code-branchNamespaces

Contract interaction namespaces for shielded and transparent operations

Seismic contracts expose five namespaces for different types of operations. Each namespace provides a different combination of encryption, authentication, and transaction behavior.


Overview

When you instantiate a contract:

contract = w3.seismic.contract(address="0x...", abi=ABI)

You get access to five namespaces:

Namespace

Operation

Encryption

Identity (msg.sender)

Broadcasts

Use Case

Write

Yes

Your address

Yes

Privacy-sensitive writes

Read

Yes

Your address

No

Access-controlled reads

Write

No

Your address

Yes

Public writes

Read

No

0x0

No

Public reads

Write

Yes

Your address

Yes

Debug/testing


Quick Comparison

Encrypted vs Transparent

Encrypted (.write, .read, .dwrite):

  • Calldata is encrypted using AES-GCM

  • Only you and the TEE can see plaintext

  • Requires ECDH key exchange with node

  • Includes security metadata (nonce, block hash, expiry)

  • Higher gas cost (encryption overhead)

Transparent (.twrite, .tread):

  • Calldata is visible on-chain

  • Standard Ethereum transactions/calls

  • No encryption or security metadata

  • Lower gas cost (no overhead)

  • Faster (no encryption computation)

Write vs Read

Write (.write, .twrite, .dwrite):

  • Broadcasts a transaction

  • Consumes gas

  • Modifies contract state

  • Returns transaction hash

  • Must wait for confirmation

Read (.read, .tread):

  • Executes an eth_call

  • Free (no gas cost)

  • Does not modify state

  • Returns result immediately

  • No confirmation needed


Usage Patterns

Encrypted Write (.write)

When to use:

  • Amounts, addresses, or arguments should be private

  • Privacy compliance required

  • Trading, voting, auctions, confidential transfers

Signed Read (.read)

When to use:

  • Contract checks msg.sender for access control

  • Caller-specific data (e.g., "my balance")

  • Privacy required for queries

  • Result should be encrypted

Transparent Write (.twrite)

When to use:

  • Data is public anyway

  • Lower gas cost matters

  • No privacy requirements

  • Standard Ethereum behavior

Transparent Read (.tread)

When to use:

  • Function is public (doesn't check msg.sender)

  • No authentication needed

  • Data is public

  • Fast queries for analytics/dashboards

Debug Write (.dwrite)

When to use:

  • Development and testing

  • Debugging encryption issues

  • Verifying calldata encoding

  • Auditing transaction parameters


Decision Tree

Choosing the Right Namespace


Common Examples

Token Transfer (Private)

Token Transfer (Public)

Check Your Balance (Access-Controlled)

Check Any Balance (Public)

Token Metadata (Public)


Namespace Details

.write

Encrypted contract writes with privacy.

  • Encryption: Yes (AES-GCM)

  • Transaction type: TxSeismic (type 0x4a)

  • Returns: HexBytes (transaction hash)

  • Proves identity: Yes

  • Gas cost: Standard + encryption overhead

See full documentation →

.read

Encrypted contract reads with authentication.

  • Encryption: Yes (AES-GCM)

  • Call type: Signed eth_call

  • Returns: HexBytes (decrypted result)

  • Proves identity: Yes (msg.sender is your address)

  • Gas cost: None (doesn't broadcast)

See full documentation →

.twrite

Transparent contract writes (standard Ethereum).

  • Encryption: No

  • Transaction type: Standard eth_sendTransaction

  • Returns: HexBytes (transaction hash)

  • Proves identity: Yes

  • Gas cost: Standard (no overhead)

See full documentation →

.tread

Transparent contract reads (standard Ethereum).

  • Encryption: No

  • Call type: Standard eth_call

  • Returns: HexBytes (result)

  • Proves identity: No (msg.sender is 0x0)

  • Gas cost: None (doesn't broadcast)

See full documentation →

.dwrite

Debug writes with inspection (development only).

  • Encryption: Yes (AES-GCM)

  • Transaction type: TxSeismic (type 0x4a)

  • Returns: DebugWriteResult (plaintext + encrypted + hash)

  • Proves identity: Yes

  • Gas cost: Standard + encryption overhead

See full documentation →


Privacy Considerations

What Gets Encrypted (Shielded Namespaces)

Encrypted (.write, .read, .dwrite):

  • Function selector (4 bytes)

  • All function arguments

  • Return values (for .read)

Not encrypted:

  • from address (sender)

  • to address (contract)

  • value (ETH sent)

  • Gas parameters

  • Transaction metadata

What's Visible (Transparent Namespaces)

Completely visible (.twrite, .tread):

  • Everything: function selector, arguments, results

  • Standard Ethereum transparency

  • Anyone can decode calldata


Security Parameters

Encrypted namespaces (.write, .read, .dwrite) accept optional security parameters:

See SeismicSecurityParams for details.


Transaction Options

Write Namespaces

All write namespaces (.write, .twrite, .dwrite) accept transaction options:

.twrite also accepts any standard eth_sendTransaction parameter:

Read Namespaces

.read accepts call options:

.tread accepts no options (uses defaults).


Async Support

All namespaces work identically with async clients:


Error Handling

Write Operations

Read Operations


Best Practices

Development Workflow

  1. Start with .dwrite — Verify calldata encoding

  2. Test with small amounts — Use .write with minimal value

  3. Verify in production — Switch to .write for production

  4. Use .tread for public data — No need for signed reads

Privacy Guidelines

  • Sensitive data → Use .write or .read

  • Public data → Use .twrite or .tread

  • Access control → Use .read (proves identity)

  • No access control → Use .tread (faster)

Cost Optimization

  • Privacy required → Accept encryption overhead (.write, .read)

  • No privacy needed → Use transparent namespaces (.twrite, .tread)

  • Frequent reads → Use .tread (free, fast, cacheable)


Common Pitfalls

Using .tread for Access-Controlled Functions

Problem:

Solution:

Using .write for Public Data

Unnecessary overhead:

Better:

Using .dwrite in Production

Development only:

Production:


See Also

Last updated