Function precompile_encrypt

pub fn precompile_encrypt(
    input: &Bytes,
    gas_limit: u64,
) -> Result<PrecompileOutput, PrecompileErrors>

AES-256-GCM Encryption Precompile

Overview

We interpret the input as: ┌───────────────────── 32 bytes (AES Key, 256 bits) ─────────────────────┐ │ [0..32]: Aes256Gcm key │ └────────────────────────────────────────────────────────────────────────┘ ┌───────────────────── 12 bytes (nonce in big-endian) ────────────────────┐ │ [32..44]: 96-bit nonce │ └────────────────────────────────────────────────────────────────────────┘ ┌────────────────────────────────────────────────────────────────────────┐ │ [44..] : Plaintext bytes │ └────────────────────────────────────────────────────────────────────────┘

We encrypt [44..] using AES-256 in CTR mode (via aes_encrypt()), and produce a GCM authentication tag. The output is [ciphertext + tag].

Gas Model

let num_blocks = (plaintext_len + 15) / 16; let cost = AES_GCM_BASE + AES_GCM_PER_BLOCK * num_blocks; If cost > gas_limit, we revert with OutOfGas.

We set the final gas_used = cost.