refactor: change encryption structure and enhance security notes

b00ste · web-flow · commit b333badfd323 · 2026-01-09T12:59:35.000+02:00
Removed tokenGate field and updated encryption section with decryptionParams. Added security considerations for decryption parameters.
diff --git a/LSPs/LSP-29-EncryptedAssets.md b/LSPs/LSP-29-EncryptedAssets.md
@@ -115,16 +115,13 @@ The [VerifiableURI] stored in the array MUST point to a JSON file on IPFS confor
       "name": "<string>",
       "description": "<string>"
     },
-    "tokenGate": {
-      "tokenAddress": "<address>",
-      "requiredBalance": "<string>"
-    },
     "encryption": {
       "method": "<string>",
       "ciphertext": "<string>",
       "dataToEncryptHash": "<string>",
       "accessControlConditions": "<array>",
-      "decryptionCode": "<string>"
+      "decryptionCode": "<string>",
+      "decryptionParams": "<object>"
     },
     "chunks": {
       "cids": "<array>",
@@ -144,7 +141,6 @@ The [VerifiableURI] stored in the array MUST point to a JSON file on IPFS confor
 | `revision`   | number | Yes      | Version number starting at 1, incremented for each update |
 | `createdAt`  | string | Yes      | ISO 8601 timestamp when this revision was created         |
 | `file`       | object | Yes      | Metadata about the encrypted file                         |
-| `tokenGate`  | object | Yes      | Token requirements for decryption access                  |
 | `encryption` | object | Yes      | Encryption metadata for decryption                        |
 | `chunks`     | object | Yes      | Chunked storage information                               |
 
@@ -156,22 +152,29 @@ The [VerifiableURI] stored in the array MUST point to a JSON file on IPFS confor
 | `name`        | string | Yes      | Original filename                                    |
 | `description` | string | No       | Human-readable description of the content            |
 
-#### tokenGate
+#### encryption
 
-| Key               | Type    | Required | Description                                                         |
-| ----------------- | ------- | -------- | ------------------------------------------------------------------- |
-| `tokenAddress`    | address | Yes      | Address of the token contract (LSP7 or LSP8) required for access    |
-| `requiredBalance` | string  | Yes      | Minimum token balance required (as string for BigInt compatibility) |
+| Key                       | Type   | Required | Description                                                |
+| ------------------------- | ------ | -------- | ---------------------------------------------------------- |
+| `method`                  | string | Yes      | Encryption method identifier (see supported methods below) |
+| `ciphertext`              | string | Yes      | Encrypted symmetric key                                    |
+| `dataToEncryptHash`       | string | Yes      | Hash of the encrypted data for verification                |
+| `accessControlConditions` | array  | Yes      | Conditions for decryption access                           |
+| `decryptionCode`          | string | Yes      | Code or reference for decryption logic                     |
+| `decryptionParams`        | object | Yes      | Dynamic parameters embedded in `decryptionCode`            |
 
-#### encryption
+The `decryptionParams` object contains the dynamic values that are hardcoded into the `decryptionCode`. This enables UI display and content filtering without parsing the decryption code. See [Decryption Parameters Security](#decryption-parameters-security) for important security considerations.
 
-| Key                       | Type   | Required | Description                                              |
-| ------------------------- | ------ | -------- | -------------------------------------------------------- |
-| `method`                  | string | Yes      | Encryption method identifier (e.g., `"lit-protocol-v1"`) |
-| `ciphertext`              | string | Yes      | Encrypted symmetric key                                  |
-| `dataToEncryptHash`       | string | Yes      | Hash of the encrypted data for verification              |
-| `accessControlConditions` | array  | Yes      | Conditions for decryption access                         |
-| `decryptionCode`          | string | Yes      | Code or reference for decryption logic                   |
+**Supported Encryption Methods:**
+
+| Method                    | Description                            | Example `decryptionParams`                                                             |
+| ------------------------- | -------------------------------------- | -------------------------------------------------------------------------------------- |
+| `lit-lsp7-balance-v1`     | LSP7 token balance via Lit Protocol    | `{ "tokenAddress": "0x...", "requiredBalance": "1000000" }`                            |
+| `lit-lsp8-ownership-v1`   | LSP8 NFT ownership via Lit Protocol    | `{ "tokenAddress": "0x...", "requiredTokenId": "42" }`                                 |
+| `lit-lsp8-balance-v1`     | LSP8 balance via Lit Protocol          | `{ "tokenAddress": "0x...", "requiredBalance": "1" }`                                  |
+| `lit-lsp26-follower-v1`   | LSP26 on-chain follower check          | `{ "followedAddresses": ["0x...", "0x..."] }`                                          |
+| `lit-social-followers-v1` | Off-chain social verification          | `{ "platform": "twitter", "creatorHandle": "@creator", "requiredFollowers": "10000" }` |
+| `lit-time-locked-v1`      | Time-lock via Lit Protocol             | `{ "unlockTimestamp": "1735689600" }`                                                  |
 
 #### chunks
 
@@ -278,9 +281,25 @@ While the array is append-only at the application level, ERC725Y storage can tec
 - Consider timestamps when multiple versions exist
 - Be aware that "latest" mapping can be updated
 
-### Token Gate Validation
+### Decryption Parameters Security
+
+The `decryptionParams` field exists for UI/querying purposes and MUST match the hardcoded values in `decryptionCode`. Applications SHOULD:
+
+- Verify `decryptionParams` values match those embedded in `decryptionCode` when possible
+- Display warnings to users if discrepancies are detected
+- Never rely solely on `decryptionParams` for access control enforcement
+- Treat `decryptionCode` as the authoritative source of truth
+
+Actual access control MUST be enforced by the decryption mechanism (e.g., Lit Protocol access control conditions embedded in `decryptionCode`). Applications MUST NOT rely solely on the JSON `decryptionParams` field for security.
+
+### Method Versioning
+
+The `method` field includes a version suffix (e.g., `lit-lsp7-balance-v1`). When creating new encryption methods:
 
-The `tokenGate` field in the JSON is for UI/querying purposes only. Actual access control MUST be enforced by the decryption mechanism (e.g., Lit Protocol access control conditions). Applications MUST NOT rely solely on the JSON `tokenGate` field for security.
+- Use unique, descriptive method identifiers
+- Include version suffix for future compatibility (e.g., `-v1`, `-v2`)
+- Document required `decryptionParams` schema for each method
+- Maintain backward compatibility when incrementing versions
 
 ### Content ID Collisions
 
