@inco/lightning 0.10.0-devnet-3 → 0.11.0-demonet-1

package/manifest.yaml

@@ -1,3 +1,49 @@
+incoLightning_testnet_v11_340321378:
+  executor:
+    name: incoLightning_testnet_v11_340321378
+    majorVersion: 11
+    deployer: "0x8202D2D747784Cb7D48868E44C42C4bf162a70BC"
+    owner: "0x8E0860785c9B9c99B17DCd8c1da89548dA140299"
+    pepper: testnet
+    executorAddress: "0x3cC345Eaa5bEe457AF9C0C3183335a67b62b0066"
+    salt: "0x8202d2d747784cb7d48868e44c42c4bf162a70bc00af1f4ec3705e21d9e36c62"
+  deployments:
+    - name: incoLightning_11_0_0__340321378
+      chainId: "84532"
+      chainName: Base Sepolia
+      version:
+        major: 11
+        minor: 0
+        patch: 0
+        shortSalt: "340321378"
+      blockNumber: "40623608"
+      deployDate: 2026-04-24T07:25:07.657Z
+      commit: v0.10.0-devnet-2-12-gfac57f53-dirty
+      active: true
+      includesPreviewFeatures: false
+incoLightning_demonet_v11_473256067:
+  executor:
+    name: incoLightning_demonet_v11_473256067
+    majorVersion: 11
+    deployer: "0x8202D2D747784Cb7D48868E44C42C4bf162a70BC"
+    owner: "0x8E0860785c9B9c99B17DCd8c1da89548dA140299"
+    pepper: demonet
+    executorAddress: "0xad9Af2e804FbF14d69391167F1FCDf918A3980fb"
+    salt: "0x8202d2d747784cb7d48868e44c42c4bf162a70bc00056195a8d84ba47a58b683"
+  deployments:
+    - name: incoLightning_11_0_1__473256067
+      chainId: "84532"
+      chainName: Base Sepolia
+      version:
+        major: 11
+        minor: 0
+        patch: 1
+        shortSalt: "473256067"
+      blockNumber: "40887358"
+      deployDate: 2026-04-30T09:56:46.927Z
+      commit: v0.11.0-testnet-3-10-g6b4bb85b
+      active: true
+      includesPreviewFeatures: false
 incoLightning_devnet_v10_266391127:
   executor:
     name: incoLightning_devnet_v10_266391127

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@inco/lightning",
-  "version": "0.10.0-devnet-3",
+  "version": "0.11.0-demonet-1",
   "repository": "https://github.com/Inco-fhevm/inco-monorepo",
   "files": [
     "src/",

package/src/IncoLightning.sol

@@ -35,9 +35,7 @@ contract IncoLightning is IIncoLightning, TrivialEncryption, EList, UUPSUpgradea
 
     /// @notice Authorizes contract upgrades (restricted to owner only)
     /// @dev Required by UUPSUpgradeable. Only the contract owner can authorize upgrades.
-    function _authorizeUpgrade(address) internal view override {
-        require(msg.sender == owner());
-    }
+    function _authorizeUpgrade(address) internal view override onlyOwner {}
 
     /// @notice Initializes the proxy with an owner address
     /// @dev Must be called immediately after proxy deployment. Can only be called once.

package/src/IncoVerifier.sol

@@ -21,9 +21,7 @@ contract IncoVerifier is IIncoVerifier, AdvancedAccessControl, DecryptionAtteste
 
     /// @notice Authorizes contract upgrades (restricted to owner only)
     /// @dev Required by UUPSUpgradeable. Only the contract owner can authorize upgrades.
-    function _authorizeUpgrade(address) internal view override {
-        require(msg.sender == owner());
-    }
+    function _authorizeUpgrade(address) internal view override onlyOwner {}
 
     /// @notice Initializes the proxy with an owner address and EIP712 parameters
     /// @dev Must be called immediately after proxy deployment. Can only be called once.

package/src/Lib.alphanet.sol

@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/Lib.demonet.sol

@@ -10,7 +10,7 @@ import { ebool, euint256, eaddress, ETypes, elist, IndexOutOfRange, InvalidRange
 import { asBool } from "./shared/TypeUtils.sol";
 import { DecryptionAttestation, ElementAttestationWithProof } from "./lightning-parts/DecryptionAttester.types.sol";
 
-IncoLightning constant inco = IncoLightning(payable(0xA95EAbCE575f5f1e52605358Ee893F6536166378));
+IncoLightning constant inco = IncoLightning(payable(0xad9Af2e804FbF14d69391167F1FCDf918A3980fb));
 address constant deployedBy = 0x8202D2D747784Cb7D48868E44C42C4bf162a70BC;
 
 /// @notice Returns the ETypes enum value encoded in a handle
@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/Lib.devnet.sol

@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/Lib.sol

@@ -10,7 +10,7 @@ import { ebool, euint256, eaddress, ETypes, elist, IndexOutOfRange, InvalidRange
 import { asBool } from "./shared/TypeUtils.sol";
 import { DecryptionAttestation, ElementAttestationWithProof } from "./lightning-parts/DecryptionAttester.types.sol";
 
-IncoLightning constant inco = IncoLightning(payable(0x9C6b74dff47644956e712B301aa3701b3141fF9C));
+IncoLightning constant inco = IncoLightning(payable(0x3cC345Eaa5bEe457AF9C0C3183335a67b62b0066));
 address constant deployedBy = 0x8202D2D747784Cb7D48868E44C42C4bf162a70BC;
 
 /// @notice Returns the ETypes enum value encoded in a handle
@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/Lib.template.sol

@@ -814,6 +814,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    /// @param a The elist
+    /// @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     /// @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -832,6 +839,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    /// @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     /// @param handle The encrypted handle
     /// @param value The claimed decrypted value
@@ -872,6 +885,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    /// @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     /// @param user The address to check
     /// @param a The encrypted uint256

package/src/Lib.testnet.sol

@@ -10,7 +10,7 @@ import { ebool, euint256, eaddress, ETypes, elist, IndexOutOfRange, InvalidRange
 import { asBool } from "./shared/TypeUtils.sol";
 import { DecryptionAttestation, ElementAttestationWithProof } from "./lightning-parts/DecryptionAttester.types.sol";
 
-IncoLightning constant inco = IncoLightning(payable(0x168FDc3Ae19A5d5b03614578C58974FF30FCBe92));
+IncoLightning constant inco = IncoLightning(payable(0x3cC345Eaa5bEe457AF9C0C3183335a67b62b0066));
 address constant deployedBy = 0x8202D2D747784Cb7D48868E44C42C4bf162a70BC;
 
 /// @notice Returns the ETypes enum value encoded in a handle
@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/Types.sol

@@ -284,7 +284,6 @@ uint8 constant HANDLE_INDEX = 0;
 // constant string makes cross-path collision resistance structural rather than incidental:
 // preimages from different derivation paths can never align byte-for-byte regardless of length.
 // These must be kept in sync with the Go (pkg/fhe) and TS (js/src/handle.ts) implementations.
-string constant SEP_INPUT_PREHANDLE = "inco/handle/input-prehandle";
 string constant SEP_INPUT_HANDLE = "inco/handle/input-handle";
 string constant SEP_INPUT_CONTEXT = "inco/handle/input-context";
 string constant SEP_OP_RESULT = "inco/handle/op-result";

package/src/interfaces/automata-interfaces/IPCCSRouterExtended.sol

@@ -9,4 +9,6 @@ interface IPCCSRouterExtended is IPCCSRouter {
 
     function setAuthorized(address caller, bool authorized) external;
 
+    function transferOwnership(address newOwner) external;
+
 }

package/src/libs/incoLightning_alphanet_v0_297966649.sol

@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/libs/incoLightning_alphanet_v1_725458969.sol

@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/libs/incoLightning_alphanet_v2_976644394.sol

@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256

package/src/libs/incoLightning_demonet_v0_863421733.sol

@@ -801,6 +801,13 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    /// @notice Allows an address to access an elist
+    ///  @param a The elist
+    ///  @param to The address to allow
+    function allow(elist a, address to) internal {
+        inco.allow(elist.unwrap(a), to);
+    }
+
     /// @notice Reveals an encrypted uint256
     ///  @param a The encrypted uint256
     function reveal(euint256 a) internal {
@@ -819,6 +826,12 @@ library e {
         inco.reveal(eaddress.unwrap(a));
     }
 
+    /// @notice Reveals an elist (makes all elements publicly readable without wallet authentication)
+    ///  @param a The elist
+    function reveal(elist a) internal {
+        inco.reveal(elist.unwrap(a));
+    }
+
     /// @notice Verifies a decryption attestation for a euint256
     ///  @param handle The encrypted handle
     ///  @param value The claimed decrypted value
@@ -857,6 +870,12 @@ library e {
         allow(a, address(this));
     }
 
+    /// @notice Allows this contract to access an elist
+    ///  @param a The elist
+    function allowThis(elist a) internal {
+        allow(a, address(this));
+    }
+
     /// @notice Checks if a user is allowed to access an encrypted uint256
     ///  @param user The address to check
     ///  @param a The encrypted uint256