[FEAT] Add on-chain signature verification for decrypt results by roeezolantz · Pull Request #42 · FhenixProtocol/cofhe-contracts

roeezolantz · 2026-02-03T21:19:07Z

Summary

Enables SDK/JS users to publish decryption results directly to the TaskManager contract with cryptographic signature verification from the threshold decryption network.

Main Changes

TaskManager.sol:

Added publishDecryptResult() - publish signed decrypt result to chain
Added publishDecryptResultBatch() - batch publish for gas efficiency
Added verifyDecryptResult() - verify signature without publishing (view, reverts on invalid)
Added verifyDecryptResultSafe() - verify signature without publishing (view, returns false on invalid)
Added decryptResultSigner state variable and setDecryptResultSigner() admin function, triggering DecryptResultSignerChanged event upon change

ICofhe.sol / FHE.sol:

Added interface definitions and wrapper functions
Typed overloads for all encrypted types (ebool, euint8, euint16, euint32, euint64, euint128, eaddress)
Impl layer uses bytes32 for ctHash, matching the existing pattern (e.g. getDecryptResult(bytes32))

Message Format: result (32 bytes), enc_type (4), chain_id (8), ct_hash (32) = 76 bytes total

Examples

taskManager.publishDecryptResult(0x123..., 42, 0xsig...)
FHE.publishDecryptResult(ctHash, result, signature)

taskManager.publishDecryptResultBatch([hash1, hash2], [42, 100], [sig1, sig2])

bool valid = taskManager.verifyDecryptResult(0x123..., 42, 0xsig...)
bool valid = FHE.verifyDecryptResult(ctHash, result, signature)

// Non-reverting version (returns false instead of reverting)
bool valid = taskManager.verifyDecryptResultSafe(0x123..., 42, 0xsig...)
bool valid = FHE.verifyDecryptResultSafe(ctHash, result, signature)

taskManager.setDecryptResultSigner(0xDispatcherAddress)

address signer = taskManager.decryptResultSigner()

contracts/internal/host-chain/contracts/TaskManager.sol

contracts/FHE.sol

roeezolantz · 2026-02-08T18:32:58Z

@liorbond didn't rebase on the CTA PR yet, but fixed everything else, please re-review :)

roeezolantz · 2026-02-23T13:59:49Z

@liorbond I've added some fixes :

C-1: Use ECDSA.tryRecover instead of recover so verifyDecryptResultSafe returns false on malformed signatures instead of reverting
H-2: Added onlyIfEnabled modifier to publishDecryptResult and publishDecryptResultBatch
Replaced require string with LengthMismatch custom error in batch function
Added safety comment in assembly and advance free memory pointer to be on the safe side if this function ever get changed in the future and the data is needed
Changed Impl functions to accept bytes32 for ctHash (matching getDecryptResult pattern) - based on the CTA rebase
Added verifyDecryptResultSafe typed overloads for all encrypted types
Added EADDRESS_TFHE to encryption types test coverage

* Add `allowPublic` alias for `allowGlobal` * Add isPubliclyAllowed and isGloballyAllowed to TaskManager * Add tests for isPubliclyAllowed and isGloballyAllowed * update changelog * add FHE.isPubliclyAllowed, remove from DeterministicTM * remove isGloballyAllowed, keep only isPubliclyAllowed * update changelog --------- Co-authored-by: Roee Zolantz <zolantz.roee@gmail.com>

roeezolantz marked this pull request as ready for review February 8, 2026 13:53

liorbond requested changes Feb 8, 2026

View reviewed changes

roeezolantz requested a review from liorbond February 9, 2026 18:24

liorbond approved these changes Feb 17, 2026

View reviewed changes

roeezolantz added 7 commits February 23, 2026 12:21

implement contract changes to verify decryption sigs

414cefe

remove decryption id from sig

8be736b

improvements

c36bdf9

PR comments fixes, tests, ci

a27017b

fix ci

b9946e7

fix test

74bbd47

fix existing tests

4694f33

roeezolantz force-pushed the feat/tn-chain-sig-verification branch from b949fe9 to 4694f33 Compare February 23, 2026 12:41

roeezolantz added 7 commits February 23, 2026 15:41

use tryRecover for non-reverting signature verification

f98b26e

add onlyIfEnabled to publish functions

1611659

replace require string with LengthMismatch custom error

f71f207

add safety comment and advance free memory pointer in assembly

16e7aff

use bytes32 for ctHash in Impl and FHE overloads

fff2337

add verifyDecryptResultSafe typed overloads

697cbac

add tests for tryRecover, onlyIfEnabled, and edge cases

f9adee0

roeezolantz requested a review from liorbond February 23, 2026 14:25

update changelog

8c9867c

liorbond approved these changes Feb 25, 2026

View reviewed changes

roeezolantz merged commit c6ad9ab into master Feb 25, 2026
2 checks passed

roeezolantz deleted the feat/tn-chain-sig-verification branch February 25, 2026 09:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[FEAT] Add on-chain signature verification for decrypt results#42

[FEAT] Add on-chain signature verification for decrypt results#42
roeezolantz merged 16 commits intomasterfrom
feat/tn-chain-sig-verification

roeezolantz commented Feb 3, 2026 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

roeezolantz commented Feb 8, 2026

Uh oh!

roeezolantz commented Feb 23, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

roeezolantz commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Main Changes

Examples

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

roeezolantz commented Feb 8, 2026

Uh oh!

roeezolantz commented Feb 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

roeezolantz commented Feb 3, 2026 •

edited

Loading

roeezolantz commented Feb 23, 2026 •

edited

Loading