Skip to main content

Overview

Let’s take a look at a simple contract that uses FHE to encrypt a counter, and break it down into its components.

Complete Contract Example

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.18;

import {FHE, euint64, InEuint64} from "@fhenixprotocol/cofhe-contracts/FHE.sol";

contract SimpleCounter {
    address owner;

    euint64 counter;
    euint64 delta;

    modifier onlyOwner() {
        require(msg.sender == owner, "Only the owner can access that function");
        _;
    }

    constructor(uint64 initial_value) {
        owner = msg.sender;
        counter = FHE.asEuint64(initial_value);
        FHE.allowThis(counter);

        // Encrypt the value 1 only once instead of every value change
        delta = FHE.asEuint64(1);
        FHE.allowThis(delta);
    }

    function increment_counter() external onlyOwner {
        counter = FHE.add(counter, delta);
        FHE.allowThis(counter);
    }

    function decrement_counter() external onlyOwner {
        counter = FHE.sub(counter, delta);
        FHE.allowThis(counter);
    }

    function reset_counter(InEuint64 calldata value) external onlyOwner {
        counter = FHE.asEuint64(value);
        FHE.allowThis(counter);
    }

    function allow_counter_publicly() external onlyOwner {
        FHE.allowPublic(counter);
    }

    function reveal_counter(uint64 _decrypted, bytes memory _signature) external {
        FHE.publishDecryptResult(counter, _decrypted, _signature);
    }

    function get_counter_value() external view returns(uint256) {
        (uint256 value, bool decrypted) = FHE.getDecryptResultSafe(counter);
        if (!decrypted)
            revert("Value is not ready");

        return value;
    }

    function get_encrypted_counter_value() external view returns(euint64) {
       return counter;
    }
}

Breaking Down the Contract

Importing the FHE Library

To start using FHE, we need to import the FHE library. In this example, we’re importing the types euint64 and InEuint64 from the FHE library. 
import {FHE, euint64, InEuint64} from "@fhenixprotocol/cofhe-contracts/FHE.sol";
We want to keep the counter encrypted at all times, so we’ll use the euint64 type.

State Variables

Next, we define some state variables for the contract: 
euint64 counter;
euint64 delta;

Constructor Initialization

In the constructor, we initialize the counter and delta variables. We encrypt the delta here to avoid calculating the same encrypted value every time we increment or decrement the counter. 
counter = FHE.asEuint64(initial_value);
delta = FHE.asEuint64(1);
We wanted the example contract to be as simple as possible, so readers can plug-and-play it into their preferred environment.There are some privacy improvements that could be made to this contract.
When we initialize the delta and counter variables, we use trivial encryption.Trivial encryption produces a ciphertext from a public value, but this variable, even though represented as a ciphertext handle, is not really confidential because everyone can see what is the plaintext value that went into it.To make it completely private, we need to initialize these variables with an InEuint from the calldata.More about trivial encryption here.

Access Control

For every encrypted variable, we need to call FHE.allowThis() to allow the contract to access it. Allowing access to encrypted variables is an important concept in FHE-enabled contracts. Without it, the contract could not continue to use this encrypted variable in future transactions. You can read more about this in the ACL Mechanism page. 
FHE.allowThis(counter);
FHE.allowThis(delta);

Increment and Decrement Functions

In the increment_counter and decrement_counter functions, we use the FHE.add and FHE.sub functions to increment and decrement the counter, respectively. And we also call FHE.allowThis() to allow the contract to access the new counter value. 
counter = FHE.add(counter, delta);
FHE.allowThis(counter);

Reset Function

In the reset_counter function, we receive an InEuint64 value, which is a type that represents an encrypted value that can be used to reset the counter. This value is an encrypted value that we created client-side using the SDK (read more about it here).

Decryption: Allow Public and Reveal

Decryption follows a two-step on-chain pattern, with an off-chain step in between. Step 1: Allow public decryption (on-chain) The owner calls allow_counter_publicly to mark the counter as eligible for public decryption: 
function allow_counter_publicly() external onlyOwner {
    FHE.allowPublic(counter);
}
Step 2: Decrypt off-chain Anyone can now request decryption off-chain using decryptForTx, which returns the plaintext value and a Threshold Network signature: 
const countCtHash = await counter.counter();

const result = await client
  .decryptForTx(countCtHash)
  .withoutPermit()
  .execute();
Step 3: Publish on-chain with proof The decrypted value and signature are submitted on-chain. FHE.publishDecryptResult verifies the signature and stores the plaintext — if the signature is invalid, the transaction reverts: 
function reveal_counter(uint64 _decrypted, bytes memory _signature) external {
    FHE.publishDecryptResult(counter, _decrypted, _signature);
}

Reading the Decrypted Value

Once the result has been published, anyone can read the counter’s value using get_counter_value. This function uses FHE.getDecryptResultSafe to check if a published result is available: 
function get_counter_value() external view returns(uint256) {
    (uint256 value, bool decrypted) = FHE.getDecryptResultSafe(counter);
    if (!decrypted)
        revert("Value is not ready");

    return value;
}
If the result has not been published yet, the function reverts. Otherwise, it returns the plaintext value.

Privacy Considerations

In this contract, only the owner can allow public decryption. Once reveal_counter is called, the plaintext value is published on-chain and visible to everyone. What if we want to allow the owner to privately read the value without revealing it publicly? For that, we need to add a call for FHE.allow(counter, owner) or FHE.allowSender(counter) every time that we change the counter’s value. This will allow the owner to read the encrypted counter’s value using the get_encrypted_counter_value function and decrypt it privately off-chain using decryptForView: 
function increment_counter() external onlyOwner {
    counter = FHE.add(counter, delta);
    FHE.allowThis(counter);
    FHE.allowSender(counter);
}

function get_encrypted_counter_value() external view returns(euint64) {
   return counter;
}

// Decrypt privately off-chain (no on-chain transaction, no public reveal)
const countCtHash = await counter.get_encrypted_counter_value();

const result = await client
  .decryptForView(countCtHash)
  .withPermit()
  .execute();

console.log(`Counter value (private): ${result.decryptedValue}`);

Next Steps