@cofhe/sdk 0.4.0 → 0.5.0

package/core/permits.ts

@@ -75,6 +75,10 @@ const getHash = (permit: PermitHashFields) => {
   return PermitUtils.getHash(permit);
 };
 
+const exportShared = (permit: Permit) => {
+  return PermitUtils.export(permit);
+};
+
 const serialize = (permit: Permit) => {
   return PermitUtils.serialize(permit);
 };
@@ -188,6 +192,7 @@ export const permits = {
   getOrCreateSharingPermit,
 
   getHash,
+  export: exportShared,
   serialize,
   deserialize,
 

package/core/{client.test.ts → test/client.test.ts}

@@ -1,14 +1,14 @@
 import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { createCofheClientBase } from './client.js';
-import { type CofheClient, type CofheClientConnectionState } from './clientTypes.js';
-import { createCofheConfigBase, type CofheEnvironment } from './config.js';
-import { CofheError, CofheErrorCode } from './error.js';
+import { createCofheClientBase } from '../client.js';
+import { type CofheClient, type CofheClientConnectionState } from '../clientTypes.js';
+import { createCofheConfigBase, type CofheEnvironment } from '../config.js';
+import { CofheError, CofheErrorCode } from '../error.js';
 import { type PublicClient, type WalletClient } from 'viem';
-import { EncryptInputsBuilder } from './encrypt/encryptInputsBuilder.js';
-import { Encryptable } from './types.js';
+import { EncryptInputsBuilder } from '../encrypt/encryptInputsBuilder.js';
+import { Encryptable } from '../types.js';
 
 // Mock dependencies
-vi.mock('./keyStore', () => ({
+vi.mock('../keyStore', () => ({
   createKeysStore: vi.fn(() => ({
     rehydrateKeysStore: vi.fn().mockResolvedValue(undefined),
     getFheKey: vi.fn(),

package/core/{config.test.ts → test/config.test.ts}

@@ -9,7 +9,7 @@ import {
   getCoFheUrlOrThrow,
   getZkVerifierUrlOrThrow,
   getThresholdNetworkUrlOrThrow,
-} from './config.js';
+} from '../config.js';
 
 describe('createCofheConfigBase', () => {
   const validBaseConfig: CofheInputConfig = {

package/core/test/decrypt.test.ts

@@ -0,0 +1,252 @@
+import { FheTypes, verifyDecryptResult, createCofheConfigBase, TASK_MANAGER_ADDRESS } from '@/core';
+import { getChainById } from '@/chains';
+import {
+  TEST_PRIVATE_KEY,
+  PRIMARY_TEST_CHAIN,
+  primaryTestChainRegistry,
+  isPrimaryTestChainReady,
+} from '@cofhe/test-setup';
+
+import { permits } from '../permits.js';
+import { DecryptForTxBuilder } from '../decrypt/decryptForTxBuilder.js';
+import { DecryptForViewBuilder } from '../decrypt/decryptForViewBuilder.js';
+
+import { describe, it, expect, beforeAll } from 'vitest';
+import type { Chain, PublicClient, WalletClient } from 'viem';
+import { createPublicClient, createWalletClient, http, parseAbi } from 'viem';
+import { privateKeyToAccount } from 'viem/accounts';
+import { arbitrumSepolia, baseSepolia, sepolia } from 'viem/chains';
+
+const account = privateKeyToAccount(TEST_PRIVATE_KEY);
+
+const VIEM_CHAINS: Record<number, Chain> = {
+  421614: arbitrumSepolia,
+  84532: baseSepolia,
+  11155111: sepolia,
+};
+
+describe('Core – Decrypt Tests', () => {
+  let publicClient: PublicClient;
+  let walletClient: WalletClient;
+  let config: ReturnType<typeof createCofheConfigBase>;
+
+  let privateCtHash: `0x${string}`;
+  let privateValue: bigint;
+
+  let publicCtHash: `0x${string}`;
+  let publicValue: bigint;
+
+  beforeAll(() => {
+    if (!isPrimaryTestChainReady(primaryTestChainRegistry)) {
+      throw new Error('Primary test chain registry is not initialized. Run `pnpm test:setup` first.');
+    }
+
+    const reg = primaryTestChainRegistry;
+    const chainId = reg.chainId;
+
+    const viemChain = VIEM_CHAINS[chainId];
+    if (!viemChain) throw new Error(`No viem chain mapping for chain ${chainId}`);
+
+    const cofheChain = getChainById(chainId);
+    if (!cofheChain) throw new Error(`No cofhe chain config for chain ${chainId}`);
+
+    config = createCofheConfigBase({ supportedChains: [cofheChain] });
+
+    privateCtHash = reg.privateValue.ctHash as `0x${string}`;
+    privateValue = BigInt(reg.privateValue.value);
+
+    publicCtHash = reg.publicValue.ctHash as `0x${string}`;
+    publicValue = BigInt(reg.publicValue.value);
+
+    publicClient = createPublicClient({ chain: viemChain, transport: http() });
+    walletClient = createWalletClient({ chain: viemChain, transport: http(), account });
+  });
+
+  function txBuilder(ctHash: `0x${string}`) {
+    return new DecryptForTxBuilder({
+      config,
+      publicClient,
+      walletClient,
+      chainId: PRIMARY_TEST_CHAIN,
+      account: account.address,
+      ctHash,
+      requireConnected: undefined,
+    });
+  }
+
+  function viewBuilder(ctHash: `0x${string}`, utype: FheTypes) {
+    return new DecryptForViewBuilder({
+      config,
+      publicClient,
+      walletClient,
+      chainId: PRIMARY_TEST_CHAIN,
+      account: account.address,
+      ctHash,
+      utype,
+      requireConnected: undefined,
+    });
+  }
+
+  async function createPermit() {
+    return permits.createSelf({ issuer: account.address, name: 'Decrypt Test Permit' }, publicClient, walletClient);
+  }
+
+  // ---------------------------------------------------------------------------
+  // decryptForTx – withoutPermit (global allowance)
+  // ---------------------------------------------------------------------------
+
+  describe('decryptForTx – withoutPermit (global allowance)', () => {
+    it('should decrypt a publicly allowed ciphertext', async () => {
+      const result = await txBuilder(publicCtHash).withoutPermit().execute();
+
+      expect(BigInt(result.ctHash)).toBe(BigInt(publicCtHash));
+      expect(result.decryptedValue).toBe(publicValue);
+      expect(result.signature).toMatch(/^0x[0-9a-fA-F]+$/);
+    }, 180000);
+  });
+
+  // ---------------------------------------------------------------------------
+  // decryptForTx – withPermit
+  // ---------------------------------------------------------------------------
+
+  describe('decryptForTx – withPermit', () => {
+    it('should decrypt with a self permit', async () => {
+      const permit = await createPermit();
+
+      const result = await txBuilder(privateCtHash).withPermit(permit).execute();
+
+      expect(BigInt(result.ctHash)).toBe(BigInt(privateCtHash));
+      expect(result.decryptedValue).toBe(privateValue);
+      expect(result.signature).toBeDefined();
+    }, 180000);
+
+    it('should auto-resolve active permit', async () => {
+      const permit = await createPermit();
+      permits.selectActivePermit(PRIMARY_TEST_CHAIN, account.address, permit.hash);
+
+      const result = await txBuilder(privateCtHash).withPermit().execute();
+
+      expect(BigInt(result.ctHash)).toBe(BigInt(privateCtHash));
+      expect(result.decryptedValue).toBe(privateValue);
+    }, 180000);
+  });
+
+  // ---------------------------------------------------------------------------
+  // verifyDecryptResult
+  // ---------------------------------------------------------------------------
+
+  describe('verifyDecryptResult', () => {
+    it('should verify a valid decrypt result', async () => {
+      const permit = await createPermit();
+
+      const decryptResult = await txBuilder(privateCtHash).withPermit(permit).execute();
+
+      const isValid = await verifyDecryptResult(
+        decryptResult.ctHash,
+        privateValue,
+        decryptResult.signature,
+        publicClient
+      );
+      expect(isValid).toBe(true);
+    }, 180000);
+
+    it('should return false for invalid inputs', async () => {
+      const permit = await createPermit();
+
+      const decryptResult = await txBuilder(privateCtHash).withPermit(permit).execute();
+
+      expect(
+        await verifyDecryptResult(decryptResult.ctHash, privateValue + 1n, decryptResult.signature, publicClient)
+      ).toBe(false);
+    }, 180000);
+  });
+
+  // ---------------------------------------------------------------------------
+  // decryptForView
+  // ---------------------------------------------------------------------------
+
+  describe('decryptForView', () => {
+    it('should return the plaintext value', async () => {
+      await createPermit();
+
+      const result = await viewBuilder(privateCtHash, FheTypes.Uint32).execute();
+      expect(result).toBe(privateValue);
+    }, 180000);
+
+    it('should agree with decryptForTx on the same handle', async () => {
+      const permit = await createPermit();
+
+      const viewResult = await viewBuilder(privateCtHash, FheTypes.Uint32).execute();
+      const txResult = await txBuilder(privateCtHash).withPermit(permit).execute();
+
+      expect(viewResult).toBe(privateValue);
+      expect(BigInt(txResult.ctHash)).toBe(BigInt(privateCtHash));
+      expect(txResult.decryptedValue).toBe(privateValue);
+    }, 180000);
+  });
+
+  describe('verifyDecryptResult', () => {
+    it('should correctly verify a valid decrypt result', async () => {
+      const permit = await createPermit();
+
+      const decryptResult = await txBuilder(privateCtHash).withPermit(permit).execute();
+
+      const isValid = await verifyDecryptResult(
+        decryptResult.ctHash,
+        privateValue,
+        decryptResult.signature,
+        publicClient
+      );
+      expect(isValid).toBe(true);
+    }, 180000);
+
+    it('should verify identically to the on-chain TaskManager contract', async () => {
+      const permit = await createPermit();
+      const decryptResult = await txBuilder(privateCtHash).withPermit(permit).execute();
+
+      const samples = [
+        {
+          shouldBe: true,
+          handle: BigInt(decryptResult.ctHash),
+          cleartext: decryptResult.decryptedValue,
+          signature: decryptResult.signature,
+        },
+        {
+          shouldBe: false,
+          handle: BigInt(decryptResult.ctHash),
+          cleartext: decryptResult.decryptedValue + 1n,
+          signature: decryptResult.signature,
+        },
+        {
+          shouldBe: false,
+          handle: BigInt(decryptResult.ctHash) + 1n,
+          cleartext: decryptResult.decryptedValue,
+          signature: decryptResult.signature,
+        },
+        {
+          shouldBe: false,
+          handle: BigInt(decryptResult.ctHash),
+          cleartext: decryptResult.decryptedValue,
+          signature: `${decryptResult.signature}00`,
+        },
+      ] as const;
+
+      for (const sample of samples) {
+        const sdkResult = await verifyDecryptResult(sample.handle, sample.cleartext, sample.signature, publicClient);
+
+        const verifyDecryptResultSafeAbi = parseAbi([
+          'function verifyDecryptResultSafe(uint256 ctHash, uint256 cleartext, bytes signature) view returns (bool)',
+        ]);
+        const tmResult = await publicClient.readContract({
+          address: TASK_MANAGER_ADDRESS,
+          abi: verifyDecryptResultSafeAbi,
+          functionName: 'verifyDecryptResultSafe',
+          args: [sample.handle, sample.cleartext, sample.signature],
+        });
+
+        expect(sdkResult).to.equal(tmResult);
+        expect(sdkResult).to.equal(sample.shouldBe);
+      }
+    });
+  });
+});

package/core/test/decryptBuilders.test.ts

@@ -0,0 +1,390 @@
+import { describe, it, expect } from 'vitest';
+import { type PublicClient, type WalletClient, createPublicClient, createWalletClient, http } from 'viem';
+import { privateKeyToAccount } from 'viem/accounts';
+import { arbitrumSepolia } from 'viem/chains';
+import { DecryptForTxBuilder } from '../decrypt/decryptForTxBuilder.js';
+import { DecryptForViewBuilder } from '../decrypt/decryptForViewBuilder.js';
+import { createCofheConfigBase, type CofheConfig } from '../config.js';
+import { CofheErrorCode } from '../error.js';
+import { FheTypes } from '../types.js';
+
+const TEST_PRIVATE_KEY = '0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80';
+const account = privateKeyToAccount(TEST_PRIVATE_KEY);
+const TEST_CHAIN_ID = 421614;
+const TEST_CT_HASH = '0xabcdef1234567890';
+
+const MockCoFheUrl = 'http://localhost:3001';
+
+const publicClient: PublicClient = createPublicClient({
+  chain: arbitrumSepolia,
+  transport: http(),
+});
+
+const walletClient: WalletClient = createWalletClient({
+  chain: arbitrumSepolia,
+  transport: http(),
+  account,
+});
+
+const mockConfig: CofheConfig = createCofheConfigBase({
+  supportedChains: [
+    {
+      id: TEST_CHAIN_ID,
+      name: 'Mock Chain',
+      network: 'Mock Network',
+      coFheUrl: MockCoFheUrl,
+      thresholdNetworkUrl: MockCoFheUrl,
+      environment: 'TESTNET',
+      verifierUrl: MockCoFheUrl,
+    },
+  ],
+});
+
+function createTxBuilder(overrides?: Partial<{ chainId: number; account: string; ctHash: string | bigint }>) {
+  return new DecryptForTxBuilder({
+    config: mockConfig,
+    publicClient,
+    walletClient,
+    chainId: TEST_CHAIN_ID,
+    account: account.address,
+    ctHash: TEST_CT_HASH,
+    requireConnected: undefined,
+    ...overrides,
+  });
+}
+
+function createViewBuilder<U extends FheTypes>(
+  utype: U,
+  overrides?: Partial<{ chainId: number; account: string; ctHash: string | bigint }>
+) {
+  return new DecryptForViewBuilder<U>({
+    config: mockConfig,
+    publicClient,
+    walletClient,
+    chainId: TEST_CHAIN_ID,
+    account: account.address,
+    ctHash: TEST_CT_HASH,
+    utype,
+    requireConnected: undefined,
+    ...overrides,
+  });
+}
+
+// ---------------------------------------------------------------------------
+// DecryptForTxBuilder
+// ---------------------------------------------------------------------------
+
+describe('DecryptForTxBuilder', () => {
+  // --- setChainId / getChainId ---
+
+  describe('setChainId / getChainId', () => {
+    it('should store and return the chainId', () => {
+      const builder = createTxBuilder({ chainId: undefined });
+      expect(builder.getChainId()).toBeUndefined();
+
+      builder.setChainId(11155111);
+      expect(builder.getChainId()).toBe(11155111);
+    });
+
+    it('should allow overriding', () => {
+      const builder = createTxBuilder({ chainId: 1 });
+      builder.setChainId(42);
+      expect(builder.getChainId()).toBe(42);
+    });
+  });
+
+  // --- setAccount / getAccount ---
+
+  describe('setAccount / getAccount', () => {
+    it('should store and return the account', () => {
+      const builder = createTxBuilder({ account: undefined });
+      expect(builder.getAccount()).toBeUndefined();
+
+      builder.setAccount('0xdeadbeef');
+      expect(builder.getAccount()).toBe('0xdeadbeef');
+    });
+
+    it('should allow overriding', () => {
+      const builder = createTxBuilder();
+      builder.setAccount('0xnewaccount');
+      expect(builder.getAccount()).toBe('0xnewaccount');
+    });
+  });
+
+  // --- withPermit / withoutPermit selection ---
+
+  describe('withPermit / withoutPermit selection', () => {
+    it('withPermit() should set permit selection', () => {
+      const builder = createTxBuilder();
+      const selected = builder.withPermit();
+      expect(selected).toBeDefined();
+      expect(selected.getPermit()).toBeUndefined();
+      expect(selected.getPermitHash()).toBeUndefined();
+    });
+
+    it('withPermit(hash) should store the permit hash', () => {
+      const builder = createTxBuilder();
+      const selected = builder.withPermit('0xmypermithash');
+      expect(selected.getPermitHash()).toBe('0xmypermithash');
+      expect(selected.getPermit()).toBeUndefined();
+    });
+
+    it('withoutPermit() should set permit selection', () => {
+      const builder = createTxBuilder();
+      const selected = builder.withoutPermit();
+      expect(selected).toBeDefined();
+      expect(selected.getPermit()).toBeUndefined();
+      expect(selected.getPermitHash()).toBeUndefined();
+    });
+
+    it('should throw when withPermit() is called twice', () => {
+      const builder = createTxBuilder();
+      builder.withPermit();
+
+      expect(() => (builder as any).withPermit()).toThrow('withPermit() can only be selected once');
+    });
+
+    it('should throw when withoutPermit() is called twice', () => {
+      const builder = createTxBuilder();
+      builder.withoutPermit();
+
+      expect(() => (builder as any).withoutPermit()).toThrow('withoutPermit() can only be selected once');
+    });
+
+    it('should throw when withPermit() is called after withoutPermit()', () => {
+      const builder = createTxBuilder();
+      builder.withoutPermit();
+
+      expect(() => (builder as any).withPermit()).toThrow('cannot call withPermit() after withoutPermit()');
+    });
+
+    it('should throw when withoutPermit() is called after withPermit()', () => {
+      const builder = createTxBuilder();
+      builder.withPermit();
+
+      expect(() => (builder as any).withoutPermit()).toThrow('cannot call withoutPermit() after withPermit()');
+    });
+  });
+
+  // --- chaining ---
+
+  describe('chaining', () => {
+    it('should return the builder from each setter for fluent chaining', () => {
+      const builder = createTxBuilder({ chainId: undefined, account: undefined });
+      const result = builder.setChainId(TEST_CHAIN_ID).setAccount(account.address).withPermit();
+
+      expect(result).toBeDefined();
+      expect(result.getChainId()).toBe(TEST_CHAIN_ID);
+      expect(result.getAccount()).toBe(account.address);
+    });
+
+    it('should allow setChainId and setAccount after withPermit', () => {
+      const builder = createTxBuilder({ chainId: undefined, account: undefined });
+      const selected = builder.withPermit();
+      selected.setChainId(99);
+      selected.setAccount('0xabc');
+
+      expect(selected.getChainId()).toBe(99);
+      expect(selected.getAccount()).toBe('0xabc');
+    });
+
+    it('should allow setChainId and setAccount after withoutPermit', () => {
+      const builder = createTxBuilder({ chainId: undefined, account: undefined });
+      const selected = builder.withoutPermit();
+      selected.setChainId(99);
+      selected.setAccount('0xabc');
+
+      expect(selected.getChainId()).toBe(99);
+      expect(selected.getAccount()).toBe('0xabc');
+    });
+  });
+
+  // --- execute error paths ---
+
+  describe('execute – error paths', () => {
+    it('should throw when execute() is called without permit selection', async () => {
+      const builder = createTxBuilder();
+
+      try {
+        await builder.execute();
+        expect.fail('Expected error');
+      } catch (error) {
+        expect((error as any).code).toBe(CofheErrorCode.InternalError);
+        expect((error as Error).message).toContain('missing permit selection');
+      }
+    });
+
+    it('should throw when withPermit() has no active permit', async () => {
+      const builder = createTxBuilder();
+
+      try {
+        await builder.withPermit().execute();
+        expect.fail('Expected PermitNotFound error');
+      } catch (error) {
+        expect((error as any).code).toBe(CofheErrorCode.PermitNotFound);
+        expect((error as Error).message).toContain('Active permit not found');
+      }
+    });
+
+    it('should throw when withPermit(hash) cannot find permit', async () => {
+      const builder = createTxBuilder();
+
+      try {
+        await builder.withPermit('0xnonexistent').execute();
+        expect.fail('Expected PermitNotFound error');
+      } catch (error) {
+        expect((error as any).code).toBe(CofheErrorCode.PermitNotFound);
+        expect((error as Error).message).toContain('Permit with hash');
+      }
+    });
+  });
+
+  // --- constructor error paths ---
+
+  describe('constructor – error paths', () => {
+    it('should throw when config is undefined', () => {
+      expect(
+        () =>
+          new DecryptForTxBuilder({
+            config: undefined,
+            publicClient,
+            walletClient,
+            chainId: TEST_CHAIN_ID,
+            account: account.address,
+            ctHash: TEST_CT_HASH,
+            requireConnected: undefined,
+          })
+      ).toThrow();
+    });
+  });
+});
+
+// ---------------------------------------------------------------------------
+// DecryptForViewBuilder
+// ---------------------------------------------------------------------------
+
+describe('DecryptForViewBuilder', () => {
+  // --- setChainId / getChainId ---
+
+  describe('setChainId / getChainId', () => {
+    it('should store and return the chainId', () => {
+      const builder = createViewBuilder(FheTypes.Uint32, { chainId: undefined });
+      expect(builder.getChainId()).toBeUndefined();
+
+      builder.setChainId(11155111);
+      expect(builder.getChainId()).toBe(11155111);
+    });
+  });
+
+  // --- setAccount / getAccount ---
+
+  describe('setAccount / getAccount', () => {
+    it('should store and return the account', () => {
+      const builder = createViewBuilder(FheTypes.Uint32, { account: undefined });
+      expect(builder.getAccount()).toBeUndefined();
+
+      builder.setAccount('0xdeadbeef');
+      expect(builder.getAccount()).toBe('0xdeadbeef');
+    });
+  });
+
+  // --- withPermit ---
+
+  describe('withPermit', () => {
+    it('withPermit() should clear permit and hash', () => {
+      const builder = createViewBuilder(FheTypes.Uint32);
+      builder.withPermit();
+      expect(builder.getPermit()).toBeUndefined();
+      expect(builder.getPermitHash()).toBeUndefined();
+    });
+
+    it('withPermit(hash) should store the permit hash', () => {
+      const builder = createViewBuilder(FheTypes.Uint32);
+      builder.withPermit('0xmypermithash');
+      expect(builder.getPermitHash()).toBe('0xmypermithash');
+      expect(builder.getPermit()).toBeUndefined();
+    });
+
+    it('should allow overriding permit selection', () => {
+      const builder = createViewBuilder(FheTypes.Uint32);
+      builder.withPermit('0xfirst');
+      expect(builder.getPermitHash()).toBe('0xfirst');
+
+      builder.withPermit('0xsecond');
+      expect(builder.getPermitHash()).toBe('0xsecond');
+    });
+  });
+
+  // --- chaining ---
+
+  describe('chaining', () => {
+    it('should return the builder from each setter for fluent chaining', () => {
+      const builder = createViewBuilder(FheTypes.Uint32, { chainId: undefined, account: undefined });
+      const result = builder.setChainId(TEST_CHAIN_ID).setAccount(account.address).withPermit();
+
+      expect(result).toBeDefined();
+      expect(result.getChainId()).toBe(TEST_CHAIN_ID);
+      expect(result.getAccount()).toBe(account.address);
+    });
+  });
+
+  // --- execute error paths ---
+
+  describe('execute – error paths', () => {
+    it('should throw when active permit is not found', async () => {
+      const builder = createViewBuilder(FheTypes.Uint32);
+
+      try {
+        await builder.execute();
+        expect.fail('Expected PermitNotFound error');
+      } catch (error) {
+        expect((error as any).code).toBe(CofheErrorCode.PermitNotFound);
+        expect((error as Error).message).toContain('Active permit not found');
+      }
+    });
+
+    it('should throw when withPermit(hash) cannot find permit', async () => {
+      const builder = createViewBuilder(FheTypes.Uint32);
+      builder.withPermit('0xnonexistent');
+
+      try {
+        await builder.execute();
+        expect.fail('Expected PermitNotFound error');
+      } catch (error) {
+        expect((error as any).code).toBe(CofheErrorCode.PermitNotFound);
+        expect((error as Error).message).toContain('Permit with hash');
+      }
+    });
+
+    it('should throw for invalid utype', async () => {
+      const builder = createViewBuilder(999 as FheTypes);
+
+      try {
+        await builder.execute();
+        expect.fail('Expected InvalidUtype error');
+      } catch (error) {
+        expect((error as any).code).toBe(CofheErrorCode.InvalidUtype);
+      }
+    });
+  });
+
+  // --- constructor error paths ---
+
+  describe('constructor – error paths', () => {
+    it('should throw when config is undefined', () => {
+      expect(
+        () =>
+          new DecryptForViewBuilder({
+            config: undefined,
+            publicClient,
+            walletClient,
+            chainId: TEST_CHAIN_ID,
+            account: account.address,
+            ctHash: TEST_CT_HASH,
+            utype: FheTypes.Uint32,
+            requireConnected: undefined,
+          })
+      ).toThrow();
+    });
+  });
+});