@inco/lightning 0.6.0 → 0.6.4

package/src/lightning-parts/test/TestDecryptionAttestationInSynchronousFlow.t.sol

@@ -4,7 +4,7 @@ pragma solidity ^0.8;
 import {IncoTest} from "../../test/IncoTest.sol";
 import {DemoToken} from "@inco/confidential-token-demo/src/DemoToken.sol";
 import {DecryptionAttestation} from "../DecryptionAttester.types.sol";
-import {GWEI} from "@inco/shared/src/TypeUtils.sol";
+import {GWEI} from "../../shared/TypeUtils.sol";
 import {euint256} from "@inco/lightning/src/Lib.sol"; // import via remapping or compiler fails
 import {AllowanceProof} from "../AccessControl/AdvancedAccessControl.sol";
 import {inco} from "../../Lib.sol";
@@ -38,7 +38,11 @@ contract TestDecryptionAttestationInSynchronousFlow is IncoTest {
         vm.deal(address(token), 100 ether);
         token.confidentialTransfer(
             alice,
-            fakePrepareEuint256Ciphertext(10 * GWEI),
+            fakePrepareEuint256Ciphertext(
+                10 * GWEI,
+                address(this),
+                address(token)
+            ),
             ""
         );
         processAllOperations(); // saves Alice's balance

package/src/shared/IOwnable.sol

@@ -0,0 +1,10 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+// OpenZeppelin doesn't export any interfaces for ownable so we define our own
+
+interface IOwnable {
+    function owner() external view returns (address);
+    function transferOwnership(address newOwner) external;
+    event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
+}

package/src/shared/IUUPSUpgradable.sol

@@ -0,0 +1,10 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+// OpenZeppelin doesn't export any interfaces for uupsUpgradeable so we define our own
+
+interface IUUPSUpgradable {
+    function proxiableUUID() external view returns (bytes32);
+    function UPGRADE_INTERFACE_VERSION() external view returns (string memory);
+    function upgradeToAndCall(address newImplementation, bytes memory data) external payable;
+}

package/src/shared/JsonUtils.sol

@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {Script} from "forge-std/Script.sol";
+
+contract JsonUtils is Script {
+    function writeAddressToJson(
+        address toWrite,
+        string memory addressName,
+        string memory destFile
+    ) public {
+        string memory jsonObj = "";
+        jsonObj = vm.serializeAddress(jsonObj, addressName, toWrite);
+        vm.writeJson(jsonObj, destFile);
+    }
+}

package/src/shared/TestUtils.sol

@@ -0,0 +1,50 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {Test} from "forge-std/Test.sol";
+
+contract TestUtils is Test {
+    uint256 internal alicePrivKey;
+    address internal immutable alice;
+    uint256 internal bobPrivKey;
+    address internal immutable bob;
+    uint256 internal carolPrivKey;
+    address internal immutable carol;
+    uint256 internal davePrivKey;
+    address internal immutable dave;
+    uint256 internal evePrivKey;
+    address internal immutable eve;
+
+    constructor() {
+        (alicePrivKey, alice) = getLabeledKeyPair("alice");
+        (bobPrivKey, bob) = getLabeledKeyPair("bob");
+        (carolPrivKey, carol) = getLabeledKeyPair("carol");
+        (davePrivKey, dave) = getLabeledKeyPair("dave");
+        (evePrivKey, eve) = getLabeledKeyPair("eve");
+    }
+
+    function getLabeledAddress(
+        string memory input
+    ) internal returns (address hashGenerated) {
+        hashGenerated = address(
+            uint160(uint256(keccak256(abi.encodePacked(input))))
+        );
+        vm.label(hashGenerated, input);
+    }
+
+    function getLabeledKeyPair(
+        string memory input
+    ) internal returns (uint256 privKey, address accountAddress) {
+        privKey = uint256(keccak256(abi.encodePacked(input)));
+        accountAddress = vm.addr(privKey);
+        vm.label(accountAddress, input);
+    }
+
+    function getSignatureForDigest(
+        bytes32 digest,
+        uint256 privKey
+    ) internal pure returns (bytes memory signature) {
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(privKey, digest);
+        signature = bytes.concat(r, s, bytes1(v));
+    }
+}

package/src/shared/TypeUtils.sol

@@ -0,0 +1,12 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+function asBool(bytes32 encodedBool) pure returns (bool) {
+    return encodedBool != bytes32(0);
+}
+
+function asBytes32(bool value) pure returns (bytes32) {
+    return value ? bytes32(uint256(1)) : bytes32(uint256(0));
+}
+
+uint256 constant GWEI = 1e9;

package/src/test/FakeIncoInfra/FakeComputeServer.sol

@@ -2,7 +2,7 @@
 pragma solidity ^0.8;
 
 import {EOps, ETypes} from "../../Types.sol";
-import {asBytes32} from "@inco/shared/src/TypeUtils.sol";
+import {asBytes32} from "../../shared/TypeUtils.sol";
 
 contract FakeComputeServer {
     function computeBinaryUintOp(

package/src/test/FakeIncoInfra/FakeDecryptionAttester.sol

@@ -27,11 +27,11 @@ contract FakeDecryptionAttester is FakeIncoInfraBase, FakeComputeServer {
         address requester,
         HandleWithProof memory handle
     )
-        internal
-        returns (
-            DecryptionAttestation memory decryption,
-            bytes memory signature
-        )
+    internal
+    returns (
+        DecryptionAttestation memory decryption,
+        bytes memory signature
+    )
     {
         checkAccessControl(requester, handle);
         (decryption, signature) = _getDecryptionAttestation(
@@ -50,11 +50,11 @@ contract FakeDecryptionAttester is FakeIncoInfraBase, FakeComputeServer {
         HandleWithProof memory rhs,
         EOps op
     )
-        internal
-        returns (
-            DecryptionAttestation memory decryption,
-            bytes memory signature
-        )
+    internal
+    returns (
+        DecryptionAttestation memory decryption,
+        bytes memory signature
+    )
     {
         checkAccessControl(requester, lhs);
         checkAccessControl(requester, rhs);
@@ -74,11 +74,11 @@ contract FakeDecryptionAttester is FakeIncoInfraBase, FakeComputeServer {
         HandleWithProof memory rhs,
         EOps op
     )
-        internal
-        returns (
-            DecryptionAttestation memory decryption,
-            bytes memory signature
-        )
+    internal
+    returns (
+        DecryptionAttestation memory decryption,
+        bytes memory signature
+    )
     {
         checkAccessControl(requester, rhs);
         bytes32 lhsHandle = inco.getTrivialEncryptHandle(
@@ -101,11 +101,11 @@ contract FakeDecryptionAttester is FakeIncoInfraBase, FakeComputeServer {
         uint256 rhs,
         EOps op
     )
-        internal
-        returns (
-            DecryptionAttestation memory decryption,
-            bytes memory signature
-        )
+    internal
+    returns (
+        DecryptionAttestation memory decryption,
+        bytes memory signature
+    )
     {
         checkAccessControl(requester, lhs);
         bytes32 rhsHandle = inco.getTrivialEncryptHandle(
@@ -149,12 +149,12 @@ contract FakeDecryptionAttester is FakeIncoInfraBase, FakeComputeServer {
         bytes32 handle,
         bytes32 value
     )
-        private
-        view
-        returns (
-            DecryptionAttestation memory decryption,
-            bytes memory signature
-        )
+    private
+    view
+    returns (
+        DecryptionAttestation memory decryption,
+        bytes memory signature
+    )
     {
         decryption = DecryptionAttestation({handle: handle, value: value});
         signature = signDecryption(decryption);
@@ -176,20 +176,22 @@ contract FakeDecryptionAttester is FakeIncoInfraBase, FakeComputeServer {
         bytes32 encodedResult,
         EOps op
     )
-        private
-        view
-        returns (
-            DecryptionAttestation memory decryption,
-            bytes memory signature
-        )
+    private
+    view
+    returns (
+        DecryptionAttestation memory decryption,
+        bytes memory signature
+    )
     {
         ETypes resultType = opToResultType(op);
         decryption = DecryptionAttestation({
             handle: inco.getOpResultHandle(
                 op,
                 resultType,
-                lhsHandle,
-                rhsHandle
+                abi.encodePacked(
+                    lhsHandle,
+                    rhsHandle
+                )
             ),
             value: encodedResult
         });

package/src/test/FakeIncoInfra/FakeIncoInfraBase.sol

@@ -3,11 +3,12 @@ pragma solidity ^0.8;
 
 import {ebool, euint256, ETypes} from "../../Types.sol";
 import {inco} from "../../Lib.sol";
-import {TestUtils} from "@inco/shared/src/TestUtils.sol";
+import {TestUtils} from "../../shared/TestUtils.sol";
 import {KVStore} from "./KVStore.sol";
+import {HandleGeneration} from "../../lightning-parts/primitives/HandleGeneration.sol";
 
 /// @notice simulates what inco does offchain but over plaintexts
-contract FakeIncoInfraBase is TestUtils, KVStore {
+contract FakeIncoInfraBase is TestUtils, KVStore, HandleGeneration {
     error UnsupportedTypeInput(ETypes inputType);
 
     address immutable teePubkeyAddress;
@@ -17,22 +18,31 @@ contract FakeIncoInfraBase is TestUtils, KVStore {
         (teePrivKey, teePubkeyAddress) = getLabeledKeyPair("tee");
     }
 
+    function getCiphertextInput(
+        bytes32 word,
+        address user,
+        address contractAddress,
+        ETypes inputType
+    ) public view returns (bytes memory input) {
+        // We need a single word here to get correct encoding
+        bytes memory ciphertext = abi.encode(word);
+        bytes32 handle = getInputHandle(ciphertext, address(inco), user, contractAddress, inputType);
+        input = abi.encode(handle, ciphertext);
+    }
+
     function fakePrepareEuint256Ciphertext(
-        uint256 value
-    ) internal pure returns (bytes memory ciphertext) {
-        ciphertext = abi.encode(value);
+        uint256 value,
+        address userAddress,
+        address contractAddress
+    ) internal view returns (bytes memory ciphertext) {
+        ciphertext = getCiphertextInput(bytes32(value), userAddress, contractAddress, ETypes.Uint256);
     }
 
+
     function fakeDecryptEuint256Ciphertext(
         bytes memory ciphertext
     ) internal pure returns (uint256 value) {
-        value = abi.decode(ciphertext, (uint256));
-    }
-
-    function fakePrepareEuint160Ciphertext(
-        uint160 value
-    ) internal pure returns (bytes memory ciphertext) {
-        ciphertext = abi.encode(value);
+        (value) = abi.decode(ciphertext, (uint256));
     }
 
     function fakeDecryptEuint160Ciphertext(
@@ -42,15 +52,20 @@ contract FakeIncoInfraBase is TestUtils, KVStore {
     }
 
     function fakePrepareEboolCiphertext(
-        bool value
-    ) internal pure returns (bytes memory ciphertext) {
-        ciphertext = abi.encode(value);
+        bool value,
+        address userAddress,
+        address contractAddress
+    ) internal view returns (bytes memory ciphertext) {
+        bytes32 b = bytes32(uint256(value ? 1 : 0));
+        ciphertext = getCiphertextInput(b, userAddress, contractAddress, ETypes.Bool);
     }
 
     function fakePrepareEaddressCiphertext(
-        address value
-    ) internal pure returns (bytes memory ciphertext) {
-        ciphertext = abi.encode(value);
+        address value,
+        address userAddress,
+        address contractAddress
+    ) internal view returns (bytes memory ciphertext) {
+        ciphertext = getCiphertextInput(bytes32(uint256(uint160(value))), userAddress, contractAddress, ETypes.AddressOrUint160OrBytes20);
     }
 
     function fakeDecryptEaddressCiphertext(

package/src/test/FakeIncoInfra/KVStore.sol

@@ -3,7 +3,7 @@ pragma solidity ^0.8;
 
 import {HandleMetadata} from "../../lightning-parts/primitives/HandleMetadata.sol";
 import {ETypes, euint256, ebool, eaddress} from "../../Types.sol";
-import {asBool} from "@inco/shared/src/TypeUtils.sol";
+import {asBool} from "../..//shared/TypeUtils.sol";
 
 /// @notice key-value store, knows the value behind each handle
 contract KVStore is HandleMetadata {

package/src/test/FakeIncoInfra/MockOpHandler.sol

@@ -6,7 +6,7 @@ import {inco} from "../../Lib.sol";
 import {ebool, euint256, ETypes, EOps} from "../../Types.sol";
 import {FakeComputeServer} from "./FakeComputeServer.sol";
 import {FakeIncoInfraBase} from "./FakeIncoInfraBase.sol";
-import {asBytes32} from "@inco/shared/src/TypeUtils.sol";
+import {asBytes32} from "../../shared/TypeUtils.sol";
 import {getOpForSelector} from "./getOpForSelector.sol";
 
 contract MockOpHandler is FakeIncoInfraBase, FakeComputeServer {
@@ -65,19 +65,19 @@ contract MockOpHandler is FakeIncoInfraBase, FakeComputeServer {
         } else if (op == EOps.NewInput) {
             bytes32 result = log.topics[1];
             // contractAddress and user topics are ignored
-            (ETypes inputType, bytes memory ciphertext, ) = abi.decode(
+            (bytes memory ciphertext, ) = abi.decode(
                 log.data,
-                (ETypes, bytes, uint256)
+                (bytes, uint256)
             );
-            handleEInput(result, inputType, ciphertext);
+            handleEInput(result, ciphertext);
         }
     }
 
     function handleEInput(
         bytes32 result,
-        ETypes inputType,
         bytes memory ciphertext
     ) private {
+        ETypes inputType = typeOf(result);
         if (inputType == ETypes.Uint256) {
             set(result, bytes32(fakeDecryptEuint256Ciphertext(ciphertext)));
         } else if (inputType == ETypes.Bool) {

package/src/test/FakeIncoInfra/MockRemoteAttestation.sol

@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: No License
 pragma solidity ^0.8;
 
-import {TestUtils} from "@inco/shared/src/TestUtils.sol";
+import {TestUtils} from "../../shared/TestUtils.sol";
 import {
     HEADER_LENGTH,
     MINIMUM_QUOTE_LENGTH,

package/src/test/IncoTest.sol

@@ -9,7 +9,7 @@ import {deployedBy} from "../Lib.sol";
 import {FakeDecryptionAttester} from "./FakeIncoInfra/FakeDecryptionAttester.sol";
 import {console} from "forge-std/console.sol";
 import {FakeQuoteVerifier} from "./FakeIncoInfra/FakeQuoteVerifier.sol";
-import {IOwnable} from "@inco/shared/src/IOwnable.sol";
+import {IOwnable} from "../../src/shared/IOwnable.sol";
 
 contract IncoTest is MockOpHandler, DeployUtils, FakeDecryptionAttester {
     address immutable owner;
@@ -32,8 +32,8 @@ contract IncoTest is MockOpHandler, DeployUtils, FakeDecryptionAttester {
         (IIncoLightning proxy, ) = deployIncoLightningUsingConfig({
             deployer: testDeployer,
             // The highest precedent deployment
-            // We select the pepper that will be used that will be generated in the lib.sol (usually "testnet"), but currently "devnet" has higher major version
-            pepper: "devnet",
+            // We select the pepper that will be used that will be generated in the lib.sol (usually "testnet"), but currently "alphanet" has higher major version
+            pepper: "alphanet",
             quoteVerifier: new FakeQuoteVerifier()
         });
         IOwnable(address(proxy)).transferOwnership(owner);

package/src/test/TEELifecycle/TEELifecycleMockTest.t.sol

@@ -2,14 +2,22 @@
 pragma solidity ^0.8.0;
 
 import {TEELifecycle} from "../../lightning-parts/TEELifecycle.sol";
-import {BootstrapResult} from "../../lightning-parts/TEELifecycle.types.sol";
+import {BootstrapResult, AddNodeResult} from "../../lightning-parts/TEELifecycle.types.sol";
 import {MockRemoteAttestation} from "../FakeIncoInfra/MockRemoteAttestation.sol";
 import {FakeQuoteVerifier} from "../FakeIncoInfra/FakeQuoteVerifier.sol";
 import {Test} from "forge-std/Test.sol";
 
 contract TEELifecycleMockTest is Test, MockRemoteAttestation, TEELifecycle {
+    // Constants for testing
+    bytes testNetworkPubkey = hex"04ff5c6dd72ad7583288b84ee2598e081fe0bc6ef543c342e925a5dfcff9afb2444d25454d7d5dcfadc9ed99477c245efa93caf58d7f58143300d81cc948e7bdf5";
+    // See DEFAULT_MRTD in attestation/src/remote_attestation.rs
+    bytes testMrtd = hex"010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101";
+    // See DEFAULT_MR_AGGREGATED in attestation/src/remote_attestation.rs to
+    // see the calculation of the default value.
+    bytes32 testMrAggregated = hex"c3a67bac251d4946d7b17481d39631676042fe3afab06e70c22105ad8383c19f";
+
     function setUp() public {
-        quoteVerifier = new FakeQuoteVerifier();
+        getTEELifecycleStorage().quoteVerifier = new FakeQuoteVerifier();
     }
 
     function testSuccessfulBootstrap() public {
@@ -89,18 +97,18 @@ contract TEELifecycleMockTest is Test, MockRemoteAttestation, TEELifecycle {
         vm.stopPrank();
     }
 
-    function testBootstrapNotCompleteNewCoval() public {
+    function testAddNodeBootstrapNotComplete() public {
         bytes
-            memory mrAggregated = hex"2a90c8fa38672cafd791d994beb6836b99383b2563736858632284f0f760a6446efd1e7ec457cf08b629ea630f7b4525";
+            memory mrtd = hex"2a90c8fa38672cafd791d994beb6836b99383b2563736858632284f0f760a6446efd1e7ec457cf08b629ea630f7b4525";
         (, address newCoval) = getLabeledKeyPair("newCoval");
-        bytes memory quote = createQuote(mrAggregated, newCoval);
+        bytes memory quote = createQuote(mrtd, newCoval);
         vm.startPrank(this.owner());
         vm.expectRevert(TEELifecycle.BootstrapNotComplete.selector);
-        this.addNewCovalidator(quote);
+        this.verifyAddNodeResult(testMrAggregated, AddNodeResult({network_pubkey: hex"00"}), quote, hex"");
         vm.stopPrank();
     }
 
-    function testInvalidMrtdNewCoval() public {
+    function testAddNodeInvalidMrtd() public {
         (
             BootstrapResult memory bootstrapResult,
             ,
@@ -115,10 +123,52 @@ contract TEELifecycleMockTest is Test, MockRemoteAttestation, TEELifecycle {
         bytes
             memory badMrtd = hex"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef";
         (, address newCoval) = getLabeledKeyPair("newCoval");
-        bytes memory quoteNew = createQuote(badMrtd, newCoval);
+        bytes memory badQuote = createQuote(badMrtd, newCoval);
+        vm.expectRevert(TEELifecycle.InvalidReportMrAggregated.selector);
+        this.verifyAddNodeResult(mrAggregated, AddNodeResult({network_pubkey: testNetworkPubkey}), badQuote, signature);
+        vm.stopPrank();
+    }
+
+    function testAddNodeInvalidNetworkPubkey() public {
+        (
+            BootstrapResult memory bootstrapResult,
+            ,
+            ,
+            bytes memory quote,
+            bytes memory signature,
+            bytes32 mrAggregated
+        ) = successfulBootstrapResult();
+        vm.startPrank(this.owner());
+        this.approveNewTEEVersion(mrAggregated);
+        this.verifyBootstrapResult(bootstrapResult, quote, signature);
+        vm.expectRevert(TEELifecycle.InvalidNetworkPubkey.selector);
+        this.verifyAddNodeResult(testMrAggregated, AddNodeResult({network_pubkey: hex"00"}), quote, signature);
+        vm.stopPrank();
+    }
+
+    function testAddNodeInvalidSignature() public {
+        (
+            BootstrapResult memory bootstrapResult,
+            ,
+            ,
+            bytes memory quote,
+            bytes memory signature,
+            bytes32 mrAggregated
+        ) = successfulBootstrapResult();
+        vm.startPrank(this.owner());
+        this.approveNewTEEVersion(mrAggregated);
+        this.verifyBootstrapResult(bootstrapResult, quote, signature);
 
-        vm.expectRevert(TEELifecycle.TEEVersionNotFound.selector);
-        this.addNewCovalidator(quoteNew);
+        (uint256 maliciousNewNodePrivkey,) = getLabeledKeyPair(
+            "maliciousNewNode"
+        );
+        bytes memory badSignature = signAddNodeResult(
+            AddNodeResult({network_pubkey: testNetworkPubkey}),
+            maliciousNewNodePrivkey
+        );
+
+        vm.expectRevert(TEELifecycle.InvalidEIP712Signature.selector);
+        this.verifyAddNodeResult(testMrAggregated, AddNodeResult({network_pubkey: testNetworkPubkey}), quote, badSignature);
         vm.stopPrank();
     }
 
@@ -137,16 +187,10 @@ contract TEELifecycleMockTest is Test, MockRemoteAttestation, TEELifecycle {
         (bootstrapPartyPrivkey, bootstrapPartyAddress) = getLabeledKeyPair(
             "bootstrapParty"
         );
-        bytes
-            memory eciesPubkey = hex"04ff5c6dd72ad7583288b84ee2598e081fe0bc6ef543c342e925a5dfcff9afb2444d25454d7d5dcfadc9ed99477c245efa93caf58d7f58143300d81cc948e7bdf5";
-        // See DEFAULT_MRTD in attestation/src/remote_attestation.rs
-        bytes memory mrtd = hex"010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101";
-        // See DEFAULT_MR_AGGREGATED in attestation/src/remote_attestation.rs to
-        // see the calculation of the default value.
-        mrAggregated = hex"c3a67bac251d4946d7b17481d39631676042fe3afab06e70c22105ad8383c19f";
-        bootstrapResult = BootstrapResult({ecies_pubkey: eciesPubkey});
-
-        quote = createQuote(mrtd, bootstrapPartyAddress);
+        mrAggregated = testMrAggregated;
+        bootstrapResult = BootstrapResult({ecies_pubkey: testNetworkPubkey});
+
+        quote = createQuote(testMrtd, bootstrapPartyAddress);
         signature = signBootstrapResult(bootstrapResult, bootstrapPartyPrivkey);
     }
 
@@ -158,4 +202,13 @@ contract TEELifecycleMockTest is Test, MockRemoteAttestation, TEELifecycle {
         bytes32 bootstrapResultDigest = bootstrapResultDigest(bootstrapResult);
         return getSignatureForDigest(bootstrapResultDigest, privateKey);
     }
+
+    // Helper function to sign the add node result
+    function signAddNodeResult(
+        AddNodeResult memory addNodeResult,
+        uint256 privateKey
+    ) internal view returns (bytes memory) {
+        bytes32 addNodeResultDigest = addNodeResultDigest(addNodeResult);
+        return getSignatureForDigest(addNodeResultDigest, privateKey);
+    }
 }

package/src/test/TestAddTwo.t.sol

@@ -26,7 +26,7 @@ contract TestAddTwo is IncoTest {
 
     function testAddTwoEoaAndPublicReveal() public {
         (euint256 result, euint256 revealedResult) = addTwo.addTwoEOA(
-            fakePrepareEuint256Ciphertext(3)
+            fakePrepareEuint256Ciphertext(3, address(this), address(addTwo))
         );
         processAllOperations();
         assertEq(getUint256Value(result), 5);

package/src/test/TestFakeInfra.t.sol

@@ -11,7 +11,7 @@ import {
     MINIMUM_QUOTE_LENGTH
 } from "../interfaces/automata-interfaces/Types.sol";
 
-contract TakesEInput {
+contract TakesEInput is IncoTest {
     using e for bytes;
     using e for euint256;
 
@@ -271,8 +271,18 @@ contract TestFakeInfra is IncoTest, MockRemoteAttestation {
     function testEInput() public {
         TakesEInput inputContract = new TakesEInput();
         vm.deal(address(inputContract), 1 ether);
-        inputContract.setA(fakePrepareEuint256Ciphertext(12));
-        inputContract.setB(fakePrepareEboolCiphertext(true));
+        address self = address(this);
+        bytes memory ciphertext = fakePrepareEuint256Ciphertext(
+            12,
+            self,
+            address(inputContract)
+        );
+        inputContract.setA(ciphertext);
+        inputContract.setB(
+            fakePrepareEboolCiphertext(true,
+                self,
+                address(inputContract)
+            ));
         processAllOperations();
         assertEq(getUint256Value(inputContract.a()), 12);
         assertEq(getBoolValue(inputContract.b()), true);

package/src/version/IncoLightningConfig.sol

@@ -9,8 +9,10 @@ pragma solidity ^0.8;
 string constant CONTRACT_NAME = "incoLightning";
 uint8 constant MAJOR_VERSION = 1;
 uint8 constant MINOR_VERSION = 0;
-// whenever a new major version is deployed, we need to pump this up
+// whenever a new version is deployed, we need to pump this up
 // otherwise make test_upgrade will fail
-uint8 constant PATCH_VERSION = 2;
+// consequently, when we do a patch release, we don't need to pump it as it's already pumped
+// when the previous release was done
+uint8 constant PATCH_VERSION = 3;
 
 string constant VERIFIER_NAME = "incoVerifier";

package/src/version/Version.sol

@@ -71,4 +71,8 @@ contract Version is IVersion {
     function getName() public view virtual returns (string memory) {
         return name.toString();
     }
+
+    function getMajorVersion() public view virtual returns (string memory) {
+        return Strings.toString(majorVersion);
+    }
 }

package/src/version/interfaces/IVersion.sol

@@ -5,4 +5,5 @@ interface IVersion {
     function getVersionedName() external view returns (string memory);
     function getVersion() external view returns (string memory);
     function getName() external view returns (string memory);
+    function getMajorVersion() external view returns (string memory);
 }