@cofhe/sdk 0.2.1 → 0.3.0

package/core/decrypt/{cofheMocksSealOutput.ts → cofheMocksDecryptForView.ts}

@@ -2,22 +2,22 @@ import { type Permit, PermitUtils } from '@/permits';
 
 import { type PublicClient } from 'viem';
 import { sleep } from '../utils.js';
-import { MockQueryDecrypterAbi } from './MockQueryDecrypterAbi.js';
+import { MockThresholdNetworkAbi } from './MockThresholdNetworkAbi.js';
 import { FheTypes } from '../types.js';
-import { CofhesdkError, CofhesdkErrorCode } from '../error.js';
-import { MOCKS_QUERY_DECRYPTER_ADDRESS } from '../consts.js';
+import { CofheError, CofheErrorCode } from '../error.js';
+import { MOCKS_THRESHOLD_NETWORK_ADDRESS } from '../consts.js';
 
-export async function cofheMocksSealOutput(
+export async function cofheMocksDecryptForView(
   ctHash: bigint,
   utype: FheTypes,
   permit: Permit,
   publicClient: PublicClient,
-  mocksSealOutputDelay: number
+  mocksDecryptDelay: number
 ): Promise<bigint> {
   // Configurable delay before decrypting the output to simulate the CoFHE decrypt processing time
   // Recommended 1000ms on web
   // Recommended 0ms on hardhat (will be called during tests no need for fake delay)
-  if (mocksSealOutputDelay > 0) await sleep(mocksSealOutputDelay);
+  if (mocksDecryptDelay > 0) await sleep(mocksDecryptDelay);
 
   const permission = PermitUtils.getPermission(permit, true);
   const permissionWithBigInts = {
@@ -27,22 +27,22 @@ export async function cofheMocksSealOutput(
   };
 
   const [allowed, error, result] = await publicClient.readContract({
-    address: MOCKS_QUERY_DECRYPTER_ADDRESS,
-    abi: MockQueryDecrypterAbi,
+    address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
+    abi: MockThresholdNetworkAbi,
     functionName: 'querySealOutput',
     args: [ctHash, BigInt(utype), permissionWithBigInts],
   });
 
   if (error != '') {
-    throw new CofhesdkError({
-      code: CofhesdkErrorCode.SealOutputFailed,
+    throw new CofheError({
+      code: CofheErrorCode.SealOutputFailed,
       message: `mocks querySealOutput call failed: ${error}`,
     });
   }
 
   if (allowed == false) {
-    throw new CofhesdkError({
-      code: CofhesdkErrorCode.SealOutputFailed,
+    throw new CofheError({
+      code: CofheErrorCode.SealOutputFailed,
       message: `mocks querySealOutput call failed: ACL Access Denied (NotAllowed)`,
     });
   }

package/core/decrypt/decryptForTxBuilder.ts

@@ -0,0 +1,340 @@
+/* eslint-disable no-dupe-class-members */
+import { hardhat } from '@/chains';
+import { type Permit, type Permission, PermitUtils } from '@/permits';
+
+import { FheTypes } from '../types.js';
+import { getThresholdNetworkUrlOrThrow } from '../config.js';
+import { CofheError, CofheErrorCode } from '../error.js';
+import { permits } from '../permits.js';
+import { BaseBuilder, type BaseBuilderParams } from '../baseBuilder.js';
+import { cofheMocksDecryptForTx } from './cofheMocksDecryptForTx.js';
+import { getPublicClientChainID } from '../utils.js';
+import { tnDecrypt } from './tnDecrypt.js';
+
+/**
+ * API
+ *
+ * await client.decryptForTx(ctHash)
+ *   .setChainId(chainId)
+ *   .setAccount(account)
+ *   .withPermit(permit | permitHash | undefined)
+ *   // or .withoutPermit()
+ *   .execute()
+ *
+ * If chainId not set, uses client's chainId
+ * If account not set, uses client's account
+ * You MUST choose one permit mode before calling execute():
+ *   - withPermit(...) to decrypt using a permit
+ *   - withoutPermit() to decrypt via global allowance (no permit)
+ *
+ * withPermit() (no args / undefined) uses the active permit for chainId + account.
+ * withoutPermit() uses global allowance (no permit required).
+ *
+ * Returns the decrypted value + proof ready for tx.
+ */
+
+type DecryptForTxPermitSelection = 'unset' | 'with-permit' | 'without-permit';
+
+type DecryptForTxBuilderParams = BaseBuilderParams & {
+  ctHash: bigint;
+};
+
+export type DecryptForTxResult = {
+  ctHash: bigint;
+  decryptedValue: bigint;
+  signature: string; // Threshold network signature for publishDecryptResult
+};
+
+/**
+ * Type-level gating:
+ * - The initial builder returned from `client.decryptForTx(...)` intentionally does not expose `execute()`.
+ * - Calling `withPermit(...)` or `withoutPermit()` returns a builder that *does* expose `execute()`, but no longer
+ *   exposes `withPermit/withoutPermit` (so you can't select twice, or switch modes).
+ */
+export type DecryptForTxBuilderUnset = Omit<DecryptForTxBuilder, 'execute'>;
+
+export type DecryptForTxBuilderSelected = Omit<DecryptForTxBuilder, 'withPermit' | 'withoutPermit'>;
+
+export class DecryptForTxBuilder extends BaseBuilder {
+  private ctHash: bigint;
+  private permitHash?: string;
+  private permit?: Permit;
+  private permitSelection: DecryptForTxPermitSelection = 'unset';
+
+  constructor(params: DecryptForTxBuilderParams) {
+    super({
+      config: params.config,
+      publicClient: params.publicClient,
+      walletClient: params.walletClient,
+      chainId: params.chainId,
+      account: params.account,
+      requireConnected: params.requireConnected,
+    });
+
+    this.ctHash = params.ctHash;
+  }
+
+  /**
+   * @param chainId - Chain to decrypt values from. Used to fetch the threshold network URL and use the correct permit.
+   *
+   * If not provided, the chainId will be fetched from the connected publicClient.
+   *
+   * Example:
+   * ```typescript
+   * const result = await decryptForTx(ctHash)
+   *   .setChainId(11155111)
+   *   .execute();
+   * ```
+   *
+   * @returns The chainable DecryptForTxBuilder instance.
+   */
+  setChainId(this: DecryptForTxBuilderUnset, chainId: number): DecryptForTxBuilderUnset;
+  setChainId(this: DecryptForTxBuilderSelected, chainId: number): DecryptForTxBuilderSelected;
+  setChainId(chainId: number): DecryptForTxBuilder {
+    this.chainId = chainId;
+    return this;
+  }
+
+  getChainId(): number | undefined {
+    return this.chainId;
+  }
+
+  /**
+   * @param account - Account to decrypt values from. Used to fetch the correct permit.
+   *
+   * If not provided, the account will be fetched from the connected walletClient.
+   *
+   * Example:
+   * ```typescript
+   * const result = await decryptForTx(ctHash)
+   *   .setAccount('0x1234567890123456789012345678901234567890')
+   *   .execute();
+   * ```
+   *
+   * @returns The chainable DecryptForTxBuilder instance.
+   */
+  setAccount(this: DecryptForTxBuilderUnset, account: string): DecryptForTxBuilderUnset;
+  setAccount(this: DecryptForTxBuilderSelected, account: string): DecryptForTxBuilderSelected;
+  setAccount(account: string): DecryptForTxBuilder {
+    this.account = account;
+    return this;
+  }
+
+  getAccount(): string | undefined {
+    return this.account;
+  }
+
+  /**
+   * Select "use permit" mode.
+   *
+   * - `withPermit(permit)` uses the provided permit.
+   * - `withPermit(permitHash)` fetches that permit.
+   * - `withPermit()` uses the active permit for the resolved `chainId + account`.
+   *
+   * Note: "global allowance" (no permit) is ONLY available via `withoutPermit()`.
+   */
+  withPermit(): DecryptForTxBuilderSelected;
+  withPermit(permitHash: string): DecryptForTxBuilderSelected;
+  withPermit(permit: Permit): DecryptForTxBuilderSelected;
+  withPermit(permitOrPermitHash?: Permit | string): DecryptForTxBuilderSelected {
+    if (this.permitSelection === 'with-permit') {
+      throw new CofheError({
+        code: CofheErrorCode.InternalError,
+        message: 'decryptForTx: withPermit() can only be selected once.',
+        hint: 'Choose the permit mode once. If you need a different permit, start a new decryptForTx() builder chain.',
+      });
+    }
+
+    if (this.permitSelection === 'without-permit') {
+      throw new CofheError({
+        code: CofheErrorCode.InternalError,
+        message: 'decryptForTx: cannot call withPermit() after withoutPermit() has been selected.',
+        hint: 'Choose exactly one permit mode: either call .withPermit(...) or .withoutPermit(), but not both.',
+      });
+    }
+
+    this.permitSelection = 'with-permit';
+
+    if (typeof permitOrPermitHash === 'string') {
+      this.permitHash = permitOrPermitHash;
+      this.permit = undefined;
+    } else if (permitOrPermitHash === undefined) {
+      // Explicitly choose "active permit" resolution at execute()
+      this.permitHash = undefined;
+      this.permit = undefined;
+    } else {
+      // Permit object
+      this.permit = permitOrPermitHash;
+      this.permitHash = undefined;
+    }
+
+    return this as unknown as DecryptForTxBuilderSelected;
+  }
+
+  /**
+   * Select "no permit" mode.
+   *
+   * This uses global allowance (no permit required) and sends an empty permission payload to `/decrypt`.
+   */
+  withoutPermit(): DecryptForTxBuilderSelected {
+    if (this.permitSelection === 'without-permit') {
+      throw new CofheError({
+        code: CofheErrorCode.InternalError,
+        message: 'decryptForTx: withoutPermit() can only be selected once.',
+        hint: 'Choose the permit mode once. If you need a different mode, start a new decryptForTx() builder chain.',
+      });
+    }
+
+    if (this.permitSelection === 'with-permit') {
+      throw new CofheError({
+        code: CofheErrorCode.InternalError,
+        message: 'decryptForTx: cannot call withoutPermit() after withPermit() has been selected.',
+        hint: 'Choose exactly one permit mode: either call .withPermit(...) or .withoutPermit(), but not both.',
+      });
+    }
+
+    this.permitSelection = 'without-permit';
+    this.permitHash = undefined;
+    this.permit = undefined;
+    return this as unknown as DecryptForTxBuilderSelected;
+  }
+
+  getPermit(): Permit | undefined {
+    return this.permit;
+  }
+
+  getPermitHash(): string | undefined {
+    return this.permitHash;
+  }
+
+  private async getThresholdNetworkUrl(): Promise<string> {
+    this.assertChainId();
+    return getThresholdNetworkUrlOrThrow(this.config, this.chainId);
+  }
+
+  private async getResolvedPermit(): Promise<Permit | null> {
+    if (this.permitSelection === 'unset') {
+      throw new CofheError({
+        code: CofheErrorCode.InternalError,
+        message: 'decryptForTx: missing permit selection; call withPermit(...) or withoutPermit() before execute().',
+        hint: 'Call .withPermit() to use the active permit, or .withoutPermit() for global allowance.',
+      });
+    }
+
+    if (this.permitSelection === 'without-permit') {
+      return null;
+    }
+
+    // with-permit mode
+    if (this.permit) return this.permit;
+
+    this.assertChainId();
+    this.assertAccount();
+
+    // Fetch with permit hash
+    if (this.permitHash) {
+      const permit = await permits.getPermit(this.chainId, this.account, this.permitHash);
+      if (!permit) {
+        throw new CofheError({
+          code: CofheErrorCode.PermitNotFound,
+          message: `Permit with hash <${this.permitHash}> not found for account <${this.account}> and chainId <${this.chainId}>`,
+          hint: 'Ensure the permit exists and is valid.',
+          context: {
+            chainId: this.chainId,
+            account: this.account,
+            permitHash: this.permitHash,
+          },
+        });
+      }
+      return permit;
+    }
+
+    // Fetch active permit (default for withPermit() with no args)
+    const permit = await permits.getActivePermit(this.chainId, this.account);
+    if (!permit) {
+      throw new CofheError({
+        code: CofheErrorCode.PermitNotFound,
+        message: `Active permit not found for chainId <${this.chainId}> and account <${this.account}>`,
+        hint: 'Create a permit (e.g. client.permits.createSelf(...)) and/or set it active (client.permits.selectActivePermit(hash)).',
+        context: {
+          chainId: this.chainId,
+          account: this.account,
+        },
+      });
+    }
+    return permit;
+  }
+
+  /**
+   * On hardhat, interact with MockThresholdNetwork contract
+   */
+  private async mocksDecryptForTx(permit: Permit | null): Promise<DecryptForTxResult> {
+    this.assertPublicClient();
+
+    const delay = this.config.mocks.decryptDelay;
+    const result = await cofheMocksDecryptForTx(this.ctHash, 0 as FheTypes, permit, this.publicClient, delay);
+    return result;
+  }
+
+  /**
+   * In the production context, perform a true decryption with the CoFHE coprocessor.
+   */
+  private async productionDecryptForTx(permit: Permit | null): Promise<DecryptForTxResult> {
+    this.assertChainId();
+    this.assertPublicClient();
+
+    const thresholdNetworkUrl = await this.getThresholdNetworkUrl();
+
+    const permission = permit ? PermitUtils.getPermission(permit, true) : null;
+    const { decryptedValue, signature } = await tnDecrypt(this.ctHash, this.chainId, permission, thresholdNetworkUrl);
+
+    return {
+      ctHash: this.ctHash,
+      decryptedValue,
+      signature,
+    };
+  }
+
+  /**
+   * Final step of the decryptForTx process. MUST BE CALLED LAST IN THE CHAIN.
+   *
+   * You must explicitly choose one permit mode before calling `execute()`:
+   * - `withPermit(permit)` / `withPermit(permitHash)` / `withPermit()` (active permit)
+   * - `withoutPermit()` (global allowance)
+   */
+  async execute(): Promise<DecryptForTxResult> {
+    // Resolve permit (can be Permit object or null for global allowance)
+    const permit = await this.getResolvedPermit();
+
+    // If permit is provided, validate it
+    if (permit !== null) {
+      // Ensure permit validity
+      PermitUtils.validate(permit);
+      PermitUtils.isValid(permit);
+
+      // Extract chainId from signed permit
+      const chainId = permit._signedDomain!.chainId;
+
+      if (chainId === hardhat.id) {
+        return await this.mocksDecryptForTx(permit);
+      } else {
+        return await this.productionDecryptForTx(permit);
+      }
+    } else {
+      // Global allowance - no permit
+      // If chainId not set, try to get it from publicClient
+      if (!this.chainId) {
+        this.assertPublicClient();
+        this.chainId = await getPublicClientChainID(this.publicClient);
+      }
+
+      this.assertChainId();
+
+      if (this.chainId === hardhat.id) {
+        return await this.mocksDecryptForTx(null);
+      } else {
+        return await this.productionDecryptForTx(null);
+      }
+    }
+  }
+}

package/core/decrypt/{decryptHandleBuilder.ts → decryptForViewBuilder.ts}

@@ -1,48 +1,53 @@
+/* eslint-disable no-dupe-class-members */
 import { hardhat } from '@/chains';
 import { type Permit, PermitUtils } from '@/permits';
 
 import { FheTypes, type UnsealedItem } from '../types.js';
 import { getThresholdNetworkUrlOrThrow } from '../config.js';
-import { CofhesdkError, CofhesdkErrorCode } from '../error.js';
+import { CofheError, CofheErrorCode } from '../error.js';
 import { permits } from '../permits.js';
 import { isValidUtype, convertViaUtype } from './decryptUtils.js';
 import { BaseBuilder, type BaseBuilderParams } from '../baseBuilder.js';
-import { cofheMocksSealOutput } from './cofheMocksSealOutput.js';
+import { cofheMocksDecryptForView } from './cofheMocksDecryptForView.js';
 // import { tnSealOutputV1 } from './tnSealOutputV1.js';
 import { tnSealOutputV2 } from './tnSealOutputV2.js';
+import { cofheMocksDecryptForTx } from './cofheMocksDecryptForTx.js';
 
 /**
  * API
  *
- * await client.decryptHandle(ctHash, utype)
+ * await client.decryptForView(ctHash, utype)
  *   .setChainId(chainId)
  *   .setAccount(account)
- *   .setPermitHash(permitHash)
- *   .setPermit(permit)
- *   .decrypt()
+ *   .withPermit()              // optional (active permit)
+ *   // or .withPermit(permitHash) / .withPermit(permit)
+ *   .execute()
  *
  * If chainId not set, uses client's chainId
  * If account not set, uses client's account
- * If permitHash not set, uses chainId and account to get active permit
- * If permit is set, uses permit to decrypt regardless of chainId, account, or permitHash
+ * withPermit() uses chainId + account to get the active permit.
+ * withPermit(permitHash) fetches that permit using chainId + account.
+ * withPermit(permit) uses the provided permit regardless of chainId/account.
+ *
+ * Note: decryptForView always requires a permit (no global-allowance mode).
  *
  * Returns the unsealed item.
  */
 
-type DecryptHandlesBuilderParams<U extends FheTypes> = BaseBuilderParams & {
+type DecryptForViewBuilderParams<U extends FheTypes> = BaseBuilderParams & {
   ctHash: bigint;
   utype: U;
   permitHash?: string;
   permit?: Permit;
 };
 
-export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
+export class DecryptForViewBuilder<U extends FheTypes> extends BaseBuilder {
   private ctHash: bigint;
   private utype: U;
   private permitHash?: string;
   private permit?: Permit;
 
-  constructor(params: DecryptHandlesBuilderParams<U>) {
+  constructor(params: DecryptForViewBuilderParams<U>) {
     super({
       config: params.config,
       publicClient: params.publicClient,
@@ -65,14 +70,14 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
    *
    * Example:
    * ```typescript
-   * const unsealed = await decryptHandle(ctHash, utype)
+   * const unsealed = await client.decryptForView(ctHash, utype)
    *   .setChainId(11155111)
-   *   .decrypt();
+   *   .execute();
    * ```
    *
-   * @returns The chainable DecryptHandlesBuilder instance.
+   * @returns The chainable DecryptForViewBuilder instance.
    */
-  setChainId(chainId: number): DecryptHandlesBuilder<U> {
+  setChainId(chainId: number): DecryptForViewBuilder<U> {
     this.chainId = chainId;
     return this;
   }
@@ -88,14 +93,14 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
    *
    * Example:
    * ```typescript
-   * const unsealed = await decryptHandle(ctHash, utype)
+   * const unsealed = await client.decryptForView(ctHash, utype)
    *   .setAccount('0x1234567890123456789012345678901234567890')
-   *   .decrypt();
+   *   .execute();
    * ```
    *
-   * @returns The chainable DecryptHandlesBuilder instance.
+   * @returns The chainable DecryptForViewBuilder instance.
    */
-  setAccount(account: string): DecryptHandlesBuilder<U> {
+  setAccount(account: string): DecryptForViewBuilder<U> {
     this.account = account;
     return this;
   }
@@ -104,6 +109,33 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
     return this.account;
   }
 
+  /**
+   * Select "use permit" mode (optional).
+   *
+   * - `withPermit(permit)` uses the provided permit.
+   * - `withPermit(permitHash)` fetches that permit.
+   * - `withPermit()` uses the active permit for the resolved `chainId + account`.
+   */
+  withPermit(): DecryptForViewBuilder<U>;
+  withPermit(permitHash: string): DecryptForViewBuilder<U>;
+  withPermit(permit: Permit): DecryptForViewBuilder<U>;
+  withPermit(permitOrPermitHash?: Permit | string): DecryptForViewBuilder<U> {
+    if (typeof permitOrPermitHash === 'string') {
+      this.permitHash = permitOrPermitHash;
+      this.permit = undefined;
+    } else if (permitOrPermitHash === undefined) {
+      // Explicitly choose "active permit" resolution at execute()
+      this.permitHash = undefined;
+      this.permit = undefined;
+    } else {
+      // Permit object
+      this.permit = permitOrPermitHash;
+      this.permitHash = undefined;
+    }
+
+    return this;
+  }
+
   /**
    * @param permitHash - Permit hash to decrypt values from. Used to fetch the correct permit.
    *
@@ -112,16 +144,16 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
    *
    * Example:
    * ```typescript
-   * const unsealed = await decryptHandle(ctHash, utype)
+   * const unsealed = await client.decryptForView(ctHash, utype)
    *   .setPermitHash('0x1234567890123456789012345678901234567890')
-   *   .decrypt();
+   *   .execute();
    * ```
    *
-   * @returns The chainable DecryptHandlesBuilder instance.
+   * @returns The chainable DecryptForViewBuilder instance.
    */
-  setPermitHash(permitHash: string): DecryptHandlesBuilder<U> {
-    this.permitHash = permitHash;
-    return this;
+  /** @deprecated Use `withPermit(permitHash)` instead. */
+  setPermitHash(permitHash: string): DecryptForViewBuilder<U> {
+    return this.withPermit(permitHash);
   }
 
   getPermitHash(): string | undefined {
@@ -135,16 +167,16 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
    *
    * Example:
    * ```typescript
-   * const unsealed = await decryptHandle(ctHash, utype)
+   * const unsealed = await client.decryptForView(ctHash, utype)
    *   .setPermit(permit)
-   *   .decrypt();
+   *   .execute();
    * ```
    *
-   * @returns The chainable DecryptHandlesBuilder instance.
+   * @returns The chainable DecryptForViewBuilder instance.
    */
-  setPermit(permit: Permit): DecryptHandlesBuilder<U> {
-    this.permit = permit;
-    return this;
+  /** @deprecated Use `withPermit(permit)` instead. */
+  setPermit(permit: Permit): DecryptForViewBuilder<U> {
+    return this.withPermit(permit);
   }
 
   getPermit(): Permit | undefined {
@@ -158,8 +190,8 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
 
   private validateUtypeOrThrow(): void {
     if (!isValidUtype(this.utype))
-      throw new CofhesdkError({
-        code: CofhesdkErrorCode.InvalidUtype,
+      throw new CofheError({
+        code: CofheErrorCode.InvalidUtype,
         message: `Invalid utype to decrypt to`,
         context: {
           utype: this.utype,
@@ -177,8 +209,8 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
     if (this.permitHash) {
       const permit = await permits.getPermit(this.chainId, this.account, this.permitHash);
       if (!permit) {
-        throw new CofhesdkError({
-          code: CofhesdkErrorCode.PermitNotFound,
+        throw new CofheError({
+          code: CofheErrorCode.PermitNotFound,
           message: `Permit with hash <${this.permitHash}> not found for account <${this.account}> and chainId <${this.chainId}>`,
           hint: 'Ensure the permit exists and is valid.',
           context: {
@@ -194,8 +226,8 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
     // Fetch with active permit
     const permit = await permits.getActivePermit(this.chainId, this.account);
     if (!permit) {
-      throw new CofhesdkError({
-        code: CofhesdkErrorCode.PermitNotFound,
+      throw new CofheError({
+        code: CofheErrorCode.PermitNotFound,
         message: `Active permit not found for chainId <${this.chainId}> and account <${this.account}>`,
         hint: 'Ensure a permit exists for this account on this chain.',
         context: {
@@ -213,8 +245,8 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
   private async mocksSealOutput(permit: Permit): Promise<bigint> {
     this.assertPublicClient();
 
-    const mocksSealOutputDelay = this.config.mocks.sealOutputDelay;
-    return cofheMocksSealOutput(this.ctHash, this.utype, permit, this.publicClient, mocksSealOutputDelay);
+    const mocksDecryptDelay = this.config.mocks.decryptDelay;
+    return cofheMocksDecryptForView(this.ctHash, this.utype, permit, this.publicClient, mocksDecryptDelay);
   }
 
   /**
@@ -243,15 +275,16 @@ export class DecryptHandlesBuilder<U extends FheTypes> extends BaseBuilder {
    *
    * Example:
    * ```typescript
-   * const unsealed = await decryptHandle(ctHash, utype)
+   * const unsealed = await client.decryptForView(ctHash, utype)
    *   .setChainId(11155111)      // optional
    *   .setAccount('0x123...890') // optional
-   *   .decrypt();                // execute
+   *   .withPermit()              // optional
+   *   .execute();                // execute
    * ```
    *
    * @returns The unsealed item.
    */
-  async decrypt(): Promise<UnsealedItem<U>> {
+  async execute(): Promise<UnsealedItem<U>> {
     // Ensure utype is valid
     this.validateUtypeOrThrow();