Skip to main content

getNetworkEncryptionToSharedEncryptionConverterFunction

Import: @umbra-privacy/sdk/conversion 
function getNetworkEncryptionToSharedEncryptionConverterFunction(
  args: GetConvertToSharedEncryptionFunctionArgs,
  deps?: GetConvertToSharedEncryptionFunctionDeps,
): ConvertToSharedEncryptionFunction
Converts one or more encrypted token accounts from MXE-mode (network-decryptable only) to shared-mode (user-decryptable). Conversion is per-mint and involves an on-chain Arcium MPC computation. Mints that are already in shared mode, uninitialized, or non-existent are skipped rather than erroring.

GetConvertToSharedEncryptionFunctionArgs

  • client: IUmbraClient

GetConvertToSharedEncryptionFunctionDeps

  • accountInfoProvider?: AccountInfoProviderFunction
  • getLatestBlockhash?: GetLatestBlockhash
  • transactionForwarder?: TransactionForwarder

Returns

ConvertToSharedEncryptionFunction 
type ConvertToSharedEncryptionFunction = (
  mints: readonly Address[],
  optionalData?: OptionalData32,
  hooks?: ConvertToSharedHooks,
  microLamportsPerAcu?: MicroLamportsPerAcu,
) => Promise<ConvertToSharedEncryptionResult>;
  • mints: readonly Address[] — token mints to convert. Processed in parallel (eligible only).
  • optionalData?: OptionalData32 — 32-byte caller metadata. Pre-hashed only.
  • hooks?: ConvertToSharedHooks — per-mint and overall lifecycle hooks.
  • microLamportsPerAcu?: MicroLamportsPerAcu — optional priority fee in micro-lamports per Arcium compute unit.

ConvertToSharedEncryptionResult

interface ConvertToSharedEncryptionResult {
  readonly signatures: readonly TransactionSignature[];   // from OperationOutcome
  readonly converted: Map<Address, TransactionSignature>;
  readonly skipped:   Map<Address, ConvertToSharedEncryptionSkipReason>;
}
  • signatures — every transaction signature submitted across all per-mint conversions.
  • converted — mints successfully converted, with their handler-tx signature.
  • skipped — mints not converted, with the reason.

ConvertToSharedEncryptionSkipReason

  • "non_existent" - No encrypted token account exists for this mint.
  • "not_initialised" - The encrypted token account has not been initialised.
  • "already_shared" - This mint is already in shared mode.
  • "balance_not_initialised" - The balance state is not yet initialised (e.g. no deposits have occurred).

Errors

Throws ConversionError if any non-skippable error occurs. See Errors.

Example

import { getNetworkEncryptionToSharedEncryptionConverterFunction } from "@umbra-privacy/sdk/conversion";

const convert = getNetworkEncryptionToSharedEncryptionConverterFunction({ client });
const result = await convert([usdcMint, solMint]);

for (const [mint, sig] of result.converted) {
  console.log(`Converted ${mint}:`, sig);
}
for (const [mint, reason] of result.skipped) {
  console.log(`Skipped ${mint}: ${reason}`);
}

getMintEncryptionKeyRotatorFunction

Import: @umbra-privacy/sdk/account 
function getMintEncryptionKeyRotatorFunction(
  args: GetRotateMintX25519EncryptionKeyFunctionArgs,
  deps?: GetRotateMintX25519EncryptionKeyFunctionDeps,
): RotateMintX25519EncryptionKeyFunction
Rotates the X25519 encryption key for a specific mint’s shared-mode encrypted token account. Use this when the per-mint key may have been compromised. The account must already be in shared mode.

GetRotateMintX25519EncryptionKeyFunctionArgs

  • client: IUmbraClient

GetRotateMintX25519EncryptionKeyFunctionDeps

  • accountInfoProvider?: AccountInfoProviderFunction
  • getLatestBlockhash?: GetLatestBlockhash
  • transactionForwarder?: TransactionForwarder
  • mintX25519KeypairGenerator?: MintX25519KeypairGeneratorFunction - Override the per-mint X25519 keypair derivation.

Returns

RotateMintX25519EncryptionKeyFunction 
type RotateMintX25519EncryptionKeyFunction = (
  mint: Address,
  optionalData?: OptionalData32,
  hooks?: RotateMintKeyHooks,
  microLamportsPerAcu?: MicroLamportsPerAcu,
  options?: RotateMintKeyOptions,
) => Promise<TransactionSignature>
  • mint: Address - The token mint whose X25519 key to rotate.

Errors

Throws ConversionError. See Errors.

Example

import { getMintEncryptionKeyRotatorFunction } from "@umbra-privacy/sdk/account";

const rotateMintKey = getMintEncryptionKeyRotatorFunction({ client });
const signature = await rotateMintKey(usdcMint);

ConversionError

Thrown by both conversion functions. Stage values: "initialization" | "account-fetch" | "pda-derivation" | "instruction-build" | "transaction-build" | "transaction-compile" | "transaction-sign" | "transaction-validate" | "transaction-send" See Errors for full documentation.