@inco/lightning 0.3.2 → 0.4.0

package/README.md

@@ -60,14 +60,6 @@ With a nod to the future we provide the `make release` target which performs a s
 1. PR to main
 2. Manually grab hash from dockerhub which is also `git describe --tags --always --dirty`
 
-## Update denver multi-chain testnet
-
-1. Copy docker tag into [Pulumi.multichain.yaml](../../infraco/pkg/denver/Pulumi.multichain.yaml)
-2. Consider whether to cobber `requestConter.txt` and `lastBlock.txt` depending on the type of update:
-   - If updating a covalidator to an existing contract use `--no-clobber`
-   - If updating a covalidator to a new contract omit `--no-clobber`
-3. Run `pulumi up`
-
 ## Manifest file
 
 [`manifest.yaml`](./manifest.yaml) is a file that tracks Inco Lightning smart contract releases (versioned instances of the executor contract) and deployments (actual instances of the contract on particular chains). The release names correspond to the names of the [solidity libs](./src/libs) that are libraries that statically link to the correct executor for the corresponding release.

package/manifest.yaml

@@ -140,8 +140,8 @@ incoLightning_devnet_v0_340846814:
     salt: "0x8202d2d747784cb7d48868e44c42c4bf162a70bc00b001d6742fded0dd599ede"
   deployments:
     - name: incoLightningPreview_0_2_1__340846814
-      chainId: "4801"
-      chainName: World Chain Sepolia
+      chainId: "9746"
+      chainName: Plasma Testnet
       version:
         major: 0
         minor: 2
@@ -149,11 +149,11 @@ incoLightning_devnet_v0_340846814:
         shortSalt: "340846814"
       decryptSigner: "0x138AcbDC1FA02b955949d8Da09E546Ea7748710f"
       eciesPublicKey: "0x038a582d29083c2f3fefe024bf4dd9ab913ab8973716977da5f01106e0b84095b1"
-      blockNumber: "17365942"
-      deployDate: 2025-08-15T17:35:15.208Z
-      commit: v0.2.17-35-g8cca6b4e-dirty
+      blockNumber: "1718868"
+      deployDate: 2025-09-10T15:20:25.654Z
+      commit: v6-7-gf96f358e-dirty
       active: true
-    - name: incoLightningPreview_0_2_1__340846814
+    - name: incoLightning_0_2_1__340846814
       chainId: "9746"
       chainName: Plasma Testnet
       version:
@@ -162,11 +162,24 @@ incoLightning_devnet_v0_340846814:
         patch: 1
         shortSalt: "340846814"
       decryptSigner: "0x138AcbDC1FA02b955949d8Da09E546Ea7748710f"
-      eciesPublicKey: "0x048a582d29083c2f3fefe024bf4dd9ab913ab8973716977da5f01106e0b8\
-        4095b1e647a9e377175fcb66bda05087c93b05e1fd53a704d0914bb23a0b2a69e9f235"
-      blockNumber: "3339121"
-      deployDate: 2025-08-07T12:14:56.788Z
-      commit: v0.2.17-28-gfd11c1aa-dirty
+      eciesPublicKey: "0x038a582d29083c2f3fefe024bf4dd9ab913ab8973716977da5f01106e0b84095b1"
+      blockNumber: "1717229"
+      deployDate: 2025-09-10T14:53:07.218Z
+      commit: v6-7-gf96f358e-dirty
+      active: true
+    - name: incoLightningPreview_0_2_1__340846814
+      chainId: "4801"
+      chainName: World Chain Sepolia
+      version:
+        major: 0
+        minor: 2
+        patch: 1
+        shortSalt: "340846814"
+      decryptSigner: "0x138AcbDC1FA02b955949d8Da09E546Ea7748710f"
+      eciesPublicKey: "0x038a582d29083c2f3fefe024bf4dd9ab913ab8973716977da5f01106e0b84095b1"
+      blockNumber: "17365942"
+      deployDate: 2025-08-15T17:35:15.208Z
+      commit: v0.2.17-35-g8cca6b4e-dirty
       active: true
     - name: incoLightning_0_2_0__340846814
       chainId: "84532"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@inco/lightning",
-  "version": "0.3.2",
+  "version": "0.4.0",
   "repository": "https://github.com/Inco-fhevm/inco-monorepo",
   "files": [
     "src/",

package/src/Lib.alphanet.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/Lib.demonet.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/Lib.devnet.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/Lib.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/Lib.template.sol

@@ -444,6 +444,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/Lib.testnet.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/libs/incoLightning_alphanet_v0_297966649.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/libs/incoLightning_demonet_v0_863421733.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/libs/incoLightning_devnet_v0_340846814.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/libs/incoLightning_testnet_v0_183408998.sol

@@ -410,6 +410,18 @@ library e {
         inco.allow(eaddress.unwrap(a), to);
     }
 
+    function reveal(euint256 a) internal {
+        inco.reveal(euint256.unwrap(a));
+    }
+
+    function reveal(ebool a) internal {
+        inco.reveal(ebool.unwrap(a));
+    }
+
+    function reveal(eaddress a) internal {
+        inco.reveal(eaddress.unwrap(a));
+    }
+
     function allowThis(euint256 a) internal {
         allow(a, address(this));
     }

package/src/lightning-parts/AccessControl/BaseAccessControlList.gen.sol

@@ -7,6 +7,9 @@ interface IBaseAccessControlListGen {
     /// @dev persistent
     function allow(bytes32 handle, address account) external;
 
+    /// @dev Permanently allows public decryption/reencryption access to anyone for the given handle.
+    function reveal(bytes32 handle) external;
+
     function allowTransient(bytes32 handle, address account) external;
 
     function allowedTransient(bytes32 handle, address account) external view returns (bool);
@@ -16,4 +19,6 @@ interface IBaseAccessControlListGen {
     function persistAllowed(bytes32 handle, address account) external view returns (bool);
 
     function isAllowed(bytes32 handle, address account) external view returns (bool);
+
+    function isRevealed(bytes32 handle) external view returns (bool);
 }

package/src/lightning-parts/AccessControl/BaseAccessControlList.sol

@@ -7,6 +7,7 @@ import {IBaseAccessControlListGen} from "./BaseAccessControlList.gen.sol";
 contract AccessControlListStorage {
     struct ACLStorage {
         mapping(bytes32 handle => mapping(address account => bool isAllowed)) persistedAllowedPairs;
+        mapping(bytes32 handle => bool isAllowed) persistedAllowedForDecryption;
     }
 
     bytes32 private constant ACLStorageLocation = keccak256("inco.storage.ACL");
@@ -30,6 +31,16 @@ contract BaseAccessControlList is IBaseAccessControlListGen, AccessControlListSt
         allowInternal(handle, account);
     }
 
+    /// @dev Permanently allows public decryption/reencryption access to anyone for the given handle.
+    function reveal(bytes32 handle) public {
+        require(
+            isAllowed(handle, msg.sender),
+            SenderNotAllowedForHandle(handle, msg.sender)
+        );
+        ACLStorage storage $ = getACLStorage();
+        $.persistedAllowedForDecryption[handle] = true;
+    }
+
     /// @dev persistent
     function allowInternal(bytes32 handle, address account) internal {
         ACLStorage storage $ = getACLStorage();
@@ -101,6 +112,14 @@ contract BaseAccessControlList is IBaseAccessControlListGen, AccessControlListSt
     ) public view returns (bool) {
         return
             allowedTransient(handle, account) ||
-            persistAllowed(handle, account);
+            persistAllowed(handle, account) ||
+            isRevealed(handle);
+    }
+
+    function isRevealed(
+        bytes32 handle
+    ) public view returns (bool) {
+        ACLStorage storage $ = getACLStorage();
+        return $.persistedAllowedForDecryption[handle];
     }
 }

package/src/lightning-parts/AccessControl/test/TestBaseAccessControl.t.sol

@@ -1,12 +1,25 @@
 // SPDX-License-Identifier: No License
 pragma solidity ^0.8;
 
-import {TestUtils} from "@inco/shared/src/TestUtils.sol";
 import {BaseAccessControlList} from "../BaseAccessControlList.sol";
+import {inco, e, euint256} from "@inco/lightning/src/Lib.sol";
+import {IncoTest} from "@inco/lightning/src/test/IncoTest.sol";
+
+contract TestBaseAccessControl is BaseAccessControlList, IncoTest {
+    using e for euint256;
 
-contract TestBaseAccessControl is BaseAccessControlList, TestUtils {
     function testHandleZeroIsDisallowed() public view {
         bytes32 handle = bytes32(0);
         assert(!isAllowed(handle, alice));
     }
+
+    function testReveal() public {
+        euint256 secret = inco.asEuint256(1337);
+        assert(inco.isAllowed(euint256.unwrap(secret), address(this)));
+        assert(!inco.isAllowed(euint256.unwrap(secret), alice));
+
+        inco.reveal(euint256.unwrap(secret));
+        assert(inco.isAllowed(euint256.unwrap(secret), address(this)));
+        assert(inco.isAllowed(euint256.unwrap(secret), alice));
+    }
 }

package/src/lightning-parts/EncryptedInput.gen.sol

@@ -4,7 +4,7 @@ pragma solidity ^0.8;
 import { BaseAccessControlList } from "./AccessControl/BaseAccessControlList.sol";
 import { EventCounter } from "./primitives/EventCounter.sol";
 import { HandleGeneration } from "./primitives/HandleGeneration.sol";
-import { euint256, ebool, eaddress, ETypes, EVM_HOST_CHAIN_PREFIX, HANDLE_VERSION, HANDLE_INDEX } from "../Types.sol";
+import { euint256, ebool, eaddress, EOps, ETypes, EVM_HOST_CHAIN_PREFIX, HANDLE_VERSION, HANDLE_INDEX } from "../Types.sol";
 import { HandleAlreadyExists } from "../Errors.sol";
 
 interface IEncryptedInputGen {

package/src/lightning-parts/EncryptedInput.sol

@@ -4,7 +4,7 @@ pragma solidity ^0.8;
 import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
 import {EventCounter} from "./primitives/EventCounter.sol";
 import {HandleGeneration} from "./primitives/HandleGeneration.sol";
-import {euint256, ebool, eaddress, ETypes, EVM_HOST_CHAIN_PREFIX, HANDLE_VERSION, HANDLE_INDEX} from "../Types.sol";
+import {euint256, ebool, eaddress, EOps, ETypes, EVM_HOST_CHAIN_PREFIX, HANDLE_VERSION, HANDLE_INDEX} from "../Types.sol";
 import {IEncryptedInputGen} from "./EncryptedInput.gen.sol";
 import {HandleAlreadyExists} from "../Errors.sol";
 
@@ -57,13 +57,15 @@ abstract contract EncryptedInput is
         // We allow to user since this is harmless and it is convenient to use the allow mapping to track existing
         allowInternal(newHandle, user);
         allowTransientInternal(newHandle, msg.sender);
+        uint256 id = getNextEventId();
         emit NewInput(
             newHandle,
             msg.sender,
             user,
             inputType,
             ciphertext,
-            getNewEventId()
+            id
         );
+        setDigest(abi.encodePacked(newHandle, id));
     }
 }

package/src/lightning-parts/EncryptedOperations.sol

@@ -248,7 +248,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EAdd(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EAdd(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eSub(
@@ -263,7 +265,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit ESub(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ESub(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eMul(
@@ -278,8 +282,10 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EMul(lhs, rhs, result, getNewEventId());
-    }
+        uint256 id = getNextEventId();
+        emit EMul(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
+     }
 
     function eDiv(
         euint256 lhs,
@@ -293,7 +299,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EDiv(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EDiv(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eRem(
@@ -308,7 +316,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit ERem(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ERem(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eBitAnd(
@@ -321,7 +331,9 @@ abstract contract EncryptedOperations is
         checkInput(rhs, typeToBitMask(rhsType));
         require(lhsType == rhsType, UnexpectedType(lhsType, typeToBitMask(rhsType)));
         result = createResultHandle(EOps.BitAnd, lhsType, lhs, rhs);
-        emit EBitAnd(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EBitAnd(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eBitOr(
@@ -334,7 +346,9 @@ abstract contract EncryptedOperations is
         checkInput(rhs, typeToBitMask(rhsType));
         require(lhsType == rhsType, UnexpectedType(lhsType, typeToBitMask(rhsType)));
         result = createResultHandle(EOps.BitOr, lhsType, lhs, rhs);
-        emit EBitOr(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EBitOr(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eBitXor(
@@ -347,7 +361,9 @@ abstract contract EncryptedOperations is
         checkInput(rhs, typeToBitMask(rhsType));
         require(lhsType == rhsType, UnexpectedType(lhsType, typeToBitMask(rhsType)));
         result = createResultHandle(EOps.BitXor, lhsType, lhs, rhs);
-        emit EBitXor(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EBitXor(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eShl(
@@ -362,7 +378,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EShl(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EShl(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eShr(
@@ -377,7 +395,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EShr(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EShr(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eRotl(
@@ -392,7 +412,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit ERotl(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ERotl(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eRotr(
@@ -407,7 +429,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit ERotr(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ERotr(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eEq(
@@ -425,7 +449,9 @@ abstract contract EncryptedOperations is
                 rhs
             )
         );
-        emit EEq(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EEq(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eNe(
@@ -443,7 +469,9 @@ abstract contract EncryptedOperations is
                 rhs
             )
         );
-        emit ENe(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ENe(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eGe(
@@ -458,7 +486,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EGe(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EGe(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eGt(
@@ -473,7 +503,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EGt(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EGt(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eLe(
@@ -488,7 +520,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit ELe(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ELe(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eLt(
@@ -503,7 +537,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit ELt(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ELt(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eMin(
@@ -518,7 +554,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EMin(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EMin(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eMax(
@@ -533,7 +571,9 @@ abstract contract EncryptedOperations is
                 euint256.unwrap(rhs)
             )
         );
-        emit EMax(lhs, rhs, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EMax(lhs, rhs, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eNot(ebool operand) external returns (ebool result) {
@@ -541,7 +581,9 @@ abstract contract EncryptedOperations is
         result = ebool.wrap(
             createResultHandle(EOps.Not, ETypes.Bool, ebool.unwrap(operand))
         );
-        emit ENot(operand, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ENot(operand, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eCast(
@@ -551,7 +593,9 @@ abstract contract EncryptedOperations is
         bytes32 baseHandle = keccak256(abi.encodePacked(EOps.Cast, ct, toType));
         result = embedTypeVersion(baseHandle, toType);
         allowTransientInternal(result, msg.sender);
-        emit ECast(ct, uint8(toType), result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ECast(ct, uint8(toType), result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eRand(
@@ -568,7 +612,9 @@ abstract contract EncryptedOperations is
         //NOTE: We pass the incremented randCounter which is incremented using postfix increment above.
         // Due to postfix returning the value before incrementing, the emitted randCounter will be larger by one than the number used to build the handle.
         // So for security and replayability reasons, we always use the incremented randCounter when seeding on the covalidator side, which is fine for as long as we're consistent.
-        emit ERand(randCounter, randType, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ERand(randCounter, randType, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function eRandBounded(
@@ -588,7 +634,9 @@ abstract contract EncryptedOperations is
         //NOTE: We pass the incremented randCounter which is incremented using postfix increment above.
         // Due to postfix returning the value before incrementing, the emitted randCounter will be larger by one than the number used to build the handle.
         // So for security and replayability reasons, we always use the incremented randCounter when seeding on the covalidator side, which is fine for as long as we're consistent.
-        emit ERandBounded(randCounter, randType, upperBound, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit ERandBounded(randCounter, randType, upperBound, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     // todo add support in testing framework
@@ -608,7 +656,9 @@ abstract contract EncryptedOperations is
         );
         result = embedTypeVersion(baseHandle, returnType);
         allowTransientInternal(result, msg.sender);
-        emit EIfThenElse(control, ifTrue, ifFalse, result, getNewEventId());
+        uint256 id = getNextEventId();
+        emit EIfThenElse(control, ifTrue, ifFalse, result, id);
+        setDigest(abi.encodePacked(result, id));
     }
 
     function checkEIfThenElseInputs(

package/src/lightning-parts/TrivialEncryption.gen.sol

@@ -2,7 +2,7 @@
 pragma solidity ^0.8;
 
 import { EventCounter } from "./primitives/EventCounter.sol";
-import { euint256, ebool, eaddress, ETypes } from "../Types.sol";
+import { euint256, ebool, eaddress, EOps, ETypes } from "../Types.sol";
 import { BaseAccessControlList } from "./AccessControl/BaseAccessControlList.sol";
 import { HandleGeneration } from "./primitives/HandleGeneration.sol";
 

package/src/lightning-parts/TrivialEncryption.sol

@@ -2,7 +2,7 @@
 pragma solidity ^0.8;
 
 import {EventCounter} from "./primitives/EventCounter.sol";
-import {euint256, ebool, eaddress, ETypes} from "../Types.sol";
+import {euint256, ebool, eaddress, EOps, ETypes} from "../Types.sol";
 import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
 import {HandleGeneration} from "./primitives/HandleGeneration.sol";
 import {ITrivialEncryptionGen} from "./TrivialEncryption.gen.sol";
@@ -40,11 +40,13 @@ abstract contract TrivialEncryption is
     ) internal returns (bytes32 newHandle) {
         newHandle = getTrivialEncryptHandle(plainTextBytes, handleType);
         allowTransientInternal(newHandle, msg.sender);
+        uint256 id = getNextEventId();
         emit TrivialEncrypt(
             newHandle,
             plainTextBytes,
             handleType,
-            getNewEventId()
+            id
         );
+        setDigest(abi.encodePacked(newHandle, id));
     }
 }

package/src/lightning-parts/primitives/EventCounter.gen.sol

@@ -2,5 +2,7 @@
 pragma solidity ^0.8;
 
 interface IEventCounterGen {
+    function getNextEventId() external view returns (uint256);
+
     function getEventCounter() external view returns (uint256);
 }

package/src/lightning-parts/primitives/EventCounter.sol

@@ -5,6 +5,7 @@ import {IEventCounterGen} from "./EventCounter.gen.sol";
 
 contract EventCounterStorage {
     struct Storage {
+        // TODO: change type to bytes32 when we rename away from "counter".
         uint256 eventCounter;
     }
 
@@ -28,7 +29,18 @@ contract EventCounter is IEventCounterGen, EventCounterStorage {
         newEventId = getEventCounterStorage().eventCounter++;
     }
 
-    function getEventCounter() external view returns (uint256) {
+    function setDigest(bytes memory serialization) internal {
+        getEventCounterStorage().eventCounter = uint256(keccak256(serialization));
+    }
+
+    // @notice Gives the next event ID value to use.
+    function getNextEventId() public view returns (uint256) {
         return getEventCounterStorage().eventCounter;
     }
+
+    // @notice Gives the current value of the event counter.
+    // @dev DEPRECATED: use getNextEventId() instead.
+    function getEventCounter() public view returns (uint256) {
+        return getNextEventId();
+    }
 }

package/src/test/AddTwo.sol

@@ -24,20 +24,31 @@ contract AddTwo {
         return inco.eAdd(a, inco.asEuint256(two));
     }
 
+    // To generate a different handle with the same result, instead of adding 2 we add 1 + 1
+    function addTwoAlt(euint256 a) external returns (euint256) {
+        uint256 one = 1;
+        return inco.eAdd(a, inco.eAdd(inco.asEuint256(one), inco.asEuint256(one)));
+    }
+
     function addTwoEOA(
         bytes memory uint256EInput
-    ) external returns (uint256, euint256) {
+    ) external returns (uint256, euint256, euint256) {
         euint256 value = inco.newEuint256(uint256EInput, msg.sender);
         euint256 result = this.addTwo(value);
         inco.allow(euint256.unwrap(result), address(this));
         inco.allow(euint256.unwrap(result), msg.sender);
+
+        // Used to test attested reveal functionality. Note that msg.sender is not allowed, instead we call .reveal() that gives permission to anyone.
+        euint256 resultRevealed = this.addTwoAlt(value);
+        inco.reveal(euint256.unwrap(resultRevealed));
+
         uint256 requestId = inco.requestDecryption(
             this.callback.selector,
             block.timestamp + 2 hours,
             euint256.unwrap(result),
             ""
         );
-        return (requestId, result);
+        return (requestId, result, resultRevealed);
     }
 
     function callback(