encryptInputs encrypts plaintext values into FHE ciphertexts that can be passed as inputs to a confidential smart contract transaction. Values must be encrypted before being passed on-chain to preserve confidentiality.
Prerequisites
- Create and connect a client.
- Know which encrypted type you want to encode each value as — the type must match the Solidity parameter type your contract expects (e.g.
InEuint32vsInEuint64).
Basic usage
EncryptedItemInput type.
Using encrypted inputs in a transaction
Pass the returnedEncryptedItemInput objects directly into your contract call. The on-chain CoFHE library verifies the signature before using the ciphertext.
Builder API
.execute() — required, call last
Runs the encryption pipeline and returns the EncryptedItemInput[] tuple.
.setAccount(address) — optional
Override the address that “owns” the encrypted input. Only that address will be allowed to use the encrypted inputs on-chain. Defaults to the connected wallet account.
.setChainId(chainId) — optional
Override the chain the encrypted input will be used on. Defaults to the connected chain.
.setUseWorker(boolean) — optional
Override the useWorkers flag for this specific call. When true (the default), ZK proof generation runs in a Web Worker to avoid blocking the main thread. No-op in Node.js.
.onStep(callback) — optional
Register a callback that fires at the start and end of each encryption step. Useful for building progress indicators.
The encryption flow
Calling.execute() runs five sequential steps:
Encryptable — creating inputs
Use theEncryptable factory to create the items you want to encrypt. Each factory function accepts the plaintext value and an optional securityZone.
You can also use the generic form:
EncryptedItemInput — the result type
Each element of the returned array is anEncryptedItemInput:
InEuint* structs. The contract’s CoFHE library validates the signature on-chain before operating on the ciphertext.
Common pitfalls
- Wrong
Encryptabletype:Encryptable.uint32(...)must match what your Solidity function expects (e.g.InEuint32). - Wrong account / chain: encrypted inputs are authorized for a specific
account + chainId. If you override these, your inputs may not be usable for the intended transaction. - Bit limit exceeded: a single call can encrypt at most 2048 bits of plaintext. Exceeding this throws
ZkPackFailed.