@openzeppelin/confidential-contracts 0.3.0-rc.0 → 0.3.1

package/build/contracts/ERC7984Votes.json

@@ -143,11 +143,6 @@
       "name": "ERC7984ZeroBalance",
       "type": "error"
     },
-    {
-      "inputs": [],
-      "name": "HandlesAlreadySavedForRequestID",
-      "type": "error"
-    },
     {
       "inputs": [
         {
@@ -174,11 +169,6 @@
       "name": "InvalidShortString",
       "type": "error"
     },
-    {
-      "inputs": [],
-      "name": "NoHandleFoundForRequestID",
-      "type": "error"
-    },
     {
       "inputs": [
         {
@@ -217,6 +207,25 @@
       "name": "VotesExpiredSignature",
       "type": "error"
     },
+    {
+      "anonymous": false,
+      "inputs": [
+        {
+          "indexed": true,
+          "internalType": "euint64",
+          "name": "encryptedAmount",
+          "type": "bytes32"
+        },
+        {
+          "indexed": true,
+          "internalType": "address",
+          "name": "requester",
+          "type": "address"
+        }
+      ],
+      "name": "AmountDiscloseRequested",
+      "type": "event"
+    },
     {
       "anonymous": false,
       "inputs": [
@@ -261,19 +270,6 @@
       "name": "ConfidentialTransfer",
       "type": "event"
     },
-    {
-      "anonymous": false,
-      "inputs": [
-        {
-          "indexed": true,
-          "internalType": "uint256",
-          "name": "requestID",
-          "type": "uint256"
-        }
-      ],
-      "name": "DecryptionFulfilled",
-      "type": "event"
-    },
     {
       "anonymous": false,
       "inputs": [
@@ -355,6 +351,25 @@
       "name": "OperatorSet",
       "type": "event"
     },
+    {
+      "anonymous": false,
+      "inputs": [
+        {
+          "indexed": false,
+          "internalType": "bytes32[]",
+          "name": "handlesList",
+          "type": "bytes32[]"
+        },
+        {
+          "indexed": false,
+          "internalType": "bytes",
+          "name": "abiEncodedCleartexts",
+          "type": "bytes"
+        }
+      ],
+      "name": "PublicDecryptionVerified",
+      "type": "event"
+    },
     {
       "inputs": [],
       "name": "CLOCK_MODE",
@@ -767,6 +782,16 @@
           "internalType": "euint64",
           "name": "encryptedAmount",
           "type": "bytes32"
+        },
+        {
+          "internalType": "uint64",
+          "name": "cleartextAmount",
+          "type": "uint64"
+        },
+        {
+          "internalType": "bytes",
+          "name": "decryptionProof",
+          "type": "bytes"
         }
       ],
       "name": "discloseEncryptedAmount",
@@ -817,29 +842,6 @@
       "stateMutability": "view",
       "type": "function"
     },
-    {
-      "inputs": [
-        {
-          "internalType": "uint256",
-          "name": "requestId",
-          "type": "uint256"
-        },
-        {
-          "internalType": "bytes",
-          "name": "cleartexts",
-          "type": "bytes"
-        },
-        {
-          "internalType": "bytes",
-          "name": "decryptionProof",
-          "type": "bytes"
-        }
-      ],
-      "name": "finalizeDiscloseEncryptedAmount",
-      "outputs": [],
-      "stateMutability": "nonpayable",
-      "type": "function"
-    },
     {
       "inputs": [
         {
@@ -981,6 +983,19 @@
       "stateMutability": "view",
       "type": "function"
     },
+    {
+      "inputs": [
+        {
+          "internalType": "euint64",
+          "name": "encryptedAmount",
+          "type": "bytes32"
+        }
+      ],
+      "name": "requestDiscloseEncryptedAmount",
+      "outputs": [],
+      "stateMutability": "nonpayable",
+      "type": "function"
+    },
     {
       "inputs": [
         {
@@ -999,6 +1014,25 @@
       "stateMutability": "nonpayable",
       "type": "function"
     },
+    {
+      "inputs": [
+        {
+          "internalType": "bytes4",
+          "name": "interfaceId",
+          "type": "bytes4"
+        }
+      ],
+      "name": "supportsInterface",
+      "outputs": [
+        {
+          "internalType": "bool",
+          "name": "",
+          "type": "bool"
+        }
+      ],
+      "stateMutability": "view",
+      "type": "function"
+    },
     {
       "inputs": [],
       "name": "symbol",

package/build/contracts/FHESafeMath.json

@@ -3,8 +3,8 @@
   "contractName": "FHESafeMath",
   "sourceName": "contracts/utils/FHESafeMath.sol",
   "abi": [],
-  "bytecode": "0x60556032600b8282823980515f1a607314602657634e487b7160e01b5f525f60045260245ffd5b305f52607381538281f3fe730000000000000000000000000000000000000000301460806040525f5ffdfea2646970667358221220df78653c6284cdfbf02af47c7f879419dceafac61e80399ebb542433d66a52b464736f6c634300081d0033",
-  "deployedBytecode": "0x730000000000000000000000000000000000000000301460806040525f5ffdfea2646970667358221220df78653c6284cdfbf02af47c7f879419dceafac61e80399ebb542433d66a52b464736f6c634300081d0033",
+  "bytecode": "0x60556032600b8282823980515f1a607314602657634e487b7160e01b5f525f60045260245ffd5b305f52607381538281f3fe730000000000000000000000000000000000000000301460806040525f5ffdfea2646970667358221220dfd2955b2f5c80c39629efab80b102628759176a07e6500f461ab8aaee7442c364736f6c634300081d0033",
+  "deployedBytecode": "0x730000000000000000000000000000000000000000301460806040525f5ffdfea2646970667358221220dfd2955b2f5c80c39629efab80b102628759176a07e6500f461ab8aaee7442c364736f6c634300081d0033",
   "linkReferences": {},
   "deployedLinkReferences": {}
 }

package/build/contracts/IERC7984.json

@@ -437,6 +437,25 @@
       "stateMutability": "nonpayable",
       "type": "function"
     },
+    {
+      "inputs": [
+        {
+          "internalType": "bytes4",
+          "name": "interfaceId",
+          "type": "bytes4"
+        }
+      ],
+      "name": "supportsInterface",
+      "outputs": [
+        {
+          "internalType": "bool",
+          "name": "",
+          "type": "bool"
+        }
+      ],
+      "stateMutability": "view",
+      "type": "function"
+    },
     {
       "inputs": [],
       "name": "symbol",

package/finance/ERC7821WithExecutor.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.2.0) (finance/ERC7821WithExecutor.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (finance/ERC7821WithExecutor.sol)
 pragma solidity ^0.8.20;
 
 import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
@@ -15,8 +15,7 @@ abstract contract ERC7821WithExecutor is Initializable, ERC7821 {
     }
 
     // keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ERC7821WithExecutor")) - 1)) & ~bytes32(uint256(0xff))
-    // solhint-disable-next-line const-name-snakecase
-    bytes32 private constant ERC7821WithExecutorStorageLocation =
+    bytes32 private constant ERC7821_WITH_EXECUTOR_STORAGE_LOCATION =
         0x246106ffca67a7d3806ba14f6748826b9c39c9fa594b14f83fe454e8e9d0dc00;
 
     /// @dev Trusted address that is able to execute arbitrary calls from the vesting wallet via `ERC7821.execute`.
@@ -40,7 +39,7 @@ abstract contract ERC7821WithExecutor is Initializable, ERC7821 {
 
     function _getERC7821WithExecutorStorage() private pure returns (ERC7821WithExecutorStorage storage $) {
         assembly ("memory-safe") {
-            $.slot := ERC7821WithExecutorStorageLocation
+            $.slot := ERC7821_WITH_EXECUTOR_STORAGE_LOCATION
         }
     }
 }

package/finance/VestingWalletCliffConfidential.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.2.0) (finance/VestingWalletCliffConfidential.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (finance/VestingWalletCliffConfidential.sol)
 pragma solidity ^0.8.27;
 
 import {euint128} from "@fhevm/solidity/lib/FHE.sol";
@@ -16,8 +16,7 @@ abstract contract VestingWalletCliffConfidential is VestingWalletConfidential {
     }
 
     // keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.VestingWalletCliffConfidential")) - 1)) & ~bytes32(uint256(0xff))
-    // solhint-disable-next-line const-name-snakecase
-    bytes32 private constant VestingWalletCliffStorageLocation =
+    bytes32 private constant VESTING_WALLET_CLIFF_STORAGE_LOCATION =
         0x3c715f77db997bdb68403fafb54820cd57dedce553ed6315028656b0d601c700;
 
     /// @dev The specified cliff duration is larger than the vesting duration.
@@ -67,7 +66,7 @@ abstract contract VestingWalletCliffConfidential is VestingWalletConfidential {
 
     function _getVestingWalletCliffStorage() private pure returns (VestingWalletCliffStorage storage $) {
         assembly ("memory-safe") {
-            $.slot := VestingWalletCliffStorageLocation
+            $.slot := VESTING_WALLET_CLIFF_STORAGE_LOCATION
         }
     }
 }

package/finance/VestingWalletConfidential.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (finance/VestingWalletConfidential.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (finance/VestingWalletConfidential.sol)
 pragma solidity ^0.8.24;
 
 import {FHE, ebool, euint64, euint128} from "@fhevm/solidity/lib/FHE.sol";
@@ -34,8 +34,7 @@ abstract contract VestingWalletConfidential is OwnableUpgradeable, ReentrancyGua
     }
 
     // keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.VestingWalletConfidential")) - 1)) & ~bytes32(uint256(0xff))
-    // solhint-disable-next-line const-name-snakecase
-    bytes32 private constant VestingWalletStorageLocation =
+    bytes32 private constant VESTING_WALLET_STORAGE_LOCATION =
         0x78ce9ee9eb65fa0cf5bf10e861c3a95cb7c3c713c96ab1e5323a21e846796800;
 
     /// @dev Emitted when releasable vested tokens are released.
@@ -136,7 +135,7 @@ abstract contract VestingWalletConfidential is OwnableUpgradeable, ReentrancyGua
 
     function _getVestingWalletStorage() private pure returns (VestingWalletStorage storage $) {
         assembly ("memory-safe") {
-            $.slot := VestingWalletStorageLocation
+            $.slot := VESTING_WALLET_STORAGE_LOCATION
         }
     }
 }

package/finance/VestingWalletConfidentialFactory.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (finance/VestingWalletConfidentialFactory.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (finance/VestingWalletConfidentialFactory.sol)
 pragma solidity ^0.8.27;
 
 import {FHE, euint64, externalEuint64} from "@fhevm/solidity/lib/FHE.sol";

package/interfaces/IERC7984.sol

@@ -1,11 +1,12 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (interfaces/IERC7984.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (interfaces/IERC7984.sol)
 pragma solidity ^0.8.24;
 
 import {euint64, externalEuint64} from "@fhevm/solidity/lib/FHE.sol";
+import {IERC165} from "@openzeppelin/contracts/interfaces/IERC165.sol";
 
 /// @dev Draft interface for a confidential fungible token standard utilizing the Zama FHE library.
-interface IERC7984 {
+interface IERC7984 is IERC165 {
     /**
      * @dev Emitted when the expiration timestamp for an operator `operator` is updated for a given `holder`.
      * The operator may move any amount of tokens on behalf of the holder until the timestamp `until`.
@@ -32,7 +33,7 @@ interface IERC7984 {
     /// @dev Returns the number of decimals of the token. Recommended to be 6.
     function decimals() external view returns (uint8);
 
-    /// @dev Returns the contract URI. See [ERC-7572](https://eips.ethereum.org/EIPS/eip-7572) for details.
+    /// @dev Returns the contract URI. See https://eips.ethereum.org/EIPS/eip-7572[ERC-7572] for details.
     function contractURI() external view returns (string memory);
 
     /// @dev Returns the confidential total supply of the token.

package/interfaces/IERC7984Receiver.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (interfaces/IERC7984Receiver.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (interfaces/IERC7984Receiver.sol)
 pragma solidity ^0.8.24;
 
 import {ebool, euint64} from "@fhevm/solidity/lib/FHE.sol";

package/interfaces/IERC7984Rwa.sol

@@ -1,13 +1,12 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (interfaces/IERC7984Rwa.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (interfaces/IERC7984Rwa.sol)
 pragma solidity ^0.8.24;
 
 import {externalEuint64, euint64} from "@fhevm/solidity/lib/FHE.sol";
-import {IERC165} from "@openzeppelin/contracts/interfaces/IERC165.sol";
 import {IERC7984} from "./IERC7984.sol";
 
 /// @dev Interface for confidential RWA contracts.
-interface IERC7984Rwa is IERC7984, IERC165 {
+interface IERC7984Rwa is IERC7984 {
     /// @dev Returns true if the contract is paused, false otherwise.
     function paused() external view returns (bool);
     /// @dev Returns whether an account is allowed to interact with the token.

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@openzeppelin/confidential-contracts",
   "description": "Smart Contract library for use with confidential coprocessors",
-  "version": "0.3.0-rc.0",
+  "version": "0.3.1",
   "files": [
     "**/*.sol",
     "/build/contracts/*.json",
@@ -32,7 +32,7 @@
   },
   "homepage": "https://openzeppelin.com/contracts/",
   "peerDependencies": {
-    "@fhevm/solidity": "0.8.0",
+    "@fhevm/solidity": "0.9.1",
     "@openzeppelin/contracts": "^5.4.0",
     "@openzeppelin/contracts-upgradeable": "^5.4.0"
   }

package/token/ERC7984/ERC7984.sol

@@ -1,8 +1,10 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (token/ERC7984/ERC7984.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.0) (token/ERC7984/ERC7984.sol)
 pragma solidity ^0.8.27;
 
 import {FHE, externalEuint64, ebool, euint64} from "@fhevm/solidity/lib/FHE.sol";
+import {ERC165} from "@openzeppelin/contracts/utils/introspection/ERC165.sol";
+import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
 import {IERC7984} from "./../../interfaces/IERC7984.sol";
 import {FHESafeMath} from "./../../utils/FHESafeMath.sol";
 import {ERC7984Utils} from "./utils/ERC7984Utils.sol";
@@ -22,7 +24,7 @@ import {ERC7984Utils} from "./utils/ERC7984Utils.sol";
  * - Transfer and call pattern
  * - Safe overflow/underflow handling for FHE operations
  */
-abstract contract ERC7984 is IERC7984 {
+abstract contract ERC7984 is IERC7984, ERC165 {
     mapping(address holder => euint64) private _balances;
     mapping(address holder => mapping(address spender => uint48)) private _operators;
     euint64 private _totalSupply;
@@ -30,6 +32,9 @@ abstract contract ERC7984 is IERC7984 {
     string private _symbol;
     string private _contractURI;
 
+    /// @dev Emitted when an encrypted amount `encryptedAmount` is requested for disclosure by `requester`.
+    event AmountDiscloseRequested(euint64 indexed encryptedAmount, address indexed requester);
+
     /// @dev The given receiver `receiver` is invalid for transfers.
     error ERC7984InvalidReceiver(address receiver);
 
@@ -61,6 +66,11 @@ abstract contract ERC7984 is IERC7984 {
         _contractURI = contractURI_;
     }
 
+    /// @inheritdoc ERC165
+    function supportsInterface(bytes4 interfaceId) public view virtual override(IERC165, ERC165) returns (bool) {
+        return interfaceId == type(IERC7984).interfaceId || super.supportsInterface(interfaceId);
+    }
+
     /// @inheritdoc IERC7984
     function name() public view virtual returns (string memory) {
         return _name;
@@ -189,42 +199,39 @@ abstract contract ERC7984 is IERC7984 {
     }
 
     /**
-     * @dev Discloses an encrypted amount `encryptedAmount` publicly via an {IERC7984-AmountDisclosed}
-     * event. The caller and this contract must be authorized to use the encrypted amount on the ACL.
+     * @dev Starts the process to disclose an encrypted amount `encryptedAmount` publicly by making it
+     * publicly decryptable. Emits the {AmountDiscloseRequested} event.
      *
-     * NOTE: This is an asynchronous operation where the actual decryption happens off-chain and
-     * {finalizeDiscloseEncryptedAmount} is called with the result.
+     * NOTE: Both `msg.sender` and `address(this)` must have permission to access the encrypted amount
+     * `encryptedAmount` to request disclosure of the encrypted amount `encryptedAmount`.
      */
-    function discloseEncryptedAmount(euint64 encryptedAmount) public virtual {
+    function requestDiscloseEncryptedAmount(euint64 encryptedAmount) public virtual {
         require(
             FHE.isAllowed(encryptedAmount, msg.sender),
             ERC7984UnauthorizedUseOfEncryptedAmount(encryptedAmount, msg.sender)
         );
 
-        bytes32[] memory cts = new bytes32[](1);
-        cts[0] = euint64.unwrap(encryptedAmount);
-        FHE.requestDecryption(cts, this.finalizeDiscloseEncryptedAmount.selector);
+        FHE.makePubliclyDecryptable(encryptedAmount);
+        emit AmountDiscloseRequested(encryptedAmount, msg.sender);
     }
 
     /**
-     * @dev Finalizes a disclose encrypted amount request.
-     * For gas saving purposes, the `requestId` might not be related to a
-     * {discloseEncryptedAmount} request. As a result, the current {finalizeDiscloseEncryptedAmount}
-     * function might emit a disclosed amount related to another decryption request context.
-     * In this case it would only display public information
-     * since the handle would have already been allowed for public decryption through a previous
-     * `FHE.requestDecryption` call.
-     * The downside of this behavior is that a {finalizeDiscloseEncryptedAmount} watcher might observe
-     * unexpected `AmountDisclosed` events.
+     * @dev Publicly discloses an encrypted value with a given decryption proof. Emits the {AmountDisclosed} event.
+     *
+     * NOTE: May not be tied to a prior request via {requestDiscloseEncryptedAmount}.
      */
-    function finalizeDiscloseEncryptedAmount(
-        uint256 requestId,
-        bytes calldata cleartexts,
+    function discloseEncryptedAmount(
+        euint64 encryptedAmount,
+        uint64 cleartextAmount,
         bytes calldata decryptionProof
     ) public virtual {
-        FHE.checkSignatures(requestId, cleartexts, decryptionProof);
-        euint64 requestHandle = euint64.wrap(FHE.loadRequestedHandles(requestId)[0]);
-        emit AmountDisclosed(requestHandle, abi.decode(cleartexts, (uint64)));
+        bytes32[] memory handles = new bytes32[](1);
+        handles[0] = euint64.unwrap(encryptedAmount);
+
+        bytes memory cleartextMemory = abi.encode(cleartextAmount);
+
+        FHE.checkSignatures(handles, cleartextMemory, decryptionProof);
+        emit AmountDisclosed(encryptedAmount, cleartextAmount);
     }
 
     function _setOperator(address holder, address operator, uint48 until) internal virtual {

package/token/ERC7984/extensions/ERC7984ERC20Wrapper.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-// OpenZeppelin Confidential Contracts (last updated v0.3.0-rc.0) (token/ERC7984/extensions/ERC7984ERC20Wrapper.sol)
+// OpenZeppelin Confidential Contracts (last updated v0.3.1) (token/ERC7984/extensions/ERC7984ERC20Wrapper.sol)
 
 pragma solidity ^0.8.27;
 
@@ -24,8 +24,13 @@ abstract contract ERC7984ERC20Wrapper is ERC7984, IERC1363Receiver {
     uint8 private immutable _decimals;
     uint256 private immutable _rate;
 
-    /// @dev Mapping from gateway decryption request ID to the address that will receive the tokens
-    mapping(uint256 decryptionRequest => address) private _receivers;
+    mapping(euint64 unwrapAmount => address recipient) private _unwrapRequests;
+
+    event UnwrapRequested(address indexed receiver, euint64 amount);
+    event UnwrapFinalized(address indexed receiver, euint64 encryptedAmount, uint64 cleartextAmount);
+
+    error InvalidUnwrapRequest(euint64 amount);
+    error ERC7984TotalSupplyOverflow();
 
     constructor(IERC20 underlying_) {
         _underlying = underlying_;
@@ -41,28 +46,10 @@ abstract contract ERC7984ERC20Wrapper is ERC7984, IERC1363Receiver {
         }
     }
 
-    /// @inheritdoc ERC7984
-    function decimals() public view virtual override returns (uint8) {
-        return _decimals;
-    }
-
-    /**
-     * @dev Returns the rate at which the underlying token is converted to the wrapped token.
-     * For example, if the `rate` is 1000, then 1000 units of the underlying token equal 1 unit of the wrapped token.
-     */
-    function rate() public view virtual returns (uint256) {
-        return _rate;
-    }
-
-    /// @dev Returns the address of the underlying ERC-20 token that is being wrapped.
-    function underlying() public view returns (IERC20) {
-        return _underlying;
-    }
-
     /**
      * @dev `ERC1363` callback function which wraps tokens to the address specified in `data` or
      * the address `from` (if no address is specified in `data`). This function refunds any excess tokens
-     * sent beyond the nearest multiple of {rate}. See {wrap} from more details on wrapping tokens.
+     * sent beyond the nearest multiple of {rate} to `from`. See {wrap} from more details on wrapping tokens.
      */
     function onTransferReceived(
         address /*operator*/,
@@ -102,8 +89,7 @@ abstract contract ERC7984ERC20Wrapper is ERC7984, IERC1363Receiver {
      * @dev Unwraps tokens from `from` and sends the underlying tokens to `to`. The caller must be `from`
      * or be an approved operator for `from`. `amount * rate()` underlying tokens are sent to `to`.
      *
-     * NOTE: This is an asynchronous function and waits for decryption to be completed off-chain before disbursing
-     * tokens.
+     * NOTE: The unwrap request created by this function must be finalized by calling {finalizeUnwrap}.
      * NOTE: The caller *must* already be approved by ACL for the given `amount`.
      */
     function unwrap(address from, address to, euint64 amount) public virtual {
@@ -124,36 +110,97 @@ abstract contract ERC7984ERC20Wrapper is ERC7984, IERC1363Receiver {
         _unwrap(from, to, FHE.fromExternal(encryptedAmount, inputProof));
     }
 
-    /**
-     * @dev Fills an unwrap request for a given request id related to a decrypted unwrap amount.
-     */
+    /// @dev Fills an unwrap request for a given cipher-text `burntAmount` with the `cleartextAmount` and `decryptionProof`.
     function finalizeUnwrap(
-        uint256 requestID,
-        bytes calldata cleartexts,
+        euint64 burntAmount,
+        uint64 burntAmountCleartext,
         bytes calldata decryptionProof
     ) public virtual {
-        FHE.checkSignatures(requestID, cleartexts, decryptionProof);
-        address to = _receivers[requestID];
-        require(to != address(0), ERC7984InvalidGatewayRequest(requestID));
-        delete _receivers[requestID];
+        address to = _unwrapRequests[burntAmount];
+        require(to != address(0), InvalidUnwrapRequest(burntAmount));
+        delete _unwrapRequests[burntAmount];
+
+        bytes32[] memory handles = new bytes32[](1);
+        handles[0] = euint64.unwrap(burntAmount);
+
+        bytes memory cleartexts = abi.encode(burntAmountCleartext);
 
-        SafeERC20.safeTransfer(underlying(), to, abi.decode(cleartexts, (uint64)) * rate());
+        FHE.checkSignatures(handles, cleartexts, decryptionProof);
+
+        SafeERC20.safeTransfer(underlying(), to, burntAmountCleartext * rate());
+
+        emit UnwrapFinalized(to, burntAmount, burntAmountCleartext);
+    }
+
+    /// @inheritdoc ERC7984
+    function decimals() public view virtual override returns (uint8) {
+        return _decimals;
+    }
+
+    /**
+     * @dev Returns the rate at which the underlying token is converted to the wrapped token.
+     * For example, if the `rate` is 1000, then 1000 units of the underlying token equal 1 unit of the wrapped token.
+     */
+    function rate() public view virtual returns (uint256) {
+        return _rate;
+    }
+
+    /// @dev Returns the address of the underlying ERC-20 token that is being wrapped.
+    function underlying() public view returns (IERC20) {
+        return _underlying;
+    }
+
+    /**
+     * @dev Returns the underlying balance divided by the {rate}, a value greater or equal to the actual
+     * {confidentialTotalSupply}.
+     *
+     * NOTE: The return value of this function can be inflated by directly sending underlying tokens to the wrapper contract.
+     * Reductions will lag compared to {confidentialTotalSupply} since it is updated on {unwrap} while this function updates
+     * on {finalizeUnwrap}.
+     */
+    function inferredTotalSupply() public view virtual returns (uint256) {
+        return underlying().balanceOf(address(this)) / rate();
+    }
+
+    /// @dev Returns the maximum total supply of wrapped tokens supported by the encrypted datatype.
+    function maxTotalSupply() public view virtual returns (uint256) {
+        return type(uint64).max;
+    }
+
+    /**
+     * @dev This function must revert if the new {confidentialTotalSupply} is invalid (overflow occurred).
+     *
+     * NOTE: Overflow can be detected here since the wrapper holdings are non-confidential. In other cases, it may be impossible
+     * to infer total supply overflow synchronously. This function may revert even if the {confidentialTotalSupply} did
+     * not overflow.
+     */
+    function _checkConfidentialTotalSupply() internal virtual {
+        if (inferredTotalSupply() > maxTotalSupply()) {
+            revert ERC7984TotalSupplyOverflow();
+        }
+    }
+
+    /// @inheritdoc ERC7984
+    function _update(address from, address to, euint64 amount) internal virtual override returns (euint64) {
+        if (from == address(0)) {
+            _checkConfidentialTotalSupply();
+        }
+        return super._update(from, to, amount);
     }
 
+    /// @dev Internal logic for handling the creation of unwrap requests.
     function _unwrap(address from, address to, euint64 amount) internal virtual {
         require(to != address(0), ERC7984InvalidReceiver(to));
         require(from == msg.sender || isOperator(from, msg.sender), ERC7984UnauthorizedSpender(from, msg.sender));
 
         // try to burn, see how much we actually got
         euint64 burntAmount = _burn(from, amount);
+        FHE.makePubliclyDecryptable(burntAmount);
 
-        // decrypt that burntAmount
-        bytes32[] memory cts = new bytes32[](1);
-        cts[0] = euint64.unwrap(burntAmount);
-        uint256 requestID = FHE.requestDecryption(cts, this.finalizeUnwrap.selector);
+        assert(_unwrapRequests[burntAmount] == address(0));
+        _unwrapRequests[burntAmount] = to;
 
-        // register who is getting the tokens
-        _receivers[requestID] = to;
+        emit UnwrapRequested(to, burntAmount);
     }
 
     /**