Add authorized re-encryption of past transfers

[eduv09]

Fixes #63

[Copilot]

Pull request overview

This PR implements “authorized re-encryption” for historical transfers, enabling selective disclosure of encrypted transfer data to permitted viewers (Issue #63), plus an automatic recipient-readable encrypted value event when the recipient has a registered public key.

Changes:

• Added on-chain historic transfer disclosure primitives: EncryptedTransfer emission, viewer authorization (time range / transferId), and requestDecryptHistoricTransfer → ReEncryptedTransfer.
• Added automatic per-transfer TransferValueEncryptedForRecipient emission (ECIES to recipient key when registered).
• Expanded test coverage and updated README + generated interface/contract docs for the new disclosure flows.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
contracts/ConfidentialToken.sol	Core implementation for emitting encrypted transfer metadata and handling authorized historic re-encryption requests.
contracts/interfaces/IConfidentialToken.sol	Adds structs/events/errors and new public API for historic view authorization + decrypt requests.
test/ConfidentialToken.ts	Extensive tests for authorization, edge cases, fee charging, replay, and recipient auto-encryption.
README.md	Documents the historic transfer decryption feature and the recipient auto-encrypted value event.
docs/interfaces/IConfidentialToken.md	Generated interface docs updated to include new structs/events/functions.
docs/ConfidentialToken.md	Generated contract docs updated for new internal/external functions and updated signatures.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

❌ Patch coverage is 98.58156% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 97.38%. Comparing base (5167aaf) to head (d0f1a17).

Files with missing lines	Patch %	Lines
contracts/ConfidentialToken.sol	97.91%	2 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop      #66      +/-   ##
===========================================
+ Coverage    96.66%   97.38%   +0.71%     
===========================================
  Files            6        7       +1     
  Lines          270      382     +112     
  Branches        64       94      +30     
===========================================
+ Hits           261      372     +111     
- Misses           9       10       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 4 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 4 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

_handleHistoricViewRequest indexes decryptedArguments[0] without first validating that the callback provided at least one decrypted argument. If decryptedArguments is empty (or shorter than expected), this will revert with a panic (out-of-bounds) rather than a controlled custom error. Add an explicit length check (e.g., require decryptedArguments.length == 1) and revert with a project error like DecryptionBadFormat/WrongPlaintextFormat for predictable behavior.

[Copilot]

In _handleHistoricViewRequest, the local variable sender is actually the historic-view viewer address extracted from plaintextArguments[1]. Renaming it to viewer/historicViewer would make the authorization and ReEncryptedTransfer emission logic much easier to follow and reduce confusion with msg.sender / transfer sender.

Suggested change

	address sender = address(bytes20(plaintextArguments[1]));
	require(_knownPublicKey(sender), PublicKeyIsNotRegistered(sender));
	(address from, address to) = _historicViewAuth.decodeIfAuthorized(
	sender,
	decryptedArguments[0]
	);
	emit ReEncryptedTransfer(
	sender,
	from,
	to,
	BITE.encryptECIES(
	encryptECIESAddress,
	decryptedArguments[0],
	publicKeys[sender]
	address historicViewer = address(bytes20(plaintextArguments[1]));
	require(_knownPublicKey(historicViewer), PublicKeyIsNotRegistered(historicViewer));
	(address from, address to) = _historicViewAuth.decodeIfAuthorized(
	historicViewer,
	decryptedArguments[0]
	);
	emit ReEncryptedTransfer(
	historicViewer,
	from,
	to,
	BITE.encryptECIES(
	encryptECIESAddress,
	decryptedArguments[0],
	publicKeys[historicViewer]

[Copilot]

accessManagerFactory.deploy(deployer) passes a SignerWithAddress object where the OpenZeppelin AccessManager constructor expects an address (initial admin). This is likely to throw at runtime with an “invalid address” error on ethers v6. Pass deployer.address (or await deployer.getAddress()) instead.

Suggested change

	accessManager = await accessManagerFactory.deploy(deployer);
	accessManager = await accessManagerFactory.deploy(deployer.address);

[Copilot]

Minor formatting: HistoricViewTimeRangeRevoked is declared as event HistoricViewTimeRangeRevoked(address indexed holder,address indexed viewer); (missing a space after the comma). Align spacing with the rest of the interface for readability.

Suggested change

	event HistoricViewTimeRangeRevoked(address indexed holder,address indexed viewer);
	event HistoricViewTimeRangeRevoked(address indexed holder, address indexed viewer);