An encrypted value can be deciphered using either the TFHE.decrypt or TFHE.reencrypt functions.

When employing TFHE.decrypt for regular decryption, the process involves the protocol's validators executing a threshold protocol. This procedure stores the plaintext on-chain, accessible by anyone publicly.

Alternatively, TFHE.reencrypt enables confidential value decryption, granting access exclusively to the user. This method involves transforming the ciphertext encrypted under the global FHE key into another encrypted ciphertext. This transformation utilizes a temporary public key provided by the user. Subsequently, the user can decrypt the new ciphertext using the corresponding temporary private key, all of which occurs on the client side. An example can be found here (Decryption), in which token.publicKey is passed inside the balanceOf function of Confidential ERC-20, then decrypted on the client side using instance.decrypt.