Decryption and Re-encryption

An encrypted value can be deciphered by either performing a global decryption or re-encryption on the client side.

• Global Decryption: This process involves the protocol’s Key Management System (KMS) nodes collaboratively executing a threshold protocol to decrypt the value. The decrypted plaintext is then placed on-chain, making it publicly accessible to anyone.

• Re-encryption: Alternatively, Re-encryption enables decryption of confidential values in a way that grants access exclusively to the user. This transformation uses a temporary public key provided by the user. The user can then decrypt the re-encrypted ciphertext using the corresponding temporary private key on the client side. For example, we make an API call to the gateway to request re-encryption. This call includes the unique handle, public key, user address, contract address, and the user's EIP-712 signature.