@cofhe/sdk 0.3.1 → 0.3.2

package/dist/{chunk-2TPSCOW3.js → chunk-LWMRB6SD.js}

@@ -1,7 +1,7 @@
 import { hardhat as hardhat$1 } from './chunk-TBLR7NNE.js';
 import { permitStore, PermitUtils, MOCKS_THRESHOLD_NETWORK_ADDRESS, MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY, MOCKS_ZK_VERIFIER_SIGNER_PRIVATE_KEY, MOCKS_ZK_VERIFIER_ADDRESS } from './chunk-NWDKXBIP.js';
 import { createStore } from 'zustand/vanilla';
-import { pad, toHex, encodePacked, keccak256, createWalletClient, http, toBytes, hashMessage, getAddress } from 'viem';
+import { encodePacked, keccak256, createWalletClient, http, getAddress, parseSignature, serializeSignature } from 'viem';
 import { hardhat } from 'viem/chains';
 import { sign, privateKeyToAccount } from 'viem/accounts';
 import { z } from 'zod';
@@ -767,7 +767,7 @@ async function insertCtHashes(items, walletClient) {
     });
   }
 }
-async function createProofSignatures(items, securityZone) {
+async function createProofSignatures(items, securityZone, account) {
   let signatures = [];
   let encInputSignerClient;
   try {
@@ -784,12 +784,15 @@ async function createProofSignatures(items, securityZone) {
   }
   try {
     for (const item of items) {
-      const packedData = encodePacked(["uint256", "int32", "uint8"], [BigInt(item.data), securityZone, item.utype]);
+      const packedData = encodePacked(
+        ["uint256", "uint8", "uint8", "address", "uint256"],
+        [BigInt(item.ctHash), item.utype, securityZone, account, BigInt(hardhat.id)]
+      );
       const messageHash = keccak256(packedData);
-      const ethSignedHash = hashMessage({ raw: toBytes(messageHash) });
-      const signature = await encInputSignerClient.signMessage({
-        message: { raw: toBytes(ethSignedHash) },
-        account: encInputSignerClient.account
+      const signature = await sign({
+        hash: messageHash,
+        privateKey: MOCKS_ZK_VERIFIER_SIGNER_PRIVATE_KEY,
+        to: "hex"
       });
       signatures.push(signature);
     }
@@ -820,7 +823,7 @@ async function cofheMocksZkVerifySign(items, account, securityZone, publicClient
   const _walletClient = zkvWalletClient ?? createMockZkVerifierSigner();
   const encryptableItems = await calcCtHashes(items, account, securityZone, publicClient);
   await insertCtHashes(encryptableItems, _walletClient);
-  const signatures = await createProofSignatures(encryptableItems, securityZone);
+  const signatures = await createProofSignatures(encryptableItems, securityZone, account);
   return encryptableItems.map((item, index) => ({
     ct_hash: item.ctHash.toString(),
     signature: signatures[index]
@@ -1930,9 +1933,7 @@ var MockThresholdNetworkAbi = [
 ];
 
 // core/decrypt/cofheMocksDecryptForView.ts
-async function cofheMocksDecryptForView(ctHash, utype, permit, publicClient, mocksDecryptDelay) {
-  if (mocksDecryptDelay > 0)
-    await sleep(mocksDecryptDelay);
+async function cofheMocksDecryptForView(ctHash, utype, permit, publicClient) {
   const permission = PermitUtils.getPermission(permit, true);
   const permissionWithBigInts = {
     ...permission,
@@ -1943,7 +1944,7 @@ async function cofheMocksDecryptForView(ctHash, utype, permit, publicClient, moc
     address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
     abi: MockThresholdNetworkAbi,
     functionName: "querySealOutput",
-    args: [ctHash, BigInt(utype), permissionWithBigInts]
+    args: [BigInt(ctHash), BigInt(utype), permissionWithBigInts]
   });
   if (error != "") {
     throw new CofheError({
@@ -1984,7 +1985,7 @@ function convertSealedData(sealed) {
 }
 async function submitSealOutputRequest(thresholdNetworkUrl, ctHash, chainId, permission) {
   const body = {
-    ct_tempkey: ctHash.toString(16).padStart(64, "0"),
+    ct_tempkey: BigInt(ctHash).toString(16).padStart(64, "0"),
     host_chain_id: chainId,
     permit: permission
   };
@@ -2177,96 +2178,6 @@ async function tnSealOutputV2(ctHash, chainId, permission, thresholdNetworkUrl)
   const requestId = await submitSealOutputRequest(thresholdNetworkUrl, ctHash, chainId, permission);
   return await pollSealOutputStatus(thresholdNetworkUrl, requestId);
 }
-async function cofheMocksDecryptForTx(ctHash, utype, permit, publicClient, mocksDecryptForTxDelay) {
-  if (mocksDecryptForTxDelay > 0)
-    await sleep(mocksDecryptForTxDelay);
-  if (permit !== null) {
-    let permission = PermitUtils.getPermission(permit, true);
-    const permissionWithBigInts = {
-      ...permission,
-      expiration: BigInt(permission.expiration),
-      validatorId: BigInt(permission.validatorId)
-    };
-    const [allowed2, error2, result2] = await publicClient.readContract({
-      address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
-      abi: MockThresholdNetworkAbi,
-      functionName: "decryptForTxWithPermit",
-      args: [ctHash, permissionWithBigInts]
-    });
-    if (error2 != "") {
-      throw new CofheError({
-        code: "DECRYPT_FAILED" /* DecryptFailed */,
-        message: `mocks decryptForTx call failed: ${error2}`
-      });
-    }
-    if (allowed2 == false) {
-      throw new CofheError({
-        code: "DECRYPT_FAILED" /* DecryptFailed */,
-        message: `mocks decryptForTx call failed: ACL Access Denied (NotAllowed)`
-      });
-    }
-    const chainId2 = await publicClient.getChainId();
-    const ctHashBigInt2 = BigInt(ctHash);
-    const resultBigInt2 = BigInt(result2);
-    const encryptionType2 = Number((ctHashBigInt2 & 0x7fn << 8n) >> 8n);
-    const ctHashBytes322 = pad(toHex(ctHashBigInt2), { size: 32 });
-    const packed2 = encodePacked(
-      ["uint256", "uint32", "uint64", "bytes32"],
-      [resultBigInt2, encryptionType2, BigInt(chainId2), ctHashBytes322]
-    );
-    const messageHash2 = keccak256(packed2);
-    const signatureHex2 = await sign({
-      hash: messageHash2,
-      privateKey: MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY,
-      to: "hex"
-    });
-    const signature2 = signatureHex2.slice(2);
-    return {
-      ctHash,
-      decryptedValue: BigInt(result2),
-      signature: signature2
-    };
-  }
-  const [allowed, error, result] = await publicClient.readContract({
-    address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
-    abi: MockThresholdNetworkAbi,
-    functionName: "decryptForTxWithoutPermit",
-    args: [ctHash]
-  });
-  if (error != "") {
-    throw new CofheError({
-      code: "DECRYPT_FAILED" /* DecryptFailed */,
-      message: `mocks decryptForTx call failed: ${error}`
-    });
-  }
-  if (allowed == false) {
-    throw new CofheError({
-      code: "DECRYPT_FAILED" /* DecryptFailed */,
-      message: `mocks decryptForTx call failed: ACL Access Denied (NotAllowed)`
-    });
-  }
-  const chainId = await publicClient.getChainId();
-  const ctHashBigInt = BigInt(ctHash);
-  const resultBigInt = BigInt(result);
-  const encryptionType = Number((ctHashBigInt & 0x7fn << 8n) >> 8n);
-  const ctHashBytes32 = pad(toHex(ctHashBigInt), { size: 32 });
-  const packed = encodePacked(
-    ["uint256", "uint32", "uint64", "bytes32"],
-    [resultBigInt, encryptionType, BigInt(chainId), ctHashBytes32]
-  );
-  const messageHash = keccak256(packed);
-  const signatureHex = await sign({
-    hash: messageHash,
-    privateKey: MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY,
-    to: "hex"
-  });
-  const signature = signatureHex.slice(2);
-  return {
-    ctHash,
-    decryptedValue: BigInt(result),
-    signature
-  };
-}
 
 // core/decrypt/decryptForViewBuilder.ts
 var DecryptForViewBuilder = class extends BaseBuilder {
@@ -2441,7 +2352,9 @@ var DecryptForViewBuilder = class extends BaseBuilder {
   async mocksSealOutput(permit) {
     this.assertPublicClient();
     const mocksDecryptDelay = this.config.mocks.decryptDelay;
-    return cofheMocksDecryptForView(this.ctHash, this.utype, permit, this.publicClient, mocksDecryptDelay);
+    if (mocksDecryptDelay > 0)
+      await sleep(mocksDecryptDelay);
+    return cofheMocksDecryptForView(this.ctHash, this.utype, permit, this.publicClient);
   }
   /**
    * In the production context, perform a true decryption with the CoFHE coprocessor.
@@ -2490,8 +2403,56 @@ var DecryptForViewBuilder = class extends BaseBuilder {
     return convertViaUtype(this.utype, unsealed);
   }
 };
-
-// core/decrypt/tnDecrypt.ts
+async function cofheMocksDecryptForTx(ctHash, utype, permit, publicClient) {
+  let allowed;
+  let error;
+  let decryptedValue;
+  if (permit !== null) {
+    let permission = PermitUtils.getPermission(permit, true);
+    const permissionWithBigInts = {
+      ...permission,
+      expiration: BigInt(permission.expiration),
+      validatorId: BigInt(permission.validatorId)
+    };
+    [allowed, error, decryptedValue] = await publicClient.readContract({
+      address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
+      abi: MockThresholdNetworkAbi,
+      functionName: "decryptForTxWithPermit",
+      args: [BigInt(ctHash), permissionWithBigInts]
+    });
+  } else {
+    [allowed, error, decryptedValue] = await publicClient.readContract({
+      address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
+      abi: MockThresholdNetworkAbi,
+      functionName: "decryptForTxWithoutPermit",
+      args: [BigInt(ctHash)]
+    });
+  }
+  if (error != "") {
+    throw new CofheError({
+      code: "DECRYPT_FAILED" /* DecryptFailed */,
+      message: `mocks decryptForTx call failed: ${error}`
+    });
+  }
+  if (allowed == false) {
+    throw new CofheError({
+      code: "DECRYPT_FAILED" /* DecryptFailed */,
+      message: `mocks decryptForTx call failed: ACL Access Denied (NotAllowed)`
+    });
+  }
+  const packed = encodePacked(["uint256", "uint256"], [BigInt(ctHash), decryptedValue]);
+  const messageHash = keccak256(packed);
+  const signature = await sign({
+    hash: messageHash,
+    privateKey: MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY,
+    to: "hex"
+  });
+  return {
+    ctHash,
+    decryptedValue,
+    signature
+  };
+}
 function normalizeSignature(signature) {
   if (typeof signature !== "string") {
     throw new CofheError({
@@ -2509,7 +2470,9 @@ function normalizeSignature(signature) {
       message: "decrypt response returned empty signature"
     });
   }
-  return trimmed.startsWith("0x") ? trimmed.slice(2) : trimmed;
+  const prefixed = trimmed.startsWith("0x") ? trimmed : `0x${trimmed}`;
+  const parsed = parseSignature(prefixed);
+  return serializeSignature(parsed);
 }
 function parseDecryptedBytesToBigInt(decrypted) {
   if (!Array.isArray(decrypted)) {
@@ -2598,7 +2561,7 @@ function assertTnDecryptResponse(value) {
 }
 async function tnDecrypt(ctHash, chainId, permission, thresholdNetworkUrl) {
   const body = {
-    ct_tempkey: ctHash.toString(16).padStart(64, "0"),
+    ct_tempkey: BigInt(ctHash).toString(16).padStart(64, "0"),
     host_chain_id: chainId
   };
   if (permission) {
@@ -2828,7 +2791,9 @@ var DecryptForTxBuilder = class extends BaseBuilder {
   async mocksDecryptForTx(permit) {
     this.assertPublicClient();
     const delay = this.config.mocks.decryptDelay;
-    const result = await cofheMocksDecryptForTx(this.ctHash, 0, permit, this.publicClient, delay);
+    if (delay > 0)
+      await sleep(delay);
+    const result = await cofheMocksDecryptForTx(this.ctHash, 0, permit, this.publicClient);
     return result;
   }
   /**

package/dist/{clientTypes-6aTZPQ_4.d.ts → clientTypes-PQha8zes.d.ts}

@@ -342,7 +342,7 @@ declare abstract class BaseBuilder {
  * Returns the unsealed item.
  */
 type DecryptForViewBuilderParams<U extends FheTypes> = BaseBuilderParams & {
-    ctHash: bigint;
+    ctHash: bigint | string;
     utype: U;
     permitHash?: string;
     permit?: Permit;
@@ -466,12 +466,12 @@ declare class DecryptForViewBuilder<U extends FheTypes> extends BaseBuilder {
 }
 
 type DecryptForTxBuilderParams = BaseBuilderParams & {
-    ctHash: bigint;
+    ctHash: bigint | string;
 };
 type DecryptForTxResult = {
-    ctHash: bigint;
+    ctHash: bigint | string;
     decryptedValue: bigint;
-    signature: string;
+    signature: `0x${string}`;
 };
 /**
  * Type-level gating:
@@ -924,9 +924,9 @@ type CofheClient<TConfig extends CofheConfig = CofheConfig> = {
     /**
      * @deprecated Use `decryptForView` instead. Kept for backward compatibility.
      */
-    decryptHandle<U extends FheTypes>(ctHash: bigint, utype: U): DecryptForViewBuilder<U>;
-    decryptForView<U extends FheTypes>(ctHash: bigint, utype: U): DecryptForViewBuilder<U>;
-    decryptForTx(ctHash: bigint): DecryptForTxBuilderUnset;
+    decryptHandle<U extends FheTypes>(ctHash: bigint | string, utype: U): DecryptForViewBuilder<U>;
+    decryptForView<U extends FheTypes>(ctHash: bigint | string, utype: U): DecryptForViewBuilder<U>;
+    decryptForTx(ctHash: bigint | string): DecryptForTxBuilderUnset;
     permits: CofheClientPermits;
 };
 type CofheClientConnectionState = {

package/dist/{clientTypes-Bhq7pCSA.d.cts → clientTypes-Y43CKbOz.d.cts}

@@ -342,7 +342,7 @@ declare abstract class BaseBuilder {
  * Returns the unsealed item.
  */
 type DecryptForViewBuilderParams<U extends FheTypes> = BaseBuilderParams & {
-    ctHash: bigint;
+    ctHash: bigint | string;
     utype: U;
     permitHash?: string;
     permit?: Permit;
@@ -466,12 +466,12 @@ declare class DecryptForViewBuilder<U extends FheTypes> extends BaseBuilder {
 }
 
 type DecryptForTxBuilderParams = BaseBuilderParams & {
-    ctHash: bigint;
+    ctHash: bigint | string;
 };
 type DecryptForTxResult = {
-    ctHash: bigint;
+    ctHash: bigint | string;
     decryptedValue: bigint;
-    signature: string;
+    signature: `0x${string}`;
 };
 /**
  * Type-level gating:
@@ -924,9 +924,9 @@ type CofheClient<TConfig extends CofheConfig = CofheConfig> = {
     /**
      * @deprecated Use `decryptForView` instead. Kept for backward compatibility.
      */
-    decryptHandle<U extends FheTypes>(ctHash: bigint, utype: U): DecryptForViewBuilder<U>;
-    decryptForView<U extends FheTypes>(ctHash: bigint, utype: U): DecryptForViewBuilder<U>;
-    decryptForTx(ctHash: bigint): DecryptForTxBuilderUnset;
+    decryptHandle<U extends FheTypes>(ctHash: bigint | string, utype: U): DecryptForViewBuilder<U>;
+    decryptForView<U extends FheTypes>(ctHash: bigint | string, utype: U): DecryptForViewBuilder<U>;
+    decryptForTx(ctHash: bigint | string): DecryptForTxBuilderUnset;
     permits: CofheClientPermits;
 };
 type CofheClientConnectionState = {

package/dist/core.cjs

@@ -801,7 +801,7 @@ async function insertCtHashes(items, walletClient) {
     });
   }
 }
-async function createProofSignatures(items, securityZone) {
+async function createProofSignatures(items, securityZone, account) {
   let signatures = [];
   let encInputSignerClient;
   try {
@@ -818,12 +818,15 @@ async function createProofSignatures(items, securityZone) {
   }
   try {
     for (const item of items) {
-      const packedData = viem.encodePacked(["uint256", "int32", "uint8"], [BigInt(item.data), securityZone, item.utype]);
+      const packedData = viem.encodePacked(
+        ["uint256", "uint8", "uint8", "address", "uint256"],
+        [BigInt(item.ctHash), item.utype, securityZone, account, BigInt(chains.hardhat.id)]
+      );
       const messageHash = viem.keccak256(packedData);
-      const ethSignedHash = viem.hashMessage({ raw: viem.toBytes(messageHash) });
-      const signature = await encInputSignerClient.signMessage({
-        message: { raw: viem.toBytes(ethSignedHash) },
-        account: encInputSignerClient.account
+      const signature = await accounts.sign({
+        hash: messageHash,
+        privateKey: MOCKS_ZK_VERIFIER_SIGNER_PRIVATE_KEY,
+        to: "hex"
       });
       signatures.push(signature);
     }
@@ -854,7 +857,7 @@ async function cofheMocksZkVerifySign(items, account, securityZone, publicClient
   const _walletClient = zkvWalletClient ?? createMockZkVerifierSigner();
   const encryptableItems = await calcCtHashes(items, account, securityZone, publicClient);
   await insertCtHashes(encryptableItems, _walletClient);
-  const signatures = await createProofSignatures(encryptableItems, securityZone);
+  const signatures = await createProofSignatures(encryptableItems, securityZone, account);
   return encryptableItems.map((item, index) => ({
     ct_hash: item.ctHash.toString(),
     signature: signatures[index]
@@ -2917,9 +2920,7 @@ var MockThresholdNetworkAbi = [
 ];
 
 // core/decrypt/cofheMocksDecryptForView.ts
-async function cofheMocksDecryptForView(ctHash, utype, permit, publicClient, mocksDecryptDelay) {
-  if (mocksDecryptDelay > 0)
-    await sleep(mocksDecryptDelay);
+async function cofheMocksDecryptForView(ctHash, utype, permit, publicClient) {
   const permission = PermitUtils.getPermission(permit, true);
   const permissionWithBigInts = {
     ...permission,
@@ -2930,7 +2931,7 @@ async function cofheMocksDecryptForView(ctHash, utype, permit, publicClient, moc
     address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
     abi: MockThresholdNetworkAbi,
     functionName: "querySealOutput",
-    args: [ctHash, BigInt(utype), permissionWithBigInts]
+    args: [BigInt(ctHash), BigInt(utype), permissionWithBigInts]
   });
   if (error != "") {
     throw new CofheError({
@@ -2971,7 +2972,7 @@ function convertSealedData(sealed) {
 }
 async function submitSealOutputRequest(thresholdNetworkUrl, ctHash, chainId, permission) {
   const body = {
-    ct_tempkey: ctHash.toString(16).padStart(64, "0"),
+    ct_tempkey: BigInt(ctHash).toString(16).padStart(64, "0"),
     host_chain_id: chainId,
     permit: permission
   };
@@ -3164,96 +3165,6 @@ async function tnSealOutputV2(ctHash, chainId, permission, thresholdNetworkUrl)
   const requestId = await submitSealOutputRequest(thresholdNetworkUrl, ctHash, chainId, permission);
   return await pollSealOutputStatus(thresholdNetworkUrl, requestId);
 }
-async function cofheMocksDecryptForTx(ctHash, utype, permit, publicClient, mocksDecryptForTxDelay) {
-  if (mocksDecryptForTxDelay > 0)
-    await sleep(mocksDecryptForTxDelay);
-  if (permit !== null) {
-    let permission = PermitUtils.getPermission(permit, true);
-    const permissionWithBigInts = {
-      ...permission,
-      expiration: BigInt(permission.expiration),
-      validatorId: BigInt(permission.validatorId)
-    };
-    const [allowed2, error2, result2] = await publicClient.readContract({
-      address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
-      abi: MockThresholdNetworkAbi,
-      functionName: "decryptForTxWithPermit",
-      args: [ctHash, permissionWithBigInts]
-    });
-    if (error2 != "") {
-      throw new CofheError({
-        code: "DECRYPT_FAILED" /* DecryptFailed */,
-        message: `mocks decryptForTx call failed: ${error2}`
-      });
-    }
-    if (allowed2 == false) {
-      throw new CofheError({
-        code: "DECRYPT_FAILED" /* DecryptFailed */,
-        message: `mocks decryptForTx call failed: ACL Access Denied (NotAllowed)`
-      });
-    }
-    const chainId2 = await publicClient.getChainId();
-    const ctHashBigInt2 = BigInt(ctHash);
-    const resultBigInt2 = BigInt(result2);
-    const encryptionType2 = Number((ctHashBigInt2 & 0x7fn << 8n) >> 8n);
-    const ctHashBytes322 = viem.pad(viem.toHex(ctHashBigInt2), { size: 32 });
-    const packed2 = viem.encodePacked(
-      ["uint256", "uint32", "uint64", "bytes32"],
-      [resultBigInt2, encryptionType2, BigInt(chainId2), ctHashBytes322]
-    );
-    const messageHash2 = viem.keccak256(packed2);
-    const signatureHex2 = await accounts.sign({
-      hash: messageHash2,
-      privateKey: MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY,
-      to: "hex"
-    });
-    const signature2 = signatureHex2.slice(2);
-    return {
-      ctHash,
-      decryptedValue: BigInt(result2),
-      signature: signature2
-    };
-  }
-  const [allowed, error, result] = await publicClient.readContract({
-    address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
-    abi: MockThresholdNetworkAbi,
-    functionName: "decryptForTxWithoutPermit",
-    args: [ctHash]
-  });
-  if (error != "") {
-    throw new CofheError({
-      code: "DECRYPT_FAILED" /* DecryptFailed */,
-      message: `mocks decryptForTx call failed: ${error}`
-    });
-  }
-  if (allowed == false) {
-    throw new CofheError({
-      code: "DECRYPT_FAILED" /* DecryptFailed */,
-      message: `mocks decryptForTx call failed: ACL Access Denied (NotAllowed)`
-    });
-  }
-  const chainId = await publicClient.getChainId();
-  const ctHashBigInt = BigInt(ctHash);
-  const resultBigInt = BigInt(result);
-  const encryptionType = Number((ctHashBigInt & 0x7fn << 8n) >> 8n);
-  const ctHashBytes32 = viem.pad(viem.toHex(ctHashBigInt), { size: 32 });
-  const packed = viem.encodePacked(
-    ["uint256", "uint32", "uint64", "bytes32"],
-    [resultBigInt, encryptionType, BigInt(chainId), ctHashBytes32]
-  );
-  const messageHash = viem.keccak256(packed);
-  const signatureHex = await accounts.sign({
-    hash: messageHash,
-    privateKey: MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY,
-    to: "hex"
-  });
-  const signature = signatureHex.slice(2);
-  return {
-    ctHash,
-    decryptedValue: BigInt(result),
-    signature
-  };
-}
 
 // core/decrypt/decryptForViewBuilder.ts
 var DecryptForViewBuilder = class extends BaseBuilder {
@@ -3428,7 +3339,9 @@ var DecryptForViewBuilder = class extends BaseBuilder {
   async mocksSealOutput(permit) {
     this.assertPublicClient();
     const mocksDecryptDelay = this.config.mocks.decryptDelay;
-    return cofheMocksDecryptForView(this.ctHash, this.utype, permit, this.publicClient, mocksDecryptDelay);
+    if (mocksDecryptDelay > 0)
+      await sleep(mocksDecryptDelay);
+    return cofheMocksDecryptForView(this.ctHash, this.utype, permit, this.publicClient);
   }
   /**
    * In the production context, perform a true decryption with the CoFHE coprocessor.
@@ -3477,8 +3390,56 @@ var DecryptForViewBuilder = class extends BaseBuilder {
     return convertViaUtype(this.utype, unsealed);
   }
 };
-
-// core/decrypt/tnDecrypt.ts
+async function cofheMocksDecryptForTx(ctHash, utype, permit, publicClient) {
+  let allowed;
+  let error;
+  let decryptedValue;
+  if (permit !== null) {
+    let permission = PermitUtils.getPermission(permit, true);
+    const permissionWithBigInts = {
+      ...permission,
+      expiration: BigInt(permission.expiration),
+      validatorId: BigInt(permission.validatorId)
+    };
+    [allowed, error, decryptedValue] = await publicClient.readContract({
+      address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
+      abi: MockThresholdNetworkAbi,
+      functionName: "decryptForTxWithPermit",
+      args: [BigInt(ctHash), permissionWithBigInts]
+    });
+  } else {
+    [allowed, error, decryptedValue] = await publicClient.readContract({
+      address: MOCKS_THRESHOLD_NETWORK_ADDRESS,
+      abi: MockThresholdNetworkAbi,
+      functionName: "decryptForTxWithoutPermit",
+      args: [BigInt(ctHash)]
+    });
+  }
+  if (error != "") {
+    throw new CofheError({
+      code: "DECRYPT_FAILED" /* DecryptFailed */,
+      message: `mocks decryptForTx call failed: ${error}`
+    });
+  }
+  if (allowed == false) {
+    throw new CofheError({
+      code: "DECRYPT_FAILED" /* DecryptFailed */,
+      message: `mocks decryptForTx call failed: ACL Access Denied (NotAllowed)`
+    });
+  }
+  const packed = viem.encodePacked(["uint256", "uint256"], [BigInt(ctHash), decryptedValue]);
+  const messageHash = viem.keccak256(packed);
+  const signature = await accounts.sign({
+    hash: messageHash,
+    privateKey: MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY,
+    to: "hex"
+  });
+  return {
+    ctHash,
+    decryptedValue,
+    signature
+  };
+}
 function normalizeSignature(signature) {
   if (typeof signature !== "string") {
     throw new CofheError({
@@ -3496,7 +3457,9 @@ function normalizeSignature(signature) {
       message: "decrypt response returned empty signature"
     });
   }
-  return trimmed.startsWith("0x") ? trimmed.slice(2) : trimmed;
+  const prefixed = trimmed.startsWith("0x") ? trimmed : `0x${trimmed}`;
+  const parsed = viem.parseSignature(prefixed);
+  return viem.serializeSignature(parsed);
 }
 function parseDecryptedBytesToBigInt(decrypted) {
   if (!Array.isArray(decrypted)) {
@@ -3585,7 +3548,7 @@ function assertTnDecryptResponse(value) {
 }
 async function tnDecrypt(ctHash, chainId, permission, thresholdNetworkUrl) {
   const body = {
-    ct_tempkey: ctHash.toString(16).padStart(64, "0"),
+    ct_tempkey: BigInt(ctHash).toString(16).padStart(64, "0"),
     host_chain_id: chainId
   };
   if (permission) {
@@ -3815,7 +3778,9 @@ var DecryptForTxBuilder = class extends BaseBuilder {
   async mocksDecryptForTx(permit) {
     this.assertPublicClient();
     const delay = this.config.mocks.decryptDelay;
-    const result = await cofheMocksDecryptForTx(this.ctHash, 0, permit, this.publicClient, delay);
+    if (delay > 0)
+      await sleep(delay);
+    const result = await cofheMocksDecryptForTx(this.ctHash, 0, permit, this.publicClient);
     return result;
   }
   /**

package/dist/core.d.cts

@@ -1,5 +1,5 @@
-import { c as CofheClientConnectionState, a as CofheConfig, d as CofheClientParams, b as CofheClient, F as FheTypes } from './clientTypes-Bhq7pCSA.cjs';
-export { h as CofheClientPermits, C as CofheInputConfig, f as CofheInternalConfig, Y as DecryptForTxBuilder, Z as DecryptForTxResult, X as DecryptForViewBuilder, W as EncryptInputsBuilder, B as EncryptSetStateFn, M as EncryptStep, D as EncryptStepCallbackContext, J as Encryptable, o as EncryptableAddress, i as EncryptableBool, E as EncryptableItem, z as EncryptableToEncryptedItemInputMap, n as EncryptableUint128, k as EncryptableUint16, l as EncryptableUint32, m as EncryptableUint64, j as EncryptableUint8, x as EncryptedAddressInput, r as EncryptedBoolInput, q as EncryptedItemInput, y as EncryptedItemInputs, p as EncryptedNumber, w as EncryptedUint128Input, t as EncryptedUint16Input, u as EncryptedUint32Input, v as EncryptedUint64Input, s as EncryptedUint8Input, H as FheAllUTypes, R as FheKeyDeserializer, A as FheTypeValue, G as FheUintUTypes, I as IStorage, T as KeysStorage, V as KeysStore, L as LiteralToPrimitive, P as Primitive, U as UnsealedItem, _ as ZkBuilderAndCrsGenerator, $ as ZkProveWorkerFunction, a0 as ZkProveWorkerRequest, a1 as ZkProveWorkerResponse, O as assertCorrectEncryptedItemInput, e as createCofheConfigBase, S as createKeysStore, Q as fetchKeys, g as getCofheConfigItem, K as isEncryptableItem, N as isLastEncryptionStep, a2 as zkProveWithWorker } from './clientTypes-Bhq7pCSA.cjs';
+import { c as CofheClientConnectionState, a as CofheConfig, d as CofheClientParams, b as CofheClient, F as FheTypes } from './clientTypes-Y43CKbOz.cjs';
+export { h as CofheClientPermits, C as CofheInputConfig, f as CofheInternalConfig, Y as DecryptForTxBuilder, Z as DecryptForTxResult, X as DecryptForViewBuilder, W as EncryptInputsBuilder, B as EncryptSetStateFn, M as EncryptStep, D as EncryptStepCallbackContext, J as Encryptable, o as EncryptableAddress, i as EncryptableBool, E as EncryptableItem, z as EncryptableToEncryptedItemInputMap, n as EncryptableUint128, k as EncryptableUint16, l as EncryptableUint32, m as EncryptableUint64, j as EncryptableUint8, x as EncryptedAddressInput, r as EncryptedBoolInput, q as EncryptedItemInput, y as EncryptedItemInputs, p as EncryptedNumber, w as EncryptedUint128Input, t as EncryptedUint16Input, u as EncryptedUint32Input, v as EncryptedUint64Input, s as EncryptedUint8Input, H as FheAllUTypes, R as FheKeyDeserializer, A as FheTypeValue, G as FheUintUTypes, I as IStorage, T as KeysStorage, V as KeysStore, L as LiteralToPrimitive, P as Primitive, U as UnsealedItem, _ as ZkBuilderAndCrsGenerator, $ as ZkProveWorkerFunction, a0 as ZkProveWorkerRequest, a1 as ZkProveWorkerResponse, O as assertCorrectEncryptedItemInput, e as createCofheConfigBase, S as createKeysStore, Q as fetchKeys, g as getCofheConfigItem, K as isEncryptableItem, N as isLastEncryptionStep, a2 as zkProveWithWorker } from './clientTypes-Y43CKbOz.cjs';
 import 'viem';
 import './types-YiAC4gig.cjs';
 import 'zod';

package/dist/core.d.ts

@@ -1,5 +1,5 @@
-import { c as CofheClientConnectionState, a as CofheConfig, d as CofheClientParams, b as CofheClient, F as FheTypes } from './clientTypes-6aTZPQ_4.js';
-export { h as CofheClientPermits, C as CofheInputConfig, f as CofheInternalConfig, Y as DecryptForTxBuilder, Z as DecryptForTxResult, X as DecryptForViewBuilder, W as EncryptInputsBuilder, B as EncryptSetStateFn, M as EncryptStep, D as EncryptStepCallbackContext, J as Encryptable, o as EncryptableAddress, i as EncryptableBool, E as EncryptableItem, z as EncryptableToEncryptedItemInputMap, n as EncryptableUint128, k as EncryptableUint16, l as EncryptableUint32, m as EncryptableUint64, j as EncryptableUint8, x as EncryptedAddressInput, r as EncryptedBoolInput, q as EncryptedItemInput, y as EncryptedItemInputs, p as EncryptedNumber, w as EncryptedUint128Input, t as EncryptedUint16Input, u as EncryptedUint32Input, v as EncryptedUint64Input, s as EncryptedUint8Input, H as FheAllUTypes, R as FheKeyDeserializer, A as FheTypeValue, G as FheUintUTypes, I as IStorage, T as KeysStorage, V as KeysStore, L as LiteralToPrimitive, P as Primitive, U as UnsealedItem, _ as ZkBuilderAndCrsGenerator, $ as ZkProveWorkerFunction, a0 as ZkProveWorkerRequest, a1 as ZkProveWorkerResponse, O as assertCorrectEncryptedItemInput, e as createCofheConfigBase, S as createKeysStore, Q as fetchKeys, g as getCofheConfigItem, K as isEncryptableItem, N as isLastEncryptionStep, a2 as zkProveWithWorker } from './clientTypes-6aTZPQ_4.js';
+import { c as CofheClientConnectionState, a as CofheConfig, d as CofheClientParams, b as CofheClient, F as FheTypes } from './clientTypes-PQha8zes.js';
+export { h as CofheClientPermits, C as CofheInputConfig, f as CofheInternalConfig, Y as DecryptForTxBuilder, Z as DecryptForTxResult, X as DecryptForViewBuilder, W as EncryptInputsBuilder, B as EncryptSetStateFn, M as EncryptStep, D as EncryptStepCallbackContext, J as Encryptable, o as EncryptableAddress, i as EncryptableBool, E as EncryptableItem, z as EncryptableToEncryptedItemInputMap, n as EncryptableUint128, k as EncryptableUint16, l as EncryptableUint32, m as EncryptableUint64, j as EncryptableUint8, x as EncryptedAddressInput, r as EncryptedBoolInput, q as EncryptedItemInput, y as EncryptedItemInputs, p as EncryptedNumber, w as EncryptedUint128Input, t as EncryptedUint16Input, u as EncryptedUint32Input, v as EncryptedUint64Input, s as EncryptedUint8Input, H as FheAllUTypes, R as FheKeyDeserializer, A as FheTypeValue, G as FheUintUTypes, I as IStorage, T as KeysStorage, V as KeysStore, L as LiteralToPrimitive, P as Primitive, U as UnsealedItem, _ as ZkBuilderAndCrsGenerator, $ as ZkProveWorkerFunction, a0 as ZkProveWorkerRequest, a1 as ZkProveWorkerResponse, O as assertCorrectEncryptedItemInput, e as createCofheConfigBase, S as createKeysStore, Q as fetchKeys, g as getCofheConfigItem, K as isEncryptableItem, N as isLastEncryptionStep, a2 as zkProveWithWorker } from './clientTypes-PQha8zes.js';
 import 'viem';
 import './types-YiAC4gig.js';
 import 'zod';

package/dist/core.js

@@ -1,3 +1,3 @@
-export { InitialConnectStore as CONNECT_STORE_DEFAULTS, CofheError, CofheErrorCode, DecryptForTxBuilder, DecryptForViewBuilder, EncryptInputsBuilder, EncryptStep, Encryptable, FheAllUTypes, FheTypes, FheUintUTypes, assertCorrectEncryptedItemInput, createCofheClientBase, createCofheConfigBase, createKeysStore, fetchKeys, fheTypeToString, getCofheConfigItem, isCofheError, isEncryptableItem, isLastEncryptionStep, zkProveWithWorker } from './chunk-2TPSCOW3.js';
+export { InitialConnectStore as CONNECT_STORE_DEFAULTS, CofheError, CofheErrorCode, DecryptForTxBuilder, DecryptForViewBuilder, EncryptInputsBuilder, EncryptStep, Encryptable, FheAllUTypes, FheTypes, FheUintUTypes, assertCorrectEncryptedItemInput, createCofheClientBase, createCofheConfigBase, createKeysStore, fetchKeys, fheTypeToString, getCofheConfigItem, isCofheError, isEncryptableItem, isLastEncryptionStep, zkProveWithWorker } from './chunk-LWMRB6SD.js';
 import './chunk-TBLR7NNE.js';
 export { MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY, MOCKS_THRESHOLD_NETWORK_ADDRESS, MOCKS_ZK_VERIFIER_ADDRESS, MOCKS_ZK_VERIFIER_SIGNER_ADDRESS, MOCKS_ZK_VERIFIER_SIGNER_PRIVATE_KEY, TASK_MANAGER_ADDRESS, TEST_BED_ADDRESS } from './chunk-NWDKXBIP.js';