@inco/lightning 0.9.0-devnet-test-10 → 0.10.0-devnet-1

package/src/lightning-parts/test/TestDecryptionAttestationInSynchronousFlow.t.sol

@@ -2,21 +2,44 @@
 pragma solidity ^0.8;
 
 import {IncoTest} from "../../test/IncoTest.sol";
-import {DemoToken} from "@inco/confidential-token-demo/src/DemoToken.sol";
+import {ERC7984DemoToken} from "@inco/incoERC7984/src/ERC7984DemoToken.sol";
 import {DecryptionAttestation} from "../DecryptionAttester.types.sol";
 import {GWEI} from "../../shared/TypeUtils.sol";
-import {euint256} from "@inco/lightning/src/Lib.sol"; // import via remapping or compiler fails
+import {inco, e, euint256} from "@inco/lightning/src/Lib.sol"; // import via remapping or compiler fails
 import {AllowanceProof} from "../AccessControl/AdvancedAccessControl.sol";
-import {inco} from "../../Lib.sol";
 import {euint256 as remappedEuint256} from "@inco/lightning/src/Lib.sol";
+import {
+    DecryptionAttestation as remappedDecryptionAttestation
+} from "@inco/lightning/src/lightning-parts/DecryptionAttester.types.sol";
 
-contract TokenBurnCurrentBalance is DemoToken {
+/// @notice This test demonstrates how a decryption attestation can be used in a synchronous flow, where the result of the operation is known at the time of requesting the attestation.
+/// In this example, we simulate a token burn operation where the user proves that they have enough balance to burn before actually performing the burn.
+contract TokenBurnCurrentBalance is ERC7984DemoToken {
 
-    function burnFullCurrentBalance(DecryptionAttestation memory decryption, bytes[] memory signatures) public {
+    using e for uint256;
+    using e for euint256;
+
+    /// @notice Deploys the token with specified name, symbol, and initial supply
+    /// @param name_ The token name
+    /// @param symbol_ The token symbol
+    /// @param initialSupply The initial supply to mint to the deployer (in base units)
+    constructor(string memory name_, string memory symbol_, uint256 initialSupply)
+        ERC7984DemoToken(name_, symbol_, initialSupply)
+    {
+        if (initialSupply > 0) {
+            _mint(msg.sender, initialSupply.asEuint256());
+        }
+    }
+
+    /// @dev In this burn function, the user provides a decryption attestation that proves they have enough balance to burn the specified amount.
+    /// The burn operation is performed synchronously, and the success of the burn is verified using the attestation.
+    function burnFullCurrentBalance(remappedDecryptionAttestation memory attestation, bytes[] memory signatures)
+        public
+    {
         euint256 currentBalance = confidentialBalanceOf(msg.sender);
-        require(inco.incoVerifier().isValidDecryptionAttestation(decryption, signatures), "Invalid Signature");
-        require(euint256.unwrap(currentBalance) == decryption.handle, "Handle mismatch");
-        publicBurn(msg.sender, uint256(decryption.value));
+        require(inco.incoVerifier().isValidDecryptionAttestation(attestation, signatures), "Invalid Signature");
+        require(euint256.unwrap(currentBalance) == attestation.handle, "Handle mismatch");
+        publicBurn(msg.sender, uint256(attestation.value));
     }
 
 }
@@ -26,19 +49,24 @@ contract TestDecryptionAttestationInSynchronousFlow is IncoTest {
     AllowanceProof emptyProof; // no proof needed when requester has the handle in persisted allowed pairs
 
     function testSynchronousBurning() public {
-        TokenBurnCurrentBalance token = new TokenBurnCurrentBalance();
+        TokenBurnCurrentBalance token = new TokenBurnCurrentBalance("DemoToken", "DMT", 100 ether);
         vm.deal(address(token), 100 ether);
-        token.confidentialTransfer(alice, fakePrepareEuint256Ciphertext(10 * GWEI, address(this), address(token)), "");
+        token.confidentialTransfer(alice, fakePrepareEuint256Ciphertext(10 * GWEI, address(this), address(token)));
         processAllOperations(); // saves Alice's balance
+
         bytes32 aliceCurrentBalanceHandle = euint256.unwrap(token.confidentialBalanceOf(alice));
         // simulates Alice requesting for a decryption attestation of Ge op on her balance and the amount
         // she intends to burn, therefore proving to the token contract that the operation will succeed
-        (DecryptionAttestation memory decryption, bytes[] memory signatures) =
+        (DecryptionAttestation memory attestation, bytes[] memory signatures) =
             getDecryptionAttestation(alice, HandleWithProof({handle: aliceCurrentBalanceHandle, proof: emptyProof}));
-        vm.prank(alice);
 
+        // Convert attestation to remapped type for cross-project compatibility
+        remappedDecryptionAttestation memory remappedAttestation =
+            remappedDecryptionAttestation({handle: attestation.handle, value: attestation.value});
+
+        vm.prank(alice);
         // the decryption attestation is passed to the token burn method
-        token.burnFullCurrentBalance(decryption, signatures);
+        token.burnFullCurrentBalance(remappedAttestation, signatures);
 
         processAllOperations();
 

package/src/misc/ABIHelper.sol

@@ -0,0 +1,15 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {Session} from "@inco/lightning/src/periphery/SessionVerifier.sol";
+
+// @dev this contract is not used on-chain, it is only used to generate the
+// ABI of some symbols that are not exposed directly by the IncoLightning or
+// periphery contracts, but are needed for the JS SDK.
+contract ABIHelper {
+
+    function getSession() public pure returns (Session memory) {
+        revert("This function exists only to include Session struct in ABI");
+    }
+
+}

package/src/pasted-dependencies/ICreateX.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: AGPL-3.0-only
-pragma solidity ^0.8.4;
+pragma solidity ^0.8;
 
 /**
  * @title CreateX Factory Interface Definition

package/src/periphery/IncoUtils.sol

@@ -5,7 +5,7 @@ import {StorageSlot} from "@openzeppelin/contracts/utils/StorageSlot.sol";
 
 // Re-export FEE constant for convenience - consumers can import both IncoUtils and FEE from this file
 // forge-lint: disable-next-line(unused-import)
-import {FEE} from "../lightning-parts/Fee.sol";
+import {FEE, BIT_FEE} from "../lightning-parts/Fee.sol";
 
 contract IncoUtils {
 

package/src/periphery/SessionVerifier.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: No License
-pragma solidity ^0.8;
+pragma solidity ^0.8.29;
 
 import {UUPSUpgradeable} from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
 import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
@@ -38,13 +38,13 @@ struct Session {
 contract SessionVerifier is UUPSUpgradeable, OwnableUpgradeable, Version {
 
     /// @notice Initializes the SessionVerifier with version information
-    /// @param salt Unique salt used for deterministic deployment via CreateX
-    constructor(bytes32 salt)
+    /// @param _salt Unique salt used for deterministic deployment via CreateX
+    constructor(bytes32 _salt)
         Version(
             SESSION_VERIFIER_MAJOR_VERSION,
             SESSION_VERIFIER_MINOR_VERSION,
             SESSION_VERIFIER_PATCH_VERSION,
-            salt,
+            _salt,
             SESSION_VERIFIER_NAME
         )
     {}

package/src/shared/IOwnable.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-pragma solidity ^0.8.0;
+pragma solidity ^0.8;
 
 // OpenZeppelin doesn't export any interfaces for ownable so we define our own
 

package/src/shared/IUUPSUpgradable.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-pragma solidity ^0.8.0;
+pragma solidity ^0.8;
 
 // OpenZeppelin doesn't export any interfaces for uupsUpgradeable so we define our own
 

package/src/shared/TestUtils.sol

@@ -3,8 +3,13 @@ pragma solidity ^0.8;
 
 import {Test} from "forge-std/Test.sol";
 
+/// @title TestUtils
+/// @notice WARNING: This contract contains TEST KEYS for LOCAL DEVELOPMENT ONLY.
+/// @dev These keys are publicly known Anvil accounts and have NO security value.
+///      NEVER use these keys on production networks - anyone can derive the private keys.
 contract TestUtils is Test {
 
+    // WARNING: Well-known Anvil account #0 - publicly known private key, DO NOT use in production
     address private constant ANVIL_ZEROTH_ADDRESS = 0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266;
     uint256 private constant ANVIL_ZEROTH_PRIVATE_KEY =
         0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80;
@@ -20,7 +25,9 @@ contract TestUtils is Test {
     uint256 internal evePrivKey;
     address internal immutable eve;
 
-    // it is convenient for e2e tests to use these well-known addresses for the TEE
+    // WARNING: These are well-known Anvil test keys with publicly known private keys.
+    // They are convenient for e2e tests but have NO security value.
+    // Deploy.s.sol has safeguards to prevent using these on non-test chains.
     address internal teeEOA = ANVIL_ZEROTH_ADDRESS;
     uint256 internal teePrivKey = ANVIL_ZEROTH_PRIVATE_KEY;
 

package/src/test/EListTester.sol

@@ -0,0 +1,171 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {IIncoLightning} from "../interfaces/IIncoLightning.sol";
+/// forge-lint: disable-next-line(unused-import)
+import {ETypes, elist, typeBitSize} from "../Types.sol";
+import {euint256} from "../Types.sol";
+import {IncoUtils, FEE, BIT_FEE} from "../periphery/IncoUtils.sol";
+
+contract ElistTester is IncoUtils {
+
+    /// forge-lint: disable-next-line(screaming-snake-case-immutable)
+    IIncoLightning immutable inco;
+
+    constructor(IIncoLightning _inco) {
+        inco = _inco;
+    }
+
+    elist public list;
+    elist public newRangeList;
+
+    function newEList(bytes[] memory inputs, ETypes listType, address user)
+        public
+        payable
+        refundUnspent
+        returns (elist)
+    {
+        list = inco.newEList{value: FEE * inputs.length}(inputs, listType, user);
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listAppend(bytes memory ctValue) public payable refundUnspent returns (elist) {
+        euint256 handle = inco.newEuint256{value: FEE}(ctValue, msg.sender);
+        inco.allow(euint256.unwrap(handle), address(this));
+        inco.allow(euint256.unwrap(handle), address(msg.sender));
+        uint256 typeBits = typeBitSize(ETypes(uint8(uint256(elist.unwrap(list)) >> 16)));
+        list = inco.listAppend{value: (uint256(inco.lengthOf(elist.unwrap(list))) * typeBits + typeBits) * BIT_FEE}(
+            list, euint256.unwrap(handle)
+        );
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listGet(uint16 index) public returns (bytes32) {
+        bytes32 res = inco.listGet(list, index);
+        inco.allow(res, msg.sender);
+        return res;
+    }
+
+    function newEList(bytes32[] memory handles, ETypes listType) public payable refundUnspent returns (elist) {
+        list = inco.newEList{value: FEE * handles.length}(handles, listType);
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listGetOr(bytes memory ctIndex, bytes memory ctDefaultValue)
+        public
+        payable
+        refundUnspent
+        returns (bytes32)
+    {
+        euint256 index = inco.newEuint256{value: FEE}(ctIndex, msg.sender);
+        euint256 defaultValue = inco.newEuint256{value: FEE}(ctDefaultValue, msg.sender);
+        bytes32 res = inco.listGetOr(list, euint256.unwrap(index), euint256.unwrap(defaultValue));
+        inco.allow(res, msg.sender);
+        return res;
+    }
+
+    function listSet(bytes memory ctIndex, bytes memory ctValue) public payable refundUnspent returns (elist) {
+        euint256 index = inco.newEuint256{value: FEE}(ctIndex, msg.sender);
+        euint256 value = inco.newEuint256{value: FEE}(ctValue, msg.sender);
+        uint256 typeBits = typeBitSize(ETypes(uint8(uint256(elist.unwrap(list)) >> 16)));
+        list = inco.listSet{value: uint256(inco.lengthOf(elist.unwrap(list))) * typeBits * BIT_FEE}(
+            list, euint256.unwrap(index), euint256.unwrap(value)
+        );
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listInsert(bytes memory ctIndex, bytes memory ctValue) public payable refundUnspent returns (elist) {
+        euint256 index = inco.newEuint256{value: FEE}(ctIndex, msg.sender);
+        euint256 value = inco.newEuint256{value: FEE}(ctValue, msg.sender);
+        uint256 typeBits = typeBitSize(ETypes(uint8(uint256(elist.unwrap(list)) >> 16)));
+        list = inco.listInsert{value: (uint256(inco.lengthOf(elist.unwrap(list))) * typeBits + typeBits) * BIT_FEE}(
+            list, euint256.unwrap(index), euint256.unwrap(value)
+        );
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listConcat(bytes[] memory cts, ETypes listType, address user)
+        public
+        payable
+        refundUnspent
+        returns (elist)
+    {
+        elist rhs = inco.newEList{value: FEE * cts.length}(cts, listType, user);
+        inco.allow(elist.unwrap(rhs), address(this));
+        inco.allow(elist.unwrap(rhs), address(msg.sender));
+        uint256 lhsBits =
+            uint256(inco.lengthOf(elist.unwrap(list))) * typeBitSize(ETypes(uint8(uint256(elist.unwrap(list)) >> 16)));
+        uint256 rhsBits =
+            uint256(inco.lengthOf(elist.unwrap(rhs))) * typeBitSize(ETypes(uint8(uint256(elist.unwrap(rhs)) >> 16)));
+        list = inco.listConcat{value: (lhsBits + rhsBits) * BIT_FEE}(list, rhs);
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listSlice(bytes memory ctStart, uint16 len, bytes memory ctDefaultValue)
+        public
+        payable
+        refundUnspent
+        returns (elist)
+    {
+        euint256 start = inco.newEuint256{value: FEE}(ctStart, msg.sender);
+        euint256 defaultValue = inco.newEuint256{value: FEE}(ctDefaultValue, msg.sender);
+        uint256 typeBits = typeBitSize(ETypes(uint8(uint256(elist.unwrap(list)) >> 16)));
+        list = inco.listSlice{value: uint256(len) * typeBits * BIT_FEE}(
+            list, euint256.unwrap(start), len, euint256.unwrap(defaultValue)
+        );
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listRange(uint16 start, uint16 end, ETypes listType) public payable returns (elist) {
+        newRangeList =
+            inco.listRange{value: uint256(end - start) * typeBitSize(listType) * BIT_FEE}(start, end, listType);
+        inco.allow(elist.unwrap(newRangeList), address(this));
+        inco.allow(elist.unwrap(newRangeList), address(msg.sender));
+        return newRangeList;
+    }
+
+    function listGetRange(uint16 index) public returns (bytes32) {
+        bytes32 res = inco.listGet(newRangeList, index);
+        inco.allow(res, msg.sender);
+        return res;
+    }
+
+    function listShuffle() public payable refundUnspent returns (elist) {
+        uint256 typeBits = typeBitSize(ETypes(uint8(uint256(elist.unwrap(list)) >> 16)));
+        list = inco.listShuffle{value: uint256(inco.lengthOf(elist.unwrap(list))) * typeBits * BIT_FEE}(list);
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    function listReveal() public {
+        inco.reveal(elist.unwrap(list));
+    }
+
+    function listReverse() public payable returns (elist) {
+        uint256 typeBits = typeBitSize(ETypes(uint8(uint256(elist.unwrap(list)) >> 16)));
+        list = inco.listReverse{value: uint256(inco.lengthOf(elist.unwrap(list))) * typeBits * BIT_FEE}(list);
+        inco.allow(elist.unwrap(list), address(this));
+        inco.allow(elist.unwrap(list), address(msg.sender));
+        return list;
+    }
+
+    receive() external payable {
+        // Allow contract to receive ETH
+    }
+
+}

package/src/test/FakeIncoInfra/FakeComputeServer.sol

@@ -14,9 +14,9 @@ contract FakeComputeServer {
         } else if (op == EOps.Mul) {
             return lhs * rhs;
         } else if (op == EOps.Div) {
-            return lhs / rhs;
+            return rhs == 0 ? type(uint256).max : lhs / rhs;
         } else if (op == EOps.Rem) {
-            return lhs % rhs;
+            return rhs == 0 ? lhs : lhs % rhs;
         } else if (op == EOps.Min) {
             return lhs < rhs ? lhs : rhs;
         } else if (op == EOps.Max) {

package/src/test/FakeIncoInfra/FakeIncoInfraBase.sol

@@ -19,16 +19,16 @@ contract FakeIncoInfraBase is TestUtils, KVStore, HandleGeneration {
     {
         // We need a single word here to get correct encoding
         bytes memory ciphertext = abi.encode(word);
+        uint16 version = 2; // version - X-Wing
         bytes32 handle = getInputHandle(
             ciphertext,
             address(inco),
             user,
             contractAddress,
-            0,
-            /* unspecified */
+            version, // version - X-Wing
             inputType
         );
-        input = abi.encodePacked(int32(0), abi.encode(handle, ciphertext));
+        input = abi.encodePacked(uint32(version), abi.encode(handle, ciphertext));
     }
 
     function fakePrepareEuint256Ciphertext(uint256 value, address userAddress, address contractAddress)

package/src/test/FakeIncoInfra/MockOpHandler.sol

@@ -46,10 +46,6 @@ contract MockOpHandler is FakeIncoInfraBase, FakeComputeServer {
             ebool value = ebool.wrap(log.topics[1]);
             ebool result = ebool.wrap(log.topics[2]);
             handleENot(value, result);
-        } else if (op == EOps.Rand) {
-            uint256 counter = uint256(log.topics[1]);
-            euint256 result = euint256.wrap(log.topics[2]);
-            handleERand(counter, result);
         } else if (op == EOps.RandBounded) {
             uint256 counter = uint256(log.topics[1]);
             euint256 upperBound = euint256.wrap(log.topics[2]);
@@ -85,12 +81,14 @@ contract MockOpHandler is FakeIncoInfraBase, FakeComputeServer {
         set(ebool.unwrap(result), asBytes32(!getBoolValue(value)));
     }
 
-    function handleERand(uint256 counter, euint256 result) private {
-        set(euint256.unwrap(result), bytes32(counter));
-    }
-
     function handleERandBounded(uint256 counter, euint256 upperBound, euint256 result) private {
-        set(euint256.unwrap(result), bytes32(counter % getUint256Value(upperBound)));
+        uint256 bound = getUint256Value(upperBound);
+        if (bound == 0) {
+            // upperBound of 0 means unbounded (used by rand())
+            set(euint256.unwrap(result), bytes32(counter));
+        } else {
+            set(euint256.unwrap(result), bytes32(counter % bound));
+        }
     }
 
     function handleIfThenElse(ebool control, bytes32 lhs, bytes32 rhs, bytes32 result) private {

package/src/test/FakeIncoInfra/MockRemoteAttestation.sol

@@ -60,7 +60,8 @@ contract MockRemoteAttestation is TestUtils {
             hex"010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101";
         // See DEFAULT_MR_AGGREGATED in attestation/src/remote_attestation.rs to
         // see the calculation of the default value.
-        mrAggregated = hex"c3a67bac251d4946d7b17481d39631676042fe3afab06e70c22105ad8383c19f";
+        // Note: This uses abi.encode (not encodePacked) to avoid hash collision vulnerabilities.
+        mrAggregated = hex"3d48a1faa8620d86ae037f4fd6746987733d085314b3cd5d5d074ade8bab6ebd";
         bootstrapResult = BootstrapResult({networkPubkey: networkPubkey});
 
         quote = createQuote(mrtd, signer);

package/src/test/FakeIncoInfra/getOpForSelector.sol

@@ -59,8 +59,6 @@ function getOpForSelector(bytes32 opEventSelector) pure returns (EOps) {
         return EOps.TrivialEncrypt;
     } else if (opEventSelector == EncryptedOperations.EIfThenElse.selector) {
         return EOps.IfThenElse;
-    } else if (opEventSelector == EncryptedOperations.ERand.selector) {
-        return EOps.Rand;
     } else if (opEventSelector == EncryptedOperations.ERandBounded.selector) {
         return EOps.RandBounded;
     } else if (opEventSelector == BaseAccessControlList.Allow.selector) {

package/src/test/IncoTest.sol

@@ -12,11 +12,12 @@ import {FakeQuoteVerifier} from "./FakeIncoInfra/FakeQuoteVerifier.sol";
 import {IOwnable} from "../../src/shared/IOwnable.sol";
 import {MockRemoteAttestation} from "./FakeIncoInfra/MockRemoteAttestation.sol";
 import {BootstrapResult} from "../lightning-parts/TEELifecycle.types.sol";
+import {Safe} from "safe-smart-account/Safe.sol";
+import {SafeProxyFactory} from "safe-smart-account/proxies/SafeProxyFactory.sol";
 
 contract IncoTest is MockOpHandler, DeployUtils, FakeDecryptionAttester, MockRemoteAttestation {
 
-    // forge-lint: disable-next-line(screaming-snake-case-immutable)
-    address immutable owner;
+    address owner;
     // forge-lint: disable-next-line(screaming-snake-case-immutable)
     address immutable testDeployer;
 
@@ -31,7 +32,6 @@ contract IncoTest is MockOpHandler, DeployUtils, FakeDecryptionAttester, MockRem
         0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80;
 
     constructor() {
-        owner = getLabeledAddress("owner");
         // extracted from the deploy script running as bare simulation with:
         // forge script src/script/Deploy.s.sol:Deploy
         testDeployer = deployedBy;
@@ -42,17 +42,29 @@ contract IncoTest is MockOpHandler, DeployUtils, FakeDecryptionAttester, MockRem
 
     function setUp() public virtual {
         deployCreateX();
+
+        // Create a Safe multisig (alice, bob, carol) with threshold 2 to act as owner
+        Safe master = new Safe();
+        SafeProxyFactory factory = new SafeProxyFactory();
+        address[] memory safeOwners = new address[](3);
+        safeOwners[0] = alice;
+        safeOwners[1] = bob;
+        safeOwners[2] = carol;
+        bytes memory setupData = abi.encodeWithSelector(
+            Safe.setup.selector, safeOwners, 2, address(0), bytes(""), address(0), address(0), 0, payable(address(0))
+        );
+        owner = address(Safe(payable(factory.createProxyWithNonce(address(master), setupData, 0))));
+
         vm.startPrank(testDeployer);
         vm.setEnv("SHOULD_SETUP_TEE_SIGNER", "true"); // results in a network pubkey and decrypt signer being populated in the TEE Lifecycle
         (IIncoLightning proxy,) = deployIncoLightningUsingConfig({
             deployer: testDeployer,
+            owner: owner,
             // The highest precedent deployment
             // We select the pepper that will be used that will be generated in the lib.sol (usually "testnet"), but currently "alphanet" has higher major version
             pepper: "devnet",
             quoteVerifier: new FakeQuoteVerifier()
         });
-        IOwnable(address(proxy)).transferOwnership(owner);
-        IOwnable(address(inco.incoVerifier())).transferOwnership(owner);
         vm.stopPrank();
         console.log("Deployed %s (proxy) to: %s", proxy.getName(), address(proxy));
         console.log("Generated inco address: %s", address(inco));

package/src/test/OpsTest.sol

@@ -380,8 +380,9 @@ contract OpsTest is Fee {
 
     // ============ RANDOM NUMBER GENERATION ============
 
-    function testRand() external payable returns (euint256) {
-        euint256 result = euint256.wrap(inco.eRand{value: getFee()}(ETypes.Uint256));
+    function testRandUnbounded() external payable returns (euint256) {
+        euint256 result =
+            euint256.wrap(inco.eRandBounded{value: getFee()}(euint256.unwrap(inco.asEuint256(0)), ETypes.Uint256));
         inco.allow(euint256.unwrap(result), address(this));
         inco.allow(euint256.unwrap(result), msg.sender);
         return result;