create-fhevm-example 1.3.1 → 1.4.0

package/test/basic/decryption/PublicDecryptSingleValue.ts

@@ -0,0 +1,264 @@
+import { HardhatEthersSigner } from "@nomicfoundation/hardhat-ethers/signers";
+import { expect } from "chai";
+import { ethers as EthersT } from "ethers";
+import { ethers, fhevm } from "hardhat";
+import * as hre from "hardhat";
+
+import { HeadsOrTails, HeadsOrTails__factory } from "../types";
+import { Signers } from "./types";
+
+async function deployFixture() {
+  // Contracts are deployed using the first signer/account by default
+  const factory = (await ethers.getContractFactory(
+    "HeadsOrTails"
+  )) as HeadsOrTails__factory;
+  const headsOrTails = (await factory.deploy()) as HeadsOrTails;
+  const headsOrTails_address = await headsOrTails.getAddress();
+
+  return { headsOrTails, headsOrTails_address };
+}
+
+describe("HeadsOrTails", function () {
+  let contract: HeadsOrTails;
+  let contractAddress: string;
+  let signers: Signers;
+  let playerA: HardhatEthersSigner;
+  let playerB: HardhatEthersSigner;
+
+  before(async function () {
+    // Check whether the tests are running against an FHEVM mock environment
+    if (!hre.fhevm.isMock) {
+      throw new Error(`This hardhat test suite cannot run on Sepolia Testnet`);
+    }
+
+    const ethSigners: HardhatEthersSigner[] = await ethers.getSigners();
+    signers = {
+      owner: ethSigners[0],
+      alice: ethSigners[1],
+      bob: ethSigners[2],
+    };
+
+    playerA = signers.alice;
+    playerB = signers.bob;
+  });
+
+  beforeEach(async function () {
+    // Deploy a new contract each time we run a new test
+    const deployment = await deployFixture();
+    contractAddress = deployment.headsOrTails_address;
+    contract = deployment.headsOrTails;
+  });
+
+  /**
+   * Helper: Parses the GameCreated event from a transaction receipt.
+   * WARNING: This function is for illustrative purposes only and is not production-ready
+   * (it does not handle several events in same tx).
+   */
+  function parseGameCreatedEvent(
+    txReceipt: EthersT.ContractTransactionReceipt | null
+  ): {
+    txHash: `0x${string}`;
+    gameId: number;
+    headsPlayer: `0x${string}`;
+    tailsPlayer: `0x${string}`;
+    encryptedHasHeadsWon: `0x${string}`;
+  } {
+    const gameCreatedEvents: Array<{
+      txHash: `0x${string}`;
+      gameId: number;
+      headsPlayer: `0x${string}`;
+      tailsPlayer: `0x${string}`;
+      encryptedHasHeadsWon: `0x${string}`;
+    }> = [];
+
+    if (txReceipt) {
+      const logs = Array.isArray(txReceipt.logs)
+        ? txReceipt.logs
+        : [txReceipt.logs];
+      for (let i = 0; i < logs.length; ++i) {
+        const parsedLog = contract.interface.parseLog(logs[i]);
+        if (!parsedLog || parsedLog.name !== "GameCreated") {
+          continue;
+        }
+        const ge = {
+          txHash: txReceipt.hash as `0x${string}`,
+          gameId: Number(parsedLog.args[0]),
+          headsPlayer: parsedLog.args[1],
+          tailsPlayer: parsedLog.args[2],
+          encryptedHasHeadsWon: parsedLog.args[3],
+        };
+        gameCreatedEvents.push(ge);
+      }
+    }
+
+    // In this example, we expect on one single GameCreated event
+    expect(gameCreatedEvents.length).to.eq(1);
+
+    return gameCreatedEvents[0];
+  }
+
+  // ✅ Test should succeed
+  it("decryption should succeed", async function () {
+    console.log(``);
+    console.log(`🎲 HeadsOrTails Game contract address: ${contractAddress}`);
+    console.log(`   🤖 playerA.address: ${playerA.address}`);
+    console.log(`   🎃 playerB.address: ${playerB.address}`);
+    console.log(``);
+
+    // Starts a new Heads or Tails game. This will emit a `GameCreated` event
+    const tx = await contract
+      .connect(signers.owner)
+      .headsOrTails(playerA, playerB);
+
+    // Parse the `GameCreated` event
+    const gameCreatedEvent = parseGameCreatedEvent(await tx.wait());
+
+    // GameId is 1 since we are playing the first game
+    expect(gameCreatedEvent.gameId).to.eq(1);
+    expect(gameCreatedEvent.headsPlayer).to.eq(playerA.address);
+    expect(gameCreatedEvent.tailsPlayer).to.eq(playerB.address);
+    expect(await contract.getGamesCount()).to.eq(1);
+
+    console.log(`✅ New game #${gameCreatedEvent.gameId} created!`);
+    console.log(JSON.stringify(gameCreatedEvent, null, 2));
+
+    const gameId = gameCreatedEvent.gameId;
+    const encryptedBool: string = gameCreatedEvent.encryptedHasHeadsWon;
+
+    // Call the Zama Relayer to compute the decryption
+    const publicDecryptResults = await fhevm.publicDecrypt([encryptedBool]);
+
+    // The Relayer returns a `PublicDecryptResults` object containing:
+    // - the ORDERED clear values (here we have only one single value)
+    // - the ORDERED clear values in ABI-encoded form
+    // - the KMS decryption proof associated with the ORDERED clear values in ABI-encoded form
+    const abiEncodedClearGameResult =
+      publicDecryptResults.abiEncodedClearValues;
+    const decryptionProof = publicDecryptResults.decryptionProof;
+
+    // Let's forward the `PublicDecryptResults` content to the on-chain contract whose job
+    // will simply be to verify the proof and declare the final winner of the game
+    await contract.recordAndVerifyWinner(
+      gameId,
+      abiEncodedClearGameResult,
+      decryptionProof
+    );
+
+    const winner = await contract.getWinner(gameId);
+
+    expect(winner === playerA.address || winner === playerB.address).to.eq(
+      true
+    );
+
+    console.log(``);
+    if (winner === playerA.address) {
+      console.log(`🤖 playerA is the winner 🥇🥇`);
+    } else if (winner === playerB.address) {
+      console.log(`🎃 playerB is the winner 🥇🥇`);
+    }
+  });
+
+  // ❌ The test must fail if the decryption proof is invalid
+  it("should fail when the decryption proof is invalid", async function () {
+    const tx = await contract
+      .connect(signers.owner)
+      .headsOrTails(playerA, playerB);
+    const gameCreatedEvent = parseGameCreatedEvent(await tx.wait());
+
+    const publicDecryptResults = await fhevm.publicDecrypt([
+      gameCreatedEvent.encryptedHasHeadsWon,
+    ]);
+    await expect(
+      contract.recordAndVerifyWinner(
+        gameCreatedEvent.gameId,
+        publicDecryptResults.abiEncodedClearValues,
+        publicDecryptResults.decryptionProof + "dead"
+      )
+    ).to.be.revertedWithCustomError(
+      {
+        interface: new EthersT.Interface([
+          "error KMSInvalidSigner(address invalidSigner)",
+        ]),
+      },
+      "KMSInvalidSigner"
+    );
+  });
+
+  // ❌ The test must fail if a malicious operator attempts to use a decryption proof
+  // with a forged game result.
+  it("should fail when using a decryption proof with a forged game result", async function () {
+    const tx = await contract
+      .connect(signers.owner)
+      .headsOrTails(playerA, playerB);
+    const gameCreatedEvent = parseGameCreatedEvent(await tx.wait());
+
+    const publicDecryptResults = await fhevm.publicDecrypt([
+      gameCreatedEvent.encryptedHasHeadsWon,
+    ]);
+    const clearHeadsHasWon =
+      publicDecryptResults.clearValues[gameCreatedEvent.encryptedHasHeadsWon];
+
+    // The clear value is also ABI-encoded
+    const decodedHeadsHasWon = EthersT.AbiCoder.defaultAbiCoder().decode(
+      ["bool"],
+      publicDecryptResults.abiEncodedClearValues
+    )[0];
+    expect(decodedHeadsHasWon).to.eq(clearHeadsHasWon);
+
+    // Let's try to forge the game result
+    const forgedABIEncodedClearValues =
+      EthersT.AbiCoder.defaultAbiCoder().encode(["bool"], [!clearHeadsHasWon]);
+
+    await expect(
+      contract.recordAndVerifyWinner(
+        gameCreatedEvent.gameId,
+        forgedABIEncodedClearValues,
+        publicDecryptResults.decryptionProof
+      )
+    ).to.be.revertedWithCustomError(
+      {
+        interface: new EthersT.Interface([
+          "error KMSInvalidSigner(address invalidSigner)",
+        ]),
+      },
+      "KMSInvalidSigner"
+    );
+  });
+
+  // ❌ Two games (Game1 and Game2) are played between playerA and playerB.
+  // The test must fail if a malicious operator attempts to forge the result of Game1
+  // with the result of Game2
+  it("should fail when using the result of a different game", async function () {
+    // Game 1
+    const tx1 = await contract
+      .connect(signers.owner)
+      .headsOrTails(playerA, playerB);
+    const gameCreatedEvent1 = parseGameCreatedEvent(await tx1.wait());
+
+    // Game 2
+    const tx2 = await contract
+      .connect(signers.owner)
+      .headsOrTails(playerA, playerB);
+    const gameCreatedEvent2 = parseGameCreatedEvent(await tx2.wait());
+
+    // Let's try to forge the Game1's winner using the result of Game2
+    const publicDecryptResults2 = await fhevm.publicDecrypt([
+      gameCreatedEvent2.encryptedHasHeadsWon,
+    ]);
+
+    await expect(
+      contract.recordAndVerifyWinner(
+        gameCreatedEvent1.gameId,
+        publicDecryptResults2.abiEncodedClearValues,
+        publicDecryptResults2.decryptionProof
+      )
+    ).to.be.revertedWithCustomError(
+      {
+        interface: new EthersT.Interface([
+          "error KMSInvalidSigner(address invalidSigner)",
+        ]),
+      },
+      "KMSInvalidSigner"
+    );
+  });
+});

package/test/basic/decryption/UserDecryptMultipleValues.ts

@@ -0,0 +1,107 @@
+import {
+  UserDecryptMultipleValues,
+  UserDecryptMultipleValues__factory,
+} from "../types";
+import type { Signers } from "./types";
+import { HardhatFhevmRuntimeEnvironment } from "@fhevm/hardhat-plugin";
+import { utils as fhevm_utils } from "@fhevm/mock-utils";
+import { HardhatEthersSigner } from "@nomicfoundation/hardhat-ethers/signers";
+import { DecryptedResults } from "@zama-fhe/relayer-sdk";
+import { expect } from "chai";
+import { ethers } from "hardhat";
+import * as hre from "hardhat";
+
+async function deployFixture() {
+  // Contracts are deployed using the first signer/account by default
+  const factory = (await ethers.getContractFactory(
+    "UserDecryptMultipleValues"
+  )) as UserDecryptMultipleValues__factory;
+  const userDecryptMultipleValues =
+    (await factory.deploy()) as UserDecryptMultipleValues;
+  const userDecryptMultipleValues_address =
+    await userDecryptMultipleValues.getAddress();
+
+  return { userDecryptMultipleValues, userDecryptMultipleValues_address };
+}
+
+/**
+ * This trivial example demonstrates the FHE user decryption mechanism
+ * and highlights a common pitfall developers may encounter.
+ */
+describe("UserDecryptMultipleValues", function () {
+  let contract: UserDecryptMultipleValues;
+  let contractAddress: string;
+  let signers: Signers;
+
+  before(async function () {
+    // Check whether the tests are running against an FHEVM mock environment
+    if (!hre.fhevm.isMock) {
+      throw new Error(`This hardhat test suite cannot run on Sepolia Testnet`);
+    }
+
+    const ethSigners: HardhatEthersSigner[] = await ethers.getSigners();
+    signers = { owner: ethSigners[0], alice: ethSigners[1] };
+  });
+
+  beforeEach(async function () {
+    // Deploy a new contract each time we run a new test
+    const deployment = await deployFixture();
+    contractAddress = deployment.userDecryptMultipleValues_address;
+    contract = deployment.userDecryptMultipleValues;
+  });
+
+  // ✅ Test should succeed
+  it("user decryption should succeed", async function () {
+    const tx = await contract
+      .connect(signers.alice)
+      .initialize(true, 123456, 78901234567);
+    await tx.wait();
+
+    const encryptedBool = await contract.encryptedBool();
+    const encryptedUint32 = await contract.encryptedUint32();
+    const encryptedUint64 = await contract.encryptedUint64();
+
+    // The FHEVM Hardhat plugin provides a set of convenient helper functions
+    // that make it easy to perform FHEVM operations within your Hardhat environment.
+    const fhevm: HardhatFhevmRuntimeEnvironment = hre.fhevm;
+
+    const aliceKeypair = fhevm.generateKeypair();
+
+    const startTimestamp = fhevm_utils.timestampNow();
+    const durationDays = 365;
+
+    const aliceEip712 = fhevm.createEIP712(
+      aliceKeypair.publicKey,
+      [contractAddress],
+      startTimestamp,
+      durationDays
+    );
+    const aliceSignature = await signers.alice.signTypedData(
+      aliceEip712.domain,
+      {
+        UserDecryptRequestVerification:
+          aliceEip712.types.UserDecryptRequestVerification,
+      },
+      aliceEip712.message
+    );
+
+    const decrytepResults: DecryptedResults = await fhevm.userDecrypt(
+      [
+        { handle: encryptedBool, contractAddress: contractAddress },
+        { handle: encryptedUint32, contractAddress: contractAddress },
+        { handle: encryptedUint64, contractAddress: contractAddress },
+      ],
+      aliceKeypair.privateKey,
+      aliceKeypair.publicKey,
+      aliceSignature,
+      [contractAddress],
+      signers.alice.address,
+      startTimestamp,
+      durationDays
+    );
+
+    expect(decrytepResults[encryptedBool]).to.equal(true);
+    expect(decrytepResults[encryptedUint32]).to.equal(123456 + 1);
+    expect(decrytepResults[encryptedUint64]).to.equal(78901234567 + 1);
+  });
+});

package/test/basic/decryption/UserDecryptSingleValue.ts

@@ -0,0 +1,97 @@
+import {
+  UserDecryptSingleValue,
+  UserDecryptSingleValue__factory,
+} from "../types";
+import type { Signers } from "./types";
+import {
+  FhevmType,
+  HardhatFhevmRuntimeEnvironment,
+} from "@fhevm/hardhat-plugin";
+import { HardhatEthersSigner } from "@nomicfoundation/hardhat-ethers/signers";
+import { expect } from "chai";
+import { ethers } from "hardhat";
+import * as hre from "hardhat";
+
+async function deployFixture() {
+  // Contracts are deployed using the first signer/account by default
+  const factory = (await ethers.getContractFactory(
+    "UserDecryptSingleValue"
+  )) as UserDecryptSingleValue__factory;
+  const userUserDecryptSingleValue =
+    (await factory.deploy()) as UserDecryptSingleValue;
+  const userUserDecryptSingleValue_address =
+    await userUserDecryptSingleValue.getAddress();
+
+  return { userUserDecryptSingleValue, userUserDecryptSingleValue_address };
+}
+
+/**
+ * This trivial example demonstrates the FHE user decryption mechanism
+ * and highlights a common pitfall developers may encounter.
+ */
+describe("UserDecryptSingleValue", function () {
+  let contract: UserDecryptSingleValue;
+  let contractAddress: string;
+  let signers: Signers;
+
+  before(async function () {
+    // Check whether the tests are running against an FHEVM mock environment
+    if (!hre.fhevm.isMock) {
+      throw new Error(`This hardhat test suite cannot run on Sepolia Testnet`);
+    }
+
+    const ethSigners: HardhatEthersSigner[] = await ethers.getSigners();
+    signers = { owner: ethSigners[0], alice: ethSigners[1] };
+  });
+
+  beforeEach(async function () {
+    // Deploy a new contract each time we run a new test
+    const deployment = await deployFixture();
+    contractAddress = deployment.userUserDecryptSingleValue_address;
+    contract = deployment.userUserDecryptSingleValue;
+  });
+
+  // ✅ Test should succeed
+  it("user decryption should succeed", async function () {
+    const tx = await contract.connect(signers.alice).initializeUint32(123456);
+    await tx.wait();
+
+    const encryptedUint32 = await contract.encryptedUint32();
+
+    // The FHEVM Hardhat plugin provides a set of convenient helper functions
+    // that make it easy to perform FHEVM operations within your Hardhat environment.
+    const fhevm: HardhatFhevmRuntimeEnvironment = hre.fhevm;
+
+    const clearUint32 = await fhevm.userDecryptEuint(
+      FhevmType.euint32, // Specify the encrypted type
+      encryptedUint32,
+      contractAddress, // The contract address
+      signers.alice // The user wallet
+    );
+
+    expect(clearUint32).to.equal(123456 + 1);
+  });
+
+  // ❌ Test should fail
+  it("user decryption should fail", async function () {
+    const tx = await contract
+      .connect(signers.alice)
+      .initializeUint32Wrong(123456);
+    await tx.wait();
+
+    const encryptedUint32 = await contract.encryptedUint32();
+
+    await expect(
+      hre.fhevm.userDecryptEuint(
+        FhevmType.euint32,
+        encryptedUint32,
+        contractAddress,
+        signers.alice
+      )
+    ).to.be.rejectedWith(
+      new RegExp(
+        "^dapp contract (.+) is not authorized to user decrypt handle (.+)."
+      )
+    );
+  });
+});

package/test/basic/encryption/EncryptMultipleValues.ts

@@ -0,0 +1,110 @@
+import {
+  EncryptMultipleValues,
+  EncryptMultipleValues__factory,
+} from "../types";
+import type { Signers } from "./types";
+import {
+  FhevmType,
+  HardhatFhevmRuntimeEnvironment,
+} from "@fhevm/hardhat-plugin";
+import { HardhatEthersSigner } from "@nomicfoundation/hardhat-ethers/signers";
+import { expect } from "chai";
+import { ethers } from "hardhat";
+import * as hre from "hardhat";
+
+async function deployFixture() {
+  // Contracts are deployed using the first signer/account by default
+  const factory = (await ethers.getContractFactory(
+    "EncryptMultipleValues"
+  )) as EncryptMultipleValues__factory;
+  const encryptMultipleValues =
+    (await factory.deploy()) as EncryptMultipleValues;
+  const encryptMultipleValues_address =
+    await encryptMultipleValues.getAddress();
+
+  return { encryptMultipleValues, encryptMultipleValues_address };
+}
+
+/**
+ * This trivial example demonstrates the FHE encryption mechanism
+ * and highlights a common pitfall developers may encounter.
+ */
+describe("EncryptMultipleValues", function () {
+  let contract: EncryptMultipleValues;
+  let contractAddress: string;
+  let signers: Signers;
+
+  before(async function () {
+    // Check whether the tests are running against an FHEVM mock environment
+    if (!hre.fhevm.isMock) {
+      throw new Error(`This hardhat test suite cannot run on Sepolia Testnet`);
+    }
+
+    const ethSigners: HardhatEthersSigner[] = await ethers.getSigners();
+    signers = { owner: ethSigners[0], alice: ethSigners[1] };
+  });
+
+  beforeEach(async function () {
+    // Deploy a new contract each time we run a new test
+    const deployment = await deployFixture();
+    contractAddress = deployment.encryptMultipleValues_address;
+    contract = deployment.encryptMultipleValues;
+  });
+
+  // ✅ Test should succeed
+  it("encryption should succeed", async function () {
+    // Use the FHEVM Hardhat plugin runtime environment
+    // to perform FHEVM input encryptions.
+    const fhevm: HardhatFhevmRuntimeEnvironment = hre.fhevm;
+
+    const input = fhevm.createEncryptedInput(
+      contractAddress,
+      signers.alice.address
+    );
+
+    input.addBool(true);
+    input.add32(123456);
+    input.addAddress(signers.owner.address);
+
+    const enc = await input.encrypt();
+
+    const inputEbool = enc.handles[0];
+    const inputEuint32 = enc.handles[1];
+    const inputEaddress = enc.handles[2];
+    const inputProof = enc.inputProof;
+
+    // Don't forget to call `connect(signers.alice)` to make sure
+    // the Solidity `msg.sender` is `signers.alice.address`.
+    const tx = await contract
+      .connect(signers.alice)
+      .initialize(inputEbool, inputEuint32, inputEaddress, inputProof);
+    await tx.wait();
+
+    const encryptedBool = await contract.encryptedBool();
+    const encryptedUint32 = await contract.encryptedUint32();
+    const encryptedAddress = await contract.encryptedAddress();
+
+    const clearBool = await fhevm.userDecryptEbool(
+      encryptedBool,
+      contractAddress, // The contract address
+      signers.alice // The user wallet
+    );
+
+    const clearUint32 = await fhevm.userDecryptEuint(
+      FhevmType.euint32, // Specify the encrypted type
+      encryptedUint32,
+      contractAddress, // The contract address
+      signers.alice // The user wallet
+    );
+
+    const clearAddress = await fhevm.userDecryptEaddress(
+      encryptedAddress,
+      contractAddress, // The contract address
+      signers.alice // The user wallet
+    );
+
+    expect(clearBool).to.equal(true);
+    expect(clearUint32).to.equal(123456);
+    expect(clearAddress).to.equal(signers.owner.address);
+  });
+});

package/test/basic/encryption/EncryptSingleValue.ts

@@ -0,0 +1,124 @@
+import { EncryptSingleValue, EncryptSingleValue__factory } from "../types";
+import type { Signers } from "./types";
+import {
+  FhevmType,
+  HardhatFhevmRuntimeEnvironment,
+} from "@fhevm/hardhat-plugin";
+import { HardhatEthersSigner } from "@nomicfoundation/hardhat-ethers/signers";
+import { expect } from "chai";
+import { ethers } from "hardhat";
+import * as hre from "hardhat";
+
+async function deployFixture() {
+  // Contracts are deployed using the first signer/account by default
+  const factory = (await ethers.getContractFactory(
+    "EncryptSingleValue"
+  )) as EncryptSingleValue__factory;
+  const encryptSingleValue = (await factory.deploy()) as EncryptSingleValue;
+  const encryptSingleValue_address = await encryptSingleValue.getAddress();
+
+  return { encryptSingleValue, encryptSingleValue_address };
+}
+
+/**
+ * This trivial example demonstrates the FHE encryption mechanism
+ * and highlights a common pitfall developers may encounter.
+ */
+describe("EncryptSingleValue", function () {
+  let contract: EncryptSingleValue;
+  let contractAddress: string;
+  let signers: Signers;
+
+  before(async function () {
+    // Check whether the tests are running against an FHEVM mock environment
+    if (!hre.fhevm.isMock) {
+      throw new Error(`This hardhat test suite cannot run on Sepolia Testnet`);
+    }
+
+    const ethSigners: HardhatEthersSigner[] = await ethers.getSigners();
+    signers = { owner: ethSigners[0], alice: ethSigners[1] };
+  });
+
+  beforeEach(async function () {
+    // Deploy a new contract each time we run a new test
+    const deployment = await deployFixture();
+    contractAddress = deployment.encryptSingleValue_address;
+    contract = deployment.encryptSingleValue;
+  });
+
+  // ✅ Test should succeed
+  it("encryption should succeed", async function () {
+    // Use the FHEVM Hardhat plugin runtime environment
+    // to perform FHEVM input encryptions.
+    const fhevm: HardhatFhevmRuntimeEnvironment = hre.fhevm;
+
+    // 🔐 Encryption Process:
+    // Values are encrypted locally and bound to a specific contract/user pair.
+    // This grants the bound contract FHE permissions to receive and process the encrypted value,
+    // but only when it is sent by the bound user.
+    const input = fhevm.createEncryptedInput(
+      contractAddress,
+      signers.alice.address
+    );
+
+    // Add a uint32 value to the list of values to encrypt locally.
+    input.add32(123456);
+
+    // Perform the local encryption. This operation produces two components:
+    // 1. `handles`: an array of FHEVM handles. In this case, a single handle associated with the
+    //    locally encrypted uint32 value `123456`.
+    // 2. `inputProof`: a zero-knowledge proof that attests the `handles` are cryptographically
+    //    bound to the pair `[contractAddress, signers.alice.address]`.
+    const enc = await input.encrypt();
+
+    // a 32-bytes FHEVM handle that represents a future Solidity `euint32` value.
+    const inputEuint32 = enc.handles[0];
+    const inputProof = enc.inputProof;
+
+    // Now `signers.alice.address` can send the encrypted value and its associated zero-knowledge proof
+    // to the smart contract deployed at `contractAddress`.
+    const tx = await contract
+      .connect(signers.alice)
+      .initialize(inputEuint32, inputProof);
+    await tx.wait();
+
+    // Let's try to decrypt it to check that everything is ok!
+    const encryptedUint32 = await contract.encryptedUint32();
+
+    const clearUint32 = await fhevm.userDecryptEuint(
+      FhevmType.euint32, // Specify the encrypted type
+      encryptedUint32,
+      contractAddress, // The contract address
+      signers.alice // The user wallet
+    );
+
+    expect(clearUint32).to.equal(123456);
+  });
+
+  // ❌ This test illustrates a very common pitfall
+  it("encryption should fail", async function () {
+    const fhevm: HardhatFhevmRuntimeEnvironment = hre.fhevm;
+
+    const enc = await fhevm
+      .createEncryptedInput(contractAddress, signers.alice.address)
+      .add32(123456)
+      .encrypt();
+
+    const inputEuint32 = enc.handles[0];
+    const inputProof = enc.inputProof;
+
+    try {
+      // Here is a very common error !
+      // `contract.initialize` will sign the Ethereum transaction using user `signers.owner`
+      // instead of `signers.alice`.
+      //
+      // In the Solidity contract the following is checked:
+      // - Is the contract allowed to manipulate `inputEuint32`? Answer is: ✅ yes!
+      // - Is the sender allowed to manipulate `inputEuint32`? Answer is: ❌ no! Only `signers.alice` is!
+      const tx = await contract.initialize(inputEuint32, inputProof);
+      await tx.wait();
+    } catch {
+      //console.log(e);
+    }
+  });
+});