npm - @inco/lightning - Versions diffs - 0.4.0 → 0.5.1 - Mend

@inco/lightning 0.4.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/src/DeployTEE.sol DELETED Viewed

@@ -1,153 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import {Script} from "forge-std/Script.sol";
-import {Vm} from "forge-std/Vm.sol";
-import {console} from "forge-std/console.sol";
-import {IQuoteVerifier} from "automata-dcap-attestation/interfaces/IQuoteVerifier.sol";
-import {TEELifecycle} from "./lightning-parts/TEELifecycle.sol";
-import {CA} from "@automata-network/on-chain-pccs/Common.sol";
-import {EnclaveIdentityJsonObj, IdentityObj, EnclaveIdentityHelper} from "@automata-network/on-chain-pccs/helpers/EnclaveIdentityHelper.sol";
-import {TcbInfoJsonObj, FmspcTcbHelper} from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol";
-import {PCKHelper} from "@automata-network/on-chain-pccs/helpers/PCKHelper.sol";
-import {X509CRLHelper} from "@automata-network/on-chain-pccs/helpers/X509CRLHelper.sol";
-import {AutomataFmspcTcbDao} from "@automata-network/on-chain-pccs/automata_pccs/AutomataFmspcTcbDao.sol";
-import {AutomataEnclaveIdentityDao} from "@automata-network/on-chain-pccs/automata_pccs/AutomataEnclaveIdentityDao.sol";
-import {AutomataPcsDao} from "@automata-network/on-chain-pccs/automata_pccs/AutomataPcsDao.sol";
-import {AutomataPckDao} from "@automata-network/on-chain-pccs/automata_pccs/AutomataPckDao.sol";
-import {AutomataDaoStorage} from "@automata-network/on-chain-pccs/automata_pccs/shared/AutomataDaoStorage.sol";
-import {PCCSRouter} from "@automata-network/dcap-attestation/PCCSRouter.sol";
-import {V4QuoteVerifier} from "@automata-network/dcap-attestation/verifiers/V4QuoteVerifier.sol";
-// For now we don't use deployments for TEELifecycle, as we do for IncoLightning.
-// @todo: Use deployments for TEELifecycle
-// ref: https://github.com/Inco-fhevm/inco-monorepo/issues/875
-string constant EIP712_NAME = "TEELifecycle";
-string constant EIP712_VERSION = "1.0.0";
-// DeployTEE is a script that deplots all TEE-related supporting contracts for IncoLightning.
-contract DeployTEE is Script {
-    // The default address of the P256 Verifier contract that is used to verify the P256 signatures.
-    // It is deployed with this address on Ethereum L1, OP Mainnet, Base, Arbitrum.
-    // @dev From: https://github.com/daimo-eth/p256-verifier?tab=readme-ov-file#usage
-    address public P256_VERIFIER = 0xc2b78104907F722DABAc4C69f826a522B2754De4;
-    // The PCCSRouter contract is used as the entrypoint for the management of collateral used to verify quotes.
-    // It is used by the QuoteVerifier to fetch collateral.
-    PCCSRouter public pccsRouter;
-    // These helpers are used to parse the collateral files and upload them to the PCCSRouter.
-    AutomataFmspcTcbDao fmspcTcbDao;
-    AutomataEnclaveIdentityDao enclaveIdDao;
-    // This function deploys a TEELifecycle contract that is used to manage the TEE lifecycle for the IncoLightning contract.
-    // @dev The TEELifecycle contract is used to manage the TEE lifecycle for the IncoLightning contract.
-    //      It is used to verify quotes, and to manage the TEE lifecycle.
-    //      It is also used to manage the EOA signers for the IncoLightning contract.
-    // @param quoteVerifierAddress The address of the QuoteVerifier contract to be used by the TEELifecycle contract.
-    function deployTEELifecycle(address deployer, address quoteVerifierAddress) internal returns (TEELifecycle) {
-        // TODO: Currently TEELifecycle is not UUPS
-        // ref: https://github.com/Inco-fhevm/inco-monorepo/issues/875
-        TEELifecycle implementation = new TEELifecycle();
-        implementation.initialize(
-            deployer,
-            EIP712_NAME,
-            EIP712_VERSION,
-            quoteVerifierAddress
-        );
-        return implementation;
-    }
-    // This function deploys a QuoteVerifier contract that is used to verify quotes for the IncoLightning contract.
-    // @dev: TDX_HW environment variable is used to determine whether to use the FakeQuoteVerifier or the V4QuoteVerifier.
-    // @dev We deploy two flavors of the QuoteVerifier contract:
-    // - FakeQuoteVerifier: A fake implementation of the QuoteVerifier contract that is used to test the IncoLightning contract.
-    //   This is used for testing purposes, and returns true for all quote verifications.
-    // - V4QuoteVerifier: The real implementation of the QuoteVerifier contract that is used to verify quotes for the IncoLightning contract.
-    //   This is taken from the automata-dcap-attestation package.
-    function deployQuoteVerifier() internal returns (IQuoteVerifier quoteVerifier) {
-        // deploys the QuoteVerifier contract
-        quoteVerifier = new V4QuoteVerifier(
-            P256_VERIFIER,
-            address(pccsRouter)
-        );
-        pccsRouter.setAuthorized(address(quoteVerifier), true);
-    }
-    function deployPCCS(address owner, string memory collateralDir) internal {
-        EnclaveIdentityHelper enclaveIdHelper = new EnclaveIdentityHelper();
-        FmspcTcbHelper tcbHelper = new FmspcTcbHelper();
-        PCKHelper x509 = new PCKHelper();
-        X509CRLHelper x509Crl = new X509CRLHelper();
-        AutomataDaoStorage pccsStorage = new AutomataDaoStorage(owner);
-        AutomataPcsDao pcsDao = new AutomataPcsDao(address(pccsStorage), P256_VERIFIER, address(x509), address(x509Crl));
-        AutomataPckDao pckDao = new AutomataPckDao(address(pccsStorage), P256_VERIFIER, address(pcsDao), address(x509), address(x509Crl));
-        enclaveIdDao = new AutomataEnclaveIdentityDao(
-            address(pccsStorage), P256_VERIFIER, address(pcsDao), address(enclaveIdHelper), address(x509), address(x509Crl)
-        );
-        fmspcTcbDao = new AutomataFmspcTcbDao(address(pccsStorage), P256_VERIFIER, address(pcsDao), address(tcbHelper), address(x509), address(x509Crl));
-        // grants dao permissions to write to the storage
-        pccsStorage.grantDao(address(pcsDao));
-        pccsStorage.grantDao(address(pckDao));
-        pccsStorage.grantDao(address(fmspcTcbDao));
-        pccsStorage.grantDao(address(enclaveIdDao));
-        // grants admin address permission to read collaterals
-        pccsRouter = new PCCSRouter(
-            owner,
-            address(enclaveIdDao),
-            address(fmspcTcbDao),
-            address(pcsDao),
-            address(pckDao),
-            address(x509),
-            address(x509Crl),
-            address(tcbHelper)
-        );
-        // allow PCCS Router to read collaterals from the storage
-        pccsStorage.setCallerAuthorization(address(pccsRouter), true);
-        // Upload Root Certs/CRLs
-        bytes memory rootCaDer = vm.readFileBinary(string.concat(collateralDir, "Intel_SGX_Attestation_RootCA.cer"));
-        pcsDao.upsertPcsCertificates(CA.ROOT, rootCaDer);
-        bytes memory tcbDer = vm.readFileBinary(string.concat(collateralDir, "Intel_SGX_TCB_Signing.cer"));
-        pcsDao.upsertPcsCertificates(CA.SIGNING, tcbDer);
-        bytes memory platformDer = vm.readFileBinary(string.concat(collateralDir, "Intel_SGX_PCK_PlatformCA.cer"));
-        pcsDao.upsertPcsCertificates(CA.PLATFORM, platformDer);
-        bytes memory platformCrlDer = vm.readFileBinary(string.concat(collateralDir, "Intel_SGX_PCK_CRL.crl"));
-        pcsDao.upsertPckCrl(CA.PLATFORM, platformCrlDer);
-        bytes memory rootCrlDer = vm.readFileBinary(string.concat(collateralDir, "AttestationReportSigningCA.crl"));
-        pcsDao.upsertRootCACrl(rootCrlDer);
-    }
-    // This function deploys the P256 Verifier contract that is used to verify P256 signatures.
-    // @dev The code is taken from https://github.com/automata-network/automata-on-chain-pccs/blob/v1.0.0/test/TestSetupBase.t.sol#L91
-    function deployP256() internal {
-        // Known chains that have the P256 Verifier deployed:
-        // Ethereum Mainnet, Optimism Mainnet, Base, Arbitrum
-        // https://github.com/daimo-eth/p256-verifier/tree/master/broadcast/Deploy.s.sol
-        if (block.chainid == 1 || block.chainid == 10 || block.chainid == 8453 || block.chainid == 84531 ) {
-            console.log("P256 Verifier contract is already deployed on this chain, skipping deployment.");
-            return;
-        }
-        require(block.chainid == 31337, "Deploying P256 Verifier is only supported on Anvil chain");
-        bytes memory txdata =
-            hex"00000000000000000000000000000000000000000000000000000000000000006080806040523461001657610dd1908161001c8239f35b600080fdfe60e06040523461001a57610012366100c7565b602081519101f35b600080fd5b6040810190811067ffffffffffffffff82111761003b57604052565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b60e0810190811067ffffffffffffffff82111761003b57604052565b90601f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0910116810190811067ffffffffffffffff82111761003b57604052565b60a08103610193578060201161001a57600060409180831161018f578060601161018f578060801161018f5760a01161018c57815182810181811067ffffffffffffffff82111761015f579061013291845260603581526080356020820152833560203584356101ab565b15610156575060ff6001915b5191166020820152602081526101538161001f565b90565b60ff909161013e565b6024837f4e487b710000000000000000000000000000000000000000000000000000000081526041600452fd5b80fd5b5080fd5b5060405160006020820152602081526101538161001f565b909283158015610393575b801561038b575b8015610361575b6103585780519060206101dc818301938451906103bd565b1561034d57604051948186019082825282604088015282606088015260808701527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60a08701527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551958660c082015260c081526102588161006a565b600080928192519060055afa903d15610345573d9167ffffffffffffffff831161031857604051926102b1857fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f8401160185610086565b83523d828585013e5b156102eb57828280518101031261018c5750015190516102e693929185908181890994099151906104eb565b061490565b807f4e487b7100000000000000000000000000000000000000000000000000000000602492526001600452fd5b6024827f4e487b710000000000000000000000000000000000000000000000000000000081526041600452fd5b6060916102ba565b505050505050600090565b50505050600090565b507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518310156101c4565b5082156101bd565b507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518410156101b6565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff90818110801590610466575b8015610455575b61044d577f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8282818080957fffffffff00000001000000000000000000000000fffffffffffffffffffffffc0991818180090908089180091490565b505050600090565b50801580156103f1575082156103f1565b50818310156103ea565b7f800000000000000000000000000000000000000000000000000000000000000081146104bc577fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0190565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b909192608052600091600160a05260a05193600092811580610718575b61034d57610516838261073d565b95909460ff60c05260005b600060c05112156106ef575b60a05181036106a1575050507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5957f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2969594939291965b600060c05112156105c7575050505050507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff91506105c260a051610ca2565b900990565b956105d9929394959660a05191610a98565b9097929181928960a0528192819a6105f66080518960c051610722565b61060160c051610470565b60c0528061061b5750505050505b96959493929196610583565b969b5061067b96939550919350916001810361068857507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5937f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693610952565b979297919060a05261060f565b6002036106985786938a93610952565b88938893610952565b600281036106ba57505050829581959493929196610583565b9197917ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd0161060f575095508495849661060f565b506106ff6080518560c051610722565b8061070b60c051610470565b60c052156105215761052d565b5060805115610508565b91906002600192841c831b16921c1681018091116104bc5790565b8015806107ab575b6107635761075f91610756916107b3565b92919091610c42565b9091565b50507f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296907f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f590565b508115610745565b919082158061094a575b1561080f57507f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29691507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5906001908190565b7fb01cbd1c01e58065711814b583f061e9d431cca994cea1313449bf97c840ae0a917fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808481600186090894817f94e82e0c1ed3bdb90743191a9c5bbf0d88fc827fd214cc5f0b5ec6ba27673d6981600184090893841561091b575050808084800993840994818460010994828088600109957f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29609918784038481116104bc5784908180867fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0991818580090808978885038581116104bc578580949281930994080908935b93929190565b9350935050921560001461093b5761093291610b6d565b91939092610915565b50506000806000926000610915565b5080156107bd565b91949592939095811580610a90575b15610991575050831580610989575b61097a5793929190565b50600093508392508291508190565b508215610970565b85919294951580610a88575b610a78577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff968703918783116104bc5787838189850908938689038981116104bc5789908184840908928315610a5d575050818880959493928180848196099b8c9485099b8c920999099609918784038481116104bc5784908180867fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0991818580090808978885038581116104bc578580949281930994080908929190565b965096505050509093501560001461093b5761093291610b6d565b9550509150915091906001908190565b50851561099d565b508015610961565b939092821580610b65575b61097a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff908185600209948280878009809709948380888a0998818080808680097fffffffff00000001000000000000000000000000fffffffffffffffffffffffc099280096003090884808a7fffffffff00000001000000000000000000000000fffffffffffffffffffffffd09818380090898898603918683116104bc57888703908782116104bc578780969481809681950994089009089609930990565b508015610aa3565b919091801580610c3a575b610c2d577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff90818460020991808084800980940991817fffffffff00000001000000000000000000000000fffffffffffffffffffffffc81808088860994800960030908958280837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd09818980090896878403918483116104bc57858503928584116104bc5785809492819309940890090892565b5060009150819081908190565b508215610b78565b909392821580610c9a575b610c8d57610c5a90610ca2565b9182917fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80809581940980099009930990565b5050509050600090600090565b508015610c4d565b604051906020918281019183835283604083015283606083015260808201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60a08201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60c082015260c08152610d1a8161006a565b600080928192519060055afa903d15610d93573d9167ffffffffffffffff83116103185760405192610d73857fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f8401160185610086565b83523d828585013e5b156102eb57828280518101031261018c5750015190565b606091610d7c56fea2646970667358221220fa55558b04ced380e93d0a46be01bb895ff30f015c50c516e898c341cd0a230264736f6c63430008150033";
-        // deploys the P256 Verifier contract using the default CREATE2 deterministic deployment contract available of EVM chains including on Anvil
-        // https://github.com/Arachnid/deterministic-deployment-proxy?tab=readme-ov-file#latest-outputs
-        // https://getfoundry.sh/guides/deterministic-deployments-using-create2
-        (bool succ,) = address(0x4e59b44847b379578588920cA78FbF26c0B4956C).call(txdata);
-        require(succ, "Failed to deploy P256");
-        // check code
-        uint256 codesize = P256_VERIFIER.code.length;
-        require(codesize > 0, "P256 deployed to the wrong address");
-    }
-}

package/src/IncoLightning.gen.sol DELETED Viewed

@@ -1,15 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { IIncoLightning } from "./IIncoLightning.sol";
-import { CONTRACT_NAME, MAJOR_VERSION, MINOR_VERSION, PATCH_VERSION } from "./version/IncoLightningConfig.sol";
-import { DecryptionHandler } from "./lightning-parts/DecryptionHandler.sol";
-import { EncryptedInput } from "./lightning-parts/EncryptedInput.sol";
-import { EncryptedOperations } from "./lightning-parts/EncryptedOperations.sol";
-import { TrivialEncryption } from "./lightning-parts/TrivialEncryption.sol";
-import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
-import { Version } from "./version/Version.sol";
-interface IIncoLightningGen {
-    function initialize(address owner, address teeLifecycleAddress) external;
-}

package/src/lightning-parts/AccessControl/BaseAccessControlList.gen.sol DELETED Viewed

@@ -1,24 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { SenderNotAllowedForHandle } from "../../Types.sol";
-interface IBaseAccessControlListGen {
-    /// @dev persistent
-    function allow(bytes32 handle, address account) external;
-    /// @dev Permanently allows public decryption/reencryption access to anyone for the given handle.
-    function reveal(bytes32 handle) external;
-    function allowTransient(bytes32 handle, address account) external;
-    function allowedTransient(bytes32 handle, address account) external view returns (bool);
-    function cleanTransientStorage() external;
-    function persistAllowed(bytes32 handle, address account) external view returns (bool);
-    function isAllowed(bytes32 handle, address account) external view returns (bool);
-    function isRevealed(bytes32 handle) external view returns (bool);
-}

package/src/lightning-parts/DecryptionHandler.gen.sol DELETED Viewed

@@ -1,54 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import "./DecryptionHandler.types.sol";
-import { BaseAccessControlList } from "./AccessControl/BaseAccessControlList.sol";
-import { EIP712 } from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
-import { EventCounter } from "./primitives/EventCounter.sol";
-import { IDecryptionHandlerEip712CheckerGen } from "./DecryptionHandler.gen.sol";
-import { SenderNotAllowedForHandle } from "../Types.sol";
-import { SignatureVerifier } from "./primitives/SignatureVerifier.sol";
-interface IDecryptionHandlerEip712CheckerGen {
-    function decryptionResultDigest(DecryptionResult memory result) external view returns (bytes32);
-}
-interface IDecryptionHandlerGen {
-    /// @dev callback function MUST be of form `function name(bytes32 requestId, bytes32 result, bytes memory data)`
-    function requestDecryption(bytes4 callbackSelector, uint256 maxTimestamp, bytes32 handle, bytes memory data) external returns (uint256 requestId);
-    function fulfillRequest(DecryptionResult memory result, bytes memory signature) external;
-    function fulfillRequestsBatch(SignedDecryptionResult[] memory results) external;
-    ///  @dev Get some pending requests.
-    ///  @param offset A parameter for paginating through the whole set of pending requests.
-    ///      Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
-    ///  @param maxRequests The maximum number of pending to return.
-    ///  @param iterationBound The maximum number of non-pending requests to iterate over before returning.
-    ///  @return nextOffset The next offset to use to continue to scan through the pending request set.
-    ///      Returns the input offset if the whole set has been scanned.  Can re-query with this offset
-    ///      to see any new pending requests, or re-query with a zero offset to return the whole set again.
-    ///  @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
-    ///      more requests available if the returned nextOffset is greater than the input offset.
-    function getPendingRequests(uint256 offset, uint256 maxRequests, uint256 iterationBound) external view returns (uint256 nextOffset, Request[] memory requests);
-    ///  @param offset A parameter for paginating through the whole set of pending requests.
-    ///      Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
-    ///  @param maxRequests The maximum number of pending to return.
-    ///  @return nextOffset The next offset to use to continue to scan through the pending request set.
-    ///      Returns the input offset if the whole set has been scanned.  Can re-query with this offset
-    ///      to see any new pending requests, or re-query with a zero offset to return the whole set again.
-    ///  @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
-    ///      more requests available if the returned nextOffset is greater than the input offset.
-    function getPendingRequests(uint256 offset, uint256 maxRequests) external view returns (uint256 nextOffset, Request[] memory requests);
-    function getNextRequestId() external view returns (uint256);
-    function getLowWatermarkRequestId() external view returns (uint256);
-    ///  @dev Advance the low watermark until we hit a pending request, the requestId counter, or iterationBound steps.
-    ///  @param iterationBound The maximum number of requests to iterate over.
-    ///  @notice This function is public so that we can externally drive the low watermark in extreme cases.
-    function advanceLowWatermark(uint256 iterationBound) external;
-}

package/src/lightning-parts/DecryptionHandler.sol DELETED Viewed

@@ -1,307 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import "./DecryptionHandler.gen.sol";
-import "./DecryptionHandler.types.sol";
-import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
-import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
-import {EventCounter} from "./primitives/EventCounter.sol";
-import {IDecryptionHandlerEip712CheckerGen} from "./DecryptionHandler.gen.sol";
-import {SenderNotAllowedForHandle} from "../Types.sol";
-import {SignatureVerifier} from "./primitives/SignatureVerifier.sol";
-contract DecryptionHandlerStorage {
-    struct DecryptionStorage {
-        // The next request ID to assign. This and higher numbers have never been used,
-        // hence there are no pending requests in that range.
-        uint256 nextRequestId;
-        mapping(uint256 => Request) requests;
-        // A requestId for which all previous requests have been fulfilled or are expired.
-        // Must be less than or equal to nextRequestId.  Only increases.
-        uint256 lowWatermark;
-    }
-    bytes32 private constant DecryptionStorageLocation =
-        keccak256("inco.storage.DecryptionHandler");
-    function getDecryptionStorage()
-        internal
-        pure
-        returns (DecryptionStorage storage $)
-    {
-        bytes32 loc = DecryptionStorageLocation;
-        assembly {
-            $.slot := loc
-        }
-    }
-}
-abstract contract DecryptionHandlerEip712Checker is IDecryptionHandlerEip712CheckerGen, EIP712, SignatureVerifier {
-    bytes32 constant DecryptionResultStructHash =
-        keccak256(
-            "DecryptionResult(bytes32 abiEncodedResult,uint256 requestId)"
-        );
-    function decryptionResultDigest(
-        DecryptionResult memory result
-    ) public view returns (bytes32) {
-        return
-            _hashTypedDataV4(
-                keccak256(
-                    abi.encode(
-                        DecryptionResultStructHash,
-                        result.abiEncodedResult,
-                        result.requestId
-                    )
-                )
-            );
-    }
-    function isValidResult(
-        DecryptionResult memory result,
-        bytes memory signature
-    ) internal view returns (bool) {
-        return isValidSignature(decryptionResultDigest(result), signature);
-    }
-}
-abstract contract DecryptionHandler is
-    IDecryptionHandlerGen,
-    BaseAccessControlList,
-    EventCounter,
-    DecryptionHandlerStorage,
-    DecryptionHandlerEip712Checker
-{
-    // The Covalidator callback machinery relies on these exact error signatures which are hardcoded in eth_callback.go
-    error AllRequestsAlreadyFulfilledOrExpired();
-    // Thrown when either msg.sender is not a valid signer or the signature is not from a valid signer
-    error InvalidResultSignature(address msgSender, bytes signature);
-    event RequestFulfilled(
-        uint256 indexed requestId,
-        bool success,
-        uint256 eventId,
-        bytes32 handle
-    );
-    // Maximum number of request mappings to access on any operation.
-    uint256 constant ITERATION_BOUND = 100;
-    function pending(Request memory r) internal view returns (bool) {
-        return !r.fulfilled && r.maxTimestamp >= block.timestamp;
-    }
-    /// @dev callback function MUST be of form `function name(bytes32 requestId, bytes32 result, bytes memory data)`
-    function requestDecryption(
-        // todo support multiple handles per request
-        bytes4 callbackSelector,
-        uint256 maxTimestamp,
-        bytes32 handle,
-        bytes memory data
-    ) external returns (uint256 requestId) {
-        require(
-            isAllowed(handle, msg.sender),
-            SenderNotAllowedForHandle(handle, msg.sender)
-        );
-        DecryptionStorage storage $ = getDecryptionStorage();
-        requestId = $.nextRequestId;
-        $.nextRequestId++;
-        $.requests[requestId] = Request({
-            maxTimestamp: maxTimestamp,
-            callbackContract: msg.sender,
-            callbackSelector: callbackSelector,
-            fulfilled: false,
-            data: data,
-            handle: handle,
-            requestId: requestId
-        });
-        advanceLowWatermark(ITERATION_BOUND);
-        emit DecryptionRequested(
-            requestId,
-            handle,
-            maxTimestamp,
-            getNewEventId()
-        );
-    }
-    function fulfillRequest(
-        DecryptionResult memory result,
-        bytes memory signature
-    ) external {
-        SignedDecryptionResult[]
-            memory signedResults = new SignedDecryptionResult[](1);
-        signedResults[0] = SignedDecryptionResult({
-            result: result,
-            signature: signature
-        });
-        fulfillRequestsBatch(signedResults);
-    }
-    function fulfillRequestsBatch(
-        SignedDecryptionResult[] memory results
-    ) public {
-        DecryptionStorage storage $ = getDecryptionStorage();
-        bool fulfilledSome = false;
-        for (uint i = 0; i < results.length; i++) {
-            Request storage request = $.requests[results[i].result.requestId];
-            if (!pending(request)) {
-                // The request was already fulfilled, or has expired.  Neither is an error.
-                continue;
-            }
-            // Support either an EIP712 signature or a direct call from the signer
-            require(
-                isSigner(msg.sender) ||
-                    isValidResult(results[i].result, results[i].signature),
-                InvalidResultSignature(msg.sender, results[i].signature)
-            );
-            bytes memory callbackCalldata = abi.encodeWithSelector(
-                request.callbackSelector,
-                results[i].result.requestId,
-                results[i].result.abiEncodedResult,
-                request.data
-                // TODO: add handle as an integrity check - already added to DecryptionResult but adding here would mean
-                //   dapp callback function signatures would need to change - which would be a breaking change
-                // request.handle
-            );
-            (bool success, ) = request.callbackContract.call(callbackCalldata);
-            request.fulfilled = true;
-            fulfilledSome = true;
-            emit RequestFulfilled(
-                results[i].result.requestId,
-                success,
-                getNewEventId(),
-                results[i].result.handle
-            );
-        }
-        // If we did not advance we revert, so that we can detect if everything is fulfilled during gas estimation
-        require(fulfilledSome, AllRequestsAlreadyFulfilledOrExpired());
-        // Otherwise, do some work to advance the low water mark.
-        advanceLowWatermark(ITERATION_BOUND);
-    }
-    /**
-     * @dev Get some pending requests.
-     * @param offset A parameter for paginating through the whole set of pending requests.
-     *     Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
-     * @param maxRequests The maximum number of pending to return.
-     * @param iterationBound The maximum number of non-pending requests to iterate over before returning.
-     * @return nextOffset The next offset to use to continue to scan through the pending request set.
-     *     Returns the input offset if the whole set has been scanned.  Can re-query with this offset
-     *     to see any new pending requests, or re-query with a zero offset to return the whole set again.
-     * @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
-     *     more requests available if the returned nextOffset is greater than the input offset.
-     */
-    function getPendingRequests(
-        uint256 offset,
-        uint256 maxRequests,
-        uint256 iterationBound
-    ) external view returns (uint256 nextOffset, Request[] memory requests) {
-        DecryptionStorage storage $ = getDecryptionStorage();
-        uint256 lwm = $.lowWatermark;
-        uint256 nextRequestId = $.nextRequestId;
-        // Start at the higher of offset and lwm, possibly skipping many completed requests.
-        uint256 id = offset;
-        if (id < lwm) {
-            id = lwm;
-        }
-        // Don't scan more than iterationBound extra entries or pass the nextRequestId.
-        uint256 limit = id + maxRequests + iterationBound;
-        if (limit > nextRequestId) {
-            limit = nextRequestId;
-        }
-        // Now id >= lmw and limit <= nextRequestId.
-        // It's possible that id >= limit, which is fine,
-        // and the next two loops will exit immediately.
-        // First calculate the size of array we need to allocate.
-        // (It's cheaper to scan the requests twice instead of allocating too much.)
-        uint256 numRequests = 0;
-        for (uint256 i = id; i < limit && numRequests < maxRequests; i++) {
-            Request memory request = $.requests[i];
-            if (pending(request)) {
-                numRequests++;
-            }
-        }
-        // Now populate the array
-        requests = new Request[](numRequests);
-        for (uint256 n = 0; id < limit && n < numRequests; id++) {
-            Request memory request = $.requests[id];
-            if (pending(request)) {
-                requests[n] = request;
-                n++;
-            }
-        }
-        nextOffset = id;
-    }
-    /**
-     * @param offset A parameter for paginating through the whole set of pending requests.
-     *     Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
-     * @param maxRequests The maximum number of pending to return.
-     * @return nextOffset The next offset to use to continue to scan through the pending request set.
-     *     Returns the input offset if the whole set has been scanned.  Can re-query with this offset
-     *     to see any new pending requests, or re-query with a zero offset to return the whole set again.
-     * @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
-     *     more requests available if the returned nextOffset is greater than the input offset.
-     */
-    function getPendingRequests(
-        uint256 offset,
-        uint256 maxRequests
-    ) external view returns (uint256 nextOffset, Request[] memory requests) {
-        return this.getPendingRequests(offset, maxRequests, ITERATION_BOUND);
-    }
-    function getNextRequestId() external view returns (uint256) {
-        return getDecryptionStorage().nextRequestId;
-    }
-    function getLowWatermarkRequestId() external view returns (uint256) {
-        return getDecryptionStorage().lowWatermark;
-    }
-    /**
-     * @dev Advance the low watermark until we hit a pending request, the requestId counter, or iterationBound steps.
-     * @param iterationBound The maximum number of requests to iterate over.
-     * @notice This function is public so that we can externally drive the low watermark in extreme cases.
-     */
-    function advanceLowWatermark(uint256 iterationBound) public {
-        DecryptionStorage storage $ = getDecryptionStorage();
-        uint256 lwm = $.lowWatermark;
-        uint256 nextRequestId = $.nextRequestId;
-        // Calling advanceLowWatermark with a 0 iterationBound will have no effect, but it will waste gas, and previously
-        // has been indicative of a bug, so leaving this revert as a affordance to callers.
-        require(iterationBound > 0, "iterateBound is zero!");
-        uint256 limit = lwm + iterationBound;
-        if (limit > nextRequestId) {
-            limit = nextRequestId;
-        }
-        while (lwm < limit) {
-            Request storage request = $.requests[lwm];
-            // Stop advancing when we hit the first still pending request
-            if (pending(request)) {
-                break;
-            }
-            lwm++;
-        }
-        $.lowWatermark = lwm;
-    }
-}

package/src/lightning-parts/DecryptionHandler.types.sol DELETED Viewed

@@ -1,34 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-struct Request {
-    uint256 maxTimestamp;
-    address callbackContract;
-    bytes4 callbackSelector;
-    bool fulfilled;
-    bytes data;
-    // Adding at end of struct which should be unused state slot for version 0.2.0
-    bytes32 handle;
-    // This value is redundant for the contract but required for getPendingRequests, rather than duplicate this struct
-    // adding it here redundantly for now
-    uint256 requestId;
-}
-struct DecryptionResult {
-    bytes32 abiEncodedResult;
-    uint256 requestId;
-    // Added in 0.2.0 to offer an integrity check
-    bytes32 handle;
-}
-struct SignedDecryptionResult {
-    DecryptionResult result;
-    bytes signature;
-}
-event DecryptionRequested(
-    uint256 indexed requestId,
-    bytes32 indexed handle,
-    uint256 maxTimestamp,
-    uint256 eventId
-);

package/src/lightning-parts/EncryptedInput.gen.sol DELETED Viewed

@@ -1,16 +0,0 @@
-/// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-import { BaseAccessControlList } from "./AccessControl/BaseAccessControlList.sol";
-import { EventCounter } from "./primitives/EventCounter.sol";
-import { HandleGeneration } from "./primitives/HandleGeneration.sol";
-import { euint256, ebool, eaddress, EOps, ETypes, EVM_HOST_CHAIN_PREFIX, HANDLE_VERSION, HANDLE_INDEX } from "../Types.sol";
-import { HandleAlreadyExists } from "../Errors.sol";
-interface IEncryptedInputGen {
-    function newEuint256(bytes memory ciphertext, address user) external returns (euint256 newValue);
-    function newEbool(bytes memory ciphertext, address user) external returns (ebool newValue);
-    function newEaddress(bytes memory ciphertext, address user) external returns (eaddress newValue);
-}