Lit - Decryption process (frontend)

decrypt.js

const litAction0 = async () => {
  console.log('Decrypting CEK...', { kid, ciphertext, dataToEncryptHash, publicKey });
  // 1. Decrypt the CEK using Lit's access control
  const cek = await Lit.Actions.decryptAndCombine({
    accessControlConditions: [
      {
        conditionType: "evmContract",
        chain: "arbitrumSepolia",
        contractAddress: "0x4Ba1151B5bc5B39500ff8D3B277eC6d217cB33ee",
        functionName: "hasAccessByContentId",
        functionParams: [":userAddress", kid],
        functionAbi: {
          inputs: [
            {
              name: "userAddress",
              type: "address",
            },
            {
              name: "contentId",
              type: "bytes16",
            },
          ],
          name: "hasAccessByContentId",
          outputs: [
            {
              name: "hasAccess",
              type: "bool",
            },
          ],
          stateMutability: "view",
          type: "function",
        },
        returnValueTest: {
          key: "hasAccess",
          comparator: "=",
          value: "true",
        },
      },
    ],
    ciphertext: ciphertext,
    dataToEncryptHash: dataToEncryptHash,
    chain: "arbitrumSepolia",
  });

  console.log('CEK Decrypted:', cek);
  // do some more processing like ECIES to re-encrypt the data for a specific user
  // then return the response
  //...
}

// then...

const decrypted = await litClient.executeJs({
  code: `(${litAction0.toString()})();`,
  sessionSigs: currentSession.sessionSigs,
  jsParams: { // most of these value are stored and re-used for CEK retrieval, except the publicKey which is derivated from an ephemeral private key to process an ECDH/ECIES within lit action
    kid,
    ciphertext,
    dataToEncryptHash: hash,
    publicKey, // Assuming publicKey is in JWK format
  }
});