Encifher
Onchain Programs

Core Manager Program

Description of Core manager program and functions defined within it

Overview

The Core Manager Program is a Solana program that manages the core functionalities of the Encifher protocol. It contains methods for all the upgrade, state or maintainence related tasks of Encifher protocol.

Data Types

pub struct CoprocessorConfig {
    pub coprocessor_derived_public_key: [u8; 64], // TEE public key against which the signature is verified onchain for state update
    pub coprocessor_submitter: Pubkey, // whitelisted submitted address who is allowed to submit state update onchain 
    pub coprocessor_halt_status: bool, // is coprocessor halted 
    pub latest_proof_submission_timestamp: u64, // timestamp when the latest attestation verification proof was submitted
    pub pcr_1: [u8; 48],
    pub pcr_2: [u8; 48],
    pub pcr_3: [u8; 48],
    pub pcr_16: [u8; 48], // pcr values are TEE specific values 
    pub image_id: [u8; 32], // image_id is the program id which is running within TEE 
    pub program_verification_key_hash: [u8; 32], // verification key hash against which we can verify the attestation verification proof submitted by offchain coprocessor
}

initialize

  • Params:
    • manager_key: Pubkey // whitelisted manager address who is authorized to add/remove/update any coprocessor or coprocessor config
    • coprocessor_derived_public_key: [u8; 64]
    • coprocessor_submitter: Pubkey
    • pcr_1: [u8; 48]
    • pcr_2: [u8; 48]
    • pcr_3: [u8; 48]
    • pcr_16: [u8; 48]
    • image_id: [u8; 32]
    • program_verification_key_hash: [u8; 32]
  • Purpose: Initialize the EncifherCoreManager PDA and register the first coprocessor configuration.
  • Process:
    • Create manager PDA at seeds ["core_manager"].
    • Set encifher_manager = manager_key, active_coprocessor_index = 0.
    • Construct CoprocessorConfig from inputs and push to registered_coprocessors.

initialize_batch_root_storage

  • Params:
    • init_root: [u8; 64]
  • Purpose: Initialises the batch root storage PDA with an initial root.
  • Process:
    • Ensure batch_root_storage PDA at seeds ["batch_root_storage"] exists (init_if_needed).
    • Updates the initial root to be root = init_root.

register_coprocessor

  • Params:
    • config: CoprocessorConfig
  • Purpose: Register a new coprocessor with its derived key, submitter address, PCRs, image id, and VK hash.
  • Process:
    • Require caller is the encifher_manager.
    • Validate non-zero/valid fields in config.
    • Append config to manager.registered_coprocessors.

update_coprocessor_config

  • Params:
    • coprocessor_index: u8
    • coprocessor_config: CoprocessorConfig
  • Purpose: Replace the configuration of an existing coprocessor.
  • Process:
    • Require caller is the encifher_manager.
    • Validate all fields of coprocessor_config.
    • Overwrite registered_coprocessors[coprocessor_index] with the new config.

toggle_coprocessor_halt_status

  • Params:
    • coprocessor_index: u8
    • halt_status: bool
  • Purpose: Halt or resume a coprocessor for operational control.
  • Process:
    • Require caller is the encifher_manager.
    • Require new_halt_status differs from current.
    • Updates registered_coprocessors[coprocessor_index].coprocessor_halt_status = halt_status. so that this coprocessor can’t be used in the protocol.

remove_coprocessor

  • Params:
    • coprocessor_index: u8
  • Purpose: Remove a coprocessor from the registry and update active index if needed.
  • Process:
    • Require caller is the encifher_manager.
    • Remove entry at coprocessor_index from registered_coprocessors.
    • If removed index is below current active_coprocessor_index, decrement active_coprocessor_index.

update_batch_root

  • Params:
    • root: [u8; 64]
    • batch_root: [u8; 32]
    • signature: [u8; 64]
    • active_coprocessor_index: u8
    • recovery_id: u8
  • Purpose: Verify a submitted batch root against the current onchain batch root to make sure continuity guarantees is maintained and at the same time verify that the signature over the batch root is correct and made by a valid TEE.
  • Process:
    • Load current_coprocessor_config by active_coprocessor_index (stored within the manager).
    • Recover and verify secp256k1 signature matches coprocessor_derived_public_key
    • Compute wx = witness * batch_root on bn128 (witness is current batch_root_storage.root).
    • Compute root scalar multiplication and prepare pairing inputs with G2.
    • Perform pairing check; require result indicates validity.
    • On success, set batch_root_storage.root = root.

submit_proof

  • Params:
    • proof: [u8; 256]
    • public_inputs: [u8; MAX_PUBLIC_INPUTS_LENGTH]
    • active_coprocessor_index: u8
  • Purpose: Works as a heartbeat of offchain coprocessor where the offchain coprocessor keeps sending attestation verification proofs onchain to keep the state of the coprocessor active failing to do so will block the onchain state finalization.
  • Process:
    • Verifies the proof against public inputs
    • Updates the liveliness timestamp so that batch root keeps getting updated.

Onchain Programs

Description of Onchain programs and functions

EToken Program

Description of EToken program and functions defined within it

On this page

OverviewData Types