Encifher

SDK Documentation

About Encifher SDK and how it gets used in frontend.

Overview

Encifher SDK exposes necessary functionalities which enables users to encrypt their plaintext value on client end which generates handles/pointers corresponding to the value which user can use while making onchain transaction. Additionally, It also exposes certain functionalities which enables users to decrypt their pointer/handle just to view the plaintext value.

Encrypting

To start encrypting value the developer would just need to initialize TEEClient object by passing the coprocessor url within it.

// importing TEEClient and PlaintextType from @encifher-js/core
import { TEEClient, PlaintextType } from "@encifher-js/core";

// creating client which we could later use to encrypt value
const client = new TEEClient({ teeGatewayUrl: '<coprocessor-url>' });

To encrypting plaintext value of a certain type. Developer can use the encrypt method, While using the encrypt method he/she need to pass the datatype he is trying to encrypt

// encrypting value of type uint64
const amount = 1000;
const encryptedAmount = await client.encrypt(amount, PlaintextType.uint64);

Decrypting

To decrypt the encrypted value, The developer would just need to create a ReEncryptionSession object. For creating ReEncryptionSession object the developer would need to pass SessionConfig


interface SessionConfig {
  sessionDuration?: number; // duration of the session - during this duration developer can get any number of handles/pointer decrypted via coprocessor 
  coprocessorUrl?: string;  // coprocessor url 
  userPk: Uint8Array;       // user public key 
}

Creating ReEncryptionSession

const session = new ReEncryptionSession(sessionConfig);

Post that developer would need to create a session key pair.

const keypair = session.generateSessionPair();

Generate payload which developer would need to sign and send to coprocessor for session initiation.

const hashToSign = await session.generateSessionPayloadHashToSign();

Initialize session with user signature, (Signature over the payload obtained above)

await session.initializeSession(userSignature);

Post initialization, Developer could call reEncrypt method to re-encrypt the handle. Later on the result can get decrypted on the client end via the keypair private key

const result = await session.reEncrypt("<handle>");

Onchain Decryption (Token Withdrawal)

Flow for decryption of value for token withdrawal

Ciphertext Verification

How do we make sure when fetching ciphertext from indexer that the ciphertext was indeed calculated within TEE