import type { GenEnum, GenFile, GenMessage, GenService } from "@bufbuild/protobuf/codegenv2"; import type { ACLProof, ECIESKeyset, HandleWithProof } from "./types_pb"; import type { Message } from "@bufbuild/protobuf"; /** * Describes the file inco/kms/lite/v1/kms_service.proto. */ export declare const file_inco_kms_lite_v1_kms_service: GenFile; /** * KeyRequest is the request type for the KmsService/Keys RPC method. * * @generated from message inco.kms.lite.v1.KeyRequest */ export type KeyRequest = Message<"inco.kms.lite.v1.KeyRequest"> & {}; /** * Describes the message inco.kms.lite.v1.KeyRequest. * Use `create(KeyRequestSchema)` to create a new message. */ export declare const KeyRequestSchema: GenMessage; /** * KeyResponse is the response type for the KmsService/Keys RPC method. * * @generated from message inco.kms.lite.v1.KeyResponse */ export type KeyResponse = Message<"inco.kms.lite.v1.KeyResponse"> & { /** * keyset is the keyset for the IncoLite KMS. * * @generated from field: inco.kms.lite.v1.ECIESKeyset keyset = 1; */ keyset?: ECIESKeyset; /** * signing_address is the Ethereum EOA signing address of the KMS, encoded * as a 0x-prefixed hex string. * TODO scalar annotation. * * @generated from field: string signing_address = 2; */ signingAddress: string; }; /** * Describes the message inco.kms.lite.v1.KeyResponse. * Use `create(KeyResponseSchema)` to create a new message. */ export declare const KeyResponseSchema: GenMessage; /** * AttestedDecryptRequest is the request type for the KmsService/AttestedDecrypt RPC method. * * @generated from message inco.kms.lite.v1.AttestedDecryptRequest */ export type AttestedDecryptRequest = Message<"inco.kms.lite.v1.AttestedDecryptRequest"> & { /** * user_address is the Ethereum address of the user who requested the * decryption, prefixed with 0x. * * @generated from field: string user_address = 1; */ userAddress: string; /** * reencrypt_pub_key is the encoding of the user's public * encryption key (secp256k1) used to reencrypt the result for. * It is encoded in its 33-byte compressed format. * If empty, the KMS will return plaintext decryption instead of reencryption. * * @generated from field: bytes reencrypt_pub_key = 2; */ reencryptPubKey: Uint8Array; /** * eip712_signature is an EIP-712 signature of the following EIP-712 typed data by * `user_address` (note that we only give a JSON representation for the sake of * readability, but the actual signed data is defined in the EIP-712 spec) where: * handles - list of 0x prefixed handles to decrypt * publicKey - 0x prefixed reencrypt_pub_key (if any). "0x" otherwise if empty. * * ```json * { * "types": { * "EIP712Domain": [ * { "name": "name", "type": "string" }, * { "name": "version", "type": "string" }, * { "name": "chainId", "type": "uint256" } * ], * "AttestedDecryptRequest": [ * { "name": "handles", "type": "bytes32[]" }, * { "name": "publicKey", "type": "bytes" }, * ] * }, * "primaryType": "AttestedDecryptRequest", * "domain": { * "name": "IncoAttestedDecrypt", * "version": "1", * "chainId": "", * }, * "message": { * "handles": ["", "", ...], * "publicKey": "0x" * } * } * ``` * * @generated from field: bytes eip712_signature = 3; */ eip712Signature: Uint8Array; /** * handles_with_proofs is the list of handles of the ciphertexts with proofs to decrypt. * Either the user_address or sharer must have ACL access to the handles for the attested * decryption to succeed. * * @generated from field: repeated inco.kms.lite.v1.HandleWithProof handles_with_proofs = 4; */ handlesWithProofs: HandleWithProof[]; }; /** * Describes the message inco.kms.lite.v1.AttestedDecryptRequest. * Use `create(AttestedDecryptRequestSchema)` to create a new message. */ export declare const AttestedDecryptRequestSchema: GenMessage; /** * AttestedRevealRequest is the request type for the KmsService/AttestedReveal RPC method. * * @generated from message inco.kms.lite.v1.AttestedRevealRequest */ export type AttestedRevealRequest = Message<"inco.kms.lite.v1.AttestedRevealRequest"> & { /** * handles is the list of handles of the ciphertexts to decrypt. * The handle must have been revealed beforehand with the on-chain .reveal() call. * * @generated from field: repeated string handles = 3; */ handles: string[]; }; /** * Describes the message inco.kms.lite.v1.AttestedRevealRequest. * Use `create(AttestedRevealRequestSchema)` to create a new message. */ export declare const AttestedRevealRequestSchema: GenMessage; /** * AttestedComputeRequest is the request type for the KmsService/AttestedDecrypt RPC method. * * @generated from message inco.kms.lite.v1.AttestedComputeRequest */ export type AttestedComputeRequest = Message<"inco.kms.lite.v1.AttestedComputeRequest"> & { /** * user_address is the Ethereum address of the user who requested the * decryption, prefixed with 0x. * * @generated from field: string user_address = 1; */ userAddress: string; /** * reencrypt_pub_key is the encoding of the user's public * encryption key (secp256k1) used to reencrypt the result for. * It is encoded in its 33-byte compressed format. * If empty, the KMS will return plaintext decryption instead of reencryption. * * @generated from field: bytes reencrypt_pub_key = 2; */ reencryptPubKey: Uint8Array; /** * eip712_signature is an EIP-712 signature of the following EIP-712 typed data by * `user_address` (note that we only give a JSON representation for the sake of * readability, but the actual signed data is defined in the EIP-712 spec) where: * op - operation to perform * lhs - handle of the ciphertext to perform computation on * rhs - second plaintext scalar operand * publicKey - 0x prefixed reencrypt_pub_key (if any). "0x" otherwise if empty. * * ```json * { * "types": { * "EIP712Domain": [ * { "name": "name", "type": "string" }, * { "name": "version", "type": "string" }, * { "name": "chainId", "type": "uint256" } * ], * "AttestedComputeRequest": [ * { "name": "op", "type": "uint8"}, * { "name": "lhs", "type": "bytes32"}, * { "name": "rhs", "type": "bytes32"}, * { "name": "publicKey", "type": "bytes" }, * ] * }, * "primaryType": "AttestedComputeRequest", * "domain": { * "name": "IncoAttestedCompute", * "version": "1", * "chainId": "", * }, * "message": { * "op": , * "lhs": "", * "rhs": , // Also add a comment on length & encoding * "publicKey": "0x" * } * } * ``` * * @generated from field: bytes eip712_signature = 3; */ eip712Signature: Uint8Array; /** * Subset of supported binary operations that can be performed on a handle. * * @generated from field: inco.kms.lite.v1.SupportedScalarBinaryOp op = 4; */ op: SupportedScalarBinaryOp; /** * handle of the ciphertext encoded as a hex string (with or without 0x prefix) to perform computation on. * The user_address must have ACL access to the handle for the attested * compute to succeed. * * @generated from field: string lhs_handle = 5; */ lhsHandle: string; /** * Second plaintext scalar operand encoded as a hex string (with or without 0x prefix) * * @generated from field: string rhs_plaintext = 6; */ rhsPlaintext: string; /** * acl_proof is the proof that the user has access to compute on the lhs_handle. * Either the user_address or sharer must have ACL access to the handles for the attested * compute to succeed. * * @generated from field: inco.kms.lite.v1.ACLProof acl_proof = 7; */ aclProof?: ACLProof; }; /** * Describes the message inco.kms.lite.v1.AttestedComputeRequest. * Use `create(AttestedComputeRequestSchema)` to create a new message. */ export declare const AttestedComputeRequestSchema: GenMessage; /** * AttestedDecryptResponse is the response type for the KmsService/AttestedDecrypt RPC method. * * @generated from message inco.kms.lite.v1.AttestedDecryptResponse */ export type AttestedDecryptResponse = Message<"inco.kms.lite.v1.AttestedDecryptResponse"> & { /** * decryption_attestations is the list of decryption attestations. The item at index `i` * corresponds to the handle at index `i` in the `AttestedDecryptRequest`. * * @generated from field: repeated inco.kms.lite.v1.DecryptionAttestation decryption_attestations = 1; */ decryptionAttestations: DecryptionAttestation[]; }; /** * Describes the message inco.kms.lite.v1.AttestedDecryptResponse. * Use `create(AttestedDecryptResponseSchema)` to create a new message. */ export declare const AttestedDecryptResponseSchema: GenMessage; /** * AttestedRevealResponse is the response type for the KmsService/AttestedReveal RPC method. * * @generated from message inco.kms.lite.v1.AttestedRevealResponse */ export type AttestedRevealResponse = Message<"inco.kms.lite.v1.AttestedRevealResponse"> & { /** * decryption_attestations is the list of decryption attestations. The item at index `i` * corresponds to the handle at index `i` in the `AttestedRevealRequest`. * * @generated from field: repeated inco.kms.lite.v1.DecryptionAttestation decryption_attestations = 1; */ decryptionAttestations: DecryptionAttestation[]; }; /** * Describes the message inco.kms.lite.v1.AttestedRevealResponse. * Use `create(AttestedRevealResponseSchema)` to create a new message. */ export declare const AttestedRevealResponseSchema: GenMessage; /** * AttestedComputeResponse is the response type for the KmsService/AttestedCompute RPC method. * * @generated from message inco.kms.lite.v1.AttestedComputeResponse */ export type AttestedComputeResponse = Message<"inco.kms.lite.v1.AttestedComputeResponse"> & { /** * decryption_attestation is the signed decryption of the result of the computation. * * @generated from field: inco.kms.lite.v1.DecryptionAttestation decryption_attestation = 1; */ decryptionAttestation?: DecryptionAttestation; }; /** * Describes the message inco.kms.lite.v1.AttestedComputeResponse. * Use `create(AttestedComputeResponseSchema)` to create a new message. */ export declare const AttestedComputeResponseSchema: GenMessage; /** * Plaintext contains the decrypted plaintext value. * * @generated from message inco.kms.lite.v1.Plaintext */ export type Plaintext = Message<"inco.kms.lite.v1.Plaintext"> & { /** * value is the decrypted plaintext value as a 32-byte word. * * @generated from field: bytes value = 1; */ value: Uint8Array; }; /** * Describes the message inco.kms.lite.v1.Plaintext. * Use `create(PlaintextSchema)` to create a new message. */ export declare const PlaintextSchema: GenMessage; /** * Reencryption contains the reencrypted ciphertext value. * * @generated from message inco.kms.lite.v1.Reencryption */ export type Reencryption = Message<"inco.kms.lite.v1.Reencryption"> & { /** * The ciphertext that was reencrypted to the user's public key. * * @generated from field: bytes user_ciphertext = 1; */ userCiphertext: Uint8Array; /** * Encrypted signature over the plaintext, encrypted to the user's public key. Can only be decrypted by the user. * * @generated from field: bytes encrypted_signature = 3; */ encryptedSignature: Uint8Array; }; /** * Describes the message inco.kms.lite.v1.Reencryption. * Use `create(ReencryptionSchema)` to create a new message. */ export declare const ReencryptionSchema: GenMessage<Reencryption>; /** * DecryptionAttestation contains the attestation for the decryption of a single handle. * * @generated from message inco.kms.lite.v1.DecryptionAttestation */ export type DecryptionAttestation = Message<"inco.kms.lite.v1.DecryptionAttestation"> & { /** * handle is the handle that was decrypted, encoded as a 0x-prefixed hex string. * * @generated from field: string handle = 1; */ handle: string; /** * @generated from oneof inco.kms.lite.v1.DecryptionAttestation.value */ value: { /** * Returns plaintext if reencrypt_pub_key was empty in the request * * @generated from field: inco.kms.lite.v1.Plaintext plaintext = 2; */ value: Plaintext; case: "plaintext"; } | { /** * Returns encrypted ciphertext if reencrypt_pub_key was set in the request * * @generated from field: inco.kms.lite.v1.Reencryption reencryption = 3; */ value: Reencryption; case: "reencryption"; } | { case: undefined; value?: undefined; }; /** * signature is the attestation from the covalidator for the (handle,plaintext) pair. * This signature will be verified on the host chain. * * It is an EIP-712 signature of the following EIP-712 typed data by * `user_address` (note that we only give a JSON representation for the sake of * readability, but the actual signed data is defined in the EIP-712 spec): * * ```json * { * "types": { * "EIP712Domain": [ * { "name": "name", "type": "string" }, * { "name": "version", "type": "string" }, * { "name": "chainId", "type": "uint256" }, * { "name": "verifyingContract", "type": "address" } * ], * "DecryptionRequest": [ * { "name": "handle", "type": "bytes32" }, * { "name": "value", "type": "bytes32" } * ] * }, * "primaryType": "DecryptionRequest", * "domain": { * "name": "<Inco contract name, e.g. IncoLite>", * "version": "<Inco contract version>", * "chainId": "<host_chain_id>", * "verifyingContract": "<Inco contract address>", * }, * "message": { * "handle": "<handle>", * "value": "<value>" * } * } * ``` * * @generated from field: bytes signature = 4; */ signature: Uint8Array; }; /** * Describes the message inco.kms.lite.v1.DecryptionAttestation. * Use `create(DecryptionAttestationSchema)` to create a new message. */ export declare const DecryptionAttestationSchema: GenMessage<DecryptionAttestation>; /** * @generated from enum inco.kms.lite.v1.SupportedScalarBinaryOp */ export declare enum SupportedScalarBinaryOp { /** * @generated from enum value: FHE_ADD = 0; */ FHE_ADD = 0, /** * @generated from enum value: FHE_SUB = 1; */ FHE_SUB = 1, /** * @generated from enum value: FHE_MUL = 2; */ FHE_MUL = 2, /** * @generated from enum value: FHE_DIV = 3; */ FHE_DIV = 3, /** * @generated from enum value: FHE_REM = 4; */ FHE_REM = 4, /** * @generated from enum value: FHE_BIT_AND = 5; */ FHE_BIT_AND = 5, /** * @generated from enum value: FHE_BIT_OR = 6; */ FHE_BIT_OR = 6, /** * @generated from enum value: FHE_BIT_XOR = 7; */ FHE_BIT_XOR = 7, /** * @generated from enum value: FHE_SHL = 8; */ FHE_SHL = 8, /** * @generated from enum value: FHE_SHR = 9; */ FHE_SHR = 9, /** * @generated from enum value: FHE_ROTL = 10; */ FHE_ROTL = 10, /** * @generated from enum value: FHE_ROTR = 11; */ FHE_ROTR = 11, /** * @generated from enum value: FHE_EQ = 12; */ FHE_EQ = 12, /** * @generated from enum value: FHE_NE = 13; */ FHE_NE = 13, /** * @generated from enum value: FHE_GE = 14; */ FHE_GE = 14, /** * @generated from enum value: FHE_GT = 15; */ FHE_GT = 15, /** * @generated from enum value: FHE_LE = 16; */ FHE_LE = 16, /** * @generated from enum value: FHE_LT = 17; */ FHE_LT = 17, /** * @generated from enum value: FHE_MIN = 18; */ FHE_MIN = 18, /** * @generated from enum value: FHE_MAX = 19; */ FHE_MAX = 19 } /** * Describes the enum inco.kms.lite.v1.SupportedScalarBinaryOp. */ export declare const SupportedScalarBinaryOpSchema: GenEnum<SupportedScalarBinaryOp>; /** * KmsService is the service for the IncoLite KMS, which will run * inside the TEE. * * @generated from service inco.kms.lite.v1.KmsService */ export declare const KmsService: GenService<{ /** * Key returns the public keys exposed by the KMS. * * @generated from rpc inco.kms.lite.v1.KmsService.Key */ key: { methodKind: "unary"; input: typeof KeyRequestSchema; output: typeof KeyResponseSchema; }; /** * AttestedDecrypt decrypts multiple ciphertexts and provides an attestation * that the decryption was performed correctly. * Can optionally reencrypt the result of the decryption to a desired public key. * * @generated from rpc inco.kms.lite.v1.KmsService.AttestedDecrypt */ attestedDecrypt: { methodKind: "unary"; input: typeof AttestedDecryptRequestSchema; output: typeof AttestedDecryptResponseSchema; }; /** * AttestedCompute decrypts the result of a scalar binary operation on a handle and privides an attestation * that the computation and decryption were performed correctly. * * @generated from rpc inco.kms.lite.v1.KmsService.AttestedCompute */ attestedCompute: { methodKind: "unary"; input: typeof AttestedComputeRequestSchema; output: typeof AttestedComputeResponseSchema; }; /** * AttestedReveal decrypts multiple ciphertexts and provides an attestation * that the decryption was performed correctly. * Doesn't require authentication if the handle is publicly revealed with the on-chain .reveal() call beforehand. * * @generated from rpc inco.kms.lite.v1.KmsService.AttestedReveal */ attestedReveal: { methodKind: "unary"; input: typeof AttestedRevealRequestSchema; output: typeof AttestedRevealResponseSchema; }; }>;