Input & Encryption
To create an encrypted value, use new_euint128 or new_ebool with client-encrypted ciphertext.
Creating Encrypted Values (Program Side)
pub fn deposit(
ctx: Context<Deposit>,
ciphertext: Vec<u8>, // Client-encrypted amount
) -> Result<()> {
// Create CPI context
let cpi_ctx = CpiContext::new(
ctx.accounts.inco_lightning_program.to_account_info(),
Operation {
signer: ctx.accounts.authority.to_account_info(),
},
);
// Create encrypted handle from ciphertext
let encrypted_amount: Euint128 = new_euint128(cpi_ctx, ciphertext, 0)?;
// Store the handle
ctx.accounts.vault.balance = encrypted_amount;
// IMPORTANT: After creating a new handle, grant decryption access
// to the appropriate address using the `allow` function.
// See the Access Control guide for details.
Ok(())
}
| Function | Description | Signature |
|---|
new_euint128 | Create encrypted u128 from client-encrypted ciphertext | (CpiContext, Vec<u8>, u8) -> Result<Euint128> |
new_ebool | Create encrypted bool from client-encrypted ciphertext | (CpiContext, Vec<u8>, u8) -> Result<Ebool> |
as_euint128 | Convert plaintext u128 to encrypted handle (trivial encrypt) | (CpiContext, u128) -> Result<Euint128> |
as_ebool | Convert plaintext bool to encrypted handle (trivial encrypt) | (CpiContext, bool) -> Result<Ebool> |
The last parameter in new_euint128/new_ebool identifies whether the input is ciphertext (0) or plaintext (1). Always pass 0 when working with client-encrypted data.
Trivial Encryption
Use as_euint128 and as_ebool to convert plaintext values to encrypted handles directly in your program. This is useful for constants or program-generated values.
pub fn initialize_with_zero(
ctx: Context<Initialize>,
) -> Result<()> {
let cpi_ctx = CpiContext::new(
ctx.accounts.inco_lightning_program.to_account_info(),
Operation {
signer: ctx.accounts.authority.to_account_info(),
},
);
// Create encrypted zero
let zero: Euint128 = as_euint128(cpi_ctx, 0)?;
ctx.accounts.account.balance = zero;
// IMPORTANT: Grant decryption access to the owner if this handle
// needs to be decrypted later. See Access Control guide.
Ok(())
}
Trivial encryption should only be used for public constants (like zero) or values that don’t need to be secret. For user-provided sensitive values, always use client-side encryption with new_euint128.
Client-Side Encryption
Values must be encrypted client-side before sending to your program. Use the JavaScript SDK to encrypt values:
import { encryptValue } from '@inco/solana-sdk/encryption';
const encrypted = await encryptValue(100n);
await program.methods
.deposit(Buffer.from(encrypted, 'hex'))
.rpc();
