@iexec-nox/nox-protocol-contracts 0.1.0-beta.6 → 0.1.0-beta.8

package/README.md

@@ -55,6 +55,14 @@ The default network is a local EDR simulation. For external networks, configure
 pnpm run deploy
 ```
 
+## Verify
+
+Verify deployed contracts on Etherscan. Requires `ETHERSCAN_API_KEY`
+
+```bash
+pnpm run verify arbitrumSepolia --network arbitrumSepolia
+```
+
 ## Configuration notes
 
 - Create2 salt is defined in [config/config.ts](config/config.ts).

package/contracts/interfaces/INoxCompute.sol

@@ -19,6 +19,9 @@ interface INoxCompute {
     error InvalidProof(bytes proof, string reason);
     error UnsupportedType();
     error IncompatibleTypes();
+    error NotPubliclyDecryptable(bytes32 handle);
+    /// Error thrown when attempting an ACL mutation on a public handle
+    error PublicHandleACLForbidden();
 
     /// Emitted when admin role is granted
     event Allowed(address indexed sender, address indexed account, bytes32 indexed handle);
@@ -30,7 +33,7 @@ interface INoxCompute {
     event GatewayUpdated(address indexed newGateway);
     event ProofExpirationDurationUpdated(uint256 newDuration);
 
-    event PlaintextToEncrypted(
+    event WrapAsPublicHandle(
         address indexed caller,
         bytes32 plaintext,
         TEEType toType,
@@ -160,7 +163,7 @@ interface INoxCompute {
     );
 
     enum Operator {
-        PlaintextToEncrypted,
+        WrapAsPublicHandle,
         Add,
         Sub,
         Mul,
@@ -199,11 +202,11 @@ interface INoxCompute {
     function allowTransient(bytes32 handle, address account) external;
 
     /**
-     * Removes all transient authorizations. This is useful for integration with Account Abstraction
-     * when bundling several UserOps calling the NoxCompute.
-     * @dev Can be called by anyone (typically by AA bundlers between UserOps).
+     * Revokes transient access to `handle` for address `account` within the current transaction.
+     * @param handle Handle.
+     * @param account Address of the account.
      */
-    function cleanTransientStorage() external;
+    function disallowTransient(bytes32 handle, address account) external;
 
     /**
      * Returns whether the account is allowed to use the `handle`, either due to
@@ -260,27 +263,64 @@ interface INoxCompute {
     // ------------- Compute functions -------------
 
     /**
-     * @notice Converts a plaintext value into an encrypted value
-     * @param value The plaintext value to encrypt
-     * @param teeType The type of the encrypted value
-     * @return The encrypted value
-     */
-    function plaintextToEncrypted(bytes32 value, TEEType teeType) external returns (bytes32);
-
-    /**
-     * @notice Validates a handle proof for a given owner and type.
-     * @param handle handle to validate
-     * @param owner owner of the provided handle
-     * @param proof proof data
-     * @param teeType expected handle type
-     */
-    function validateProof(
+     * @notice Wraps a plaintext value into a deterministic public handle.
+     * The resulting handle has bit 0 of the attributes byte (byte 30) unset,
+     * meaning it can be non unique, it carries no ACL and is accessible by everyone.
+     * The same value and type always produce the same handle.
+     * @param value The plaintext value
+     * @param teeType The type of the handle
+     * @return The public handle
+     */
+    function wrapAsPublicHandle(bytes32 value, TEEType teeType) external returns (bytes32);
+
+    /**
+     * Validates that a handle provided by a user is:
+     *   - of expected type
+     *   - not expired
+     *   - issued for the correct app (caller)
+     *   - issued for the correct owner
+     *   - issued by the configured gateway (signed by the gateway wallet)
+     * or reverts otherwise.
+     *
+     * Handle format:
+     *  1 byte    4 bytes      1 byte  1 byte      25 bytes
+     *   [0]     [1------4]     [5]     [6]     [7-----------31]
+     * Version    ChainId       Type    Attrs      Pre-handle
+     *
+     * Proof format:
+     *  20 bytes       20 bytes        32 bytes            65 bytes
+     * [0-----19]    [20-----39]    [40--------71]    [72------------136]
+     *   Owner           App           CreatedAt       EIP-712 signature
+     *
+     * @param handle handle id
+     * @param owner The address of the handle owner
+     * @param proof Proof data
+     */
+    function validateInputProof(
         bytes32 handle,
         address owner,
         bytes calldata proof,
         TEEType teeType
     ) external;
 
+    /**
+     * Validates the decryption proof issued by the gateway for a given handle.
+     * The proof must be signed by the configured gateway.
+     *
+     * The proof uses a compact serialization: `signature (65 bytes) || decryptedResult (N >= 32 bytes)`.
+     * The signature is placed first (fixed size) so that `decryptedResult` can be variable-length,
+     * supporting all current types (ABI-encoded as 32 bytes) and future types that may exceed
+     * 32 bytes (e.g. encrypted strings).
+     *
+     * @param handle Handle to decrypt
+     * @param decryptionProof Compact proof: `signature (65 bytes) || decryptedResult (N >= 32 bytes)`
+     * @return decryptedResult The decrypted value (variable length)
+     */
+    function validateDecryptionProof(
+        bytes32 handle,
+        bytes calldata decryptionProof
+    ) external view returns (bytes memory);
+
     /**
      * @notice Performs an addition between two encrypted values without overflow check.
      * @param leftHandOperand Left-hand side operand handle

package/contracts/sdk/Nox.sol

@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0
 pragma solidity ^0.8.0;
 
-import {TEEType} from "../shared/TypeUtils.sol";
+import {TEEType, TypeUtils} from "../shared/TypeUtils.sol";
 import {INoxCompute} from "../interfaces/INoxCompute.sol";
 import "encrypted-types/EncryptedTypes.sol";
 
@@ -29,11 +29,11 @@ library Nox {
         }
         // Arbitrum Sepolia or its fork
         if (block.chainid == 421614) {
-            return 0x5633472D35E18464CA24Ab974954fB3b1B122eA6;
+            return 0xd464B198f06756a1d00be223634b85E0a731c229;
         }
         // Local development chain
         if (block.chainid == 31337) {
-            return 0x9cF45FFE48126380cFCC40215a1d6D7fffbffb05;
+            return 0x6cC89dEd8c25E1460fa8408099C8Ab5b902D8b6B;
         }
         revert("Nox: Unsupported chain");
     }
@@ -42,6 +42,36 @@ library Nox {
         return INoxCompute(noxComputeContract());
     }
 
+    /**
+     * @dev Calls allow on NoxCompute, silently skipping public handles.
+     * Public handles are already accessible by everyone and don't need ACL.
+     */
+    function _allowIfNotPublic(bytes32 handle, address account) private {
+        if (!TypeUtils.isPublicHandle(handle)) {
+            _noxComputeContract().allow(handle, account);
+        }
+    }
+
+    /**
+     * @dev Calls allowTransient on NoxCompute, silently skipping public handles.
+     * Public handles are already accessible by everyone and don't need ACL.
+     */
+    function _allowTransientIfNotPublic(bytes32 handle, address account) private {
+        if (!TypeUtils.isPublicHandle(handle)) {
+            _noxComputeContract().allowTransient(handle, account);
+        }
+    }
+
+    /**
+     * @dev Calls disallowTransient on NoxCompute, silently skipping public handles.
+     * Public handles are already accessible by everyone and don't need ACL.
+     */
+    function _disallowTransientIfNotPublic(bytes32 handle, address account) private {
+        if (!TypeUtils.isPublicHandle(handle)) {
+            _noxComputeContract().disallowTransient(handle, account);
+        }
+    }
+
     // =========== Handle initialization checks ============
 
     /**
@@ -112,7 +142,7 @@ library Nox {
     function toEbool(bool value) internal returns (ebool) {
         return
             ebool.wrap(
-                _noxComputeContract().plaintextToEncrypted(
+                _noxComputeContract().wrapAsPublicHandle(
                     bytes32(uint256(value ? 1 : 0)),
                     TEEType.Bool
                 )
@@ -125,7 +155,7 @@ library Nox {
     function toEuint16(uint16 value) internal returns (euint16) {
         return
             euint16.wrap(
-                _noxComputeContract().plaintextToEncrypted(bytes32(uint256(value)), TEEType.Uint16)
+                _noxComputeContract().wrapAsPublicHandle(bytes32(uint256(value)), TEEType.Uint16)
             );
     }
 
@@ -135,7 +165,7 @@ library Nox {
     function toEuint256(uint256 value) internal returns (euint256) {
         return
             euint256.wrap(
-                _noxComputeContract().plaintextToEncrypted(bytes32(value), TEEType.Uint256)
+                _noxComputeContract().wrapAsPublicHandle(bytes32(value), TEEType.Uint256)
             );
     }
 
@@ -145,7 +175,7 @@ library Nox {
     function toEint16(int16 value) internal returns (eint16) {
         return
             eint16.wrap(
-                _noxComputeContract().plaintextToEncrypted(
+                _noxComputeContract().wrapAsPublicHandle(
                     bytes32(uint256(uint16(value))),
                     TEEType.Int16
                 )
@@ -158,7 +188,7 @@ library Nox {
     function toEint256(int256 value) internal returns (eint256) {
         return
             eint256.wrap(
-                _noxComputeContract().plaintextToEncrypted(bytes32(uint256(value)), TEEType.Int256)
+                _noxComputeContract().wrapAsPublicHandle(bytes32(uint256(value)), TEEType.Int256)
             );
     }
 
@@ -169,7 +199,7 @@ library Nox {
         bytes calldata handleProof
     ) internal returns (ebool) {
         bytes32 handle = externalEbool.unwrap(externalHandle);
-        _noxComputeContract().validateProof(handle, msg.sender, handleProof, TEEType.Bool);
+        _noxComputeContract().validateInputProof(handle, msg.sender, handleProof, TEEType.Bool);
         return ebool.wrap(handle);
     }
 
@@ -178,7 +208,7 @@ library Nox {
         bytes calldata handleProof
     ) internal returns (eaddress) {
         bytes32 handle = externalEaddress.unwrap(externalHandle);
-        _noxComputeContract().validateProof(handle, msg.sender, handleProof, TEEType.Address);
+        _noxComputeContract().validateInputProof(handle, msg.sender, handleProof, TEEType.Address);
         return eaddress.wrap(handle);
     }
 
@@ -187,7 +217,7 @@ library Nox {
         bytes calldata handleProof
     ) internal returns (euint16) {
         bytes32 handle = externalEuint16.unwrap(externalHandle);
-        _noxComputeContract().validateProof(handle, msg.sender, handleProof, TEEType.Uint16);
+        _noxComputeContract().validateInputProof(handle, msg.sender, handleProof, TEEType.Uint16);
         return euint16.wrap(handle);
     }
 
@@ -196,7 +226,7 @@ library Nox {
         bytes calldata handleProof
     ) internal returns (euint256) {
         bytes32 handle = externalEuint256.unwrap(externalHandle);
-        _noxComputeContract().validateProof(handle, msg.sender, handleProof, TEEType.Uint256);
+        _noxComputeContract().validateInputProof(handle, msg.sender, handleProof, TEEType.Uint256);
         return euint256.wrap(handle);
     }
 
@@ -205,7 +235,7 @@ library Nox {
         bytes calldata handleProof
     ) internal returns (eint16) {
         bytes32 handle = externalEint16.unwrap(externalHandle);
-        _noxComputeContract().validateProof(handle, msg.sender, handleProof, TEEType.Int16);
+        _noxComputeContract().validateInputProof(handle, msg.sender, handleProof, TEEType.Int16);
         return eint16.wrap(handle);
     }
 
@@ -214,7 +244,7 @@ library Nox {
         bytes calldata handleProof
     ) internal returns (eint256) {
         bytes32 handle = externalEint256.unwrap(externalHandle);
-        _noxComputeContract().validateProof(handle, msg.sender, handleProof, TEEType.Int256);
+        _noxComputeContract().validateInputProof(handle, msg.sender, handleProof, TEEType.Int256);
         return eint256.wrap(handle);
     }
 
@@ -558,128 +588,194 @@ library Nox {
 
     /**
      * @dev Allows the use of value for the address account.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allow(ebool value, address account) internal {
-        _noxComputeContract().allow(ebool.unwrap(value), account);
+        _allowIfNotPublic(ebool.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value for the address account.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allow(eaddress value, address account) internal {
-        _noxComputeContract().allow(eaddress.unwrap(value), account);
+        _allowIfNotPublic(eaddress.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value for the address account.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allow(euint16 value, address account) internal {
-        _noxComputeContract().allow(euint16.unwrap(value), account);
+        _allowIfNotPublic(euint16.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value for the address account.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allow(euint256 value, address account) internal {
-        _noxComputeContract().allow(euint256.unwrap(value), account);
+        _allowIfNotPublic(euint256.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value for the address account.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allow(eint16 value, address account) internal {
-        _noxComputeContract().allow(eint16.unwrap(value), account);
+        _allowIfNotPublic(eint16.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value for the address account.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allow(eint256 value, address account) internal {
-        _noxComputeContract().allow(eint256.unwrap(value), account);
+        _allowIfNotPublic(eint256.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value for this address (address(this)).
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowThis(ebool value) internal {
-        _noxComputeContract().allow(ebool.unwrap(value), address(this));
+        _allowIfNotPublic(ebool.unwrap(value), address(this));
     }
 
     /**
      * @dev Allows the use of value for this address (address(this)).
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowThis(eaddress value) internal {
-        _noxComputeContract().allow(eaddress.unwrap(value), address(this));
+        _allowIfNotPublic(eaddress.unwrap(value), address(this));
     }
 
     /**
      * @dev Allows the use of value for this address (address(this)).
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowThis(euint16 value) internal {
-        _noxComputeContract().allow(euint16.unwrap(value), address(this));
+        _allowIfNotPublic(euint16.unwrap(value), address(this));
     }
 
     /**
      * @dev Allows the use of value for this address (address(this)).
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowThis(euint256 value) internal {
-        _noxComputeContract().allow(euint256.unwrap(value), address(this));
+        _allowIfNotPublic(euint256.unwrap(value), address(this));
     }
 
     /**
      * @dev Allows the use of value for this address (address(this)).
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowThis(eint16 value) internal {
-        _noxComputeContract().allow(eint16.unwrap(value), address(this));
+        _allowIfNotPublic(eint16.unwrap(value), address(this));
     }
 
     /**
      * @dev Allows the use of value for this address (address(this)).
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowThis(eint256 value) internal {
-        _noxComputeContract().allow(eint256.unwrap(value), address(this));
+        _allowIfNotPublic(eint256.unwrap(value), address(this));
     }
 
     /**
      * @dev Allows the use of value by address account for this transaction.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowTransient(ebool value, address account) internal {
-        _noxComputeContract().allowTransient(ebool.unwrap(value), account);
+        _allowTransientIfNotPublic(ebool.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value by address account for this transaction.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowTransient(eaddress value, address account) internal {
-        _noxComputeContract().allowTransient(eaddress.unwrap(value), account);
+        _allowTransientIfNotPublic(eaddress.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value by address account for this transaction.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowTransient(euint16 value, address account) internal {
-        _noxComputeContract().allowTransient(euint16.unwrap(value), account);
+        _allowTransientIfNotPublic(euint16.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value by address account for this transaction.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowTransient(euint256 value, address account) internal {
-        _noxComputeContract().allowTransient(euint256.unwrap(value), account);
+        _allowTransientIfNotPublic(euint256.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value by address account for this transaction.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowTransient(eint16 value, address account) internal {
-        _noxComputeContract().allowTransient(eint16.unwrap(value), account);
+        _allowTransientIfNotPublic(eint16.unwrap(value), account);
     }
 
     /**
      * @dev Allows the use of value by address account for this transaction.
+     * Silently skips public handles (they are already accessible by everyone).
      */
     function allowTransient(eint256 value, address account) internal {
-        _noxComputeContract().allowTransient(eint256.unwrap(value), account);
+        _allowTransientIfNotPublic(eint256.unwrap(value), account);
+    }
+
+    /**
+     * @dev Revokes transient access to value for address account within the current transaction.
+     * Silently skips public handles (they are already accessible by everyone).
+     */
+    function disallowTransient(ebool value, address account) internal {
+        _disallowTransientIfNotPublic(ebool.unwrap(value), account);
+    }
+
+    /**
+     * @dev Revokes transient access to value for address account within the current transaction.
+     * Silently skips public handles (they are already accessible by everyone).
+     */
+    function disallowTransient(eaddress value, address account) internal {
+        _disallowTransientIfNotPublic(eaddress.unwrap(value), account);
+    }
+
+    /**
+     * @dev Revokes transient access to value for address account within the current transaction.
+     * Silently skips public handles (they are already accessible by everyone).
+     */
+    function disallowTransient(euint16 value, address account) internal {
+        _disallowTransientIfNotPublic(euint16.unwrap(value), account);
+    }
+
+    /**
+     * @dev Revokes transient access to value for address account within the current transaction.
+     * Silently skips public handles (they are already accessible by everyone).
+     */
+    function disallowTransient(euint256 value, address account) internal {
+        _disallowTransientIfNotPublic(euint256.unwrap(value), account);
+    }
+
+    /**
+     * @dev Revokes transient access to value for address account within the current transaction.
+     * Silently skips public handles (they are already accessible by everyone).
+     */
+    function disallowTransient(eint16 value, address account) internal {
+        _disallowTransientIfNotPublic(eint16.unwrap(value), account);
+    }
+
+    /**
+     * @dev Revokes transient access to value for address account within the current transaction.
+     * Silently skips public handles (they are already accessible by everyone).
+     */
+    function disallowTransient(eint256 value, address account) internal {
+        _disallowTransientIfNotPublic(eint256.unwrap(value), account);
     }
 
     /**
@@ -896,9 +992,98 @@ library Nox {
         return _noxComputeContract().isPubliclyDecryptable(eint256.unwrap(handle));
     }
 
+    // ============ Public decryption proof verification ============
+
+    /**
+     * @dev Verifies a decryption proof and returns the decrypted boolean value.
+     */
+    function publicDecrypt(
+        ebool handle,
+        bytes calldata decryptionProof
+    ) internal view returns (bool plaintextValue) {
+        bytes memory result = _noxComputeContract().validateDecryptionProof(
+            ebool.unwrap(handle),
+            decryptionProof
+        );
+        return abi.decode(result, (bool));
+    }
+
+    /**
+     * @dev Verifies a decryption proof and returns the decrypted address value.
+     */
+    function publicDecrypt(
+        eaddress handle,
+        bytes calldata decryptionProof
+    ) internal view returns (address plaintextValue) {
+        bytes memory result = _noxComputeContract().validateDecryptionProof(
+            eaddress.unwrap(handle),
+            decryptionProof
+        );
+        return abi.decode(result, (address));
+    }
+
+    /**
+     * @dev Verifies a decryption proof and returns the decrypted uint16 value.
+     */
+    function publicDecrypt(
+        euint16 handle,
+        bytes calldata decryptionProof
+    ) internal view returns (uint16 plaintextValue) {
+        bytes memory result = _noxComputeContract().validateDecryptionProof(
+            euint16.unwrap(handle),
+            decryptionProof
+        );
+        return abi.decode(result, (uint16));
+    }
+
+    /**
+     * @dev Verifies a decryption proof and returns the decrypted uint256 value.
+     */
+    function publicDecrypt(
+        euint256 handle,
+        bytes calldata decryptionProof
+    ) internal view returns (uint256 plaintextValue) {
+        bytes memory result = _noxComputeContract().validateDecryptionProof(
+            euint256.unwrap(handle),
+            decryptionProof
+        );
+        return abi.decode(result, (uint256));
+    }
+
+    /**
+     * @dev Verifies a decryption proof and returns the decrypted int16 value.
+     */
+    function publicDecrypt(
+        eint16 handle,
+        bytes calldata decryptionProof
+    ) internal view returns (int16 plaintextValue) {
+        bytes memory result = _noxComputeContract().validateDecryptionProof(
+            eint16.unwrap(handle),
+            decryptionProof
+        );
+        return abi.decode(result, (int16));
+    }
+
+    /**
+     * @dev Verifies a decryption proof and returns the decrypted int256 value.
+     */
+    function publicDecrypt(
+        eint256 handle,
+        bytes calldata decryptionProof
+    ) internal view returns (int256 plaintextValue) {
+        bytes memory result = _noxComputeContract().validateDecryptionProof(
+            eint256.unwrap(handle),
+            decryptionProof
+        );
+        return abi.decode(result, (int256));
+    }
+
     // ============ Private helpers ============
 
     function _assertInitialized(bytes32 handle) private pure {
+        // TODO remove this function and all related asserts and use
+        // default zero values offchain in runner (0, address(0), ...)
+        // when the handle is uninitialized (0x00...00).
         require(handle != bytes32(0), UninitializedHandle());
     }
 

package/contracts/shared/TypeUtils.sol

@@ -115,14 +115,28 @@ enum TEEType {
 error NonArithmeticType();
 
 library TypeUtils {
+    /// @dev Bit 0 of the attrs byte. When set, the handle is guaranteed unique on-chain.
+    bytes1 internal constant ATTR_IS_UNIQ_HANDLE = 0x01;
+
     /**
      * @notice Extracts the TEE type from a handle.
-     * The type is stored at byte position 30 in the handle.
+     * The type is stored at byte position 5 in the handle.
      * @param handle The handle to extract the type from
      * @return The TEEType encoded in the handle
      */
     function typeOf(bytes32 handle) internal pure returns (TEEType) {
-        return TEEType(uint8(handle[30]));
+        return TEEType(uint8(handle[5]));
+    }
+
+    /**
+     * @notice Checks if a handle is a public handle (isUniqHandle bit == 0).
+     * A public handle wraps a plaintext value known on-chain, has no ACL,
+     * and is accessible by everyone.
+     * @param handle The handle to check
+     * @return True if the handle is a public handle
+     */
+    function isPublicHandle(bytes32 handle) internal pure returns (bool) {
+        return (handle[6] & ATTR_IS_UNIQ_HANDLE) == 0;
     }
 
     /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@iexec-nox/nox-protocol-contracts",
-  "version": "0.1.0-beta.6",
+  "version": "0.1.0-beta.8",
   "description": "Nox protocol smart contracts",
   "keywords": [
     "Nox",
@@ -26,6 +26,8 @@
     "set-gateway": "pnpm hardhat run scripts/set-gateway.ts",
     "set-kms-public-key": "pnpm hardhat run scripts/set-kms-public-key.ts",
     "upgrade": "pnpm hardhat run scripts/upgrade.ts",
+    "upgrade:production": "pnpm hardhat run scripts/upgrade.ts --build-profile production",
+    "verify": "pnpm hardhat ignition verify",
     "format": "pnpm prettier --write .",
     "format:check": "pnpm prettier --check ."
   },
@@ -35,16 +37,16 @@
     ]
   },
   "dependencies": {
-    "@openzeppelin/contracts": "^5.4.0",
-    "@openzeppelin/contracts-upgradeable": "^5.4.0",
+    "@openzeppelin/contracts": "^5.6.1",
+    "@openzeppelin/contracts-upgradeable": "^5.6.1",
     "encrypted-types": "^0.0.4"
   },
   "devDependencies": {
-    "@nomicfoundation/hardhat-ignition": "^3.0.8",
+    "@nomicfoundation/hardhat-ignition": "^3.0.9",
     "@nomicfoundation/hardhat-toolbox-viem": "^5.0.2",
     "@types/node": "^22.19.13",
     "forge-std": "github:foundry-rs/forge-std#v1.9.4",
-    "hardhat": "^3.1.10",
+    "hardhat": "^3.1.11",
     "husky": "^9.1.7",
     "lint-staged": "^16.3.1",
     "prettier": "^3.8.1",