Are you an LLM? Read llms.txt for a summary of the docs, or llms-full.txt for the full context.
Skip to content

Writing Decrypt Result to Contract

This page covers the “decrypt → write tx” flow after you run decryptForTx: you take { ctHash, decryptedValue, signature } and submit a transaction that your contract can verify.

There are two common patterns:

  • Publish: call FHE.publishDecryptResult(ctHash, plaintext, signature) so other contracts/users can reference the published result.
  • Verify-only: call FHE.verifyDecryptResult(ctHash, plaintext, signature) inside your contract without publishing globally.

Prerequisites

  1. Run decryptForTx and get a result object with:
  • ctHash
  • decryptedValue
  • signature
  1. Ensure the Solidity parameter type you pass matches your encrypted type.

decryptedValue is a bigint. If your Solidity function expects a smaller integer type (e.g. uint32), make sure the value is within range.

Publish the decrypt result on-chain

The intended consumer of decryptForTx is an on-chain verifier such as FHE.publishDecryptResult(...) (or a wrapper function in your contract).

In practice, you publish the result by calling a function on your contract that invokes FHE.publishDecryptResult internally.

You submit an on-chain transaction that provides:

  • the handle you decrypted (decryptResult.ctHash),
  • the plaintext value, and
  • the Threshold Network signature returned by decryptForTx.
Solidity
import '@fhenixprotocol/cofhe-contracts/FHE.sol';
 
// Example wrapper (adjust plaintext/result type to match your encrypted type).
function publishDecryptResult(bytes32 ctHash, uint32 plaintext, bytes calldata signature) external {
  FHE.publishDecryptResult(ctHash, plaintext, signature);
}

Verify a decrypt result signature (without publishing)

Some protocols don’t need (or don’t want) to publish the decrypt result globally — they only need to verify that the provided plaintext and signature match a specific handle (ctHash).

For example, an “unshield” flow can accept (ctHash, plaintext, signature) and only proceed if the signature is valid:

import '@fhenixprotocol/cofhe-contracts/FHE.sol';
 
function unshield(bytes32 ctHash, uint32 plaintext, bytes calldata signature) external {
  require(FHE.verifyDecryptResult(ctHash, plaintext, signature), 'Invalid decrypt signature');
  // ...continue with protocol logic...
}