From eab1891173876cefd24543c75915ef9985ed5acf Mon Sep 17 00:00:00 2001 From: verseon0980 Date: Mon, 11 May 2026 09:31:26 +0530 Subject: [PATCH 1/3] security: remove hardcoded private keys from published SDK package --- packages/sdk/core/consts.ts | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/packages/sdk/core/consts.ts b/packages/sdk/core/consts.ts index ecea8f05..1d6c9584 100644 --- a/packages/sdk/core/consts.ts +++ b/packages/sdk/core/consts.ts @@ -11,15 +11,13 @@ export const MOCKS_THRESHOLD_NETWORK_ADDRESS = '0x000000000000000000000000000000 export const TEST_BED_ADDRESS = '0x0000000000000000000000000000000000005003' as const; /** Private key for the Mock ZK Verifier signer account */ -export const MOCKS_ZK_VERIFIER_SIGNER_PRIVATE_KEY = - '0x6C8D7F768A6BB4AAFE85E8A2F5A9680355239C7E14646ED62B044E39DE154512' as const; +export const MOCKS_ZK_VERIFIER_SIGNER_PRIVATE_KEY = process.env.MOCK_ZK_SIGNER_PK; /** Address for the Mock ZK Verifier signer account */ export const MOCKS_ZK_VERIFIER_SIGNER_ADDRESS = '0x6E12D8C87503D4287c294f2Fdef96ACd9DFf6bd2' as const; /** Private key for the Mock decrypt result signer account */ -export const MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY = - '0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d' as const; +export const MOCKS_DECRYPT_RESULT_SIGNER_PRIVATE_KEY = process.env.MOCK_DECRYPT_SIGNER_PK; /** Maximum total bits for ZK proof packing */ export const TFHE_RS_ZK_MAX_BITS = 2048 as const; From bb4cec814832374d3abfa0e45c5b152db9865cd9 Mon Sep 17 00:00:00 2001 From: verseon0980 Date: Mon, 11 May 2026 09:34:26 +0530 Subject: [PATCH 2/3] Update MockCoFHE.sol --- packages/mock-contracts/contracts/MockCoFHE.sol | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/mock-contracts/contracts/MockCoFHE.sol b/packages/mock-contracts/contracts/MockCoFHE.sol index e948979b..ff7e1867 100644 --- a/packages/mock-contracts/contracts/MockCoFHE.sol +++ b/packages/mock-contracts/contracts/MockCoFHE.sol @@ -7,9 +7,11 @@ import { FunctionId, Utils } from '@fhenixprotocol/cofhe-contracts/ICofhe.sol'; import { console } from 'hardhat/console.sol'; address constant ZK_VERIFIER_SIGNER_ADDRESS = 0x6E12D8C87503D4287c294f2Fdef96ACd9DFf6bd2; +// Remove the private key constants, the addresses are sufficient for mock verification, Private keys should never exist in Solidity source. uint256 constant ZK_VERIFIER_SIGNER_PRIVATE_KEY = 49099792800763675079532137679706322989817545357788440619111868498148356080914; address constant DECRYPT_RESULT_SIGNER_ADDRESS = 0x70997970C51812dc3A010C7d01b50e0d17dc79C8; +// Remove the private key constants, the addresses are sufficient for mock verification, Private keys should never exist in Solidity source. uint256 constant DECRYPT_RESULT_SIGNER_PRIVATE_KEY = 0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d; /** From 5a7dcaa0b304f4331da891e15f3b2db60f94d114 Mon Sep 17 00:00:00 2001 From: verseon0980 Date: Mon, 11 May 2026 10:07:42 +0530 Subject: [PATCH 3/3] Update MockCoFHE.sol --- packages/mock-contracts/contracts/MockCoFHE.sol | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/mock-contracts/contracts/MockCoFHE.sol b/packages/mock-contracts/contracts/MockCoFHE.sol index ff7e1867..8e23be73 100644 --- a/packages/mock-contracts/contracts/MockCoFHE.sol +++ b/packages/mock-contracts/contracts/MockCoFHE.sol @@ -8,11 +8,11 @@ import { console } from 'hardhat/console.sol'; address constant ZK_VERIFIER_SIGNER_ADDRESS = 0x6E12D8C87503D4287c294f2Fdef96ACd9DFf6bd2; // Remove the private key constants, the addresses are sufficient for mock verification, Private keys should never exist in Solidity source. -uint256 constant ZK_VERIFIER_SIGNER_PRIVATE_KEY = 49099792800763675079532137679706322989817545357788440619111868498148356080914; + address constant DECRYPT_RESULT_SIGNER_ADDRESS = 0x70997970C51812dc3A010C7d01b50e0d17dc79C8; // Remove the private key constants, the addresses are sufficient for mock verification, Private keys should never exist in Solidity source. -uint256 constant DECRYPT_RESULT_SIGNER_PRIVATE_KEY = 0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d; + /** * @dev Mock implementation of the CoFHE coprocessor, used to test FHE ops in isolation.