@inco/js 0.7.1 → 0.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/advancedacl/session-key.d.ts +9 -3
- package/dist/cjs/advancedacl/session-key.js +18 -7
- package/dist/cjs/attestedcompute/attested-compute.d.ts +32 -4
- package/dist/cjs/attestedcompute/attested-compute.js +13 -13
- package/dist/cjs/attesteddecrypt/attested-decrypt.d.ts +12 -6
- package/dist/cjs/attesteddecrypt/attested-decrypt.js +40 -7
- package/dist/cjs/attesteddecrypt/types.d.ts +1 -0
- package/dist/cjs/generated/es/inco/kms/lite/v1/kms_service_pb.d.ts +28 -14
- package/dist/cjs/generated/es/inco/kms/lite/v1/kms_service_pb.js +2 -2
- package/dist/cjs/kms/quorumClient.d.ts +1 -1
- package/dist/cjs/kms/quorumClient.js +118 -17
- package/dist/cjs/lite/attested-compute.d.ts +2 -2
- package/dist/cjs/lite/attested-compute.js +3 -3
- package/dist/cjs/lite/attested-decrypt.d.ts +2 -2
- package/dist/cjs/lite/attested-decrypt.js +3 -3
- package/dist/cjs/lite/lightning.d.ts +67 -7
- package/dist/cjs/lite/lightning.js +105 -40
- package/dist/cjs/test/mocks.js +4 -2
- package/dist/esm/advancedacl/session-key.d.ts +9 -3
- package/dist/esm/advancedacl/session-key.js +20 -9
- package/dist/esm/attestedcompute/attested-compute.d.ts +32 -4
- package/dist/esm/attestedcompute/attested-compute.js +14 -14
- package/dist/esm/attesteddecrypt/attested-decrypt.d.ts +12 -6
- package/dist/esm/attesteddecrypt/attested-decrypt.js +39 -7
- package/dist/esm/attesteddecrypt/types.d.ts +1 -0
- package/dist/esm/generated/es/inco/kms/lite/v1/kms_service_pb.d.ts +28 -14
- package/dist/esm/generated/es/inco/kms/lite/v1/kms_service_pb.js +2 -2
- package/dist/esm/kms/quorumClient.d.ts +1 -1
- package/dist/esm/kms/quorumClient.js +118 -17
- package/dist/esm/lite/attested-compute.d.ts +2 -2
- package/dist/esm/lite/attested-compute.js +3 -3
- package/dist/esm/lite/attested-decrypt.d.ts +2 -2
- package/dist/esm/lite/attested-decrypt.js +3 -3
- package/dist/esm/lite/lightning.d.ts +67 -7
- package/dist/esm/lite/lightning.js +105 -40
- package/dist/esm/test/mocks.js +4 -2
- package/dist/types/advancedacl/session-key.d.ts +9 -3
- package/dist/types/attestedcompute/attested-compute.d.ts +32 -4
- package/dist/types/attesteddecrypt/attested-decrypt.d.ts +12 -6
- package/dist/types/attesteddecrypt/types.d.ts +1 -0
- package/dist/types/generated/es/inco/kms/lite/v1/kms_service_pb.d.ts +28 -14
- package/dist/types/kms/quorumClient.d.ts +1 -1
- package/dist/types/lite/attested-compute.d.ts +2 -2
- package/dist/types/lite/attested-decrypt.d.ts +2 -2
- package/dist/types/lite/lightning.d.ts +67 -7
- package/package.json +1 -1
|
@@ -1,21 +1,13 @@
|
|
|
1
1
|
import { create } from '@bufbuild/protobuf';
|
|
2
|
-
import { hexToBytes } from 'viem';
|
|
3
|
-
import { validateHandle } from '../attesteddecrypt/attested-decrypt.js';
|
|
2
|
+
import { bytesToHex, hexToBytes } from 'viem';
|
|
3
|
+
import { decryptEncryptedAttestations, fetchEip712DomainVersion, validateHandle, } from '../attesteddecrypt/attested-decrypt.js';
|
|
4
4
|
import { bigintToBytes32 } from '../binary.js';
|
|
5
5
|
import { AttestedComputeRequestSchema, } from '../generated/es/inco/kms/lite/v1/kms_service_pb.js';
|
|
6
6
|
import { createEIP712Payload } from '../reencryption/eip712.js';
|
|
7
7
|
import { AttestedComputeError } from './types.js';
|
|
8
8
|
export const ATTESTED_COMPUTE_DOMAIN_NAME = 'IncoAttestedCompute';
|
|
9
|
-
export const
|
|
10
|
-
|
|
11
|
-
* Creates an attested compute function that can decrypt handles with an attached attestation from the covalidator.
|
|
12
|
-
* @param args - The arguments for creating the attested compute function
|
|
13
|
-
* @returns A function that can perform binary operation on a handle and return an attestation
|
|
14
|
-
* @throws {AttestedComputeError} If the creation fails
|
|
15
|
-
*
|
|
16
|
-
* @todo Support multiple operations in a single request.
|
|
17
|
-
*/
|
|
18
|
-
export async function attestedCompute({ lhsHandle, op, rhsPlaintext, backoffConfig, walletClient, kmsQuorumClient, chainId, }) {
|
|
9
|
+
export const DEFAULT_ATTESTED_COMPUTE_DOMAIN_VERSION = '2';
|
|
10
|
+
export async function attestedCompute({ executorAddress, lhsHandle, op, rhsPlaintext, backoffConfig, walletClient, kmsQuorumClient, chainId, reencryptPubKey, reencryptKeypair, }) {
|
|
19
11
|
try {
|
|
20
12
|
validateHandle(lhsHandle);
|
|
21
13
|
const rhsPlaintextBig = typeof rhsPlaintext === 'boolean'
|
|
@@ -23,6 +15,7 @@ export async function attestedCompute({ lhsHandle, op, rhsPlaintext, backoffConf
|
|
|
23
15
|
? 1n
|
|
24
16
|
: 0n
|
|
25
17
|
: BigInt(rhsPlaintext);
|
|
18
|
+
const eip712DomainVersion = await fetchEip712DomainVersion(executorAddress, DEFAULT_ATTESTED_COMPUTE_DOMAIN_VERSION, walletClient);
|
|
26
19
|
// Create the EIP712 payload for the handles to decrypt
|
|
27
20
|
const eip712Payload = createEIP712Payload({
|
|
28
21
|
chainId: BigInt(chainId),
|
|
@@ -31,19 +24,22 @@ export async function attestedCompute({ lhsHandle, op, rhsPlaintext, backoffConf
|
|
|
31
24
|
{ name: 'op', type: 'uint8' },
|
|
32
25
|
{ name: 'lhsHandle', type: 'bytes32' },
|
|
33
26
|
{ name: 'rhsPlaintext', type: 'bytes32' },
|
|
27
|
+
{ name: 'publicKey', type: 'bytes' },
|
|
34
28
|
],
|
|
35
29
|
message: {
|
|
36
30
|
op: op,
|
|
37
31
|
lhsHandle: lhsHandle,
|
|
38
32
|
rhsPlaintext: bigintToBytes32(rhsPlaintextBig),
|
|
33
|
+
publicKey: bytesToHex(reencryptPubKey ? reencryptPubKey : new Uint8Array()),
|
|
39
34
|
},
|
|
40
35
|
domainName: ATTESTED_COMPUTE_DOMAIN_NAME,
|
|
41
|
-
domainVersion:
|
|
36
|
+
domainVersion: eip712DomainVersion,
|
|
42
37
|
});
|
|
43
38
|
// Sign the EIP712 message
|
|
44
39
|
const eip712Signature = await walletClient.signTypedData(eip712Payload);
|
|
45
40
|
const attestedComputeRequest = create(AttestedComputeRequestSchema, {
|
|
46
41
|
userAddress: walletClient.account.address,
|
|
42
|
+
reencryptPubKey: reencryptPubKey ? reencryptPubKey : new Uint8Array(),
|
|
47
43
|
op: op,
|
|
48
44
|
lhsHandle: lhsHandle,
|
|
49
45
|
rhsPlaintext: rhsPlaintextBig.toString(16),
|
|
@@ -56,6 +52,10 @@ export async function attestedCompute({ lhsHandle, op, rhsPlaintext, backoffConf
|
|
|
56
52
|
},
|
|
57
53
|
});
|
|
58
54
|
let decryptionAttestation = await kmsQuorumClient.attestedCompute(attestedComputeRequest, backoffConfig);
|
|
55
|
+
if (reencryptPubKey && reencryptKeypair) {
|
|
56
|
+
const [decryptedAttestation] = await decryptEncryptedAttestations([decryptionAttestation], reencryptKeypair);
|
|
57
|
+
return decryptedAttestation;
|
|
58
|
+
}
|
|
59
59
|
return decryptionAttestation;
|
|
60
60
|
}
|
|
61
61
|
catch (error) {
|
|
@@ -65,4 +65,4 @@ export async function attestedCompute({ lhsHandle, op, rhsPlaintext, backoffConf
|
|
|
65
65
|
throw new AttestedComputeError('Failed to perform attested compute', error);
|
|
66
66
|
}
|
|
67
67
|
}
|
|
68
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
68
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXR0ZXN0ZWQtY29tcHV0ZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hdHRlc3RlZGNvbXB1dGUvYXR0ZXN0ZWQtY29tcHV0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFFNUMsT0FBTyxFQUFFLFVBQVUsRUFBRSxVQUFVLEVBQUUsTUFBTSxNQUFNLENBQUM7QUFDOUMsT0FBTyxFQUNMLDRCQUE0QixFQUM1Qix3QkFBd0IsRUFDeEIsY0FBYyxHQUNmLE1BQU0sd0NBQXdDLENBQUM7QUFLaEQsT0FBTyxFQUFFLGVBQWUsRUFBYSxNQUFNLGNBQWMsQ0FBQztBQU0xRCxPQUFPLEVBRUwsNEJBQTRCLEdBQzdCLE1BQU0sb0RBQW9ELENBQUM7QUFHNUQsT0FBTyxFQUFFLG1CQUFtQixFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFFaEUsT0FBTyxFQUFFLG9CQUFvQixFQUFxQixNQUFNLFlBQVksQ0FBQztBQUVyRSxNQUFNLENBQUMsTUFBTSw0QkFBNEIsR0FBRyxxQkFBcUIsQ0FBQztBQUNsRSxNQUFNLENBQUMsTUFBTSx1Q0FBdUMsR0FBRyxHQUFHLENBQUM7QUE4RjNELE1BQU0sQ0FBQyxLQUFLLFVBQVUsZUFBZSxDQUE2QixFQUNoRSxlQUFlLEVBQ2YsU0FBUyxFQUNULEVBQUUsRUFDRixZQUFZLEVBQ1osYUFBYSxFQUNiLFlBQVksRUFDWixlQUFlLEVBQ2YsT0FBTyxFQUNQLGVBQWUsRUFDZixnQkFBZ0IsR0FZakI7SUFJQyxJQUFJLENBQUM7UUFDSCxjQUFjLENBQUMsU0FBUyxDQUFDLENBQUM7UUFFMUIsTUFBTSxlQUFlLEdBQ25CLE9BQU8sWUFBWSxLQUFLLFNBQVM7WUFDL0IsQ0FBQyxDQUFDLFlBQVk7Z0JBQ1osQ0FBQyxDQUFDLEVBQUU7Z0JBQ0osQ0FBQyxDQUFDLEVBQUU7WUFDTixDQUFDLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRTNCLE1BQU0sbUJBQW1CLEdBQUcsTUFBTSx3QkFBd0IsQ0FDeEQsZUFBZSxFQUNmLHVDQUF1QyxFQUN2QyxZQUFZLENBQ2IsQ0FBQztRQUVGLHVEQUF1RDtRQUN2RCxNQUFNLGFBQWEsR0FBRyxtQkFBbUIsQ0FBQztZQUN4QyxPQUFPLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQztZQUN4QixXQUFXLEVBQUUsd0JBQXdCO1lBQ3JDLGlCQUFpQixFQUFFO2dCQUNqQixFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRTtnQkFDN0IsRUFBRSxJQUFJLEVBQUUsV0FBVyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUU7Z0JBQ3RDLEVBQUUsSUFBSSxFQUFFLGNBQWMsRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFO2dCQUN6QyxFQUFFLElBQUksRUFBRSxXQUFXLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRTthQUNyQztZQUNELE9BQU8sRUFBRTtnQkFDUCxFQUFFLEVBQUUsRUFBRTtnQkFDTixTQUFTLEVBQUUsU0FBUztnQkFDcEIsWUFBWSxFQUFFLGVBQWUsQ0FBQyxlQUFlLENBQUM7Z0JBQzlDLFNBQVMsRUFBRSxVQUFVLENBQ25CLGVBQWUsQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxJQUFJLFVBQVUsRUFBRSxDQUNyRDthQUNGO1lBQ0QsVUFBVSxFQUFFLDRCQUE0QjtZQUN4QyxhQUFhLEVBQUUsbUJBQW1CO1NBQ25DLENBQUMsQ0FBQztRQUVILDBCQUEwQjtRQUMxQixNQUFNLGVBQWUsR0FBRyxNQUFNLFlBQVksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLENBQUM7UUFFeEUsTUFBTSxzQkFBc0IsR0FBMkIsTUFBTSxDQUMzRCw0QkFBNEIsRUFDNUI7WUFDRSxXQUFXLEVBQUUsWUFBWSxDQUFDLE9BQU8sQ0FBQyxPQUFPO1lBQ3pDLGVBQWUsRUFBRSxlQUFlLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUMsSUFBSSxVQUFVLEVBQUU7WUFDckUsRUFBRSxFQUFFLEVBQUU7WUFDTixTQUFTLEVBQUUsU0FBUztZQUNwQixZQUFZLEVBQUUsZUFBZSxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7WUFDMUMsZUFBZSxFQUFFLFVBQVUsQ0FBQyxlQUFlLENBQUM7WUFDNUMsUUFBUSxFQUFFO2dCQUNSLEtBQUssRUFBRTtvQkFDTCxJQUFJLEVBQUUsdUJBQXVCO29CQUM3QixLQUFLLEVBQUUsRUFBRTtpQkFDVjthQUNGO1NBQ0YsQ0FDRixDQUFDO1FBRUYsSUFBSSxxQkFBcUIsR0FBRyxNQUFNLGVBQWUsQ0FBQyxlQUFlLENBQy9ELHNCQUFzQixFQUN0QixhQUFhLENBQ2QsQ0FBQztRQUVGLElBQUksZUFBZSxJQUFJLGdCQUFnQixFQUFFLENBQUM7WUFDeEMsTUFBTSxDQUFDLG9CQUFvQixDQUFDLEdBQUcsTUFBTSw0QkFBNEIsQ0FDL0QsQ0FBQyxxQkFBcUIsQ0FBQyxFQUN2QixnQkFBZ0IsQ0FDakIsQ0FBQztZQUNGLE9BQU8sb0JBQTZELENBQUM7UUFDdkUsQ0FBQztRQUVELE9BQU8scUJBRTJDLENBQUM7SUFDckQsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDZixJQUFJLEtBQUssWUFBWSxvQkFBb0IsRUFBRSxDQUFDO1lBQzFDLE1BQU0sS0FBSyxDQUFDO1FBQ2QsQ0FBQztRQUNELE1BQU0sSUFBSSxvQkFBb0IsQ0FBQyxvQ0FBb0MsRUFBRSxLQUFLLENBQUMsQ0FBQztJQUM5RSxDQUFDO0FBQ0gsQ0FBQyJ9
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { Account, Chain, Transport, WalletClient } from 'viem';
|
|
1
|
+
import type { Account, Chain, PublicClient, Transport, WalletClient } from 'viem';
|
|
2
2
|
import { type HexString } from '../binary.js';
|
|
3
3
|
import { type SupportedChainId } from '../chain.js';
|
|
4
4
|
import { type EciesScheme, type SupportedFheType } from '../encryption/encryption.js';
|
|
@@ -7,7 +7,8 @@ import type { Secp256k1Keypair } from '../lite/ecies.js';
|
|
|
7
7
|
import type { BackoffConfig } from '../retry.js';
|
|
8
8
|
import { type DecryptionAttestation, type EncryptedDecryptionAttestation } from './types.js';
|
|
9
9
|
export declare const ATTESTED_DECRYPT_DOMAIN_NAME = "IncoAttestedDecrypt";
|
|
10
|
-
export declare const
|
|
10
|
+
export declare const DEFAULT_ATTESTED_DECRYPT_DOMAIN_VERSION = "2";
|
|
11
|
+
export declare const TEST_RPC_URL = "UNUSED IN TEST";
|
|
11
12
|
/**
|
|
12
13
|
* Arguments for creating an attested decrypt request.
|
|
13
14
|
*/
|
|
@@ -27,11 +28,12 @@ export interface IncoLiteAttestedDecryptorArgs {
|
|
|
27
28
|
* @returns A function that can decrypt handles and return an attestation
|
|
28
29
|
* @throws {AttestedDecryptError} If the creation fails
|
|
29
30
|
*/
|
|
30
|
-
export declare function attestedDecrypt({ handles, backoffConfig, chainId, kmsQuorumClient, }: {
|
|
31
|
+
export declare function attestedDecrypt({ handles, backoffConfig, chainId, kmsQuorumClient, executorAddress, }: {
|
|
31
32
|
handles: HexString[];
|
|
32
33
|
backoffConfig?: Partial<BackoffConfig> | undefined;
|
|
33
34
|
chainId: SupportedChainId;
|
|
34
35
|
kmsQuorumClient: KmsQuorumClient;
|
|
36
|
+
executorAddress: HexString;
|
|
35
37
|
}): Promise<Array<DecryptionAttestation<EciesScheme, SupportedFheType>>>;
|
|
36
38
|
/**
|
|
37
39
|
* Decrypt multiple handles in a single attested request.
|
|
@@ -41,7 +43,7 @@ export declare function attestedDecrypt({ handles, backoffConfig, chainId, kmsQu
|
|
|
41
43
|
* @returns A function that can decrypt handles and return an attestation
|
|
42
44
|
* @throws {AttestedDecryptError} If the creation fails
|
|
43
45
|
*/
|
|
44
|
-
export declare function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, reencryptPubKey, reencryptKeypair, kmsQuorumClient, }: {
|
|
46
|
+
export declare function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, reencryptPubKey, reencryptKeypair, kmsQuorumClient, executorAddress, }: {
|
|
45
47
|
handles: HexString[];
|
|
46
48
|
backoffConfig?: Partial<BackoffConfig> | undefined;
|
|
47
49
|
walletClient: WalletClient<Transport, Chain, Account>;
|
|
@@ -49,6 +51,7 @@ export declare function attestedDecrypt({ handles, backoffConfig, walletClient,
|
|
|
49
51
|
reencryptPubKey: Uint8Array;
|
|
50
52
|
reencryptKeypair: Secp256k1Keypair;
|
|
51
53
|
kmsQuorumClient: KmsQuorumClient;
|
|
54
|
+
executorAddress: HexString;
|
|
52
55
|
}): Promise<Array<DecryptionAttestation<EciesScheme, SupportedFheType>>>;
|
|
53
56
|
/**
|
|
54
57
|
* Decrypt multiple handles in a single attested request.
|
|
@@ -58,7 +61,7 @@ export declare function attestedDecrypt({ handles, backoffConfig, walletClient,
|
|
|
58
61
|
* @returns A function that can decrypt handles and return an attestation
|
|
59
62
|
* @throws {AttestedDecryptError} If the creation fails
|
|
60
63
|
*/
|
|
61
|
-
export declare function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, reencryptPubKey, kmsQuorumClient, }: {
|
|
64
|
+
export declare function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, reencryptPubKey, kmsQuorumClient, executorAddress, }: {
|
|
62
65
|
handles: HexString[];
|
|
63
66
|
backoffConfig?: Partial<BackoffConfig> | undefined;
|
|
64
67
|
walletClient: WalletClient<Transport, Chain, Account>;
|
|
@@ -66,6 +69,7 @@ export declare function attestedDecrypt({ handles, backoffConfig, walletClient,
|
|
|
66
69
|
reencryptPubKey: Uint8Array;
|
|
67
70
|
reencryptKeypair?: never;
|
|
68
71
|
kmsQuorumClient: KmsQuorumClient;
|
|
72
|
+
executorAddress: HexString;
|
|
69
73
|
}): Promise<Array<EncryptedDecryptionAttestation<EciesScheme, SupportedFheType>>>;
|
|
70
74
|
/**
|
|
71
75
|
* Decrypt multiple handles in a single attested request.
|
|
@@ -75,7 +79,7 @@ export declare function attestedDecrypt({ handles, backoffConfig, walletClient,
|
|
|
75
79
|
* @returns A function that can decrypt handles and return an attestation
|
|
76
80
|
* @throws {AttestedDecryptError} If the creation fails
|
|
77
81
|
*/
|
|
78
|
-
export declare function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, kmsQuorumClient, }: {
|
|
82
|
+
export declare function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, kmsQuorumClient, executorAddress, }: {
|
|
79
83
|
handles: HexString[];
|
|
80
84
|
backoffConfig?: Partial<BackoffConfig> | undefined;
|
|
81
85
|
walletClient: WalletClient<Transport, Chain, Account>;
|
|
@@ -83,7 +87,9 @@ export declare function attestedDecrypt({ handles, backoffConfig, walletClient,
|
|
|
83
87
|
reencryptPubKey?: never;
|
|
84
88
|
reencryptKeypair?: never;
|
|
85
89
|
kmsQuorumClient: KmsQuorumClient;
|
|
90
|
+
executorAddress: HexString;
|
|
86
91
|
}): Promise<Array<DecryptionAttestation<EciesScheme, SupportedFheType>>>;
|
|
92
|
+
export declare function fetchEip712DomainVersion(executorAddress: HexString | undefined, defaultVersion: string, walletClient?: WalletClient<Transport, Chain, Account> | PublicClient<Transport, Chain>): Promise<string>;
|
|
87
93
|
export declare function decryptEncryptedAttestations(attestations: Array<DecryptionAttestation<EciesScheme, SupportedFheType> | EncryptedDecryptionAttestation<EciesScheme, SupportedFheType>>, reencryptKeypair: Secp256k1Keypair): Promise<Array<DecryptionAttestation<EciesScheme, SupportedFheType>>>;
|
|
88
94
|
/**
|
|
89
95
|
* Validates a handle format.
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import { create } from '@bufbuild/protobuf';
|
|
2
|
-
import { bytesToHex, hexToBytes } from 'viem';
|
|
2
|
+
import { bytesToHex, getContract, hexToBytes } from 'viem';
|
|
3
3
|
import { bytesToBigInt } from '../binary.js';
|
|
4
4
|
import { bigintToPlaintext, encryptionSchemes, } from '../encryption/encryption.js';
|
|
5
|
+
import { incoLightningAbi } from '../generated/abis/lightning.js';
|
|
6
|
+
import { incoVerifierAbi } from '../generated/abis/verifier.js';
|
|
5
7
|
import { AttestedDecryptRequestSchema, AttestedRevealRequestSchema, } from '../generated/es/inco/kms/lite/v1/kms_service_pb.js';
|
|
6
8
|
import { HandleWithProofSchema, } from '../generated/es/inco/kms/lite/v1/types_pb.js';
|
|
7
9
|
import { getHandleType } from '../handle.js';
|
|
@@ -9,7 +11,10 @@ import { decrypt } from '../lite/ecies.js';
|
|
|
9
11
|
import { createEIP712Payload } from '../reencryption/eip712.js';
|
|
10
12
|
import { AttestedDecryptError, } from './types.js';
|
|
11
13
|
export const ATTESTED_DECRYPT_DOMAIN_NAME = 'IncoAttestedDecrypt';
|
|
12
|
-
|
|
14
|
+
// This version should match the return value of GetEIP712Version() in IncoVerifier and is used as fallback value in case run in tests (where walletClient is mocked)
|
|
15
|
+
export const DEFAULT_ATTESTED_DECRYPT_DOMAIN_VERSION = '2';
|
|
16
|
+
// This magic RPC url is used in tests to detect a mock client (which cannot make real on-chain calls)
|
|
17
|
+
export const TEST_RPC_URL = 'UNUSED IN TEST';
|
|
13
18
|
/**
|
|
14
19
|
* Decrypt multiple handles in a single attested request.
|
|
15
20
|
* Returns an array of attestations aligned with the response ordering.
|
|
@@ -18,10 +23,12 @@ export const ATTESTED_DECRYPT_DOMAIN_VERSION = '1';
|
|
|
18
23
|
* @returns A function that can decrypt handles and return an attestation
|
|
19
24
|
* @throws {AttestedDecryptError} If the creation fails
|
|
20
25
|
*/
|
|
21
|
-
export async function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, reencryptPubKey, reencryptKeypair, kmsQuorumClient, }) {
|
|
26
|
+
export async function attestedDecrypt({ handles, backoffConfig, walletClient, chainId, reencryptPubKey, reencryptKeypair, kmsQuorumClient, executorAddress, }) {
|
|
22
27
|
try {
|
|
23
28
|
handles.forEach(validateHandle);
|
|
24
|
-
const eip712Payload = buildEip712Payload({
|
|
29
|
+
const eip712Payload = await buildEip712Payload({
|
|
30
|
+
executorAddress,
|
|
31
|
+
...(walletClient ? { walletClient } : {}),
|
|
25
32
|
chainId,
|
|
26
33
|
handles,
|
|
27
34
|
...(reencryptPubKey !== undefined ? { reencryptPubKey } : {}),
|
|
@@ -59,8 +66,33 @@ export async function attestedDecrypt({ handles, backoffConfig, walletClient, ch
|
|
|
59
66
|
throw new AttestedDecryptError('Failed to decrypt handles', error);
|
|
60
67
|
}
|
|
61
68
|
}
|
|
69
|
+
// Fetches EIP712 domain version from on-chain verifier if walletClient is provided
|
|
70
|
+
export async function fetchEip712DomainVersion(executorAddress, defaultVersion, walletClient) {
|
|
71
|
+
let eip712DomainVersion;
|
|
72
|
+
if (walletClient &&
|
|
73
|
+
executorAddress &&
|
|
74
|
+
walletClient.transport.url !== TEST_RPC_URL) {
|
|
75
|
+
const lightning = getContract({
|
|
76
|
+
address: executorAddress,
|
|
77
|
+
abi: incoLightningAbi,
|
|
78
|
+
client: walletClient,
|
|
79
|
+
});
|
|
80
|
+
const incoVerifierAddress = await lightning.read.incoVerifier();
|
|
81
|
+
const verifier = getContract({
|
|
82
|
+
address: incoVerifierAddress,
|
|
83
|
+
abi: incoVerifierAbi,
|
|
84
|
+
client: walletClient,
|
|
85
|
+
});
|
|
86
|
+
eip712DomainVersion = await verifier.read.getEIP712Version();
|
|
87
|
+
}
|
|
88
|
+
else {
|
|
89
|
+
eip712DomainVersion = defaultVersion;
|
|
90
|
+
}
|
|
91
|
+
return eip712DomainVersion;
|
|
92
|
+
}
|
|
62
93
|
// Small helpers to make the main flow readable
|
|
63
|
-
function buildEip712Payload(params) {
|
|
94
|
+
async function buildEip712Payload(params) {
|
|
95
|
+
const eip712DomainVersion = await fetchEip712DomainVersion(params.executorAddress, DEFAULT_ATTESTED_DECRYPT_DOMAIN_VERSION, params.walletClient);
|
|
64
96
|
return createEIP712Payload({
|
|
65
97
|
chainId: BigInt(params.chainId),
|
|
66
98
|
primaryType: 'AttestedDecryptRequest',
|
|
@@ -73,7 +105,7 @@ function buildEip712Payload(params) {
|
|
|
73
105
|
publicKey: bytesToHex(params.reencryptPubKey ? params.reencryptPubKey : new Uint8Array()),
|
|
74
106
|
},
|
|
75
107
|
domainName: ATTESTED_DECRYPT_DOMAIN_NAME,
|
|
76
|
-
domainVersion:
|
|
108
|
+
domainVersion: eip712DomainVersion,
|
|
77
109
|
});
|
|
78
110
|
}
|
|
79
111
|
async function signEip712(walletClient, eip712Payload) {
|
|
@@ -134,4 +166,4 @@ export function validateHandle(handle) {
|
|
|
134
166
|
throw new AttestedDecryptError('Invalid handle format: must be a 32-byte hex string with 0x prefix');
|
|
135
167
|
}
|
|
136
168
|
}
|
|
137
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
169
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXR0ZXN0ZWQtZGVjcnlwdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hdHRlc3RlZGRlY3J5cHQvYXR0ZXN0ZWQtZGVjcnlwdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFRNUMsT0FBTyxFQUFFLFVBQVUsRUFBRSxXQUFXLEVBQUUsVUFBVSxFQUFFLE1BQU0sTUFBTSxDQUFDO0FBQzNELE9BQU8sRUFBRSxhQUFhLEVBQWtCLE1BQU0sY0FBYyxDQUFDO0FBRTdELE9BQU8sRUFDTCxpQkFBaUIsRUFFakIsaUJBQWlCLEdBRWxCLE1BQU0sNkJBQTZCLENBQUM7QUFDckMsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFDbEUsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBQ2hFLE9BQU8sRUFFTCw0QkFBNEIsRUFFNUIsMkJBQTJCLEdBQzVCLE1BQU0sb0RBQW9ELENBQUM7QUFDNUQsT0FBTyxFQUVMLHFCQUFxQixHQUN0QixNQUFNLDhDQUE4QyxDQUFDO0FBQ3RELE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxjQUFjLENBQUM7QUFHN0MsT0FBTyxFQUFFLE9BQU8sRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBQzNDLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBRWhFLE9BQU8sRUFDTCxvQkFBb0IsR0FHckIsTUFBTSxZQUFZLENBQUM7QUFFcEIsTUFBTSxDQUFDLE1BQU0sNEJBQTRCLEdBQUcscUJBQXFCLENBQUM7QUFDbEUscUtBQXFLO0FBQ3JLLE1BQU0sQ0FBQyxNQUFNLHVDQUF1QyxHQUFHLEdBQUcsQ0FBQztBQUUzRCxzR0FBc0c7QUFDdEcsTUFBTSxDQUFDLE1BQU0sWUFBWSxHQUFHLGdCQUFnQixDQUFDO0FBMkg3Qzs7Ozs7OztHQU9HO0FBQ0gsTUFBTSxDQUFDLEtBQUssVUFBVSxlQUFlLENBQUMsRUFDcEMsT0FBTyxFQUNQLGFBQWEsRUFDYixZQUFZLEVBQ1osT0FBTyxFQUNQLGVBQWUsRUFDZixnQkFBZ0IsRUFDaEIsZUFBZSxFQUNmLGVBQWUsR0FVaEI7SUFNQyxJQUFJLENBQUM7UUFDSCxPQUFPLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBRWhDLE1BQU0sYUFBYSxHQUFHLE1BQU0sa0JBQWtCLENBQUM7WUFDN0MsZUFBZTtZQUNmLEdBQUcsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLEVBQUUsWUFBWSxFQUFFLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztZQUN6QyxPQUFPO1lBQ1AsT0FBTztZQUNQLEdBQUcsQ0FBQyxlQUFlLEtBQUssU0FBUyxDQUFDLENBQUMsQ0FBQyxFQUFFLGVBQWUsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7U0FDOUQsQ0FBQyxDQUFDO1FBRUgsSUFBSSxRQUdILENBQUM7UUFFRixJQUFJLFlBQVksRUFBRSxDQUFDO1lBQ2pCLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxVQUFVLENBQUMsWUFBWSxFQUFFLGFBQWEsQ0FBQyxDQUFDO1lBRXpFLE1BQU0saUJBQWlCLEdBQUcsc0JBQXNCLENBQUMsT0FBTyxDQUFDLENBQUM7WUFFMUQsTUFBTSxzQkFBc0IsR0FBRywyQkFBMkIsQ0FBQztnQkFDekQsV0FBVyxFQUFFLFlBQVksQ0FBQyxPQUFPLENBQUMsT0FBTztnQkFDekMsaUJBQWlCO2dCQUNqQixlQUFlLEVBQUUsVUFBVSxDQUFDLGtCQUFrQixDQUFDO2dCQUMvQyxHQUFHLENBQUMsZUFBZSxLQUFLLFNBQVMsQ0FBQyxDQUFDLENBQUMsRUFBRSxlQUFlLEVBQUUsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO2FBQzlELENBQUMsQ0FBQztZQUVILG9FQUFvRTtZQUNwRSx1RUFBdUU7WUFDdkUsUUFBUSxHQUFHLE1BQU0sZUFBZSxDQUFDLGVBQWUsQ0FDOUMsc0JBQXNCLEVBQ3RCLGFBQWEsQ0FDZCxDQUFDO1lBQ0Ysb0ZBQW9GO1lBQ3BGLElBQUksZUFBZSxLQUFLLFNBQVMsSUFBSSxnQkFBZ0IsRUFBRSxDQUFDO2dCQUN0RCxRQUFRLEdBQUcsTUFBTSw0QkFBNEIsQ0FDM0MsUUFBUSxFQUNSLGdCQUFnQixDQUNqQixDQUFDO1lBQ0osQ0FBQztRQUNILENBQUM7YUFBTSxDQUFDO1lBQ04sTUFBTSxxQkFBcUIsR0FBMEIsTUFBTSxDQUN6RCwyQkFBMkIsRUFDM0I7Z0JBQ0UsT0FBTyxFQUFFLE9BQU87YUFDakIsQ0FDRixDQUFDO1lBQ0YsUUFBUSxHQUFHLE1BQU0sZUFBZSxDQUFDLGNBQWMsQ0FDN0MscUJBQXFCLEVBQ3JCLGFBQWEsQ0FDZCxDQUFDO1FBQ0osQ0FBQztRQUVELE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7SUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1FBQ2YsSUFBSSxLQUFLLFlBQVksb0JBQW9CLEVBQUUsQ0FBQztZQUMxQyxNQUFNLEtBQUssQ0FBQztRQUNkLENBQUM7UUFDRCxNQUFNLElBQUksb0JBQW9CLENBQUMsMkJBQTJCLEVBQUUsS0FBSyxDQUFDLENBQUM7SUFDckUsQ0FBQztBQUNILENBQUM7QUFFRCxtRkFBbUY7QUFDbkYsTUFBTSxDQUFDLEtBQUssVUFBVSx3QkFBd0IsQ0FDNUMsZUFBc0MsRUFDdEMsY0FBc0IsRUFDdEIsWUFFa0M7SUFFbEMsSUFBSSxtQkFBMkIsQ0FBQztJQUVoQyxJQUNFLFlBQVk7UUFDWixlQUFlO1FBQ2YsWUFBWSxDQUFDLFNBQVMsQ0FBQyxHQUFHLEtBQUssWUFBWSxFQUMzQyxDQUFDO1FBQ0QsTUFBTSxTQUFTLEdBQUcsV0FBVyxDQUFDO1lBQzVCLE9BQU8sRUFBRSxlQUFlO1lBQ3hCLEdBQUcsRUFBRSxnQkFBZ0I7WUFDckIsTUFBTSxFQUFFLFlBQVk7U0FDckIsQ0FBQyxDQUFDO1FBRUgsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLFNBQVMsQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDaEUsTUFBTSxRQUFRLEdBQUcsV0FBVyxDQUFDO1lBQzNCLE9BQU8sRUFBRSxtQkFBbUI7WUFDNUIsR0FBRyxFQUFFLGVBQWU7WUFDcEIsTUFBTSxFQUFFLFlBQVk7U0FDckIsQ0FBQyxDQUFDO1FBRUgsbUJBQW1CLEdBQUcsTUFBTSxRQUFRLENBQUMsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7SUFDL0QsQ0FBQztTQUFNLENBQUM7UUFDTixtQkFBbUIsR0FBRyxjQUFjLENBQUM7SUFDdkMsQ0FBQztJQUNELE9BQU8sbUJBQW1CLENBQUM7QUFDN0IsQ0FBQztBQUVELCtDQUErQztBQUMvQyxLQUFLLFVBQVUsa0JBQWtCLENBQUMsTUFNakM7SUFDQyxNQUFNLG1CQUFtQixHQUFHLE1BQU0sd0JBQXdCLENBQ3hELE1BQU0sQ0FBQyxlQUFlLEVBQ3RCLHVDQUF1QyxFQUN2QyxNQUFNLENBQUMsWUFBWSxDQUNwQixDQUFDO0lBRUYsT0FBTyxtQkFBbUIsQ0FBQztRQUN6QixPQUFPLEVBQUUsTUFBTSxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUM7UUFDL0IsV0FBVyxFQUFFLHdCQUF3QjtRQUNyQyxpQkFBaUIsRUFBRTtZQUNqQixFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLFdBQVcsRUFBRTtZQUN0QyxFQUFFLElBQUksRUFBRSxXQUFXLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRTtTQUNyQztRQUNELE9BQU8sRUFBRTtZQUNQLE9BQU8sRUFBRSxNQUFNLENBQUMsT0FBTztZQUN2QixTQUFTLEVBQUUsVUFBVSxDQUNuQixNQUFNLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxJQUFJLFVBQVUsRUFBRSxDQUNuRTtTQUNGO1FBQ0QsVUFBVSxFQUFFLDRCQUE0QjtRQUN4QyxhQUFhLEVBQUUsbUJBQW1CO0tBQ25DLENBQUMsQ0FBQztBQUNMLENBQUM7QUFNRCxLQUFLLFVBQVUsVUFBVSxDQUN2QixZQUFxRCxFQUNyRCxhQUF3QztJQUV4QyxPQUFPLE1BQU0sWUFBWSxDQUFDLGFBQWEsQ0FBQyxhQUFhLENBQUMsQ0FBQztBQUN6RCxDQUFDO0FBRUQsU0FBUyxzQkFBc0IsQ0FBQyxPQUFvQjtJQUNsRCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRTtRQUM1QixPQUFPLE1BQU0sQ0FBQyxxQkFBcUIsRUFBRTtZQUNuQyxNQUFNLEVBQUUsTUFBTTtZQUNkLFFBQVEsRUFBRTtnQkFDUixLQUFLLEVBQUU7b0JBQ0wsSUFBSSxFQUFFLHVCQUF1QjtvQkFDN0IsS0FBSyxFQUFFLEVBQUU7aUJBQ1Y7YUFDRjtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUMsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELFNBQVMsMkJBQTJCLENBQUMsTUFLcEM7SUFDQyxPQUFPLE1BQU0sQ0FBQyw0QkFBNEIsRUFBRTtRQUMxQyxXQUFXLEVBQUUsTUFBTSxDQUFDLFdBQVc7UUFDL0IsaUJBQWlCLEVBQUUsTUFBTSxDQUFDLGlCQUFpQjtRQUMzQyxlQUFlLEVBQUUsTUFBTSxDQUFDLGVBQWU7UUFDdkMsZUFBZSxFQUFFLE1BQU0sQ0FBQyxlQUFlO1lBQ3JDLENBQUMsQ0FBQyxNQUFNLENBQUMsZUFBZTtZQUN4QixDQUFDLENBQUMsSUFBSSxVQUFVLEVBQUU7S0FDckIsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELE1BQU0sQ0FBQyxLQUFLLFVBQVUsNEJBQTRCLENBQ2hELFlBR0MsRUFDRCxnQkFBa0M7SUFFbEMsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUNoQixZQUFZLENBQUMsR0FBRyxDQUFDLEtBQUssRUFBRSxHQUFHLEVBQUUsRUFBRTtRQUM3QixtREFBbUQ7UUFDbkQsSUFBSSxXQUFXLElBQUksR0FBRyxJQUFJLEdBQUcsQ0FBQyxTQUFTLEtBQUssU0FBUyxFQUFFLENBQUM7WUFDdEQsT0FBTyxHQUEyRCxDQUFDO1FBQ3JFLENBQUM7UUFFRCwrQ0FBK0M7UUFDL0MsSUFBSSxvQkFBb0IsSUFBSSxHQUFHLElBQUksR0FBRyxDQUFDLGtCQUFrQixLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQ3hFLE1BQU0sWUFBWSxHQUFHLEdBR3BCLENBQUM7WUFDRixNQUFNLEVBQUUsR0FBRyxVQUFVLENBQUMsWUFBWSxDQUFDLGtCQUFrQixDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUV4RSxNQUFNLGNBQWMsR0FBRyxNQUFNLE9BQU8sQ0FBQyxnQkFBZ0IsRUFBRSxFQUFFLENBQUMsQ0FBQztZQUMzRCxNQUFNLFdBQVcsR0FBRyxhQUFhLENBQUMsY0FBYyxDQUFDLENBQUM7WUFDbEQsTUFBTSxVQUFVLEdBQUcsYUFBYSxDQUFDLFlBQVksQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUV0RCxPQUFPO2dCQUNMLE1BQU0sRUFBRSxZQUFZLENBQUMsTUFBTTtnQkFDM0IsU0FBUyxFQUFFLGlCQUFpQixDQUMxQixpQkFBaUIsQ0FBQyxLQUFLLEVBQ3ZCLFVBQThCLEVBQzlCLFdBQVcsQ0FDWjtnQkFDRCxxQkFBcUIsRUFBRSxZQUFZLENBQUMscUJBQXFCO2FBQ0YsQ0FBQztRQUM1RCxDQUFDO1FBRUQsTUFBTSxJQUFJLG9CQUFvQixDQUM1QixnREFBZ0QsQ0FDakQsQ0FBQztJQUNKLENBQUMsQ0FBQyxDQUNILENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7R0FJRztBQUNILE1BQU0sVUFBVSxjQUFjLENBQUMsTUFBaUI7SUFDOUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLElBQUksTUFBTSxDQUFDLE1BQU0sS0FBSyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDO1FBQzdELE1BQU0sSUFBSSxvQkFBb0IsQ0FDNUIsb0VBQW9FLENBQ3JFLENBQUM7SUFDSixDQUFDO0FBQ0gsQ0FBQyJ9
|
|
@@ -16,6 +16,7 @@ export type DecryptionAttestation<S extends EncryptionScheme, T extends Supporte
|
|
|
16
16
|
export type EncryptedDecryptionAttestation<S extends EncryptionScheme, T extends SupportedFheType> = {
|
|
17
17
|
handle: HexString;
|
|
18
18
|
encryptedPlaintext: EncryptResultOf<S, T>;
|
|
19
|
+
encryptedSignatures: Uint8Array[];
|
|
19
20
|
covalidatorSignatures: Uint8Array[];
|
|
20
21
|
};
|
|
21
22
|
export type AttestedDecryptor<S extends EncryptionScheme> = <T extends SupportedFheType>(args: AttestedDecryptFnArgs<S, T>) => Promise<DecryptionAttestation<S, T>>;
|
|
@@ -146,10 +146,23 @@ export type AttestedComputeRequest = Message<"inco.kms.lite.v1.AttestedComputeRe
|
|
|
146
146
|
* @generated from field: string user_address = 1;
|
|
147
147
|
*/
|
|
148
148
|
userAddress: string;
|
|
149
|
+
/**
|
|
150
|
+
* reencrypt_pub_key is the encoding of the user's public
|
|
151
|
+
* encryption key (secp256k1) used to reencrypt the result for.
|
|
152
|
+
* It is encoded in its 33-byte compressed format.
|
|
153
|
+
* If empty, the KMS will return plaintext decryption instead of reencryption.
|
|
154
|
+
*
|
|
155
|
+
* @generated from field: bytes reencrypt_pub_key = 2;
|
|
156
|
+
*/
|
|
157
|
+
reencryptPubKey: Uint8Array;
|
|
149
158
|
/**
|
|
150
159
|
* eip712_signature is an EIP-712 signature of the following EIP-712 typed data by
|
|
151
160
|
* `user_address` (note that we only give a JSON representation for the sake of
|
|
152
|
-
* readability, but the actual signed data is defined in the EIP-712 spec):
|
|
161
|
+
* readability, but the actual signed data is defined in the EIP-712 spec) where:
|
|
162
|
+
* op - operation to perform
|
|
163
|
+
* lhs - handle of the ciphertext to perform computation on
|
|
164
|
+
* rhs - second plaintext scalar operand
|
|
165
|
+
* publicKey - 0x prefixed reencrypt_pub_key (if any). "0x" otherwise if empty.
|
|
153
166
|
*
|
|
154
167
|
* ```json
|
|
155
168
|
* {
|
|
@@ -160,9 +173,10 @@ export type AttestedComputeRequest = Message<"inco.kms.lite.v1.AttestedComputeRe
|
|
|
160
173
|
* { "name": "chainId", "type": "uint256" }
|
|
161
174
|
* ],
|
|
162
175
|
* "AttestedComputeRequest": [
|
|
163
|
-
* { "name": "op", "type" "uint8"},
|
|
164
|
-
* { "name": "lhs", "type" "bytes32"},
|
|
165
|
-
* { "name": "rhs", "type" "bytes32"}
|
|
176
|
+
* { "name": "op", "type": "uint8"},
|
|
177
|
+
* { "name": "lhs", "type": "bytes32"},
|
|
178
|
+
* { "name": "rhs", "type": "bytes32"},
|
|
179
|
+
* { "name": "publicKey", "type": "bytes" },
|
|
166
180
|
* ]
|
|
167
181
|
* },
|
|
168
182
|
* "primaryType": "AttestedComputeRequest",
|
|
@@ -174,18 +188,19 @@ export type AttestedComputeRequest = Message<"inco.kms.lite.v1.AttestedComputeRe
|
|
|
174
188
|
* "message": {
|
|
175
189
|
* "op": <operation>,
|
|
176
190
|
* "lhs": "<handle1>",
|
|
177
|
-
* "rhs": <plaintextBytes
|
|
191
|
+
* "rhs": <plaintextBytes>, // Also add a comment on length & encoding
|
|
192
|
+
* "publicKey": "0x<reencrypt_pub_key>"
|
|
178
193
|
* }
|
|
179
194
|
* }
|
|
180
195
|
* ```
|
|
181
196
|
*
|
|
182
|
-
* @generated from field: bytes eip712_signature =
|
|
197
|
+
* @generated from field: bytes eip712_signature = 3;
|
|
183
198
|
*/
|
|
184
199
|
eip712Signature: Uint8Array;
|
|
185
200
|
/**
|
|
186
201
|
* Subset of supported binary operations that can be performed on a handle.
|
|
187
202
|
*
|
|
188
|
-
* @generated from field: inco.kms.lite.v1.SupportedScalarBinaryOp op =
|
|
203
|
+
* @generated from field: inco.kms.lite.v1.SupportedScalarBinaryOp op = 4;
|
|
189
204
|
*/
|
|
190
205
|
op: SupportedScalarBinaryOp;
|
|
191
206
|
/**
|
|
@@ -193,13 +208,13 @@ export type AttestedComputeRequest = Message<"inco.kms.lite.v1.AttestedComputeRe
|
|
|
193
208
|
* The user_address must have ACL access to the handle for the attested
|
|
194
209
|
* compute to succeed.
|
|
195
210
|
*
|
|
196
|
-
* @generated from field: string lhs_handle =
|
|
211
|
+
* @generated from field: string lhs_handle = 5;
|
|
197
212
|
*/
|
|
198
213
|
lhsHandle: string;
|
|
199
214
|
/**
|
|
200
215
|
* Second plaintext scalar operand encoded as a hex string (with or without 0x prefix)
|
|
201
216
|
*
|
|
202
|
-
* @generated from field: string rhs_plaintext =
|
|
217
|
+
* @generated from field: string rhs_plaintext = 6;
|
|
203
218
|
*/
|
|
204
219
|
rhsPlaintext: string;
|
|
205
220
|
/**
|
|
@@ -207,7 +222,7 @@ export type AttestedComputeRequest = Message<"inco.kms.lite.v1.AttestedComputeRe
|
|
|
207
222
|
* Either the user_address or sharer must have ACL access to the handles for the attested
|
|
208
223
|
* compute to succeed.
|
|
209
224
|
*
|
|
210
|
-
* @generated from field: inco.kms.lite.v1.ACLProof acl_proof =
|
|
225
|
+
* @generated from field: inco.kms.lite.v1.ACLProof acl_proof = 7;
|
|
211
226
|
*/
|
|
212
227
|
aclProof?: ACLProof;
|
|
213
228
|
};
|
|
@@ -303,12 +318,11 @@ export type Reencryption = Message<"inco.kms.lite.v1.Reencryption"> & {
|
|
|
303
318
|
*/
|
|
304
319
|
userCiphertext: Uint8Array;
|
|
305
320
|
/**
|
|
306
|
-
*
|
|
307
|
-
* TODO scalar declaration.
|
|
321
|
+
* Encrypted signature over the plaintext, encrypted to the user's public key. Can only be decrypted by the user.
|
|
308
322
|
*
|
|
309
|
-
* @generated from field:
|
|
323
|
+
* @generated from field: bytes encrypted_signature = 3;
|
|
310
324
|
*/
|
|
311
|
-
|
|
325
|
+
encryptedSignature: Uint8Array;
|
|
312
326
|
};
|
|
313
327
|
/**
|
|
314
328
|
* Describes the message inco.kms.lite.v1.Reencryption.
|
|
@@ -6,7 +6,7 @@ import { file_inco_kms_lite_v1_types } from "./types_pb";
|
|
|
6
6
|
/**
|
|
7
7
|
* Describes the file inco/kms/lite/v1/kms_service.proto.
|
|
8
8
|
*/
|
|
9
|
-
export const file_inco_kms_lite_v1_kms_service = /*@__PURE__*/ fileDesc("
|
|
9
|
+
export const file_inco_kms_lite_v1_kms_service = /*@__PURE__*/ fileDesc("CiJpbmNvL2ttcy9saXRlL3YxL2ttc19zZXJ2aWNlLnByb3RvEhBpbmNvLmttcy5saXRlLnYxIgwKCktleVJlcXVlc3QiVQoLS2V5UmVzcG9uc2USLQoGa2V5c2V0GAEgASgLMh0uaW5jby5rbXMubGl0ZS52MS5FQ0lFU0tleXNldBIXCg9zaWduaW5nX2FkZHJlc3MYAiABKAkiowEKFkF0dGVzdGVkRGVjcnlwdFJlcXVlc3QSFAoMdXNlcl9hZGRyZXNzGAEgASgJEhkKEXJlZW5jcnlwdF9wdWJfa2V5GAIgASgMEhgKEGVpcDcxMl9zaWduYXR1cmUYAyABKAwSPgoTaGFuZGxlc193aXRoX3Byb29mcxgEIAMoCzIhLmluY28ua21zLmxpdGUudjEuSGFuZGxlV2l0aFByb29mIigKFUF0dGVzdGVkUmV2ZWFsUmVxdWVzdBIPCgdoYW5kbGVzGAMgAygJIvQBChZBdHRlc3RlZENvbXB1dGVSZXF1ZXN0EhQKDHVzZXJfYWRkcmVzcxgBIAEoCRIZChFyZWVuY3J5cHRfcHViX2tleRgCIAEoDBIYChBlaXA3MTJfc2lnbmF0dXJlGAMgASgMEjUKAm9wGAQgASgOMikuaW5jby5rbXMubGl0ZS52MS5TdXBwb3J0ZWRTY2FsYXJCaW5hcnlPcBISCgpsaHNfaGFuZGxlGAUgASgJEhUKDXJoc19wbGFpbnRleHQYBiABKAkSLQoJYWNsX3Byb29mGAcgASgLMhouaW5jby5rbXMubGl0ZS52MS5BQ0xQcm9vZiJjChdBdHRlc3RlZERlY3J5cHRSZXNwb25zZRJIChdkZWNyeXB0aW9uX2F0dGVzdGF0aW9ucxgBIAMoCzInLmluY28ua21zLmxpdGUudjEuRGVjcnlwdGlvbkF0dGVzdGF0aW9uImIKFkF0dGVzdGVkUmV2ZWFsUmVzcG9uc2USSAoXZGVjcnlwdGlvbl9hdHRlc3RhdGlvbnMYASADKAsyJy5pbmNvLmttcy5saXRlLnYxLkRlY3J5cHRpb25BdHRlc3RhdGlvbiJiChdBdHRlc3RlZENvbXB1dGVSZXNwb25zZRJHChZkZWNyeXB0aW9uX2F0dGVzdGF0aW9uGAEgASgLMicuaW5jby5rbXMubGl0ZS52MS5EZWNyeXB0aW9uQXR0ZXN0YXRpb24iGgoJUGxhaW50ZXh0Eg0KBXZhbHVlGAEgASgMIkQKDFJlZW5jcnlwdGlvbhIXCg91c2VyX2NpcGhlcnRleHQYASABKAwSGwoTZW5jcnlwdGVkX3NpZ25hdHVyZRgDIAEoDCKtAQoVRGVjcnlwdGlvbkF0dGVzdGF0aW9uEg4KBmhhbmRsZRgBIAEoCRIwCglwbGFpbnRleHQYAiABKAsyGy5pbmNvLmttcy5saXRlLnYxLlBsYWludGV4dEgAEjYKDHJlZW5jcnlwdGlvbhgDIAEoCzIeLmluY28ua21zLmxpdGUudjEuUmVlbmNyeXB0aW9uSAASEQoJc2lnbmF0dXJlGAQgASgMQgcKBXZhbHVlKqQCChdTdXBwb3J0ZWRTY2FsYXJCaW5hcnlPcBILCgdGSEVfQUREEAASCwoHRkhFX1NVQhABEgsKB0ZIRV9NVUwQAhILCgdGSEVfRElWEAMSCwoHRkhFX1JFTRAEEg8KC0ZIRV9CSVRfQU5EEAUSDgoKRkhFX0JJVF9PUhAGEg8KC0ZIRV9CSVRfWE9SEAcSCwoHRkhFX1NITBAIEgsKB0ZIRV9TSFIQCRIMCghGSEVfUk9UTBAKEgwKCEZIRV9ST1RSEAsSCgoGRkhFX0VREAwSCgoGRkhFX05FEA0SCgoGRkhFX0dFEA4SCgoGRkhFX0dUEA8SCgoGRkhFX0xFEBASCgoGRkhFX0xUEBESCwoHRkhFX01JThASEgsKB0ZIRV9NQVgQEzKFAwoKS21zU2VydmljZRJCCgNLZXkSHC5pbmNvLmttcy5saXRlLnYxLktleVJlcXVlc3QaHS5pbmNvLmttcy5saXRlLnYxLktleVJlc3BvbnNlEmYKD0F0dGVzdGVkRGVjcnlwdBIoLmluY28ua21zLmxpdGUudjEuQXR0ZXN0ZWREZWNyeXB0UmVxdWVzdBopLmluY28ua21zLmxpdGUudjEuQXR0ZXN0ZWREZWNyeXB0UmVzcG9uc2USZgoPQXR0ZXN0ZWRDb21wdXRlEiguaW5jby5rbXMubGl0ZS52MS5BdHRlc3RlZENvbXB1dGVSZXF1ZXN0GikuaW5jby5rbXMubGl0ZS52MS5BdHRlc3RlZENvbXB1dGVSZXNwb25zZRJjCg5BdHRlc3RlZFJldmVhbBInLmluY28ua21zLmxpdGUudjEuQXR0ZXN0ZWRSZXZlYWxSZXF1ZXN0GiguaW5jby5rbXMubGl0ZS52MS5BdHRlc3RlZFJldmVhbFJlc3BvbnNlQjtaOWdpdGh1Yi5jb20vaW5jby1maGV2bS9pbmNvLW1vbm9yZXBvL2NvdmFsaWRhdG9yL2ttcy90eXBlc2IGcHJvdG8z", [file_inco_kms_lite_v1_types]);
|
|
10
10
|
/**
|
|
11
11
|
* Describes the message inco.kms.lite.v1.KeyRequest.
|
|
12
12
|
* Use `create(KeyRequestSchema)` to create a new message.
|
|
@@ -159,4 +159,4 @@ export const SupportedScalarBinaryOpSchema = /*@__PURE__*/ enumDesc(file_inco_km
|
|
|
159
159
|
* @generated from service inco.kms.lite.v1.KmsService
|
|
160
160
|
*/
|
|
161
161
|
export const KmsService = /*@__PURE__*/ serviceDesc(file_inco_kms_lite_v1_kms_service, 0);
|
|
162
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
162
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia21zX3NlcnZpY2VfcGIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvZ2VuZXJhdGVkL2VzL2luY28va21zL2xpdGUvdjEva21zX3NlcnZpY2VfcGIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsaUVBQWlFO0FBQ2pFLG9HQUFvRztBQUNwRyxvQkFBb0I7QUFHcEIsT0FBTyxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUUsV0FBVyxFQUFFLFdBQVcsRUFBRSxNQUFNLDhCQUE4QixDQUFDO0FBRTVGLE9BQU8sRUFBRSwyQkFBMkIsRUFBRSxNQUFNLFlBQVksQ0FBQztBQUd6RDs7R0FFRztBQUNILE1BQU0sQ0FBQyxNQUFNLGlDQUFpQyxHQUFZLGFBQWEsQ0FDckUsUUFBUSxDQUFDLDhoRkFBOGhGLEVBQUUsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDLENBQUM7QUFVMWtGOzs7R0FHRztBQUNILE1BQU0sQ0FBQyxNQUFNLGdCQUFnQixHQUEyQixhQUFhLENBQ25FLFdBQVcsQ0FBQyxpQ0FBaUMsRUFBRSxDQUFDLENBQUMsQ0FBQztBQXlCcEQ7OztHQUdHO0FBQ0gsTUFBTSxDQUFDLE1BQU0saUJBQWlCLEdBQTRCLGFBQWEsQ0FDckUsV0FBVyxDQUFDLGlDQUFpQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBeUVwRDs7O0dBR0c7QUFDSCxNQUFNLENBQUMsTUFBTSw0QkFBNEIsR0FBdUMsYUFBYSxDQUMzRixXQUFXLENBQUMsaUNBQWlDLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFpQnBEOzs7R0FHRztBQUNILE1BQU0sQ0FBQyxNQUFNLDJCQUEyQixHQUFzQyxhQUFhLENBQ3pGLFdBQVcsQ0FBQyxpQ0FBaUMsRUFBRSxDQUFDLENBQUMsQ0FBQztBQXNHcEQ7OztHQUdHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sNEJBQTRCLEdBQXVDLGFBQWEsQ0FDM0YsV0FBVyxDQUFDLGlDQUFpQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBaUJwRDs7O0dBR0c7QUFDSCxNQUFNLENBQUMsTUFBTSw2QkFBNkIsR0FBd0MsYUFBYSxDQUM3RixXQUFXLENBQUMsaUNBQWlDLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFpQnBEOzs7R0FHRztBQUNILE1BQU0sQ0FBQyxNQUFNLDRCQUE0QixHQUF1QyxhQUFhLENBQzNGLFdBQVcsQ0FBQyxpQ0FBaUMsRUFBRSxDQUFDLENBQUMsQ0FBQztBQWdCcEQ7OztHQUdHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sNkJBQTZCLEdBQXdDLGFBQWEsQ0FDN0YsV0FBVyxDQUFDLGlDQUFpQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBZ0JwRDs7O0dBR0c7QUFDSCxNQUFNLENBQUMsTUFBTSxlQUFlLEdBQTBCLGFBQWEsQ0FDakUsV0FBVyxDQUFDLGlDQUFpQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBdUJwRDs7O0dBR0c7QUFDSCxNQUFNLENBQUMsTUFBTSxrQkFBa0IsR0FBNkIsYUFBYSxDQUN2RSxXQUFXLENBQUMsaUNBQWlDLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUE2RXBEOzs7R0FHRztBQUNILE1BQU0sQ0FBQyxNQUFNLDJCQUEyQixHQUFzQyxhQUFhLENBQ3pGLFdBQVcsQ0FBQyxpQ0FBaUMsRUFBRSxFQUFFLENBQUMsQ0FBQztBQUVyRDs7R0FFRztBQUNILE1BQU0sQ0FBTixJQUFZLHVCQW9HWDtBQXBHRCxXQUFZLHVCQUF1QjtJQUNqQzs7T0FFRztJQUNILDJFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDJFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDJFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDJFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDJFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILG1GQUFlLENBQUE7SUFFZjs7T0FFRztJQUNILGlGQUFjLENBQUE7SUFFZDs7T0FFRztJQUNILG1GQUFlLENBQUE7SUFFZjs7T0FFRztJQUNILDJFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDJFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDhFQUFhLENBQUE7SUFFYjs7T0FFRztJQUNILDhFQUFhLENBQUE7SUFFYjs7T0FFRztJQUNILDBFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDBFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDBFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDBFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDBFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDBFQUFXLENBQUE7SUFFWDs7T0FFRztJQUNILDRFQUFZLENBQUE7SUFFWjs7T0FFRztJQUNILDRFQUFZLENBQUE7QUFDZCxDQUFDLEVBcEdXLHVCQUF1QixLQUF2Qix1QkFBdUIsUUFvR2xDO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLENBQUMsTUFBTSw2QkFBNkIsR0FBcUMsYUFBYSxDQUMxRixRQUFRLENBQUMsaUNBQWlDLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFFakQ7Ozs7O0dBS0c7QUFDSCxNQUFNLENBQUMsTUFBTSxVQUFVLEdBOENsQixhQUFhLENBQ2hCLFdBQVcsQ0FBQyxpQ0FBaUMsRUFBRSxDQUFDLENBQUMsQ0FBQyJ9
|
|
@@ -29,7 +29,7 @@ export declare class KmsQuorumClient {
|
|
|
29
29
|
*/
|
|
30
30
|
static fromKmsClients(kmsClients: KmsClient[], threshold: number): KmsQuorumClient;
|
|
31
31
|
attestedDecrypt(request: AttestedDecryptRequest, backoffConfig?: Partial<BackoffConfig>): Promise<(DecryptionAttestation<EciesScheme, SupportedFheType> | EncryptedDecryptionAttestation<EciesScheme, SupportedFheType>)[]>;
|
|
32
|
-
attestedCompute(request: AttestedComputeRequest, backoffConfig?: Partial<BackoffConfig>): Promise<DecryptionAttestation<EciesScheme, SupportedFheType>>;
|
|
32
|
+
attestedCompute(request: AttestedComputeRequest, backoffConfig?: Partial<BackoffConfig>): Promise<DecryptionAttestation<EciesScheme, SupportedFheType> | EncryptedDecryptionAttestation<EciesScheme, SupportedFheType>>;
|
|
33
33
|
attestedReveal(request: AttestedRevealRequest, backoffConfig?: Partial<BackoffConfig>): Promise<(DecryptionAttestation<EciesScheme, SupportedFheType> | EncryptedDecryptionAttestation<EciesScheme, SupportedFheType>)[]>;
|
|
34
34
|
/**
|
|
35
35
|
* Generic method to execute a KMS operation across all clients with retry and threshold logic.
|