+    private permitHash?;
+    private permit?;
+    constructor(params: DecryptHandlesBuilderParams<U>);
+    /**
+     * @param chainId - Chain to decrypt values from. Used to fetch the threshold network URL and use the correct permit.
+     *
+     * If not provided, the chainId will be fetched from the connected publicClient.
+     *
+     * Example:
+     * ```typescript
+     * const unsealed = await decryptHandle(ctHash, utype)
+     *   .setChainId(11155111)
+     *   .decrypt();
+     * ```
+     *
+     * @returns The chainable DecryptHandlesBuilder instance.
+     */
+    setChainId(chainId: number): DecryptHandlesBuilder<U>;
+    getChainId(): number | undefined;
+    /**
+     * @param account - Account to decrypt values from. Used to fetch the correct permit.
+     *
+     * If not provided, the account will be fetched from the connected walletClient.
+     *
+     * Example:
+     * ```typescript
+     * const unsealed = await decryptHandle(ctHash, utype)
+     *   .setAccount('0x1234567890123456789012345678901234567890')
+     *   .decrypt();
+     * ```
+     *
+     * @returns The chainable DecryptHandlesBuilder instance.
+     */
+    setAccount(account: string): DecryptHandlesBuilder<U>;
+    getAccount(): string | undefined;
+    /**
+     * @param permitHash - Permit hash to decrypt values from. Used to fetch the correct permit.
+     *
+     * If not provided, the active permit for the chainId and account will be used.
+     * If `setPermit()` is called, it will be used regardless of chainId, account, or permitHash.
+     *
+     * Example:
+     * ```typescript
+     * const unsealed = await decryptHandle(ctHash, utype)
+     *   .setPermitHash('0x1234567890123456789012345678901234567890')
+     *   .decrypt();
+     * ```
+     *
+     * @returns The chainable DecryptHandlesBuilder instance.
+     */
+    setPermitHash(permitHash: string): DecryptHandlesBuilder<U>;
+    getPermitHash(): string | undefined;
+    /**
+     * @param permit - Permit to decrypt values with. If provided, it will be used regardless of chainId, account, or permitHash.
+     *
+     * If not provided, the permit will be determined by chainId, account, and permitHash.
+     *
+     * Example:
+     * ```typescript
+     * const unsealed = await decryptHandle(ctHash, utype)
+     *   .setPermit(permit)
+     *   .decrypt();
+     * ```
+     *
+     * @returns The chainable DecryptHandlesBuilder instance.
+     */
+    setPermit(permit: Permit): DecryptHandlesBuilder<U>;
+    getPermit(): Permit | undefined;
+    private getThresholdNetworkUrl;
+    private validateUtypeOrThrow;
+    private getResolvedPermit;
+    /**
+     * On hardhat, interact with MockZkVerifier contract instead of CoFHE
+     */
+    private mocksSealOutput;
+    /**
+     * In the production context, perform a true decryption with the CoFHE coprocessor.
+     */
+    private productionSealOutput;
+    /**
+     * Final step of the decryption process. MUST BE CALLED LAST IN THE CHAIN.
+     *
+     * This will:
+     * - Use a permit based on provided permit OR chainId + account + permitHash
+     * - Check permit validity
+     * - Call CoFHE `/sealoutput` with the permit, which returns a sealed (encrypted) item
+     * - Unseal the sealed item with the permit
+     * - Return the unsealed item
+     *
+     * Example:
+     * ```typescript
+     * const unsealed = await decryptHandle(ctHash, utype)
+     *   .setChainId(11155111)      // optional
+     *   .setAccount('0x123...890') // optional
+     *   .decrypt();                // execute
+     * ```
+     *
+     * @returns The unsealed item.
+     */
+    decrypt(): Promise<Result<UnsealedItem<U>>>;
+}
+
+type ZkProvenCiphertextList = {
+    serialize(): Uint8Array;
+};
+type ZkCompactPkeCrs = {
+    free(): void;
+    serialize(compress: boolean): Uint8Array;
+    safe_serialize(serialized_size_limit: bigint): Uint8Array;
+};
+type ZkCiphertextListBuilder = {
+    push_boolean(data: boolean): void;
+    push_u8(data: number): void;
+    push_u16(data: number): void;
+    push_u32(data: number): void;
+    push_u64(data: bigint): void;
+    push_u128(data: bigint): void;
+    push_u160(data: bigint): void;
+    build_with_proof_packed(crs: ZkCompactPkeCrs, metadata: Uint8Array, computeLoad: 1): ZkProvenCiphertextList;
+};
+type ZkBuilderAndCrsGenerator = (fhe: string, crs: string) => {
+    zkBuilder: ZkCiphertextListBuilder;
+    zkCrs: ZkCompactPkeCrs;
+};
+
+type ChainRecord<T> = Record<string, T>;
+type SecurityZoneRecord<T> = Record<number, T>;
+type KeysStore = {
+    fhe: ChainRecord<SecurityZoneRecord<string | undefined>>;
+    crs: ChainRecord<string | undefined>;
+};
+type KeysStorage = {
+    store: StoreApi<KeysStore>;
+    getFheKey: (chainId: number | undefined, securityZone?: number) => string | undefined;
+    getCrs: (chainId: number | undefined) => string | undefined;
+    setFheKey: (chainId: number, securityZone: number, key: string) => void;
+    setCrs: (chainId: number, crs: string) => void;
+    clearKeysStorage: () => Promise<void>;
+    rehydrateKeysStore: () => Promise<void>;
+};
+/**
+ * Creates a keys storage instance using the provided storage implementation
+ * @param storage - The storage implementation to use (IStorage interface), or null for non-persisted store
+ * @returns A KeysStorage instance with all utility methods
+ */
+declare function createKeysStore(storage: IStorage | null): KeysStorage;
+
+type FheKeyDeserializer = (buff: string) => void;
+/**
+ * Retrieves the FHE public key and the CRS from the provider.
+ * If the key/crs already exists in the store it is returned, else it is fetched, stored, and returned
+ * @param {CofhesdkConfig} config - The configuration object for the CoFHE SDK
+ * @param {number} chainId - The chain to fetch the FHE key for, if no chainId provided, undefined is returned
+ * @param securityZone - The security zone for which to retrieve the key (default 0).
+ * @param tfhePublicKeyDeserializer - The serializer for the FHE public key (used for validation).
+ * @param compactPkeCrsDeserializer - The serializer for the CRS (used for validation).
+ * @param keysStorage - The keys storage instance to use (optional)
+ * @returns {Promise<[[string, boolean], [string, boolean]]>} - A promise that resolves to [[fheKey, fheKeyFetchedFromCoFHE], [crs, crsFetchedFromCoFHE]]
+ */
+declare const fetchKeys: (config: CofhesdkConfig, chainId: number, securityZone: number | undefined, tfhePublicKeyDeserializer: FheKeyDeserializer, compactPkeCrsDeserializer: FheKeyDeserializer, keysStorage?: KeysStorage | null) => Promise<[[string, boolean], [string, boolean]]>;
+/**
+ * Fetches the FHE public key and the CRS for all chains in the config
+ * @param {CofhesdkConfig} config - The configuration object for the CoFHE SDK
+ * @param {number} securityZone - The security zone for which to retrieve the key (default 0).
+ * @param tfhePublicKeyDeserializer - The serializer for the FHE public key (used for validation).
+ * @param compactPkeCrsDeserializer - The serializer for the CRS (used for validation).
+ * @param keysStorage - The keys storage instance to use (optional)
+ * @returns {Promise<void>} - A promise that resolves when the keys are fetched and stored.
+ */
+declare const fetchMultichainKeys: (config: CofhesdkConfig, securityZone: number | undefined, tfhePublicKeyDeserializer: FheKeyDeserializer, compactPkeCrsDeserializer: FheKeyDeserializer, keysStorage?: KeysStorage | null) => Promise<void>;
+
+type EncryptInputsBuilderParams<T extends EncryptableItem[]> = BaseBuilderParams & {
+    inputs: [...T];
+    securityZone?: number;
+    zkvWalletClient?: WalletClient | undefined;
+    tfhePublicKeyDeserializer: FheKeyDeserializer | undefined;
+    compactPkeCrsDeserializer: FheKeyDeserializer | undefined;
+    zkBuilderAndCrsGenerator: ZkBuilderAndCrsGenerator | undefined;
+    initTfhe: TfheInitializer | undefined;
+    keysStorage: KeysStorage | undefined;
+};
+/**
+ * EncryptInputsBuilder exposes a builder pattern for encrypting inputs.
+ * account, securityZone, and chainId can be overridden in the builder.
+ * config, tfhePublicKeyDeserializer, compactPkeCrsDeserializer, and zkBuilderAndCrsGenerator are required to be set in the builder.
+ *
+ * @dev All errors must be throw in `encrypt`, which wraps them in a Result.
+ * Do not throw errors in the constructor or in the builder methods.
+ */
+declare class EncryptInputsBuilder<T extends EncryptableItem[]> extends BaseBuilder {
+    private securityZone;
+    private stepCallback?;
+    private inputItems;
+    private zkvWalletClient;
+    private tfhePublicKeyDeserializer;
+    private compactPkeCrsDeserializer;
+    private zkBuilderAndCrsGenerator;
+    private initTfhe;
+    private keysStorage;
+    private stepTimestamps;
+    constructor(params: EncryptInputsBuilderParams<T>);
+    /**
+     * @param account - Account that will create the tx using the encrypted inputs.
+     *
+     * If not provided, the account will be fetched from the connected walletClient.
+     *
+     * Example:
+     * ```typescript
+     * const encrypted = await encryptInputs([Encryptable.uint128(10n)])
+     *   .setAccount("0x123")
+     *   .encrypt();
+     * ```
+     *
+     * @returns The chainable EncryptInputsBuilder instance.
+     */
+    setAccount(account: string): EncryptInputsBuilder<T>;
+    getAccount(): string | undefined;
+    /**
+     * @param chainId - Chain that will consume the encrypted inputs.
+     *
+     * If not provided, the chainId will be fetched from the connected publicClient.
+     *
+     * Example:
+     * ```typescript
+     * const encrypted = await encryptInputs([Encryptable.uint128(10n)])
+     *   .setChainId(11155111)
+     *   .encrypt();
+     * ```
+     *
+     * @returns The chainable EncryptInputsBuilder instance.
+     */
+    setChainId(chainId: number): EncryptInputsBuilder<T>;
+    getChainId(): number | undefined;
+    /**
+     * @param securityZone - Security zone to encrypt the inputs for.
+     *
+     * If not provided, the default securityZone 0 will be used.
+     *
+     * Example:
+     * ```typescript
+     * const encrypted = await encryptInputs([Encryptable.uint128(10n)])
+     *   .setSecurityZone(1)
+     *   .encrypt();
+     * ```
+     *
+     * @returns The chainable EncryptInputsBuilder instance.
+     */
+    setSecurityZone(securityZone: number): EncryptInputsBuilder<T>;
+    getSecurityZone(): number;
+    /**
+     * @param callback - Function to be called with the encryption step.
+     *
+     * Useful for debugging and tracking the progress of the encryption process.
+     * Useful for a UI element that shows the progress of the encryption process.
+     *
+     * Example:
+     * ```typescript
+     * const encrypted = await encryptInputs([Encryptable.uint128(10n)])
+     *   .setStepCallback((step: EncryptStep) => console.log(step))
+     *   .encrypt();
+     * ```
+     *
+     * @returns The EncryptInputsBuilder instance.
+     */
+    setStepCallback(callback: EncryptStepCallbackFunction): EncryptInputsBuilder<T>;
+    getStepCallback(): EncryptStepCallbackFunction | undefined;
+    /**
+     * Fires the step callback if set
+     */
+    private fireStepStart;
+    private fireStepEnd;
+    /**
+     * tfhePublicKeyDeserializer is a platform-specific dependency injected into core/createCofhesdkClientBase by web/createCofhesdkClient and node/createCofhesdkClient
+     * web/ uses zama "tfhe"
+     * node/ uses zama "node-tfhe"
+     * Users should not set this manually.
+     */
+    private getTfhePublicKeyDeserializerOrThrow;
+    /**
+     * compactPkeCrsDeserializer is a platform-specific dependency injected into core/createCofhesdkClientBase by web/createCofhesdkClient and node/createCofhesdkClient
+     * web/ uses zama "tfhe"
+     * node/ uses zama "node-tfhe"
+     * Users should not set this manually.
+     */
+    private getCompactPkeCrsDeserializerOrThrow;
+    /**
+     * zkVerifierUrl is included in the chains exported from cofhesdk/chains for use in CofhesdkConfig.supportedChains
+     * Users should generally not set this manually.
+     */
+    private getZkVerifierUrl;
+    /**
+     * initTfhe is a platform-specific dependency injected into core/createCofhesdkClientBase by web/createCofhesdkClient and node/createCofhesdkClient
+     * web/ uses zama "tfhe"
+     * node/ uses zama "node-tfhe"
+     * Users should not set this manually.
+     */
+    private initTfheOrThrow;
+    /**
+     * Fetches the FHE key and CRS from the CoFHE API
+     * If the key/crs already exists in the store it is returned, else it is fetched, stored, and returned
+     */
+    private fetchFheKeyAndCrs;
+    /**
+     * zkBuilderAndCrsGenerator is a platform-specific dependency injected into core/createCofhesdkClientBase by web/createCofhesdkClient and node/createCofhesdkClient
+     * web/ uses zama "tfhe"
+     * node/ uses zama "node-tfhe"
+     * Users should not set this manually.
+     *
+     * Generates the zkBuilder and zkCrs from the fheKey and crs
+     */
+    private generateZkBuilderAndCrs;
+    /**
+     * @dev Encrypt against the cofheMocks instead of CoFHE
+     *
+     * In the cofheMocks, the MockZkVerifier contract is deployed on hardhat to a fixed address, this contract handles mocking the zk verifying.
+     * cofheMocksInsertPackedHashes - stores the ctHashes and their plaintext values for on-chain mocking of FHE operations.
+     * cofheMocksZkCreateProofSignatures - creates signatures to be included in the encrypted inputs. The signers address is known and verified in the mock contracts.
+     */
+    private mocksEncrypt;
+    /**
+     * In the production context, perform a true encryption with the CoFHE coprocessor.
+     */
+    private productionEncrypt;
+    /**
+     * Final step of the encryption process. MUST BE CALLED LAST IN THE CHAIN.
+     *
+     * This will:
+     * - Pack the encryptable items into a zk proof
+     * - Prove the zk proof
+     * - Verify the zk proof with CoFHE
+     * - Package and return the encrypted inputs
+     *
+     * Example:
+     * ```typescript
+     * const encrypted = await encryptInputs([Encryptable.uint128(10n)])
+     *   .setAccount('0x123...890') // optional
+     *   .setChainId(11155111)      // optional
+     *   .encrypt();                // execute
+     * ```
+     *
+     * @returns The encrypted inputs.
+     */
+    encrypt(): Promise<Result<[...EncryptedItemInputs<T>]>>;
+}
+
+declare const permits: {
+    getSnapshot: () => {
+        permits: {
+            [x: number]: {
+                [x: string]: {
+                    [x: string]: SerializedPermit | undefined;
+                };
+            };
+        };
+        activePermitHash: {
+            [x: number]: {
+                [x: string]: string | undefined;
+            };
+        };
+    };
+    subscribe: (listener: (state: {
+        permits: {
+            [x: number]: {
+                [x: string]: {
+                    [x: string]: SerializedPermit | undefined;
+                };
+            };
+        };
+        activePermitHash: {
+            [x: number]: {
+                [x: string]: string | undefined;
+            };
+        };
+    }, prevState: {
+        permits: {
+            [x: number]: {
+                [x: string]: {
+                    [x: string]: SerializedPermit | undefined;
+                };
+            };
+        };
+        activePermitHash: {
+            [x: number]: {
+                [x: string]: string | undefined;
+            };
+        };
+    }) => void) => () => void;
+    createSelf: (options: CreateSelfPermitOptions, publicClient: PublicClient, walletClient: WalletClient) => Promise<Permit>;
+    createSharing: (options: CreateSharingPermitOptions, publicClient: PublicClient, walletClient: WalletClient) => Promise<Permit>;
+    importShared: (options: ImportSharedPermitOptions | any | string, publicClient: PublicClient, walletClient: WalletClient) => Promise<Permit>;
+    getHash: (permit: Permit) => string;
+    serialize: (permit: Permit) => SerializedPermit;
+    deserialize: (serialized: SerializedPermit) => Permit;
+    getPermit: (chainId: number, account: string, hash: string) => Promise<Permit | undefined>;
+    getPermits: (chainId: number, account: string) => Promise<Record<string, Permit>>;
+    getActivePermit: (chainId: number, account: string) => Promise<Permit | undefined>;
+    getActivePermitHash: (chainId: number, account: string) => Promise<string | undefined>;
+    removePermit: (chainId: number, account: string, hash: string) => Promise<void>;
+    selectActivePermit: (chainId: number, account: string, hash: string) => Promise<void>;
+    removeActivePermit: (chainId: number, account: string) => Promise<void>;
+};
+
+type Primitive = null | undefined | string | number | boolean | symbol | bigint;
+type LiteralToPrimitive<T> = T extends number ? number : T extends bigint ? bigint : T extends string ? string : T extends boolean ? boolean : T extends symbol ? symbol : T extends null ? null : T extends undefined ? undefined : never;
+type CofhesdkClient = {
+    getSnapshot(): CofhesdkClientConnectionState;
+    subscribe(listener: Listener): () => void;
+    readonly initializationResults: {
+        keyFetchResult: Promise<Result<boolean>>;
+    };
+    readonly connected: boolean;
+    readonly connecting: boolean;
+    readonly config: CofhesdkConfig;
+    connect(publicClient: PublicClient, walletClient: WalletClient): Promise<Result<boolean>>;
+    /**
+     * Types docstring
+     */
+    encryptInputs<T extends EncryptableItem[]>(inputs: [...T]): EncryptInputsBuilder<[...T]>;
+    decryptHandle<U extends FheTypes>(ctHash: bigint, utype: U): DecryptHandlesBuilder<U>;
+    permits: CofhesdkClientPermits;
+};
+type CofhesdkClientConnectionState = {
+    connected: boolean;
+    connecting: boolean;
+    connectError: unknown | undefined;
+    chainId: number | undefined;
+    account: string | undefined;
+};
+type Listener = (snapshot: CofhesdkClientConnectionState) => void;
+type CofhesdkClientPermits = {
+    getSnapshot: typeof permits.getSnapshot;
+    subscribe: typeof permits.subscribe;
+    createSelf: (options: CreateSelfPermitOptions) => Promise<Result<Permit>>;
+    createSharing: (options: CreateSharingPermitOptions) => Promise<Result<Permit>>;
+    importShared: (options: ImportSharedPermitOptions | any | string) => Promise<Result<Permit>>;
+    getPermit: (hash: string, chainId?: number, account?: string) => Promise<Result<Permit | undefined>>;
+    getPermits: (chainId?: number, account?: string) => Promise<Result<Record<string, Permit>>>;
+    getActivePermit: (chainId?: number, account?: string) => Promise<Result<Permit | undefined>>;
+    getActivePermitHash: (chainId?: number, account?: string) => Promise<Result<string | undefined>>;
+    selectActivePermit: (hash: string, chainId?: number, account?: string) => Promise<Result<void>>;
+    removePermit: (hash: string, chainId?: number, account?: string) => Promise<Result<void>>;
+    removeActivePermit: (chainId?: number, account?: string) => Promise<Result<void>>;
+    getHash: typeof PermitUtils.getHash;
+    serialize: typeof PermitUtils.serialize;
+    deserialize: typeof PermitUtils.deserialize;
+};
+type TfheInitializer = () => Promise<boolean>;
+type CofhesdkClientParams = {
+    config: CofhesdkConfig;
+    zkBuilderAndCrsGenerator: ZkBuilderAndCrsGenerator;
+    tfhePublicKeyDeserializer: FheKeyDeserializer;
+    compactPkeCrsDeserializer: FheKeyDeserializer;
+    initTfhe: TfheInitializer;
+};
+interface IStorage {
+    getItem: (name: string) => Promise<any>;
+    setItem: (name: string, value: any) => Promise<void>;
+    removeItem: (name: string) => Promise<void>;
+}
+declare enum FheTypes {
+    Bool = 0,
+    Uint4 = 1,
+    Uint8 = 2,
+    Uint16 = 3,
+    Uint32 = 4,
+    Uint64 = 5,
+    Uint128 = 6,
+    Uint160 = 7,
+    Uint256 = 8,
+    Uint512 = 9,
+    Uint1024 = 10,
+    Uint2048 = 11,
+    Uint2 = 12,
+    Uint6 = 13,
+    Uint10 = 14,
+    Uint12 = 15,
+    Uint14 = 16,
+    Int2 = 17,
+    Int4 = 18,
+    Int6 = 19,
+    Int8 = 20,
+    Int10 = 21,
+    Int12 = 22,
+    Int14 = 23,
+    Int16 = 24,
+    Int32 = 25,
+    Int64 = 26,
+    Int128 = 27,
+    Int160 = 28,
+    Int256 = 29
+}
+/**
+ * List of All FHE uint types (excludes bool and address)
+ */
+declare const FheUintUTypes: readonly [FheTypes.Uint8, FheTypes.Uint16, FheTypes.Uint32, FheTypes.Uint64, FheTypes.Uint128];
+type FheUintUTypesType = (typeof FheUintUTypes)[number];
+/**
+ * List of All FHE types (uints, bool, and address)
+ */
+declare const FheAllUTypes: readonly [FheTypes.Bool, FheTypes.Uint8, FheTypes.Uint16, FheTypes.Uint32, FheTypes.Uint64, FheTypes.Uint128, FheTypes.Uint160];
+type EncryptedNumber = {
+    data: Uint8Array;
+    securityZone: number;
+};
+type EncryptedItemInput = {
+    ctHash: bigint;
+    securityZone: number;
+    utype: FheTypes;
+    signature: string;
+};
+type EncryptedBoolInput = EncryptedItemInput & {
+    utype: FheTypes.Bool;
+};
+type EncryptedUint8Input = EncryptedItemInput & {
+    utype: FheTypes.Uint8;
+};
+type EncryptedUint16Input = EncryptedItemInput & {
+    utype: FheTypes.Uint16;
+};
+type EncryptedUint32Input = EncryptedItemInput & {
+    utype: FheTypes.Uint32;
+};
+type EncryptedUint64Input = EncryptedItemInput & {
+    utype: FheTypes.Uint64;
+};
+type EncryptedUint128Input = EncryptedItemInput & {
+    utype: FheTypes.Uint128;
+};
+type EncryptedUint256Input = EncryptedItemInput & {
+    utype: FheTypes.Uint256;
+};
+type EncryptedAddressInput = EncryptedItemInput & {
+    utype: FheTypes.Uint160;
+};
+type EncryptableBool = {
+    data: boolean;
+    utype: FheTypes.Bool;
+};
+type EncryptableUint8 = {
+    data: string | bigint;
+    utype: FheTypes.Uint8;
+};
+type EncryptableUint16 = {
+    data: string | bigint;
+    utype: FheTypes.Uint16;
+};
+type EncryptableUint32 = {
+    data: string | bigint;
+    utype: FheTypes.Uint32;
+};
+type EncryptableUint64 = {
+    data: string | bigint;
+    utype: FheTypes.Uint64;
+};
+type EncryptableUint128 = {
+    data: string | bigint;
+    utype: FheTypes.Uint128;
+};
+type EncryptableAddress = {
+    data: string | bigint;
+    utype: FheTypes.Uint160;
+};
+declare const Encryptable: {
+    readonly bool: (data: EncryptableBool["data"], securityZone?: number) => EncryptableBool;
+    readonly address: (data: EncryptableAddress["data"], securityZone?: number) => EncryptableAddress;
+    readonly uint8: (data: EncryptableUint8["data"], securityZone?: number) => EncryptableUint8;
+    readonly uint16: (data: EncryptableUint16["data"], securityZone?: number) => EncryptableUint16;
+    readonly uint32: (data: EncryptableUint32["data"], securityZone?: number) => EncryptableUint32;
+    readonly uint64: (data: EncryptableUint64["data"], securityZone?: number) => EncryptableUint64;
+    readonly uint128: (data: EncryptableUint128["data"], securityZone?: number) => EncryptableUint128;
+};
+type EncryptableItem = EncryptableBool | EncryptableUint8 | EncryptableUint16 | EncryptableUint32 | EncryptableUint64 | EncryptableUint128 | EncryptableAddress;
+type EncryptableToEncryptedItemInputMap<E extends EncryptableItem> = E extends EncryptableBool ? EncryptedBoolInput : E extends EncryptableUint8 ? EncryptedUint8Input : E extends EncryptableUint16 ? EncryptedUint16Input : E extends EncryptableUint32 ? EncryptedUint32Input : E extends EncryptableUint64 ? EncryptedUint64Input : E extends EncryptableUint128 ? EncryptedUint128Input : E extends EncryptableAddress ? EncryptedAddressInput : never;
+type EncryptedItemInputs<T> = T extends Primitive ? LiteralToPrimitive<T> : T extends EncryptableItem ? EncryptableToEncryptedItemInputMap<T> : {
+    [K in keyof T]: EncryptedItemInputs<T[K]>;
+};
+declare function isEncryptableItem(value: unknown): value is EncryptableItem;
+declare enum EncryptStep {
+    InitTfhe = "initTfhe",
+    FetchKeys = "fetchKeys",
+    Pack = "pack",
+    Prove = "prove",
+    Verify = "verify"
+}
+type EncryptStepCallbackContext = Record<string, any> & {
+    isStart: boolean;
+    isEnd: boolean;
+    duration: number;
+};
+type EncryptStepCallbackFunction = (state: EncryptStep, context?: EncryptStepCallbackContext) => void;
+type UnsealedItem<U extends FheTypes> = U extends FheTypes.Bool ? boolean : U extends FheTypes.Uint160 ? string : U extends FheUintUTypesType ? bigint : never;
+
+export { fetchMultichainKeys as $, type EncryptableToEncryptedItemInputMap as A, type EncryptStepCallbackFunction as B, type CofhesdkClientParams as C, FheUintUTypes as D, type EncryptableItem as E, FheTypes as F, FheAllUTypes as G, Encryptable as H, type IStorage as I, isEncryptableItem as J, EncryptStep as K, type LiteralToPrimitive as L, CofhesdkError as M, CofhesdkErrorCode as N, isCofhesdkError as O, type Primitive as P, type CofhesdkErrorParams as Q, ResultErr as R, ResultOk as S, ResultErrOrInternal as T, type UnsealedItem as U, ResultHttpError as V, ResultValidationError as W, resultWrapper as X, resultWrapperSync as Y, type Result as Z, fetchKeys as _, type CofhesdkClient as a, type FheKeyDeserializer as a0, createKeysStore as a1, type KeysStorage as a2, type KeysStore as a3, EncryptInputsBuilder as a4, DecryptHandlesBuilder as a5, type ZkBuilderAndCrsGenerator as a6, type CofhesdkConfig as b, createCofhesdkConfigBase as c, type CofhesdkInputConfig as d, type CofhesdkInternalConfig as e, type CofhesdkClientConnectionState as f, getCofhesdkConfigItem as g, type CofhesdkClientPermits as h, type EncryptableBool as i, type EncryptableUint8 as j, type EncryptableUint16 as k, type EncryptableUint32 as l, type EncryptableUint64 as m, type EncryptableUint128 as n, type EncryptableAddress as o, type EncryptedNumber as p, type EncryptedItemInput as q, type EncryptedBoolInput as r, type EncryptedUint8Input as s, type EncryptedUint16Input as t, type EncryptedUint32Input as u, type EncryptedUint64Input as v, type EncryptedUint128Input as w, type EncryptedUint256Input as x, type EncryptedAddressInput as y, type EncryptedItemInputs as z };