create-fhevm-example 1.3.1 → 1.4.0

package/contracts/gaming/EncryptedLottery.sol

@@ -0,0 +1,298 @@
+// SPDX-License-Identifier: BSD-3-Clause-Clear
+pragma solidity ^0.8.24;
+
+import {
+    FHE,
+    euint64,
+    euint8,
+    ebool,
+    externalEuint64
+} from "@fhevm/solidity/lib/FHE.sol";
+import {ZamaEthereumConfig} from "@fhevm/solidity/config/ZamaConfig.sol";
+
+/**
+ * @notice Encrypted Lottery with private ticket numbers - fair and verifiable!
+ *
+ * @dev Demonstrates FHE random selection and encrypted matching:
+ *      - Players purchase tickets with encrypted numbers
+ *      - Winning number generated using block randomness + FHE
+ *      - Winners identified via FHE.eq without revealing ticket numbers
+ *      - Only winner's ticket revealed at end
+ *
+ * Flow:
+ * 1. Lottery created with ticket price and duration
+ * 2. Players buy tickets with encrypted numbers
+ * 3. Owner draws winning number at end
+ * 4. Winners can claim prizes
+ *
+ * ⚠️ IMPORTANT: Block randomness is predictable - use VRF in production!
+ */
+contract EncryptedLottery is ZamaEthereumConfig {
+    // ==================== TYPES ====================
+
+    enum LotteryState {
+        Open, // Accepting tickets
+        Drawing, // Drawing in progress
+        Completed // Winner revealed
+    }
+
+    struct Ticket {
+        address owner;
+        euint64 number;
+    }
+
+    // ==================== STATE ====================
+
+    /// Lottery owner
+    address public owner;
+
+    /// Current lottery state
+    LotteryState public state;
+
+    /// Ticket price in wei
+    uint256 public ticketPrice;
+
+    /// Lottery end time
+    uint256 public endTime;
+
+    /// All tickets
+    Ticket[] private _tickets;
+
+    /// Mapping from address to ticket indices
+    mapping(address => uint256[]) private _playerTickets;
+
+    /// Encrypted winning number
+    euint64 private _winningNumber;
+
+    /// Winner address (if found)
+    address public winner;
+
+    /// Prize pool
+    uint256 public prizePool;
+
+    /// Lottery round number
+    uint256 public roundNumber;
+
+    // ==================== EVENTS ====================
+
+    /// @notice Emitted when a ticket is purchased
+    /// @param buyer Address of ticket buyer
+    /// @param ticketIndex Index of the ticket
+    event TicketPurchased(address indexed buyer, uint256 indexed ticketIndex);
+
+    /// @notice Emitted when drawing starts
+    /// @param roundNumber Current round
+    event DrawingStarted(uint256 indexed roundNumber);
+
+    /// @notice Emitted when winner is found
+    /// @param winner Address of winner
+    /// @param prize Amount won
+    event WinnerFound(address indexed winner, uint256 prize);
+
+    /// @notice Emitted when no winner found
+    /// @param roundNumber Current round
+    /// @param rollover Amount rolled to next round
+    event NoWinner(uint256 indexed roundNumber, uint256 rollover);
+
+    // ==================== MODIFIERS ====================
+
+    modifier onlyOwner() {
+        require(msg.sender == owner, "Only owner");
+        _;
+    }
+
+    // ==================== CONSTRUCTOR ====================
+
+    /// @notice Creates a new encrypted lottery
+    /// @param _ticketPrice Price per ticket in wei
+    /// @param _duration Duration in seconds
+    constructor(uint256 _ticketPrice, uint256 _duration) {
+        require(_ticketPrice > 0, "Ticket price must be > 0");
+        require(_duration > 0, "Duration must be > 0");
+
+        owner = msg.sender;
+        ticketPrice = _ticketPrice;
+        endTime = block.timestamp + _duration;
+        state = LotteryState.Open;
+        roundNumber = 1;
+    }
+
+    // ==================== TICKET PURCHASE ====================
+
+    /// @notice Purchase a lottery ticket with an encrypted number
+    /// @param encryptedNumber Your encrypted ticket number
+    /// @param inputProof Proof validating the encrypted input
+    function buyTicket(
+        externalEuint64 encryptedNumber,
+        bytes calldata inputProof
+    ) external payable {
+        require(state == LotteryState.Open, "Lottery not open");
+        require(block.timestamp < endTime, "Lottery ended");
+        require(msg.value >= ticketPrice, "Insufficient payment");
+
+        // 🔐 Convert external encrypted input
+        euint64 ticketNumber = FHE.fromExternal(encryptedNumber, inputProof);
+
+        // ✅ Grant contract permission
+        FHE.allowThis(ticketNumber);
+
+        // 📋 Store ticket
+        uint256 ticketIndex = _tickets.length;
+        _tickets.push(Ticket({owner: msg.sender, number: ticketNumber}));
+
+        _playerTickets[msg.sender].push(ticketIndex);
+        prizePool += msg.value;
+
+        emit TicketPurchased(msg.sender, ticketIndex);
+    }
+
+    // ==================== DRAWING ====================
+
+    /// @notice Start the drawing process
+    /// @dev Only owner can call after lottery ends
+    function startDrawing() external onlyOwner {
+        require(state == LotteryState.Open, "Wrong state");
+        require(block.timestamp >= endTime, "Lottery not ended");
+        require(_tickets.length > 0, "No tickets sold");
+
+        // 🎲 Generate "random" winning number using block data
+        // ⚠️ WARNING: This is predictable! Use Chainlink VRF in production
+        uint64 randomSeed = uint64(
+            uint256(
+                keccak256(
+                    abi.encodePacked(
+                        block.prevrandao,
+                        block.timestamp,
+                        _tickets.length,
+                        msg.sender
+                    )
+                )
+            )
+        );
+
+        // 🔐 Encrypt the winning number
+        _winningNumber = FHE.asEuint64(randomSeed);
+        FHE.allowThis(_winningNumber);
+
+        state = LotteryState.Drawing;
+
+        emit DrawingStarted(roundNumber);
+    }
+
+    /// @notice Check if a ticket is a winner and claim prize
+    /// @param ticketIndex Index of the ticket to check
+    function checkAndClaim(uint256 ticketIndex) external {
+        require(state == LotteryState.Drawing, "Not in drawing phase");
+        require(ticketIndex < _tickets.length, "Invalid ticket");
+        require(_tickets[ticketIndex].owner == msg.sender, "Not your ticket");
+
+        // 🔍 Check if ticket number matches winning number
+        // This comparison happens in encrypted space!
+        ebool isWinner = FHE.eq(_tickets[ticketIndex].number, _winningNumber);
+
+        // 🔓 Make result publicly decryptable
+        FHE.allowThis(isWinner);
+        FHE.makePubliclyDecryptable(isWinner);
+
+        // Store for later reveal
+        // In production, use callback pattern
+    }
+
+    /// @notice Reveal winner with decryption proof
+    /// @param ticketIndex Ticket being checked
+    /// @param abiEncodedResult ABI-encoded bool result
+    /// @param decryptionProof KMS signature proving decryption
+    function revealWinner(
+        uint256 ticketIndex,
+        bytes memory abiEncodedResult,
+        bytes memory decryptionProof
+    ) external {
+        require(state == LotteryState.Drawing, "Not in drawing phase");
+        require(ticketIndex < _tickets.length, "Invalid ticket");
+
+        // Rebuild the comparison for verification
+        ebool isWinner = FHE.eq(_tickets[ticketIndex].number, _winningNumber);
+
+        bytes32[] memory cts = new bytes32[](1);
+        cts[0] = FHE.toBytes32(isWinner);
+
+        // Verify decryption proof
+        FHE.checkSignatures(cts, abiEncodedResult, decryptionProof);
+
+        bool won = abi.decode(abiEncodedResult, (bool));
+
+        if (won) {
+            winner = _tickets[ticketIndex].owner;
+            state = LotteryState.Completed;
+
+            uint256 prize = prizePool;
+            prizePool = 0;
+
+            // Transfer prize
+            (bool sent, ) = winner.call{value: prize}("");
+            require(sent, "Prize transfer failed");
+
+            emit WinnerFound(winner, prize);
+        }
+    }
+
+    /// @notice End drawing with no winner (rollover)
+    /// @dev Called if all tickets checked with no match
+    function endDrawingNoWinner() external onlyOwner {
+        require(state == LotteryState.Drawing, "Not in drawing phase");
+
+        state = LotteryState.Completed;
+
+        emit NoWinner(roundNumber, prizePool);
+    }
+
+    /// @notice Start a new lottery round
+    /// @param _duration Duration for next round
+    function startNewRound(uint256 _duration) external onlyOwner {
+        require(state == LotteryState.Completed, "Current round not complete");
+        require(_duration > 0, "Duration must be > 0");
+
+        // Reset for new round
+        delete _tickets;
+        winner = address(0);
+        endTime = block.timestamp + _duration;
+        state = LotteryState.Open;
+        roundNumber++;
+        // prizePool carries over if no winner
+    }
+
+    // ==================== VIEW FUNCTIONS ====================
+
+    /// @notice Get total number of tickets sold
+    function getTicketCount() external view returns (uint256) {
+        return _tickets.length;
+    }
+
+    /// @notice Get ticket indices for a player
+    function getPlayerTickets(
+        address player
+    ) external view returns (uint256[] memory) {
+        return _playerTickets[player];
+    }
+
+    /// @notice Check time remaining
+    function timeRemaining() external view returns (uint256) {
+        if (block.timestamp >= endTime) return 0;
+        return endTime - block.timestamp;
+    }
+
+    /// @notice Get lottery info
+    function getLotteryInfo()
+        external
+        view
+        returns (
+            LotteryState currentState,
+            uint256 currentPrizePool,
+            uint256 currentEndTime,
+            uint256 currentRound,
+            uint256 totalTickets
+        )
+    {
+        return (state, prizePool, endTime, roundNumber, _tickets.length);
+    }
+}

package/contracts/gaming/EncryptedPoker.sol

@@ -0,0 +1,337 @@
+// SPDX-License-Identifier: BSD-3-Clause-Clear
+pragma solidity ^0.8.24;
+
+import {
+    FHE,
+    euint8,
+    euint16,
+    ebool,
+    externalEuint8
+} from "@fhevm/solidity/lib/FHE.sol";
+import {ZamaEthereumConfig} from "@fhevm/solidity/config/ZamaConfig.sol";
+
+/**
+ * @notice Encrypted Poker - Texas Hold'em with hidden hole cards!
+ *
+ * @dev Demonstrates multi-player FHE game mechanics:
+ *      - Each player's hole cards remain encrypted until showdown
+ *      - Hand strength computed via FHE without revealing cards
+ *      - Winner determined by encrypted comparison
+ *      - Only winning hand revealed, loser's cards stay private
+ *
+ * Simplified rules for demo:
+ * - 2 players (heads-up)
+ * - Cards encoded as 1-13 (Ace=1, King=13)
+ * - Hand strength = card1 + card2 (simplified for demo)
+ * - Higher total wins
+ *
+ * ⚠️ IMPORTANT: Production poker would need proper hand rankings!
+ */
+contract EncryptedPoker is ZamaEthereumConfig {
+    // ==================== TYPES ====================
+
+    enum GameState {
+        WaitingForPlayers, // Waiting for 2 players
+        CardsDealt, // Both players have cards
+        BettingRound, // Players can bet
+        Showdown, // Comparing hands
+        Finished // Winner determined
+    }
+
+    struct Player {
+        address addr;
+        euint8 card1;
+        euint8 card2;
+        euint16 handStrength; // card1 + card2 for simplified ranking
+        uint256 bet;
+        bool folded;
+    }
+
+    // ==================== STATE ====================
+
+    /// Game state
+    GameState public state;
+
+    /// Players (0 and 1)
+    Player[2] private _players;
+
+    /// Current pot
+    uint256 public pot;
+
+    /// Minimum bet
+    uint256 public minBet;
+
+    /// Winner address (set after showdown)
+    address public winner;
+
+    /// Game ID
+    uint256 public gameId;
+
+    /// Encrypted comparison result (true if player 0 wins)
+    ebool private _player0Wins;
+
+    // ==================== EVENTS ====================
+
+    /// @notice Emitted when a player joins
+    /// @param player Address of joining player
+    /// @param seat Seat number (0 or 1)
+    event PlayerJoined(address indexed player, uint8 seat);
+
+    /// @notice Emitted when cards are dealt
+    event CardsDealt();
+
+    /// @notice Emitted when a bet is placed
+    /// @param player Address of betting player
+    /// @param amount Bet amount
+    event BetPlaced(address indexed player, uint256 amount);
+
+    /// @notice Emitted when a player folds
+    /// @param player Address of folding player
+    event PlayerFolded(address indexed player);
+
+    /// @notice Emitted when showdown begins
+    event ShowdownStarted();
+
+    /// @notice Emitted when winner is determined
+    /// @param winner Address of winner
+    /// @param pot Total pot won
+    event GameWon(address indexed winner, uint256 pot);
+
+    // ==================== CONSTRUCTOR ====================
+
+    /// @notice Creates a new poker game
+    /// @param _minBet Minimum bet amount in wei
+    constructor(uint256 _minBet) {
+        require(_minBet > 0, "Min bet must be > 0");
+        minBet = _minBet;
+        gameId = 1;
+        state = GameState.WaitingForPlayers;
+    }
+
+    // ==================== JOIN GAME ====================
+
+    /// @notice Join the game with encrypted hole cards
+    /// @param encCard1 First encrypted card (1-13)
+    /// @param encCard2 Second encrypted card (1-13)
+    /// @param inputProof Proof validating encrypted inputs
+    function joinGame(
+        externalEuint8 encCard1,
+        externalEuint8 encCard2,
+        bytes calldata inputProof
+    ) external payable {
+        require(
+            state == GameState.WaitingForPlayers,
+            "Game not accepting players"
+        );
+        require(msg.value >= minBet, "Must pay min bet to join");
+        require(
+            _players[0].addr != msg.sender && _players[1].addr != msg.sender,
+            "Already in game"
+        );
+
+        // 🔐 Convert encrypted cards
+        euint8 card1 = FHE.fromExternal(encCard1, inputProof);
+        euint8 card2 = FHE.fromExternal(encCard2, inputProof);
+
+        // ✅ Grant permissions
+        FHE.allowThis(card1);
+        FHE.allowThis(card2);
+        FHE.allow(card1, msg.sender); // Player can see own cards
+        FHE.allow(card2, msg.sender);
+
+        // 🧮 Compute hand strength (simplified: sum of cards)
+        euint16 strength = FHE.add(FHE.asEuint16(card1), FHE.asEuint16(card2));
+        FHE.allowThis(strength);
+
+        uint8 seat;
+        if (_players[0].addr == address(0)) {
+            seat = 0;
+            _players[0] = Player({
+                addr: msg.sender,
+                card1: card1,
+                card2: card2,
+                handStrength: strength,
+                bet: msg.value,
+                folded: false
+            });
+        } else {
+            seat = 1;
+            _players[1] = Player({
+                addr: msg.sender,
+                card1: card1,
+                card2: card2,
+                handStrength: strength,
+                bet: msg.value,
+                folded: false
+            });
+            // Both players joined
+            state = GameState.CardsDealt;
+            emit CardsDealt();
+        }
+
+        pot += msg.value;
+        emit PlayerJoined(msg.sender, seat);
+    }
+
+    // ==================== BETTING ====================
+
+    /// @notice Place a bet
+    function bet() external payable {
+        require(
+            state == GameState.CardsDealt || state == GameState.BettingRound,
+            "Not betting phase"
+        );
+        require(msg.value > 0, "Must bet something");
+
+        uint8 seat = _getSeat(msg.sender);
+        require(!_players[seat].folded, "Already folded");
+
+        _players[seat].bet += msg.value;
+        pot += msg.value;
+        state = GameState.BettingRound;
+
+        emit BetPlaced(msg.sender, msg.value);
+    }
+
+    /// @notice Fold your hand
+    function fold() external {
+        require(
+            state == GameState.CardsDealt || state == GameState.BettingRound,
+            "Not betting phase"
+        );
+
+        uint8 seat = _getSeat(msg.sender);
+        require(!_players[seat].folded, "Already folded");
+
+        _players[seat].folded = true;
+
+        // Other player wins by default
+        uint8 winnerSeat = seat == 0 ? 1 : 0;
+        winner = _players[winnerSeat].addr;
+        state = GameState.Finished;
+
+        // Transfer pot to winner
+        uint256 winnings = pot;
+        pot = 0;
+        (bool sent, ) = winner.call{value: winnings}("");
+        require(sent, "Transfer failed");
+
+        emit PlayerFolded(msg.sender);
+        emit GameWon(winner, winnings);
+    }
+
+    // ==================== SHOWDOWN ====================
+
+    /// @notice Initiate showdown - compare hands using FHE
+    function showdown() external {
+        require(
+            state == GameState.CardsDealt || state == GameState.BettingRound,
+            "Not ready for showdown"
+        );
+        require(!_players[0].folded && !_players[1].folded, "Someone folded");
+
+        // 🎯 Compare hand strengths using FHE
+        _player0Wins = FHE.gt(
+            _players[0].handStrength,
+            _players[1].handStrength
+        );
+
+        FHE.allowThis(_player0Wins);
+        FHE.makePubliclyDecryptable(_player0Wins);
+
+        state = GameState.Showdown;
+        emit ShowdownStarted();
+    }
+
+    /// @notice Reveal winner with decryption proof
+    /// @param abiEncodedResult ABI-encoded bool result
+    /// @param decryptionProof KMS signature proving decryption
+    function revealWinner(
+        bytes memory abiEncodedResult,
+        bytes memory decryptionProof
+    ) external {
+        require(state == GameState.Showdown, "Not showdown phase");
+
+        // Verify decryption
+        bytes32[] memory cts = new bytes32[](1);
+        cts[0] = FHE.toBytes32(_player0Wins);
+        FHE.checkSignatures(cts, abiEncodedResult, decryptionProof);
+
+        bool player0Wins = abi.decode(abiEncodedResult, (bool));
+
+        if (player0Wins) {
+            winner = _players[0].addr;
+        } else {
+            winner = _players[1].addr;
+        }
+
+        state = GameState.Finished;
+
+        // Transfer pot
+        uint256 winnings = pot;
+        pot = 0;
+        (bool sent, ) = winner.call{value: winnings}("");
+        require(sent, "Transfer failed");
+
+        emit GameWon(winner, winnings);
+    }
+
+    // ==================== RESET ====================
+
+    /// @notice Reset for a new game
+    function resetGame() external {
+        require(state == GameState.Finished, "Game not finished");
+
+        delete _players[0];
+        delete _players[1];
+        pot = 0;
+        winner = address(0);
+        state = GameState.WaitingForPlayers;
+        gameId++;
+    }
+
+    // ==================== VIEW FUNCTIONS ====================
+
+    /// @notice Get game info
+    function getGameInfo()
+        external
+        view
+        returns (
+            GameState currentState,
+            address player0,
+            address player1,
+            uint256 currentPot,
+            address currentWinner,
+            uint256 currentGameId
+        )
+    {
+        return (state, _players[0].addr, _players[1].addr, pot, winner, gameId);
+    }
+
+    /// @notice Get player bet
+    function getPlayerBet(address player) external view returns (uint256) {
+        if (_players[0].addr == player) return _players[0].bet;
+        if (_players[1].addr == player) return _players[1].bet;
+        return 0;
+    }
+
+    /// @notice Check if address is in game
+    function isPlayer(address addr) external view returns (bool) {
+        return _players[0].addr == addr || _players[1].addr == addr;
+    }
+
+    /// @notice Get own cards (only callable by the player themselves)
+    /// @dev Returns encrypted handles that only the caller can decrypt
+    function getMyCards() external view returns (euint8 card1, euint8 card2) {
+        uint8 seat = _getSeat(msg.sender);
+        return (_players[seat].card1, _players[seat].card2);
+    }
+
+    // ==================== INTERNAL ====================
+
+    function _getSeat(address player) internal view returns (uint8) {
+        if (_players[0].addr == player) return 0;
+        if (_players[1].addr == player) return 1;
+        revert("Not a player");
+    }
+}