Skip to main content

OXN-Specific Methods

Beyond the standard Ethereum JSON-RPC surface, OXN exposes a small number of methods for constructing encrypted calls and querying enclave state. These are typically consumed by the SDKs, not by application code directly.

Fetching the enclave public key

To construct an encrypted call, the client needs the current enclave X25519 public key. The SDKs fetch this automatically; the underlying method is exposed for tools that need it directly.

The exact method name and response format depend on the runtime version. As of writing, the enclave public key is served through a wrapper method that returns:

{
"public_key": "0x...",
"checksum": "0x...",
"signature": "0x...",
"expiration": 12345
}
  • public_key — 32-byte X25519 public key of the current enclave.
  • checksum — measurement of the enclave binary.
  • signature — signature over the key material by the runtime.
  • expiration — block height after which the key rotates.

Clients that manage their own encryption verify the signature and use public_key for encryption up to expiration.

Signed query submission

A signed query is a specialized eth_call where the caller signature populates msg.sender inside a view function. The mechanism is:

  1. Client constructs the call data.
  2. Client encrypts under a session key.
  3. Client attaches a signature over the encrypted payload with their EVM private key.
  4. Client submits via eth_call with a specially-marked envelope.
  5. Enclave verifies the signature, sets msg.sender, executes.

SDKs handle steps 2–4 transparently. The raw wire format uses the same eth_call method — signed queries are identified by envelope structure.

Attestation and enclave info

Methods that return the current enclave's attestation quote (for clients that want to verify TEE guarantees directly) may be exposed. These are optional for most application development.

Consensus-layer methods

Operations on the native oxn1… address space go through consensus-layer JSON-RPC endpoints (a separate namespace). These are used by the OXN Web Wallet's deposit/withdraw flow and by validator tooling. Application-level dApps typically do not need these; if you do, see the Oasis SDK documentation.

Batch and pipeline patterns

For heavy read workloads, batch requests where possible:

[
{ "jsonrpc": "2.0", "method": "eth_getBlockByNumber", "params": ["latest", false], "id": 1 },
{ "jsonrpc": "2.0", "method": "eth_gasPrice", "params": [], "id": 2 },
{ "jsonrpc": "2.0", "method": "eth_getBalance", "params": ["0x...", "latest"], "id": 3 }
]

Batching amortizes TLS handshake and connection overhead.

Next steps