Package net.finmath.decryptionoracle.execution.service

Interface CallDecryptionService

All Known Implementing Classes:
CallDecryptionServiceImplementation
public interface CallDecryptionService
Off-chain decryption logic for the Call Decryption Oracle. This service: - decrypts the encrypted CallDescriptor and arguments, and - enforces any off-chain access-control rules based on ArgsDescriptor.eligibleCaller. The Event Listener will call this service and then send fulfill* transactions back to the on-chain CallDecryptionOracle contract.
Author:
Christian Fries

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Interface
    Description
    static final class 
    CallDecryptionService.DecryptedCall
    Result of decrypting an encrypted call descriptor + encrypted arguments.

  • Method Summary

    Modifier and Type
    Method
    Description
    byte[]
    decryptArguments(byte[] argsCiphertext, byte[] argsPublicKeyId, String requester)
    Decrypt only the encrypted arguments and enforce eligibility.
    CallDecryptionService.DecryptedCall
    decryptEncryptedCall(byte[] callCiphertext, byte[] callPublicKeyId, byte[] argsCiphertext, byte[] argsPublicKeyId, String requester)
    Decrypt the call descriptor and argument blob and enforce eligibility.

  • Method Details

    • decryptEncryptedCall

      CallDecryptionService.DecryptedCall decryptEncryptedCall(byte[] callCiphertext, byte[] callPublicKeyId, byte[] argsCiphertext, byte[] argsPublicKeyId, String requester)
      Decrypt the call descriptor and argument blob and enforce eligibility. Implementations are expected to: - decrypt callCiphertext using callPublicKeyId into a CallDescriptor, and - decrypt argsCiphertext using argsPublicKeyId into an ArgsDescriptor (containing eligibleCaller[] and argsPlain), - ensure that the original requester is contained in eligibleCaller[], unless eligibleCaller is empty (meaning "any requester"), - return the decoded CallDescriptor and argsPlain.
      Parameters:
      callCiphertext - ciphertext of abi.encode(CallDescriptor)
      callPublicKeyId - identifier of the key used to encrypt the call descriptor (bytes32)
      argsCiphertext - ciphertext of abi.encode(ArgsDescriptor)
      argsPublicKeyId - identifier of the key used for argument encryption (bytes32)
      requester - address of the original requester (hex string)
      Returns:
      DecryptedCall containing the CallDescriptor and plaintext argsPlain
      Throws:
      IllegalStateException - if decryption fails or requester is not eligible

    • decryptArguments

      byte[] decryptArguments(byte[] argsCiphertext, byte[] argsPublicKeyId, String requester)
      Decrypt only the encrypted arguments and enforce eligibility. Used for TransparentCallRequested where the call descriptor is already on-chain and only the argsCiphertext needs to be decrypted. Implementations are expected to: - decrypt argsCiphertext into an ArgsDescriptor, - ensure that the original requester is contained in eligibleCaller[], unless eligibleCaller is empty, - return argsPlain.
      Parameters:
      argsCiphertext - ciphertext of abi.encode(ArgsDescriptor)
      argsPublicKeyId - identifier of the key for argument encryption (bytes32)
      requester - address of the original requester (hex string)
      Returns:
      plaintext argument payload bytes
      Throws:
      IllegalStateException - if decryption fails or requester is not eligible