Skip to content

v0.12.0

Latest
Latest

Choose a tag to compare

View all tags
@antoniupop antoniupop released this 08 Apr 15:51
· 35 commits to main since this release
v0.12.0
This tag was signed with the committer’s verified signature.
antoniupop Antoniu
GPG key ID: CECBC85EDED5C94C
Verified
Learn about vigilant mode.
7522520
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • Context-Aware Decryptions (#2143)

A new "KMS context" system adds epoch IDs and context state to decryption operations. KMSVerifier now tracks context IDs, and decryption requests carry context-aware extraData. The kms-connector validates context state via a new kms_context DB table and ethereum listener.

  • Simple ACL — MultichainACL Removed (#2072)

The entire MultichainACL contract suite is removed from gateway-contracts. isUserDecryptionReady and isDelegatedUserDecryptionReady had unused parameters removed. The Arbitrum expiration-date-before-one-hour constraint is replaced by a simpler expirationDate > block.timestamp check. A backward-compatibility overload for the old isUserDecryptionReady signature is provided (#2137).

  • Per-Block HCU Metering (#2004)

New HCULimit contract provides configurable per-block, per-transaction, and per-transaction-depth Homomorphic Compute Unit limits. Includes a whitelist mechanism for privileged callers to bypass block limits.

Ciphertext inputs are now re-randomised per FHE operation using a deterministic seed derived from input ciphertexts and operator, enabling coprocessor consensus.

  • Coprocessor State Revert (#2122)

New revert_coprocessor_db_state.sql script that can revert a coprocessor to a previous block number, packaged in the db-migration Docker image.

  • Gateway Drift Detection (#2096)

Opt-in ciphertext drift detection in the gateway listener, comparing local digests against on-chain consensus. Detection-only (no auto-recovery). Enable via --ciphertext-commits-address.

  • KMS-Connector: eth_getLogs Event Listening (#2197)

KMS connector switches from subscription-based to eth_getLogs-based event listening with batch DB insertion.

  • Contract Upgrade Version Check CI (#2112)

New CI workflow that enforces bumping REINITIALIZER_VERSION and version constants when contract bytecode changes.

  • Library-Solidity Enhancements

    • FHE.fromExternal now returns a trivial-encrypt of 0 for uninitialized handles instead of reverting (#1969)
    • New FHE.isPublicDecryptionResultValid view function for on-chain decryption signature validation (#1987)
    • ECDSA.sol renamed to FhevmECDSA.sol to fix naming conflicts (#2007)

Breaking Changes

Gateway Contracts

  • MultichainACL contracts deleted — MultichainACL.sol, MultichainACLChecks.sol, and IMultichainACL.sol are removed entirely.
  • isUserDecryptionReady signature changed — the address userAddress parameter was removed. Old signature preserved via backward-compat overload but is deprecated.
  • Decryption contract upgraded for context-aware decryption and removed MultichainACL dependency.

Host Contracts

  • Handle hashing includes domain separator + prev block hash — FHEVMExecutor now prepends COMPUTATION_DOMAIN_SEPARATOR ("FHE_comp") and appends blockhash(block.number-1) + block.timestamp.
  • New HCULimit contract required — FHEVMExecutor REINITIALIZER_VERSION bumped to 3. Initialization requires hcuCapPerBlock, maxHCUDepthPerTx, and maxHCUPerTx parameters.
  • ACL REINITIALIZER_VERSION bumped to 4 — ExpirationDateBeforeOneHour error replaced by ExpirationDateInThePast. Validation now only checks expirationDate > block.timestamp.
  • KMSVerifier upgraded for context-aware decryption with epoch/context support.

Library Solidity

  • ECDSA.sol renamed to FhevmECDSA.sol — import path changed from cryptography/ECDSA.sol to cryptography/FhevmECDSA.sol, library renamed from ECDSA to FhevmECDSA.

Coprocessor

  • Tenants table removed from DB
  • Legacy tfhe-worker gRPC endpoint removed
  • tfhe-rs updated to 1.5.4
Assets 2
Loading