smartcontractkit · cll-gg · Sep 9, 2025 · Sep 1, 2025 · Sep 2, 2025 · Sep 2, 2025
diff --git a/core/services/keystore/aptos.go b/core/services/keystore/aptos.go
@@ -169,6 +169,10 @@ type AptosLooppSigner struct {
 
 var _ loop.Keystore = &AptosLooppSigner{}
 
+func (lk *AptosLooppSigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 // Returns a list of Aptos Public Keys
 func (s *AptosLooppSigner) Accounts(ctx context.Context) (accounts []string, err error) {
 	ks, err := s.GetAll()

diff --git a/core/services/keystore/cosmos.go b/core/services/keystore/cosmos.go
@@ -154,6 +154,10 @@ type CosmosLoopSigner struct {
 
 var _ core.Keystore = &CosmosLoopSigner{}
 
+func (lk *CosmosLoopSigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 func (lk *CosmosLoopSigner) Sign(ctx context.Context, id string, hash []byte) ([]byte, error) {
 	k, err := lk.Get(id)
 	if err != nil {

diff --git a/core/services/keystore/csa.go b/core/services/keystore/csa.go
@@ -28,6 +28,10 @@ type CSA interface {
 
 var _ core.Keystore = &CSASigner{}
 
+func (lk *CSASigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 type CSASigner struct {
 	CSA
 	core.UnimplementedKeystore

diff --git a/core/services/keystore/eth.go b/core/services/keystore/eth.go
@@ -50,6 +50,10 @@ type Eth interface {
 
 var _ loop.Keystore = &EthSigner{}
 
+func (lk *EthSigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 type EthSigner struct {
 	Eth
 	core.UnimplementedKeystore

diff --git a/core/services/keystore/solana.go b/core/services/keystore/solana.go
@@ -30,6 +30,10 @@ type SolanaLooppSigner struct {
 
 var _ core.Keystore = &SolanaLooppSigner{}
 
+func (lk *SolanaLooppSigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 func (s *SolanaLooppSigner) Accounts(ctx context.Context) (accounts []string, err error) {
 	ks, err := s.GetAll()
 	if err != nil {

diff --git a/core/services/keystore/starknet.go b/core/services/keystore/starknet.go
@@ -159,6 +159,10 @@ type StarknetLooppSigner struct {
 
 var _ core.Keystore = &StarknetLooppSigner{}
 
+func (lk *StarknetLooppSigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 // Sign implements [loop.Keystore]
 // hash is expected to be the byte representation of big.Int
 // the returned []byte is an encoded [github.com/smartcontractkit/chainlink-common/pkg/loop/adapters/starknet.Signature].

diff --git a/core/services/keystore/ton.go b/core/services/keystore/ton.go
@@ -168,6 +168,10 @@ type TONLooppSigner struct {
 
 var _ core.Keystore = &TONLooppSigner{}
 
+func (lk *TONLooppSigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 // Returns a list of TON Public Keys
 func (s *TONLooppSigner) Accounts(ctx context.Context) (accounts []string, err error) {
 	ks, err := s.GetAll()

diff --git a/core/services/keystore/tron.go b/core/services/keystore/tron.go
@@ -173,6 +173,10 @@ type TronLOOPSigner struct {
 
 var _ core.Keystore = &TronLOOPSigner{}
 
+func (lk *TronLOOPSigner) Decrypt(ctx context.Context, id string, ciphertext []byte) ([]byte, error) {
+	return nil, nil
+}
+
 func (lk *TronLOOPSigner) Accounts(ctx context.Context) ([]string, error) {
 	keys, err := lk.GetAll()
 	if err != nil {

diff --git a/core/services/ocr2/delegate.go b/core/services/ocr2/delegate.go
@@ -45,13 +45,13 @@ import (
 	"github.com/smartcontractkit/chainlink-common/pkg/types"
 	cciptypes "github.com/smartcontractkit/chainlink-common/pkg/types/ccip"
 	"github.com/smartcontractkit/chainlink-common/pkg/types/core"
+	sm "github.com/smartcontractkit/chainlink-common/pkg/types/core/securemint"
 	llotypes "github.com/smartcontractkit/chainlink-common/pkg/types/llo"
 	"github.com/smartcontractkit/chainlink-common/pkg/utils/mailbox"
 	"github.com/smartcontractkit/chainlink-common/pkg/workflows/dontime"
 	datastreamsllo "github.com/smartcontractkit/chainlink-data-streams/llo"
 	"github.com/smartcontractkit/chainlink-evm/pkg/chains/legacyevm"
 	"github.com/smartcontractkit/chainlink-evm/pkg/keys"
-	"github.com/smartcontractkit/por_mock_ocr3plugin/por"
 
 	"github.com/smartcontractkit/chainlink/v2/core/bridges"
 	gatewayconnector "github.com/smartcontractkit/chainlink/v2/core/capabilities/gateway_connector"
@@ -1510,7 +1510,7 @@ func (d *Delegate) newServicesSecureMint(
 		lggr.ErrorIf(d.jobORM.RecordError(ctx, jb.ID, msg), "unable to record error")
 	})
 
-	oracleArgsNoPlugin := libocr2.OCR3OracleArgs[por.ChainSelector]{
+	oracleArgsNoPlugin := libocr2.OCR3OracleArgs[sm.ChainSelector]{
 		BinaryNetworkEndpointFactory: d.peerWrapper.Peer2,
 		V2Bootstrappers:              bootstrapPeers,
 		Database:                     ocrDB,

diff --git a/core/services/ocr2/plugins/median/services.go b/core/services/ocr2/plugins/median/services.go
@@ -149,6 +149,7 @@ func NewMedianServices(ctx context.Context,
 	}
 
 	if cmdName := env.MedianPlugin.Cmd.Get(); cmdName != "" {
+		lggr.Infof("Median plugin loop configured")
 		// use unique logger names so we can use it to register a loop
 		medianLggr := lggr.Named("Median").Named(spec.ContractID).Named(spec.GetID())
 		envVars, err2 := plugins.ParseEnvFile(env.MedianPlugin.Env.Get())
@@ -171,6 +172,7 @@ func NewMedianServices(ctx context.Context,
 		argsNoPlugin.ReportingPluginFactory = median
 		srvs = append(srvs, median)
 	} else {
+		lggr.Infof("Median plugin configured without loop")
 		argsNoPlugin.ReportingPluginFactory, err = median.NewPlugin(lggr).NewMedianFactory(ctx, medianProvider, spec.ContractID, dataSource, juelsPerFeeCoinSource, gasPriceSubunitsDataSource, errorLog, pluginConfig.DeviationFunctionDefinition)
 		if err != nil {
 			err = fmt.Errorf("failed to create median factory: %w", err)

diff --git a/core/services/ocr3/securemint/README.md b/core/services/ocr3/securemint/README.md
@@ -1,8 +1,12 @@
 # SecureMint Plugin
 
+TODO(gg): make sure that the two secure mint integration tests run successfully in CI.
+
 ## Overview
 
 The SecureMint plugin is a plugin that allows for secure minting of tokens.
+It's looppified, meaning its implementation is in https://github.com/smartcontractkit/chainlink-secure-mint/. 
+Make sure to install the plugin. 
 
 ## Validation
 
@@ -18,7 +22,7 @@ make setup-testdb
 
 ### Run test:
 ```bash
- time SECURE_TRANSMITTER_HACK_DISABLED=true CL_DATABASE_URL=postgresql://chainlink_dev:insecurepassword@localhost:5432/chainlink_development_test?sslmode=disable go test -timeout 2m -run ^TestIntegration_SecureMint_happy_path$ github.com/smartcontractkit/chainlink/v2/core/services/ocr3/securemint -v 2>&1 | tee all.log | awk '/DEBUG|INFO|WARN|ERROR/ { print > "node_logs.log"; next }; { print > "other.log" }; tail all.log'
+ time CL_SECUREMINT_CMD=/Users/ggerritsen/go/bin/chainlink-secure-mint CL_DATABASE_URL=postgresql://chainlink_dev:insecurepassword@localhost:5432/chainlink_development_test?sslmode=disable go test -timeout 2m -run ^TestIntegration_SecureMint_happy_path$ github.com/smartcontractkit/chainlink/v2/core/services/ocr3/securemint -v 2>&1 | tee all.log | awk '/DEBUG|INFO|WARN|ERROR/ { print > "node_logs.log"; next }; { print > "other.log" }; tail all.log'
 ```
 
 ### If you change any dependencies:

diff --git a/core/services/ocr3/securemint/ea/ea.go b/core/services/ocr3/securemint/ea/ea.go
@@ -9,16 +9,16 @@ import (
 	"strconv"
 	"time"
 
+	"github.com/smartcontractkit/chainlink-common/pkg/types/core/securemint"
 	"github.com/smartcontractkit/chainlink/v2/core/logger"
 	"github.com/smartcontractkit/chainlink/v2/core/services/job"
 	sm_config "github.com/smartcontractkit/chainlink/v2/core/services/ocr3/securemint/config"
 	"github.com/smartcontractkit/chainlink/v2/core/services/ocrcommon"
 	"github.com/smartcontractkit/chainlink/v2/core/services/pipeline"
-	"github.com/smartcontractkit/por_mock_ocr3plugin/por"
 )
 
-// externalAdapter implements por.ExternalAdapter
-var _ por.ExternalAdapter = &externalAdapter{}
+// externalAdapter implements securemint.ExternalAdapter
+var _ securemint.ExternalAdapter = &externalAdapter{}
 
 type externalAdapter struct {
 	config         *sm_config.SecureMintConfig
@@ -44,7 +44,7 @@ func NewExternalAdapter(config *sm_config.SecureMintConfig, runner pipeline.Runn
 }
 
 // GetPayload retrieves the payload for the given blocks by executing a pipeline run.
-func (ea *externalAdapter) GetPayload(ctx context.Context, blocks por.Blocks) (por.ExternalAdapterPayload, error) {
+func (ea *externalAdapter) GetPayload(ctx context.Context, blocks securemint.Blocks) (securemint.ExternalAdapterPayload, error) {
 	ea.lggr.Debugf("GetPayload called with blocks parameter: %v", blocks)
 
 	// Create the request for the external adapter
@@ -56,7 +56,7 @@ func (ea *externalAdapter) GetPayload(ctx context.Context, blocks por.Blocks) (p
 	// coalesce blocks with config.ChainSelectors
 	coalescedBlocks := make(map[uint64]uint64)
 	for _, chainSelector := range ea.chainSelectors {
-		coalescedBlocks[chainSelector] = uint64(blocks[por.ChainSelector(chainSelector)])
+		coalescedBlocks[chainSelector] = uint64(blocks[securemint.ChainSelector(chainSelector)])
 	}
 
 	// add coalesced blocks to request
@@ -68,7 +68,7 @@ func (ea *externalAdapter) GetPayload(ctx context.Context, blocks por.Blocks) (p
 	// Serialize EA request to JSON
 	reqJSON, err := json.Marshal(req)
 	if err != nil {
-		return por.ExternalAdapterPayload{}, fmt.Errorf("failed to marshal ea request: %w (request: %#v)", err, req)
+		return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to marshal ea request: %w (request: %#v)", err, req)
 	}
 
 	ea.lggr.Debugf("GetPayload serialized ea request to JSON: %v", string(reqJSON))
@@ -86,7 +86,7 @@ func (ea *externalAdapter) GetPayload(ctx context.Context, blocks por.Blocks) (p
 
 	run, trrs, err := ea.runner.ExecuteRun(ctx, ea.spec, pipeline.NewVarsFrom(vars))
 	if err != nil {
-		return por.ExternalAdapterPayload{}, fmt.Errorf("failed to execute GetPayload: %w", err)
+		return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to execute GetPayload: %w", err)
 	}
 
 	ea.saver.Save(run)
@@ -99,74 +99,74 @@ func (ea *externalAdapter) GetPayload(ctx context.Context, blocks por.Blocks) (p
 
 		resultMap, ok := trr.Result.Value.(map[string]any)
 		if !ok {
-			return por.ExternalAdapterPayload{}, fmt.Errorf("unexpected result type for GetPayload: %T", trr.Result.Value)
+			return securemint.ExternalAdapterPayload{}, fmt.Errorf("unexpected result type for GetPayload: %T", trr.Result.Value)
 		}
 
 		payload, err := ea.convertMapToPayload(resultMap)
 		if err != nil {
-			return por.ExternalAdapterPayload{}, fmt.Errorf("failed to convert EA response map to payload: %w, map: %#v", err, resultMap)
+			return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to convert EA response map to payload: %w, map: %#v", err, resultMap)
 		}
 
 		ea.lggr.Debugw("GetPayload result", "payload", payload)
 		if len(blocks) == 0 {
 			ea.lggr.Debugw("Plugin does not know about any chains or blocks yet, not returning any mintables")
 			// set Mintables to empty map - plugin will error out if it's not empty when it hasn't requested any mintables yet
 			// TODO(gg): we should probably update the plugin to handle this case
-			payload.Mintables = make(por.Mintables)
+			payload.Mintables = make(securemint.Mintables)
 		}
 		ea.lggr.Debugw("GetPayload returning", "payload", payload)
 
 		return payload, nil
 	}
 
-	return por.ExternalAdapterPayload{}, errors.New("no terminal result for GetPayload")
+	return securemint.ExternalAdapterPayload{}, errors.New("no terminal result for GetPayload")
 }
 
-// convertMapToPayload converts a map[string]any response to por.ExternalAdapterPayload
-func (ea *externalAdapter) convertMapToPayload(resultMap map[string]any) (por.ExternalAdapterPayload, error) {
+// convertMapToPayload converts a map[string]any response to securemint.ExternalAdapterPayload
+func (ea *externalAdapter) convertMapToPayload(resultMap map[string]any) (securemint.ExternalAdapterPayload, error) {
 	// Marshal and unmarshal to convert to Response struct
 	b, err := json.Marshal(resultMap)
 	if err != nil {
-		return por.ExternalAdapterPayload{}, fmt.Errorf("failed to marshal EA payload map: %w", err)
+		return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to marshal EA payload map: %w", err)
 	}
 
 	ea.lggr.Debugf("EA response: %s", string(b))
 
 	var eaResponse Response
 	if err := json.Unmarshal(b, &eaResponse); err != nil {
-		return por.ExternalAdapterPayload{}, fmt.Errorf("failed to unmarshal EA response: %w", err)
+		return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to unmarshal EA response: %w", err)
 	}
 
 	// Create the payload
-	payload := por.ExternalAdapterPayload{
-		Mintables:    make(por.Mintables),
-		LatestBlocks: make(por.Blocks),
+	payload := securemint.ExternalAdapterPayload{
+		Mintables:    make(securemint.Mintables),
+		LatestBlocks: make(securemint.Blocks),
 	}
 
 	// Convert mintables
 	for chainSelector, mintable := range eaResponse.Mintables {
 		chainSelectorUint64, err := strconv.ParseUint(chainSelector, 10, 64)
 		if err != nil {
-			return por.ExternalAdapterPayload{}, fmt.Errorf("failed to parse chain selector: %s", chainSelector)
+			return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to parse chain selector: %s", chainSelector)
 		}
 
 		mintableAmount, ok := new(big.Int).SetString(mintable.Mintable, 10)
 		if !ok {
-			return por.ExternalAdapterPayload{}, fmt.Errorf("failed to parse mintable amount: %s", mintable.Mintable)
+			return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to parse mintable amount: %s", mintable.Mintable)
 		}
 
-		payload.Mintables[por.ChainSelector(chainSelectorUint64)] = por.BlockMintablePair{
-			Block:    por.BlockNumber(mintable.Block),
+		payload.Mintables[securemint.ChainSelector(chainSelectorUint64)] = securemint.BlockMintablePair{
+			Block:    securemint.BlockNumber(mintable.Block),
 			Mintable: mintableAmount,
 		}
 	}
 
 	// Convert reserve info
 	reserveAmount, ok := new(big.Int).SetString(eaResponse.ReserveInfo.ReserveAmount, 10)
 	if !ok {
-		return por.ExternalAdapterPayload{}, fmt.Errorf("failed to parse reserve amount: %s", eaResponse.ReserveInfo.ReserveAmount)
+		return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to parse reserve amount: %s", eaResponse.ReserveInfo.ReserveAmount)
 	}
-	payload.ReserveInfo = por.ReserveInfo{
+	payload.ReserveInfo = securemint.ReserveInfo{
 		ReserveAmount: reserveAmount,
 		Timestamp:     time.UnixMilli(eaResponse.ReserveInfo.Timestamp),
 	}
@@ -175,9 +175,9 @@ func (ea *externalAdapter) convertMapToPayload(resultMap map[string]any) (por.Ex
 	for chainSelector, block := range eaResponse.LatestBlocks {
 		chainSelectorUint64, err := strconv.ParseUint(chainSelector, 10, 64)
 		if err != nil {
-			return por.ExternalAdapterPayload{}, fmt.Errorf("failed to parse chain selector: %s", chainSelector)
+			return securemint.ExternalAdapterPayload{}, fmt.Errorf("failed to parse chain selector: %s", chainSelector)
 		}
-		payload.LatestBlocks[por.ChainSelector(chainSelectorUint64)] = por.BlockNumber(block)
+		payload.LatestBlocks[securemint.ChainSelector(chainSelectorUint64)] = securemint.BlockNumber(block)
 	}
 
 	return payload, nil

diff --git a/core/services/ocr3/securemint/ea/ea_test.go b/core/services/ocr3/securemint/ea/ea_test.go
@@ -7,14 +7,14 @@ import (
 	"testing"
 	"time"
 
+	"github.com/smartcontractkit/chainlink-common/pkg/types/core/securemint"
 	"github.com/smartcontractkit/chainlink/v2/core/internal/testutils"
 	"github.com/smartcontractkit/chainlink/v2/core/logger"
 	"github.com/smartcontractkit/chainlink/v2/core/services/job"
 	sm_config "github.com/smartcontractkit/chainlink/v2/core/services/ocr3/securemint/config"
 	"github.com/smartcontractkit/chainlink/v2/core/services/ocrcommon"
 	"github.com/smartcontractkit/chainlink/v2/core/services/pipeline"
 	"github.com/smartcontractkit/chainlink/v2/core/services/pipeline/mocks"
-	"github.com/smartcontractkit/por_mock_ocr3plugin/por"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
 	"github.com/stretchr/testify/require"
@@ -36,13 +36,14 @@ func Test_GetPayload(t *testing.T) {
 	config := &sm_config.SecureMintConfig{
 		Token:          "eth",
 		Reserves:       "platform",
-		ChainSelectors: []uint64{5009297550715157269},
+		ChainSelectors: []string{"5009297550715157269"},
 	}
 	job := job.Job{}
 	spec := pipeline.Spec{}
 	executedRun := &pipeline.Run{}
 
-	ea := NewExternalAdapter(config, runner, job, spec, saver, lggr)
+	ea, err := NewExternalAdapter(config, runner, job, spec, saver, lggr)
+	require.NoError(t, err)
 
 	results := pipeline.TaskRunResults{
 		{
@@ -76,7 +77,7 @@ func Test_GetPayload(t *testing.T) {
 		require.NoError(t, err)
 	})
 
-	payload, err := ea.GetPayload(ctx, por.Blocks{1234567890: 1234567890, 5009297550715157269: 10})
+	payload, err := ea.GetPayload(ctx, securemint.Blocks{1234567890: 1234567890, 5009297550715157269: 10})
 	require.NoError(t, err, "GetPayload should not return an error")
 
 	// Validate the 'ea_request' parameter serialized to json
@@ -99,18 +100,18 @@ func Test_GetPayload(t *testing.T) {
 	// Validate the resulting payload
 	amount, ok := big.NewInt(10).SetString("10332550000000000000000", 10)
 	require.True(t, ok, "Failed to parse reserve amount from string")
-	expectedPayload := por.ExternalAdapterPayload{
-		Mintables: por.Mintables{
+	expectedPayload := securemint.ExternalAdapterPayload{
+		Mintables: securemint.Mintables{
 			5009297550715157269: {
 				Block:    8,
 				Mintable: big.NewInt(10),
 			},
 		},
-		ReserveInfo: por.ReserveInfo{
+		ReserveInfo: securemint.ReserveInfo{
 			ReserveAmount: amount,
 			Timestamp:     time.UnixMilli(1749483841486),
 		},
-		LatestBlocks: por.Blocks{
+		LatestBlocks: securemint.Blocks{
 			5009297550715157269: 23,
 		},
 	}

diff --git a/core/services/ocr3/securemint/keyringadapter/example_usage.go b/core/services/ocr3/securemint/keyringadapter/example_usage.go
@@ -3,9 +3,9 @@ package keyringadapter
 import (
 	"fmt"
 
+	"github.com/smartcontractkit/chainlink-common/pkg/types/core/securemint"
 	"github.com/smartcontractkit/libocr/offchainreporting2plus/ocr3types"
 	"github.com/smartcontractkit/libocr/offchainreporting2plus/types"
-	"github.com/smartcontractkit/por_mock_ocr3plugin/por"
 )
 
 // ExampleUsage demonstrates how to use the OnchainKeyringAdapter
@@ -32,9 +32,9 @@ func ExampleUsage() {
 	// Step 3: Use the adapter as an OCR3 OnchainKeyring for PoR
 	configDigest := types.ConfigDigest([32]byte{1, 2, 3, 4, 5}) // example digest
 	seqNr := uint64(42)
-	chainSelector := por.ChainSelector(1234) // example chain selector
+	chainSelector := securemint.ChainSelector(1234) // example chain selector
 
-	reportWithInfo := ocr3types.ReportWithInfo[por.ChainSelector]{
+	reportWithInfo := ocr3types.ReportWithInfo[securemint.ChainSelector]{
 		Report: []byte("example-por-report"),
 		Info:   chainSelector,
 	}