FHERC20Upgradeable (ERC7984 compliant) contracts

[architect-dev]

This PR replaces the project-local FHE token implementation (FHERC20.sol, FHERC20Upgradeable.sol, ConfidentialClaim.sol, FHEContract.sol, FUSD.sol, and all associated interfaces/mocks) with the upstream fhenix-confidential-contracts@0.3.1 package and its ERC-7984-compliant upgradeable base contracts. ConfidentialERC20 and ConfidentialETH are now thin, focused wrappers over FHERC20ERC20WrapperUpgradeable and FHERC20NativeWrapperUpgradeable respectively.

RedactCore has been refactored into a factory, registry, and upgrade manager — it deploys ConfidentialERC20 proxies on demand, tracks the shared implementation address for future deployments, and is the sole entity authorized to upgrade any registered wrapper.

Contract changes

Deleted (superseded by upstream package):

• FHERC20.sol, FHERC20Upgradeable.sol
• ConfidentialClaim.sol, FHEContract.sol, FUSD.sol
• interfaces/IFHERC20.sol, interfaces/IFHERC20Errors.sol, interfaces/IWETH.sol
• test/FHERC20_Harness.sol, test/MockFherc20Vault.sol, test/ERC20_Harness.sol

Rewritten:

• ConfidentialERC20 — now extends FHERC20ERC20WrapperUpgradeable + OwnableUpgradeable + UUPSUpgradeable. Deployed behind an ERC-1967 proxy. Guards against wrapping another FHERC20 token and caps decimals at 6.
• ConfidentialETH — now extends FHERC20NativeWrapperUpgradeable + OwnableUpgradeable + UUPSUpgradeable. Deployed behind an ERC-1967 proxy.
• RedactCore — stores a confidentialERC20Implementation address used as the logic contract for every new deployConfidentialERC20() call. Exposes setConfidentialERC20Implementation (owner only) to point future deployments at a new impl, and upgradeWrapper (owner only) to upgrade any already-deployed proxy.

Added (test harnesses only):

• hardhat/ConfidentialERC20V2_Harness.sol — extends ConfidentialERC20 and exposes a version() getter to verify UUPS upgrades work end-to-end in tests.
• hardhat/ConfidentialETHV2_Harness.sol — same for ConfidentialETH.

Dependency changes

Package	Before	After
fhenix-confidential-contracts	—	0.3.1 ✨
@cofhe/hardhat-plugin	—	0.4.0 ✨
@cofhe/sdk	—	0.4.0 ✨
@fhenixprotocol/cofhe-contracts	0.0.13	0.1.3
@fhenixprotocol/cofhe-mock-contracts	^0.2.1-alpha.0	removed

Deployment process (fresh deploy)

1. Deploy WETH (or use the chain's canonical WETH address).
2. Deploy the ConfidentialETH implementation contract.
3. Deploy an ERC1967Proxy pointing at the ConfidentialETH impl, passing initialize(wethAddress) as init data.
4. Deploy the ConfidentialERC20 implementation contract.
5. Deploy RedactCore(wethAddress, eETHProxyAddress, erc20ImplAddress).
6. Transfer ownership of the ConfidentialETH proxy to RedactCore so it can authorize future upgrades.

Any user can then call RedactCore.deployConfidentialERC20(erc20Address) to permissionlessly spin up a confidential wrapper for a supported ERC-20.

Upgrade process (existing deployment)

To upgrade all future deployConfidentialERC20 calls to a new implementation:

1. Deploy the new ConfidentialERC20 implementation contract.
2. Call RedactCore.setConfidentialERC20Implementation(newImplAddress). This only affects proxies deployed after this call.

To upgrade an already-deployed wrapper proxy:

1. Deploy the new implementation contract.
2. Call RedactCore.upgradeWrapper(proxyAddress, newImplAddress, data). This calls upgradeToAndCall on the UUPS proxy directly. Pass data = "0x" if no post-upgrade initializer is needed.

Both ConfidentialETH and ConfidentialERC20 proxies are upgradeable via upgradeWrapper since RedactCore is their owner.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
redact	Ready	Preview, Comment	Apr 1, 2026 9:59am