User Decrypt Multiple Values

Decrypting multiple encrypted values (ebool, euint32, euint64) for a user. Highlights that each value requires individual permission grants, as there is no batching for FHE.allow() or FHE.allowThis().

To run this example correctly, make sure the files are placed in the following directories:

.sol file → <your-project-root-dir>/contracts/
.ts file → <your-project-root-dir>/test/

This ensures Hardhat can compile and test your contracts as expected.

🔐 FHE API Reference (10 items)

Types: ebool · euint32 · euint64

Functions:

FHE.add() - Homomorphic addition: result = a + b (overflow wraps)
FHE.allow() - Grants PERMANENT permission for address to decrypt/use value
FHE.allowThis() - Grants contract permission to operate on ciphertext
FHE.asEbool() - Encrypts a plaintext boolean into ebool
FHE.asEuint32() - Encrypts a plaintext uint32 value into euint32
FHE.asEuint64() - Encrypts a plaintext uint64 value into euint64
FHE.xor() - Homomorphic bitwise XOR

// SPDX-License-Identifier: BSD-3-Clause-Clear
pragma solidity ^0.8.24;

import {FHE, ebool, euint32, euint64} from "@fhevm/solidity/lib/FHE.sol";
import {ZamaEthereumConfig} from "@fhevm/solidity/config/ZamaConfig.sol";

/**
 * @notice Decrypting multiple encrypted values (ebool, euint32, euint64) for a user.
 *         Highlights that each value requires individual permission grants,
 *         as there is no batching for FHE.allow() or FHE.allowThis().
 *
 * @dev Individual permissions are required for each encrypted value.
 */
contract UserDecryptMultipleValues is ZamaEthereumConfig {
    ebool private _encryptedBool;
    euint32 private _encryptedUint32;
    euint64 private _encryptedUint64;

    /// @notice Initialize multiple values from plaintext
    /// @dev FHE.asEuintX() creates encrypted constants from plaintext
    function initialize(bool a, uint32 b, uint64 c) external {
        // Create encrypted values from plaintext
        _encryptedBool = FHE.xor(FHE.asEbool(a), FHE.asEbool(false));
        _encryptedUint32 = FHE.add(FHE.asEuint32(b), FHE.asEuint32(1));
        _encryptedUint64 = FHE.add(FHE.asEuint64(c), FHE.asEuint64(1));

        // ⚠️ Why separate? No batching for permissions - each needs individual allow()
        FHE.allowThis(_encryptedBool);
        FHE.allowThis(_encryptedUint32);
        FHE.allowThis(_encryptedUint64);

        FHE.allow(_encryptedBool, msg.sender);
        FHE.allow(_encryptedUint32, msg.sender);
        FHE.allow(_encryptedUint64, msg.sender);
    }

    function encryptedBool() public view returns (ebool) {
        return _encryptedBool;
    }

    function encryptedUint32() public view returns (euint32) {
        return _encryptedUint32;
    }

    function encryptedUint64() public view returns (euint64) {
        return _encryptedUint64;
    }
}

import {
  UserDecryptMultipleValues,
  UserDecryptMultipleValues__factory,
} from "../types";
import { HardhatFhevmRuntimeEnvironment } from "@fhevm/hardhat-plugin";
import { utils as fhevm_utils } from "@fhevm/mock-utils";
import { HardhatEthersSigner } from "@nomicfoundation/hardhat-ethers/signers";
import { DecryptedResults } from "@zama-fhe/relayer-sdk";
import { expect } from "chai";
import { ethers } from "hardhat";
import * as hre from "hardhat";

/** Common signers interface */
interface Signers {
  owner: HardhatEthersSigner;
  alice: HardhatEthersSigner;
}

async function deployFixture() {
  // Contracts are deployed using the first signer/account by default
  const factory = (await ethers.getContractFactory(
    "UserDecryptMultipleValues"
  )) as UserDecryptMultipleValues__factory;
  const userDecryptMultipleValues =
    (await factory.deploy()) as UserDecryptMultipleValues;
  const userDecryptMultipleValues_address =
    await userDecryptMultipleValues.getAddress();

  return { userDecryptMultipleValues, userDecryptMultipleValues_address };
}

/**
 * User Decrypt Multiple Values Tests
 *
 * Tests the FHE user decryption mechanism for multiple values in a single batch.
 * Validates EIP-712 signed authorization for re-encryption of multiple handles.
 */
describe("UserDecryptMultipleValues", function () {
  let contract: UserDecryptMultipleValues;
  let contractAddress: string;
  let signers: Signers;

  before(async function () {
    // Check whether the tests are running against an FHEVM mock environment
    if (!hre.fhevm.isMock) {
      throw new Error(`This hardhat test suite cannot run on Sepolia Testnet`);
    }

    const ethSigners: HardhatEthersSigner[] = await ethers.getSigners();
    signers = { owner: ethSigners[0], alice: ethSigners[1] };
  });

  beforeEach(async function () {
    // Deploy a new contract each time we run a new test
    const deployment = await deployFixture();
    contractAddress = deployment.userDecryptMultipleValues_address;
    contract = deployment.userDecryptMultipleValues;
  });

  // ✅ Test should succeed
  it("user decryption should succeed", async function () {
    // 🚀 Initialize the contract with multiple values.
    const tx = await contract
      .connect(signers.alice)
      .initialize(true, 123456, 78901234567);
    await tx.wait();

    const encryptedBool = await contract.encryptedBool();
    const encryptedUint32 = await contract.encryptedUint32();
    const encryptedUint64 = await contract.encryptedUint64();

    // 🔓 Decryption Process for Multiple Values:
    const fhevm: HardhatFhevmRuntimeEnvironment = hre.fhevm;

    // 1. Generate a temporary keypair for the decryption request.
    const aliceKeypair = fhevm.generateKeypair();

    const startTimestamp = fhevm_utils.timestampNow();
    const durationDays = 365;

    // 2. Create an EIP-712 request to authorize decryption of these handles.
    const aliceEip712 = fhevm.createEIP712(
      aliceKeypair.publicKey,
      [contractAddress],
      startTimestamp,
      durationDays
    );

    // 3. User (Alice) signs the EIP-712 request.
    const aliceSignature = await signers.alice.signTypedData(
      aliceEip712.domain,
      {
        UserDecryptRequestVerification:
          aliceEip712.types.UserDecryptRequestVerification,
      },
      aliceEip712.message
    );

    // 4. Perform the batch decryption.
    // This sends the request to the (mock) relayer, which re-encrypts the values
    // for Alice's temporary public key and then decrypts them.
    const decrytepResults: DecryptedResults = await fhevm.userDecrypt(
      [
        { handle: encryptedBool, contractAddress: contractAddress },
        { handle: encryptedUint32, contractAddress: contractAddress },
        { handle: encryptedUint64, contractAddress: contractAddress },
      ],
      aliceKeypair.privateKey,
      aliceKeypair.publicKey,
      aliceSignature,
      [contractAddress],
      signers.alice.address,
      startTimestamp,
      durationDays
    );

    expect(decrytepResults[encryptedBool]).to.equal(true);
    expect(decrytepResults[encryptedUint32]).to.equal(123456 + 1);
    expect(decrytepResults[encryptedUint64]).to.equal(78901234567 + 1);
  });
});

PreviousUser Decrypt Single Value NextPublic Decrypt Single Value

Last updated 2 months ago

import { UserDecryptMultipleValues, UserDecryptMultipleValues__factory, } from "../types"; import { HardhatFhevmRuntimeEnvironment } from "@fhevm/hardhat-plugin"; import { utils as fhevm_utils } from "@fhevm/mock-utils"; import { HardhatEthersSigner } from "@nomicfoundation/hardhat-ethers/signers"; import { DecryptedResults } from "@zama-fhe/relayer-sdk"; import { expect } from "chai"; import { ethers } from "hardhat"; import * as hre from "hardhat"; /** Common signers interface */ interface Signers { owner: HardhatEthersSigner; alice: HardhatEthersSigner; } async function deployFixture() { // Contracts are deployed using the first signer/account by default const factory = (await ethers.getContractFactory( "UserDecryptMultipleValues" )) as UserDecryptMultipleValues__factory; const userDecryptMultipleValues = (await factory.deploy()) as UserDecryptMultipleValues; const userDecryptMultipleValues_address = await userDecryptMultipleValues.getAddress(); return { userDecryptMultipleValues, userDecryptMultipleValues_address }; } /** * User Decrypt Multiple Values Tests * * Tests the FHE user decryption mechanism for multiple values in a single batch. * Validates EIP-712 signed authorization for re-encryption of multiple handles. */ describe("UserDecryptMultipleValues", function () { let contract: UserDecryptMultipleValues; let contractAddress: string; let signers: Signers; before(async function () { // Check whether the tests are running against an FHEVM mock environment if (!hre.fhevm.isMock) { throw new Error(`This hardhat test suite cannot run on Sepolia Testnet`); } const ethSigners: HardhatEthersSigner[] = await ethers.getSigners(); signers = { owner: ethSigners[0], alice: ethSigners[1] }; }); beforeEach(async function () { // Deploy a new contract each time we run a new test const deployment = await deployFixture(); contractAddress = deployment.userDecryptMultipleValues_address; contract = deployment.userDecryptMultipleValues; }); // ✅ Test should succeed it("user decryption should succeed", async function () { // 🚀 Initialize the contract with multiple values. const tx = await contract .connect(signers.alice) .initialize(true, 123456, 78901234567); await tx.wait(); const encryptedBool = await contract.encryptedBool(); const encryptedUint32 = await contract.encryptedUint32(); const encryptedUint64 = await contract.encryptedUint64(); // 🔓 Decryption Process for Multiple Values: const fhevm: HardhatFhevmRuntimeEnvironment = hre.fhevm; // 1. Generate a temporary keypair for the decryption request. const aliceKeypair = fhevm.generateKeypair(); const startTimestamp = fhevm_utils.timestampNow(); const durationDays = 365; // 2. Create an EIP-712 request to authorize decryption of these handles. const aliceEip712 = fhevm.createEIP712( aliceKeypair.publicKey, [contractAddress], startTimestamp, durationDays ); // 3. User (Alice) signs the EIP-712 request. const aliceSignature = await signers.alice.signTypedData( aliceEip712.domain, { UserDecryptRequestVerification: aliceEip712.types.UserDecryptRequestVerification, }, aliceEip712.message ); // 4. Perform the batch decryption. // This sends the request to the (mock) relayer, which re-encrypts the values // for Alice's temporary public key and then decrypts them. const decrytepResults: DecryptedResults = await fhevm.userDecrypt( [ { handle: encryptedBool, contractAddress: contractAddress }, { handle: encryptedUint32, contractAddress: contractAddress }, { handle: encryptedUint64, contractAddress: contractAddress }, ], aliceKeypair.privateKey, aliceKeypair.publicKey, aliceSignature, [contractAddress], signers.alice.address, startTimestamp, durationDays ); expect(decrytepResults[encryptedBool]).to.equal(true); expect(decrytepResults[encryptedUint32]).to.equal(123456 + 1); expect(decrytepResults[encryptedUint64]).to.equal(78901234567 + 1); }); });