create-fhevm-example 1.3.1 → 1.4.0

package/contracts/advanced/HiddenVoting.sol

@@ -0,0 +1,231 @@
+// SPDX-License-Identifier: BSD-3-Clause-Clear
+pragma solidity ^0.8.24;
+
+import {FHE, euint64, ebool, externalEuint8} from "@fhevm/solidity/lib/FHE.sol";
+import {ZamaEthereumConfig} from "@fhevm/solidity/config/ZamaConfig.sol";
+
+/**
+ * @notice Hidden Voting with encrypted ballots and homomorphic tallying
+ *
+ * @dev Demonstrates FHE voting patterns:
+ *      - Encrypted vote submission (0 = No, 1 = Yes)
+ *      - Homomorphic addition for vote tallying
+ *      - FHE.makePubliclyDecryptable() for revealing final results
+ *      - Privacy: individual votes remain encrypted forever
+ *
+ * Flow:
+ * 1. Owner creates a proposal with voting duration
+ * 2. Eligible voters submit encrypted votes (0 or 1)
+ * 3. Votes are homomorphically added to running totals
+ * 4. After voting ends, owner closes and results become decryptable
+ * 5. Anyone can reveal final Yes/No counts with valid proof
+ */
+contract HiddenVoting is ZamaEthereumConfig {
+    // ==================== TYPES ====================
+
+    enum VotingState {
+        Active, // Accepting votes
+        Closed, // Voting ended, pending reveal
+        Revealed // Results revealed on-chain
+    }
+
+    // ==================== STATE ====================
+
+    /// Voting owner (deployer)
+    address public owner;
+
+    /// Current voting state
+    VotingState public votingState;
+
+    /// Proposal description
+    string public proposal;
+
+    /// Voting end timestamp
+    uint256 public endTime;
+
+    /// Whether an address has voted
+    mapping(address => bool) public hasVoted;
+
+    /// Total number of voters
+    uint256 public voterCount;
+
+    /// Encrypted total of Yes votes (1s)
+    euint64 private _yesVotes;
+
+    /// Encrypted total of No votes (0s counted separately for verification)
+    euint64 private _noVotes;
+
+    /// Revealed results
+    uint64 public revealedYesVotes;
+    uint64 public revealedNoVotes;
+
+    // ==================== EVENTS ====================
+
+    /// @notice Emitted when a vote is cast
+    /// @param voter Address of the voter
+    event VoteCast(address indexed voter);
+
+    /// @notice Emitted when voting is closed
+    /// @param encryptedYes Handle for encrypted Yes count
+    /// @param encryptedNo Handle for encrypted No count
+    event VotingClosed(euint64 encryptedYes, euint64 encryptedNo);
+
+    /// @notice Emitted when results are revealed
+    /// @param yesVotes Final Yes vote count
+    /// @param noVotes Final No vote count
+    event ResultsRevealed(uint64 yesVotes, uint64 noVotes);
+
+    // ==================== MODIFIERS ====================
+
+    /// @dev Restricts function to owner only
+    modifier onlyOwner() {
+        require(msg.sender == owner, "Only owner can call");
+        _;
+    }
+
+    // ==================== CONSTRUCTOR ====================
+
+    /// @notice Creates a new voting proposal
+    /// @param _proposal Description of what is being voted on
+    /// @param _durationSeconds How long voting is open
+    constructor(string memory _proposal, uint256 _durationSeconds) {
+        require(bytes(_proposal).length > 0, "Empty proposal");
+        require(_durationSeconds > 0, "Duration must be positive");
+
+        owner = msg.sender;
+        proposal = _proposal;
+        endTime = block.timestamp + _durationSeconds;
+        votingState = VotingState.Active;
+
+        // 🔐 Initialize encrypted counters to zero
+        _yesVotes = FHE.asEuint64(0);
+        _noVotes = FHE.asEuint64(0);
+        FHE.allowThis(_yesVotes);
+        FHE.allowThis(_noVotes);
+    }
+
+    // ==================== VOTING ====================
+
+    /// @notice Cast an encrypted vote
+    /// @dev Vote must be 0 (No) or 1 (Yes). Values > 1 are treated as Yes.
+    /// @param encryptedVote Encrypted vote (0 or 1)
+    /// @param inputProof Proof validating the encrypted input
+    function vote(
+        externalEuint8 encryptedVote,
+        bytes calldata inputProof
+    ) external {
+        require(votingState == VotingState.Active, "Voting not active");
+        require(block.timestamp < endTime, "Voting has ended");
+        require(!hasVoted[msg.sender], "Already voted");
+
+        // 🔐 Convert external encrypted input
+        // Note: Using euint8 for vote, but storing as euint64 for addition
+        euint64 voteValue = FHE.asEuint64(
+            FHE.fromExternal(encryptedVote, inputProof)
+        );
+
+        // 📊 Homomorphic vote counting
+        // We use select to normalize: if vote > 0, count as 1 for Yes
+        ebool isYes = FHE.gt(voteValue, FHE.asEuint64(0));
+
+        // ➕ Add to Yes counter if vote is Yes (1)
+        euint64 yesIncrement = FHE.select(
+            isYes,
+            FHE.asEuint64(1),
+            FHE.asEuint64(0)
+        );
+        _yesVotes = FHE.add(_yesVotes, yesIncrement);
+
+        // ➕ Add to No counter if vote is No (0)
+        euint64 noIncrement = FHE.select(
+            isYes,
+            FHE.asEuint64(0),
+            FHE.asEuint64(1)
+        );
+        _noVotes = FHE.add(_noVotes, noIncrement);
+
+        // ✅ Update permissions for new values
+        FHE.allowThis(_yesVotes);
+        FHE.allowThis(_noVotes);
+
+        // 📋 Record that this address has voted
+        hasVoted[msg.sender] = true;
+        voterCount++;
+
+        emit VoteCast(msg.sender);
+    }
+
+    // ==================== CLOSE VOTING ====================
+
+    /// @notice Close voting and prepare results for decryption
+    /// @dev Only owner can call after voting period ends
+    function closeVoting() external onlyOwner {
+        require(votingState == VotingState.Active, "Voting not active");
+        require(block.timestamp >= endTime, "Voting not yet ended");
+
+        // 🔓 Make results publicly decryptable
+        FHE.makePubliclyDecryptable(_yesVotes);
+        FHE.makePubliclyDecryptable(_noVotes);
+
+        votingState = VotingState.Closed;
+
+        emit VotingClosed(_yesVotes, _noVotes);
+    }
+
+    /// @notice Reveal voting results with KMS decryption proof
+    /// @dev Anyone can call with valid decryption proof
+    /// @param abiEncodedResults ABI-encoded (uint64 yes, uint64 no)
+    /// @param decryptionProof KMS signature proving decryption
+    function revealResults(
+        bytes memory abiEncodedResults,
+        bytes memory decryptionProof
+    ) external {
+        require(votingState == VotingState.Closed, "Voting not closed");
+
+        // 🔐 Build ciphertext list for verification
+        bytes32[] memory cts = new bytes32[](2);
+        cts[0] = FHE.toBytes32(_yesVotes);
+        cts[1] = FHE.toBytes32(_noVotes);
+
+        // 🔍 Verify the decryption proof (reverts if invalid)
+        FHE.checkSignatures(cts, abiEncodedResults, decryptionProof);
+
+        // 📤 Decode the verified results
+        (uint64 yesCount, uint64 noCount) = abi.decode(
+            abiEncodedResults,
+            (uint64, uint64)
+        );
+
+        revealedYesVotes = yesCount;
+        revealedNoVotes = noCount;
+        votingState = VotingState.Revealed;
+
+        emit ResultsRevealed(yesCount, noCount);
+    }
+
+    // ==================== VIEW FUNCTIONS ====================
+
+    /// @notice Get encrypted Yes votes handle (after voting closed)
+    function getEncryptedYesVotes() external view returns (euint64) {
+        require(votingState != VotingState.Active, "Voting still active");
+        return _yesVotes;
+    }
+
+    /// @notice Get encrypted No votes handle (after voting closed)
+    function getEncryptedNoVotes() external view returns (euint64) {
+        require(votingState != VotingState.Active, "Voting still active");
+        return _noVotes;
+    }
+
+    /// @notice Check if proposal passed (more Yes than No)
+    function hasPassed() external view returns (bool) {
+        require(votingState == VotingState.Revealed, "Results not revealed");
+        return revealedYesVotes > revealedNoVotes;
+    }
+
+    /// @notice Get time remaining for voting
+    function timeRemaining() external view returns (uint256) {
+        if (block.timestamp >= endTime) return 0;
+        return endTime - block.timestamp;
+    }
+}

package/contracts/advanced/PrivateKYC.sol

@@ -0,0 +1,309 @@
+// SPDX-License-Identifier: BSD-3-Clause-Clear
+pragma solidity ^0.8.24;
+
+import {
+    FHE,
+    euint8,
+    euint16,
+    ebool,
+    externalEuint8,
+    externalEuint16
+} from "@fhevm/solidity/lib/FHE.sol";
+import {ZamaEthereumConfig} from "@fhevm/solidity/config/ZamaConfig.sol";
+
+/**
+ * @notice Private KYC - verify identity without revealing personal data!
+ *
+ * @dev Demonstrates identity verification using FHE predicates:
+ *      - Users submit encrypted KYC attributes (age, country, credit score)
+ *      - Verifiers check conditions without seeing actual values
+ *      - Only boolean results revealed: "Is 18+?", "Is from allowed country?"
+ *      - Personal data never leaves encrypted form
+ *
+ * Verification types:
+ * 1. Age verification: isAbove18(), isAbove21()
+ * 2. Country check: isFromAllowedCountry()
+ * 3. Credit score: hasCreditScoreAbove(threshold)
+ *
+ * ⚠️ IMPORTANT: This is a demo - production KYC needs trusted attesters!
+ */
+contract PrivateKYC is ZamaEthereumConfig {
+    // ==================== TYPES ====================
+
+    struct Identity {
+        euint8 age; // 0-255 years
+        euint8 countryCode; // ISO 3166-1 numeric (1-255)
+        euint16 creditScore; // 0-65535
+        bool isVerified; // Has submitted KYC
+        uint256 verifiedAt; // Timestamp of verification
+    }
+
+    // ==================== STATE ====================
+
+    /// Contract owner (KYC admin)
+    address public owner;
+
+    /// Mapping from user address to their encrypted identity
+    mapping(address => Identity) private _identities;
+
+    /// Allowed country codes (stored as mapping for O(1) lookup)
+    mapping(uint8 => bool) public allowedCountries;
+
+    /// Minimum age requirement
+    uint8 public constant MIN_AGE_ADULT = 18;
+    uint8 public constant MIN_AGE_DRINKING_US = 21;
+
+    /// Minimum credit score for "good" rating
+    uint16 public constant MIN_CREDIT_GOOD = 700;
+
+    // ==================== EVENTS ====================
+
+    /// @notice Emitted when user submits KYC
+    /// @param user Address of user
+    event KYCSubmitted(address indexed user);
+
+    /// @notice Emitted when KYC is revoked
+    /// @param user Address of user
+    event KYCRevoked(address indexed user);
+
+    /// @notice Emitted when country allowlist is updated
+    /// @param countryCode Country code
+    /// @param allowed Whether country is allowed
+    event CountryAllowlistUpdated(uint8 countryCode, bool allowed);
+
+    /// @notice Emitted when age verification is requested
+    /// @param user Address being verified
+    /// @param minAge Minimum age required
+    event AgeVerificationRequested(address indexed user, uint8 minAge);
+
+    // ==================== MODIFIERS ====================
+
+    modifier onlyOwner() {
+        require(msg.sender == owner, "Only owner");
+        _;
+    }
+
+    modifier hasKYC(address user) {
+        require(_identities[user].isVerified, "No KYC submitted");
+        _;
+    }
+
+    // ==================== CONSTRUCTOR ====================
+
+    /// @notice Creates the KYC contract
+    /// @param _allowedCountryCodes Initial list of allowed country codes
+    constructor(uint8[] memory _allowedCountryCodes) {
+        owner = msg.sender;
+
+        // Initialize allowed countries
+        for (uint256 i = 0; i < _allowedCountryCodes.length; i++) {
+            allowedCountries[_allowedCountryCodes[i]] = true;
+        }
+    }
+
+    // ==================== KYC SUBMISSION ====================
+
+    /// @notice Submit encrypted KYC data
+    /// @param encAge Encrypted age
+    /// @param encCountry Encrypted country code
+    /// @param encCreditScore Encrypted credit score
+    /// @param inputProof Proof validating encrypted inputs
+    function submitKYC(
+        externalEuint8 encAge,
+        externalEuint8 encCountry,
+        externalEuint16 encCreditScore,
+        bytes calldata inputProof
+    ) external {
+        require(!_identities[msg.sender].isVerified, "Already verified");
+
+        // 🔐 Convert encrypted inputs
+        euint8 age = FHE.fromExternal(encAge, inputProof);
+        euint8 country = FHE.fromExternal(encCountry, inputProof);
+        euint16 creditScore = FHE.fromExternal(encCreditScore, inputProof);
+
+        // ✅ Grant permissions - only contract and user can access
+        FHE.allowThis(age);
+        FHE.allowThis(country);
+        FHE.allowThis(creditScore);
+        FHE.allow(age, msg.sender);
+        FHE.allow(country, msg.sender);
+        FHE.allow(creditScore, msg.sender);
+
+        // 📋 Store identity
+        _identities[msg.sender] = Identity({
+            age: age,
+            countryCode: country,
+            creditScore: creditScore,
+            isVerified: true,
+            verifiedAt: block.timestamp
+        });
+
+        emit KYCSubmitted(msg.sender);
+    }
+
+    /// @notice Revoke own KYC data
+    function revokeKYC() external hasKYC(msg.sender) {
+        delete _identities[msg.sender];
+        emit KYCRevoked(msg.sender);
+    }
+
+    // ==================== VERIFICATION FUNCTIONS ====================
+
+    /// @notice Check if user is 18 or older
+    /// @param user Address to verify
+    /// @return result Encrypted boolean result
+    function verifyAge18(address user) external hasKYC(user) returns (ebool) {
+        // 🔍 Compare: age >= 18
+        ebool isAdult = FHE.ge(
+            _identities[user].age,
+            FHE.asEuint8(MIN_AGE_ADULT)
+        );
+        return isAdult;
+    }
+
+    /// @notice Check if user is 21 or older (US drinking age)
+    /// @param user Address to verify
+    /// @return result Encrypted boolean result
+    function verifyAge21(address user) external hasKYC(user) returns (ebool) {
+        ebool isOldEnough = FHE.ge(
+            _identities[user].age,
+            FHE.asEuint8(MIN_AGE_DRINKING_US)
+        );
+        return isOldEnough;
+    }
+
+    /// @notice Check if user is above a custom age threshold
+    /// @param user Address to verify
+    /// @param minAge Minimum age required
+    /// @return result Encrypted boolean result
+    function verifyAgeAbove(
+        address user,
+        uint8 minAge
+    ) external hasKYC(user) returns (ebool) {
+        ebool meetsAge = FHE.ge(_identities[user].age, FHE.asEuint8(minAge));
+        return meetsAge;
+    }
+
+    /// @notice Check if user has good credit score (700+)
+    /// @param user Address to verify
+    /// @return result Encrypted boolean result
+    function verifyGoodCredit(
+        address user
+    ) external hasKYC(user) returns (ebool) {
+        ebool hasGoodCredit = FHE.ge(
+            _identities[user].creditScore,
+            FHE.asEuint16(MIN_CREDIT_GOOD)
+        );
+        return hasGoodCredit;
+    }
+
+    /// @notice Check if user's credit score is above threshold
+    /// @param user Address to verify
+    /// @param minScore Minimum credit score
+    /// @return result Encrypted boolean result
+    function verifyCreditAbove(
+        address user,
+        uint16 minScore
+    ) external hasKYC(user) returns (ebool) {
+        ebool meetsScore = FHE.ge(
+            _identities[user].creditScore,
+            FHE.asEuint16(minScore)
+        );
+        return meetsScore;
+    }
+
+    /// @notice Combined verification: 18+ AND good credit
+    /// @param user Address to verify
+    /// @return result Encrypted boolean result
+    function verifyAdultWithGoodCredit(
+        address user
+    ) external hasKYC(user) returns (ebool) {
+        ebool isAdult = FHE.ge(
+            _identities[user].age,
+            FHE.asEuint8(MIN_AGE_ADULT)
+        );
+        ebool hasGoodCredit = FHE.ge(
+            _identities[user].creditScore,
+            FHE.asEuint16(MIN_CREDIT_GOOD)
+        );
+
+        // 🔗 Combine with AND
+        ebool result = FHE.and(isAdult, hasGoodCredit);
+        return result;
+    }
+
+    // ==================== DECRYPTABLE VERIFICATION ====================
+
+    /// @notice Request age verification with public result
+    /// @dev Makes the result publicly decryptable
+    /// @param user Address to verify
+    /// @param minAge Minimum age required
+    /// @return resultHandle Handle to the encrypted result
+    function requestAgeVerification(
+        address user,
+        uint8 minAge
+    ) external hasKYC(user) returns (ebool resultHandle) {
+        ebool result = FHE.ge(_identities[user].age, FHE.asEuint8(minAge));
+
+        FHE.allowThis(result);
+        FHE.makePubliclyDecryptable(result);
+
+        emit AgeVerificationRequested(user, minAge);
+        return result;
+    }
+
+    // ==================== ADMIN FUNCTIONS ====================
+
+    /// @notice Update country allowlist
+    /// @param countryCode Country code to update
+    /// @param allowed Whether to allow or deny
+    function setCountryAllowed(
+        uint8 countryCode,
+        bool allowed
+    ) external onlyOwner {
+        allowedCountries[countryCode] = allowed;
+        emit CountryAllowlistUpdated(countryCode, allowed);
+    }
+
+    /// @notice Batch update country allowlist
+    /// @param countryCodes Array of country codes
+    /// @param allowed Whether to allow or deny all
+    function setCountriesAllowed(
+        uint8[] calldata countryCodes,
+        bool allowed
+    ) external onlyOwner {
+        for (uint256 i = 0; i < countryCodes.length; i++) {
+            allowedCountries[countryCodes[i]] = allowed;
+            emit CountryAllowlistUpdated(countryCodes[i], allowed);
+        }
+    }
+
+    // ==================== VIEW FUNCTIONS ====================
+
+    /// @notice Check if user has submitted KYC
+    function hasSubmittedKYC(address user) external view returns (bool) {
+        return _identities[user].isVerified;
+    }
+
+    /// @notice Get KYC submission timestamp
+    function getVerificationTime(address user) external view returns (uint256) {
+        return _identities[user].verifiedAt;
+    }
+
+    /// @notice Get own encrypted data handles (for decryption by user)
+    /// @dev Only callable by the identity owner
+    function getMyIdentity()
+        external
+        view
+        hasKYC(msg.sender)
+        returns (euint8 age, euint8 countryCode, euint16 creditScore)
+    {
+        Identity storage id = _identities[msg.sender];
+        return (id.age, id.countryCode, id.creditScore);
+    }
+
+    /// @notice Check if a country code is allowed
+    function isCountryAllowed(uint8 countryCode) external view returns (bool) {
+        return allowedCountries[countryCode];
+    }
+}