Open
Description
[Feature Request] Support for Encrypted Return Values in Generated Solidity Contracts
Description
Currently, the Circom framework has limitations regarding return values in the generated Solidity contracts. This constraint reduces flexibility in many use cases where we need to return encrypted data to be stored on-chain.
Current Behavior
- Generated Solidity contracts don't support return values
- Limited flexibility in complex scenarios requiring on-chain encrypted data storage
- No option to return encrypted computation results
Proposed Enhancement
Add optional support for returning encrypted values that can be stored on-chain. This would:
- Allow circuits to return encrypted computation results
- Enable more complex use cases while maintaining zero-knowledge properties
- Provide more flexibility for projects with advanced requirements
- Make the encrypted return values optional (opt-in feature)
Use Cases
- Privacy-preserving computations that need to store encrypted results on-chain
- Complex ZK applications requiring state updates with encrypted data
- Advanced protocols needing to chain multiple ZK proofs with intermediate encrypted results
Benefits
- Enhanced flexibility for complex ZK applications
- Broader range of possible use cases
- Maintained security through encryption
- Optional feature (wouldn't affect existing implementations)
Implementation Suggestions
- Add encryption wrapper for circuit outputs
- Modify Solidity contract generator to support encrypted return values
- Provide documentation for proper usage and security considerations
- Include example implementations
Questions
- What encryption methods would be most suitable?
- How would this affect gas costs?
- What would be the optimal way to implement this without compromising the framework's security guarantees?
Additional Context
This feature would be particularly valuable for projects requiring:
- Complex multi-step ZK proofs
- On-chain state management with encrypted data
- Integration with other privacy-preserving protocols
Would love to hear the community's thoughts on this proposal and potential implementation approaches.
Metadata
Metadata
Assignees
Labels
No labels