feat(library-solidity): update fromExternal to facilitate smart accou… (#1609)

feat(library-solidity): update fromExternal to facilitate smart account integration

chore(library-solidity): fix typo in comments

chore(library-solidity): reformat comments

test(library-solidity): add tests for multisig with helper contract

chore(library-solidity): refactor fromExternal

chore(library-solidity): updated config

chore(common): bump npmjs minor

chore(common): bump npmjs minor for host

chore(library-solidity): fix forge test

test(library-solidity): simplify input approval flow

Author: jatZama

host-contracts/lib/FHE.sol

@@ -27,6 +27,9 @@ library FHE {
     /// @notice Returned if the returned KMS signatures are not valid.
     error InvalidKMSSignatures();
 
+    /// @notice Returned if the sender is not allowed to use the handle.
+    error SenderNotAllowedToUseHandle(bytes32 handle, address sender);
+
     /// @notice This event is emitted when public decryption has been successfully verified.
     event PublicDecryptionVerified(bytes32[] handlesList, bytes abiEncodedCleartexts);
 
@@ -8441,9 +8444,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted ebool integer.
+     * @dev If inputProof is empty, the externalEbool inputHandle can be used as a regular ebool handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEbool inputHandle, bytes memory inputProof) internal returns (ebool) {
-        return ebool.wrap(Impl.verify(externalEbool.unwrap(inputHandle), inputProof, FheType.Bool));
+        if (inputProof.length != 0) {
+            return ebool.wrap(Impl.verify(externalEbool.unwrap(inputHandle), inputProof, FheType.Bool));
+        } else {
+            bytes32 inputBytes32 = externalEbool.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return ebool.wrap(inputBytes32);
+        }
     }
 
     /**
@@ -8455,9 +8467,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted euint8 integer.
+     * @dev If inputProof is empty, the externalEuint8 inputHandle can be used as a regular euint8 handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEuint8 inputHandle, bytes memory inputProof) internal returns (euint8) {
-        return euint8.wrap(Impl.verify(externalEuint8.unwrap(inputHandle), inputProof, FheType.Uint8));
+        if (inputProof.length != 0) {
+            return euint8.wrap(Impl.verify(externalEuint8.unwrap(inputHandle), inputProof, FheType.Uint8));
+        } else {
+            bytes32 inputBytes32 = externalEuint8.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return euint8.wrap(inputBytes32);
+        }
     }
 
     /**
@@ -8469,9 +8490,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted euint16 integer.
+     * @dev If inputProof is empty, the externalEuint16 inputHandle can be used as a regular euint16 handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEuint16 inputHandle, bytes memory inputProof) internal returns (euint16) {
-        return euint16.wrap(Impl.verify(externalEuint16.unwrap(inputHandle), inputProof, FheType.Uint16));
+        if (inputProof.length != 0) {
+            return euint16.wrap(Impl.verify(externalEuint16.unwrap(inputHandle), inputProof, FheType.Uint16));
+        } else {
+            bytes32 inputBytes32 = externalEuint16.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return euint16.wrap(inputBytes32);
+        }
     }
 
     /**
@@ -8483,9 +8513,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted euint32 integer.
+     * @dev If inputProof is empty, the externalEuint32 inputHandle can be used as a regular euint32 handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEuint32 inputHandle, bytes memory inputProof) internal returns (euint32) {
-        return euint32.wrap(Impl.verify(externalEuint32.unwrap(inputHandle), inputProof, FheType.Uint32));
+        if (inputProof.length != 0) {
+            return euint32.wrap(Impl.verify(externalEuint32.unwrap(inputHandle), inputProof, FheType.Uint32));
+        } else {
+            bytes32 inputBytes32 = externalEuint32.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return euint32.wrap(inputBytes32);
+        }
     }
 
     /**
@@ -8497,9 +8536,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted euint64 integer.
+     * @dev If inputProof is empty, the externalEuint64 inputHandle can be used as a regular euint64 handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEuint64 inputHandle, bytes memory inputProof) internal returns (euint64) {
-        return euint64.wrap(Impl.verify(externalEuint64.unwrap(inputHandle), inputProof, FheType.Uint64));
+        if (inputProof.length != 0) {
+            return euint64.wrap(Impl.verify(externalEuint64.unwrap(inputHandle), inputProof, FheType.Uint64));
+        } else {
+            bytes32 inputBytes32 = externalEuint64.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return euint64.wrap(inputBytes32);
+        }
     }
 
     /**
@@ -8511,9 +8559,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted euint128 integer.
+     * @dev If inputProof is empty, the externalEuint128 inputHandle can be used as a regular euint128 handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEuint128 inputHandle, bytes memory inputProof) internal returns (euint128) {
-        return euint128.wrap(Impl.verify(externalEuint128.unwrap(inputHandle), inputProof, FheType.Uint128));
+        if (inputProof.length != 0) {
+            return euint128.wrap(Impl.verify(externalEuint128.unwrap(inputHandle), inputProof, FheType.Uint128));
+        } else {
+            bytes32 inputBytes32 = externalEuint128.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return euint128.wrap(inputBytes32);
+        }
     }
 
     /**
@@ -8525,9 +8582,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted eaddress integer.
+     * @dev If inputProof is empty, the externalEaddress inputHandle can be used as a regular eaddress handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEaddress inputHandle, bytes memory inputProof) internal returns (eaddress) {
-        return eaddress.wrap(Impl.verify(externalEaddress.unwrap(inputHandle), inputProof, FheType.Uint160));
+        if (inputProof.length != 0) {
+            return eaddress.wrap(Impl.verify(externalEaddress.unwrap(inputHandle), inputProof, FheType.Uint160));
+        } else {
+            bytes32 inputBytes32 = externalEaddress.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return eaddress.wrap(inputBytes32);
+        }
     }
 
     /**
@@ -8539,9 +8605,18 @@ library FHE {
 
     /**
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted euint256 integer.
+     * @dev If inputProof is empty, the externalEuint256 inputHandle can be used as a regular euint256 handle if it
+     *      has already been verified and allowed to the sender.
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalEuint256 inputHandle, bytes memory inputProof) internal returns (euint256) {
-        return euint256.wrap(Impl.verify(externalEuint256.unwrap(inputHandle), inputProof, FheType.Uint256));
+        if (inputProof.length != 0) {
+            return euint256.wrap(Impl.verify(externalEuint256.unwrap(inputHandle), inputProof, FheType.Uint256));
+        } else {
+            bytes32 inputBytes32 = externalEuint256.unwrap(inputHandle);
+            if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+            return euint256.wrap(inputBytes32);
+        }
     }
 
     /**

host-contracts/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fhevm/host-contracts",
-  "version": "0.9.0-2",
+  "version": "0.10.0",
   "description": "fhevm backend contracts",
   "repository": {
     "type": "git",

library-solidity/codegen/src/templateFHEDotSol.ts

@@ -537,9 +537,18 @@ function handleSolidityTFHEConvertPlaintextAndEinputToRespectiveType(fheType: Ad
   let result = `
     /** 
      * @dev Convert an inputHandle with corresponding inputProof to an encrypted e${fheType.type.toLowerCase()} integer.
+     * @dev If inputProof is empty, the externalE${fheType.type.toLowerCase()} inputHandle can be used as a regular e${fheType.type.toLowerCase()} handle if it
+     *      has already been verified and allowed to the sender. 
+     *      This could facilitate integrating smart contract accounts with fhevm.
      */
     function fromExternal(externalE${fheType.type.toLowerCase()} inputHandle, bytes memory inputProof) internal returns (e${fheType.type.toLowerCase()}) {
-        return e${fheType.type.toLowerCase()}.wrap(Impl.verify(externalE${fheType.type.toLowerCase()}.unwrap(inputHandle), inputProof, FheType.${fheType.isAlias ? fheType.aliasType : fheType.type}));
+        if (inputProof.length!=0) {
+          return e${fheType.type.toLowerCase()}.wrap(Impl.verify(externalE${fheType.type.toLowerCase()}.unwrap(inputHandle), inputProof, FheType.${fheType.isAlias ? fheType.aliasType : fheType.type}));
+        } else {
+          bytes32 inputBytes32 = externalE${fheType.type.toLowerCase()}.unwrap(inputHandle);
+          if (!Impl.isAllowed(inputBytes32, msg.sender)) revert SenderNotAllowedToUseHandle(inputBytes32, msg.sender);
+          return e${fheType.type.toLowerCase()}.wrap(inputBytes32);
+        }
     }
 
     `;

library-solidity/codegen/src/templates/FHE.sol-template

@@ -33,6 +33,9 @@ library FHE {
     /// @notice Returned if the returned KMS signatures are not valid.
     error InvalidKMSSignatures();
 
+    /// @notice Returned if the sender is not allowed to use the handle.
+    error SenderNotAllowedToUseHandle(bytes32 handle, address sender);
+
     /// @notice This event is emitted when public decryption has been successfully verified.
     event PublicDecryptionVerified(bytes32[] handlesList, bytes abiEncodedCleartexts);
 

library-solidity/config/ZamaConfig.sol

@@ -48,7 +48,11 @@ library ZamaConfig {
         // The addresses below are placeholders and should be replaced with actual addresses
         // once deployed on the Ethereum mainnet.
         return
-            CoprocessorConfig({ACLAddress: address(0), CoprocessorAddress: address(0), KMSVerifierAddress: address(0)});
+            CoprocessorConfig({
+                ACLAddress: 0xcA2E8f1F656CD25C01F05d0b243Ab1ecd4a8ffb6,
+                CoprocessorAddress: 0xD82385dADa1ae3E969447f20A3164F6213100e75,
+                KMSVerifierAddress: 0x77627828a55156b04Ac0DC0eb30467f1a552BB03
+            });
     }
 
     /// @dev chainid == 11155111

library-solidity/examples/multisig/EncryptedSetter.sol

@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: BSD-3-Clause-Clear
+pragma solidity ^0.8.24;
+
+import "../../lib/FHE.sol";
+import {CoprocessorSetup} from "../CoprocessorSetup.sol";
+
+contract EncryptedSetter {
+    euint64 public encryptedResult;
+
+    constructor() {
+        FHE.setCoprocessor(CoprocessorSetup.defaultConfig());
+    }
+
+    function setEncryptedValue(externalEuint64 inputHandle, bytes memory inputProof) external {
+        euint64 encryptedInput = FHE.fromExternal(inputHandle, inputProof);
+        encryptedResult = FHE.add(encryptedInput, 42); // simulate some computation
+        FHE.allowThis(encryptedResult);
+        FHE.allow(encryptedResult, msg.sender);
+    }
+}

library-solidity/examples/multisig/MultiSigHelper.sol

@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: BSD-3-Clause-Clear
+pragma solidity ^0.8.24;
+
+import "../../lib/FHE.sol";
+import {CoprocessorSetup} from "../CoprocessorSetup.sol";
+
+interface IMultiSig {
+    function getOwners() external view returns (address[] memory);
+}
+
+contract MultiSigHelper {
+    IMultiSig public immutable multiSig;
+
+    constructor(address _multiSig) {
+        FHE.setCoprocessor(CoprocessorSetup.defaultConfig());
+        multiSig = IMultiSig(_multiSig);
+    }
+
+    function allowForMultiSig(externalEuint64 inputHandle, bytes memory inputProof) external {
+        euint64 handle = FHE.fromExternal(inputHandle, inputProof);
+        FHE.allow(handle, address(multiSig));
+        address[] memory owners = getMultiSigOwners();
+        uint256 numOwners = owners.length;
+        for (uint256 i; i < numOwners; i++) {
+            FHE.allow(handle, owners[i]);
+        }
+    }
+
+    function getMultiSigOwners() internal view returns (address[] memory) {
+        return multiSig.getOwners();
+    }
+}

library-solidity/examples/multisig/SimpleMultiSig.sol

@@ -0,0 +1,62 @@
+// SPDX-License-Identifier: BSD-3-Clause-Clear
+pragma solidity ^0.8.24;
+
+/// @notice Simple MultiSig contract, where all owners must approve a tx before executing it
+contract SimpleMultiSig {
+    struct Transaction {
+        address target;
+        bytes data;
+    }
+
+    event ProposedTx(uint256 indexed txId, address target, bytes data);
+
+    uint256 public txCounter;
+    address[] internal owners;
+    mapping(address => bool) public isOwner;
+    mapping(uint256 => Transaction) public transactions;
+    mapping(uint256 => mapping(address => bool)) public isApprovedByOwner;
+    mapping(uint256 => bool) public executed;
+
+    constructor(address[] memory _owners) {
+        uint256 length = _owners.length;
+        require(length > 1, "Multisig should have several owners");
+        for (uint256 i; i < length; i++) {
+            require(!isOwner[_owners[i]], "Owner has already been added");
+            owners.push(_owners[i]);
+            isOwner[_owners[i]] = true;
+        }
+    }
+
+    function proposeTx(address target, bytes calldata data) external {
+        require(isOwner[msg.sender], "Sender is not an owner");
+        txCounter++;
+        uint256 txId = txCounter;
+        transactions[txCounter] = Transaction({target: target, data: data});
+        emit ProposedTx(txId, target, data);
+        approveTx(txId); // proposer automatically approves
+    }
+
+    function approveTx(uint256 txId) public {
+        require(isOwner[msg.sender], "Sender is not an owner");
+        require(txId != 0 && txId <= txCounter, "Invalid txId");
+        require(!isApprovedByOwner[txId][msg.sender], "txId has already been approved by sender");
+        isApprovedByOwner[txId][msg.sender] = true;
+    }
+
+    function executeTx(uint256 txId) external {
+        require(txId != 0 && txId <= txCounter, "Invalid txId");
+        require(!executed[txId], "tx has already been executed");
+        for (uint i = 0; i < owners.length; i++) {
+            require(isApprovedByOwner[txId][owners[i]], "txId has not been approved by all owners");
+        }
+        Transaction memory transaction = transactions[txId];
+
+        (bool success, ) = (transaction.target).call(transaction.data);
+        require(success, "tx reverted");
+        executed[txId] = true;
+    }
+
+    function getOwners() external view returns (address[] memory) {
+        return owners;
+    }
+}