@openzeppelin/confidential-contracts 0.2.0-rc.2 → 0.3.0-rc.0

package/finance/VestingWalletConfidentialFactory.sol

@@ -1,48 +1,34 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.2.0-rc.2) (finance/VestingWalletConfidentialFactory.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (finance/VestingWalletConfidentialFactory.sol)
 pragma solidity ^0.8.27;
 
-import {FHE, euint64, externalEuint64, euint128} from "@fhevm/solidity/lib/FHE.sol";
-import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
+import {FHE, euint64, externalEuint64} from "@fhevm/solidity/lib/FHE.sol";
 import {Clones} from "@openzeppelin/contracts/proxy/Clones.sol";
-import {IConfidentialFungibleToken} from "./../interfaces/IConfidentialFungibleToken.sol";
-import {VestingWalletCliffConfidential} from "./VestingWalletCliffConfidential.sol";
+import {IERC7984} from "./../interfaces/IERC7984.sol";
 
 /**
  * @dev A factory which enables batch funding of vesting wallets.
  *
- * The {_deployVestingWalletImplementation} and {_initializeVestingWallet} functions remain unimplemented
- * to allow for custom implementations of the vesting wallet to be used.
+ * The {_deployVestingWalletImplementation}, {_initializeVestingWallet}, and {_validateVestingWalletInitArgs}
+ * functions remain unimplemented to allow for custom implementations of the vesting wallet to be used.
  */
 abstract contract VestingWalletConfidentialFactory {
     struct VestingPlan {
-        address beneficiary;
         externalEuint64 encryptedAmount;
-        uint48 startTimestamp;
-        uint48 durationSeconds;
-        uint48 cliffSeconds;
+        bytes initArgs;
     }
 
     address private immutable _vestingImplementation;
 
+    /// @dev Emitted for each vesting wallet funded within a batch.
     event VestingWalletConfidentialFunded(
         address indexed vestingWalletConfidential,
-        address indexed beneficiary,
-        address indexed confidentialFungibleToken,
-        euint64 encryptedAmount,
-        uint48 startTimestamp,
-        uint48 durationSeconds,
-        uint48 cliffSeconds,
-        address executor
-    );
-    event VestingWalletConfidentialCreated(
-        address indexed vestingWalletConfidential,
-        address indexed beneficiary,
-        uint48 startTimestamp,
-        uint48 durationSeconds,
-        uint48 cliffSeconds,
-        address indexed executor
+        address indexed token,
+        euint64 transferredAmount,
+        bytes initArgs
     );
+    /// @dev Emitted when a vesting wallet is deployed.
+    event VestingWalletConfidentialCreated(address indexed vestingWalletConfidential, bytes initArgs);
 
     constructor() {
         _vestingImplementation = _deployVestingWalletImplementation();
@@ -57,53 +43,26 @@ abstract contract VestingWalletConfidentialFactory {
      * Emits a {VestingWalletConfidentialFunded} event for each funded vesting plan.
      */
     function batchFundVestingWalletConfidential(
-        address confidentialFungibleToken,
+        address token,
         VestingPlan[] calldata vestingPlans,
-        address executor,
         bytes calldata inputProof
     ) public virtual {
         uint256 vestingPlansLength = vestingPlans.length;
         for (uint256 i = 0; i < vestingPlansLength; i++) {
             VestingPlan memory vestingPlan = vestingPlans[i];
-            require(
-                vestingPlan.cliffSeconds <= vestingPlan.durationSeconds,
-                VestingWalletCliffConfidential.VestingWalletCliffConfidentialInvalidCliffDuration(
-                    vestingPlan.cliffSeconds,
-                    vestingPlan.durationSeconds
-                )
-            );
-
-            require(vestingPlan.beneficiary != address(0), OwnableUpgradeable.OwnableInvalidOwner(address(0)));
-            address vestingWalletAddress = predictVestingWalletConfidential(
-                vestingPlan.beneficiary,
-                vestingPlan.startTimestamp,
-                vestingPlan.durationSeconds,
-                vestingPlan.cliffSeconds,
-                executor
-            );
+            _validateVestingWalletInitArgs(vestingPlan.initArgs);
 
-            euint64 transferredAmount;
-            {
-                // avoiding stack too deep with scope
-                euint64 encryptedAmount = FHE.fromExternal(vestingPlan.encryptedAmount, inputProof);
-                FHE.allowTransient(encryptedAmount, confidentialFungibleToken);
-                transferredAmount = IConfidentialFungibleToken(confidentialFungibleToken).confidentialTransferFrom(
-                    msg.sender,
-                    vestingWalletAddress,
-                    encryptedAmount
-                );
-            }
+            address vestingWalletAddress = predictVestingWalletConfidential(vestingPlan.initArgs);
 
-            emit VestingWalletConfidentialFunded(
+            euint64 encryptedAmount = FHE.fromExternal(vestingPlan.encryptedAmount, inputProof);
+            FHE.allowTransient(encryptedAmount, token);
+            euint64 transferredAmount = IERC7984(token).confidentialTransferFrom(
+                msg.sender,
                 vestingWalletAddress,
-                vestingPlan.beneficiary,
-                confidentialFungibleToken,
-                transferredAmount,
-                vestingPlan.startTimestamp,
-                vestingPlan.durationSeconds,
-                vestingPlan.cliffSeconds,
-                executor
+                encryptedAmount
             );
+
+            emit VestingWalletConfidentialFunded(vestingWalletAddress, token, transferredAmount, vestingPlan.initArgs);
         }
     }
 
@@ -112,75 +71,33 @@ abstract contract VestingWalletConfidentialFactory {
      *
      * Emits a {VestingWalletConfidentialCreated}.
      */
-    function createVestingWalletConfidential(
-        address beneficiary,
-        uint48 startTimestamp,
-        uint48 durationSeconds,
-        uint48 cliffSeconds,
-        address executor
-    ) public virtual returns (address) {
+    function createVestingWalletConfidential(bytes calldata initArgs) public virtual returns (address) {
         // Will revert if clone already created
         address vestingWalletConfidentialAddress = Clones.cloneDeterministic(
             _vestingImplementation,
-            _getCreate2VestingWalletConfidentialSalt(
-                beneficiary,
-                startTimestamp,
-                durationSeconds,
-                cliffSeconds,
-                executor
-            )
-        );
-        _initializeVestingWallet(
-            vestingWalletConfidentialAddress,
-            beneficiary,
-            startTimestamp,
-            durationSeconds,
-            cliffSeconds,
-            executor
-        );
-        emit VestingWalletConfidentialCreated(
-            beneficiary,
-            vestingWalletConfidentialAddress,
-            startTimestamp,
-            durationSeconds,
-            cliffSeconds,
-            executor
+            _getCreate2VestingWalletConfidentialSalt(initArgs)
         );
+        _initializeVestingWallet(vestingWalletConfidentialAddress, initArgs);
+        emit VestingWalletConfidentialCreated(vestingWalletConfidentialAddress, initArgs);
         return vestingWalletConfidentialAddress;
     }
 
     /**
      * @dev Predicts the deterministic address for a confidential vesting wallet.
      */
-    function predictVestingWalletConfidential(
-        address beneficiary,
-        uint48 startTimestamp,
-        uint48 durationSeconds,
-        uint48 cliffSeconds,
-        address executor
-    ) public view virtual returns (address) {
+    function predictVestingWalletConfidential(bytes memory initArgs) public view virtual returns (address) {
         return
             Clones.predictDeterministicAddress(
                 _vestingImplementation,
-                _getCreate2VestingWalletConfidentialSalt(
-                    beneficiary,
-                    startTimestamp,
-                    durationSeconds,
-                    cliffSeconds,
-                    executor
-                )
+                _getCreate2VestingWalletConfidentialSalt(initArgs)
             );
     }
 
+    /// @dev Virtual function that must be implemented to validate the initArgs bytes.
+    function _validateVestingWalletInitArgs(bytes memory initArgs) internal virtual;
+
     /// @dev Virtual function that must be implemented to initialize the vesting wallet at `vestingWalletAddress`.
-    function _initializeVestingWallet(
-        address vestingWalletAddress,
-        address beneficiary,
-        uint48 startTimestamp,
-        uint48 durationSeconds,
-        uint48 cliffSeconds,
-        address executor
-    ) internal virtual;
+    function _initializeVestingWallet(address vestingWalletAddress, bytes calldata initArgs) internal virtual;
 
     /**
      * @dev Internal function that is called once to deploy the vesting wallet implementation.
@@ -192,13 +109,7 @@ abstract contract VestingWalletConfidentialFactory {
     /**
      * @dev Gets create2 salt for a confidential vesting wallet.
      */
-    function _getCreate2VestingWalletConfidentialSalt(
-        address beneficiary,
-        uint48 startTimestamp,
-        uint48 durationSeconds,
-        uint48 cliffSeconds,
-        address executor
-    ) internal pure virtual returns (bytes32) {
-        return keccak256(abi.encodePacked(beneficiary, startTimestamp, durationSeconds, cliffSeconds, executor));
+    function _getCreate2VestingWalletConfidentialSalt(bytes memory initArgs) internal pure virtual returns (bytes32) {
+        return keccak256(initArgs);
     }
 }

package/governance/utils/VotesConfidential.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.2.0-rc.2) (governance/utils/VotesConfidential.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.2.0) (governance/utils/VotesConfidential.sol)
 pragma solidity ^0.8.24;
 
 import {FHE, ebool, euint64} from "@fhevm/solidity/lib/FHE.sol";
@@ -9,9 +9,25 @@ import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
 import {SafeCast} from "@openzeppelin/contracts/utils/math/SafeCast.sol";
 import {Nonces} from "@openzeppelin/contracts/utils/Nonces.sol";
 import {Time} from "@openzeppelin/contracts/utils/types/Time.sol";
+import {HandleAccessManager} from "./../../utils/HandleAccessManager.sol";
 import {CheckpointsConfidential} from "./../../utils/structs/CheckpointsConfidential.sol";
 
-abstract contract VotesConfidential is Nonces, EIP712, IERC6372 {
+/**
+ * @dev A confidential votes contract tracking confidential voting power of accounts over time.
+ * It features vote delegation to delegators.
+
+ * This contract keeps a history (checkpoints) of each account's confidential vote power. Confidential
+ * voting power can be delegated either by calling the {delegate} function directly, or by providing
+ * a signature to be used with {delegateBySig}. Confidential voting power handles can be queried
+ * through the public accessors {getVotes} and {getPastVotes} but can only be decrypted by accounts
+ * allowed to access them. Ensure that {HandleAccessManager-_validateHandleAllowance} is implemented properly, allowing all 
+ * necessary addresses to access voting power handles.
+ *
+ * By default, voting units does not account for voting power. This makes transfers of underlying
+ * voting units cheaper. The downside is that it requires users to delegate to themselves in order
+ * to activate checkpoints and have their voting power tracked.
+ */
+abstract contract VotesConfidential is Nonces, EIP712, IERC6372, HandleAccessManager {
     using FHE for *;
     using CheckpointsConfidential for CheckpointsConfidential.TraceEuint64;
 
@@ -168,7 +184,6 @@ abstract contract VotesConfidential is Nonces, EIP712, IERC6372 {
                 store = _delegateCheckpoints[from];
                 euint64 newValue = store.latest().sub(amount);
                 newValue.allowThis();
-                newValue.allow(from);
                 euint64 oldValue = _push(store, newValue);
                 emit DelegateVotesChanged(from, oldValue, newValue);
             }
@@ -176,7 +191,6 @@ abstract contract VotesConfidential is Nonces, EIP712, IERC6372 {
                 store = _delegateCheckpoints[to];
                 euint64 newValue = store.latest().add(amount);
                 newValue.allowThis();
-                newValue.allow(to);
                 euint64 oldValue = _push(store, newValue);
                 emit DelegateVotesChanged(to, oldValue, newValue);
             }

package/interfaces/{IConfidentialFungibleToken.sol → IERC7984.sol}

@@ -1,11 +1,11 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.2.0-rc.2) (interfaces/IConfidentialFungibleToken.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (interfaces/IERC7984.sol)
 pragma solidity ^0.8.24;
 
 import {euint64, externalEuint64} from "@fhevm/solidity/lib/FHE.sol";
 
-/// @dev Draft interface for a confidential fungible token standard utilizing the Zama TFHE library.
-interface IConfidentialFungibleToken {
+/// @dev Draft interface for a confidential fungible token standard utilizing the Zama FHE library.
+interface IERC7984 {
     /**
      * @dev Emitted when the expiration timestamp for an operator `operator` is updated for a given `holder`.
      * The operator may move any amount of tokens on behalf of the holder until the timestamp `until`.
@@ -32,8 +32,8 @@ interface IConfidentialFungibleToken {
     /// @dev Returns the number of decimals of the token. Recommended to be 6.
     function decimals() external view returns (uint8);
 
-    /// @dev Returns the token URI.
-    function tokenURI() external view returns (string memory);
+    /// @dev Returns the contract URI. See [ERC-7572](https://eips.ethereum.org/EIPS/eip-7572) for details.
+    function contractURI() external view returns (string memory);
 
     /// @dev Returns the confidential total supply of the token.
     function confidentialTotalSupply() external view returns (euint64);
@@ -91,7 +91,7 @@ interface IConfidentialFungibleToken {
      * @dev Similar to {confidentialTransfer-address-externalEuint64-bytes} but with a callback to `to` after
      * the transfer.
      *
-     * The callback is made to the {IConfidentialFungibleTokenReceiver-onConfidentialTransferReceived} function on the
+     * The callback is made to the {IERC7984Receiver-onConfidentialTransferReceived} function on the
      * to address with the actual transferred amount (may differ from the given `encryptedAmount`) and the given
      * data `data`.
      */

package/interfaces/{IConfidentialFungibleTokenReceiver.sol → IERC7984Receiver.sol}

@@ -1,11 +1,11 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.2.0-rc.2) (interfaces/IConfidentialFungibleTokenReceiver.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (interfaces/IERC7984Receiver.sol)
 pragma solidity ^0.8.24;
 
 import {ebool, euint64} from "@fhevm/solidity/lib/FHE.sol";
 
-/// @dev Interface for contracts that can receive confidential token transfers with a callback.
-interface IConfidentialFungibleTokenReceiver {
+/// @dev Interface for contracts that can receive ERC7984 transfers with a callback.
+interface IERC7984Receiver {
     /**
      * @dev Called upon receiving a confidential token transfer. Returns an encrypted boolean indicating success
      * of the callback. If false is returned, the transfer must be reversed.

package/interfaces/IERC7984Rwa.sol

@@ -0,0 +1,64 @@
+// SPDX-License-Identifier: MIT
+// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (interfaces/IERC7984Rwa.sol)
+pragma solidity ^0.8.24;
+
+import {externalEuint64, euint64} from "@fhevm/solidity/lib/FHE.sol";
+import {IERC165} from "@openzeppelin/contracts/interfaces/IERC165.sol";
+import {IERC7984} from "./IERC7984.sol";
+
+/// @dev Interface for confidential RWA contracts.
+interface IERC7984Rwa is IERC7984, IERC165 {
+    /// @dev Returns true if the contract is paused, false otherwise.
+    function paused() external view returns (bool);
+    /// @dev Returns whether an account is allowed to interact with the token.
+    function isUserAllowed(address account) external view returns (bool);
+    /// @dev Returns the confidential frozen balance of an account.
+    function confidentialFrozen(address account) external view returns (euint64);
+    /// @dev Returns the confidential available (unfrozen) balance of an account. Up to {IERC7984-confidentialBalanceOf}.
+    function confidentialAvailable(address account) external returns (euint64);
+    /// @dev Pauses contract.
+    function pause() external;
+    /// @dev Unpauses contract.
+    function unpause() external;
+    /// @dev Blocks a user account.
+    function blockUser(address account) external;
+    /// @dev Unblocks a user account.
+    function unblockUser(address account) external;
+    /// @dev Sets confidential amount of token for an account as frozen with proof.
+    function setConfidentialFrozen(
+        address account,
+        externalEuint64 encryptedAmount,
+        bytes calldata inputProof
+    ) external;
+    /// @dev Sets confidential amount of token for an account as frozen.
+    function setConfidentialFrozen(address account, euint64 encryptedAmount) external;
+    /// @dev Mints confidential amount of tokens to account with proof.
+    function confidentialMint(
+        address to,
+        externalEuint64 encryptedAmount,
+        bytes calldata inputProof
+    ) external returns (euint64);
+    /// @dev Mints confidential amount of tokens to account.
+    function confidentialMint(address to, euint64 encryptedAmount) external returns (euint64);
+    /// @dev Burns confidential amount of tokens from account with proof.
+    function confidentialBurn(
+        address account,
+        externalEuint64 encryptedAmount,
+        bytes calldata inputProof
+    ) external returns (euint64);
+    /// @dev Burns confidential amount of tokens from account.
+    function confidentialBurn(address account, euint64 encryptedAmount) external returns (euint64);
+    /// @dev Forces transfer of confidential amount of tokens from account to account with proof by skipping compliance checks.
+    function forceConfidentialTransferFrom(
+        address from,
+        address to,
+        externalEuint64 encryptedAmount,
+        bytes calldata inputProof
+    ) external returns (euint64);
+    /// @dev Forces transfer of confidential amount of tokens from account to account by skipping compliance checks.
+    function forceConfidentialTransferFrom(
+        address from,
+        address to,
+        euint64 encryptedAmount
+    ) external returns (euint64);
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@openzeppelin/confidential-contracts",
   "description": "Smart Contract library for use with confidential coprocessors",
-  "version": "0.2.0-rc.2",
+  "version": "0.3.0-rc.0",
   "files": [
     "**/*.sol",
     "/build/contracts/*.json",
@@ -32,8 +32,8 @@
   },
   "homepage": "https://openzeppelin.com/contracts/",
   "peerDependencies": {
-    "@fhevm/solidity": "0.7.0",
-    "@openzeppelin/contracts": "^5.3.0",
-    "@openzeppelin/contracts-upgradeable": "^5.3.0"
+    "@fhevm/solidity": "0.8.0",
+    "@openzeppelin/contracts": "^5.4.0",
+    "@openzeppelin/contracts-upgradeable": "^5.4.0"
   }
 }