send_shielded_transaction
Send a shielded transaction with encrypted calldata to the Seismic network
Send a shielded transaction with end-to-end encrypted calldata using Seismic's TxSeismic (type 0x4a) transaction format. The calldata is encrypted client-side and decrypted only inside the node's TEE.
Overview
This is the low-level method for sending encrypted transactions. It:
Encrypts the provided plaintext calldata using AES-GCM
Constructs a
TxSeismictransaction with encryption metadataSigns the transaction with your private key
Broadcasts it to the network via
eth_sendRawTransactionReturns the transaction hash
For contract interactions, use contract.write.functionName(...) instead — it handles ABI encoding and encryption automatically.
Signatures
Parameters
All parameters are keyword-only to prevent accidental misuse.
to
ChecksumAddress
Required
Recipient contract address
data
HexBytes
Required
Plaintext calldata (will be encrypted)
value
int
0
Wei to transfer with the transaction
gas
int | None
None
Gas limit (auto-estimated if None)
gas_price
int | None
None
Gas price in wei (uses network default if None)
eip712
bool
False
Use EIP-712 typed data signing instead of raw signing
Returns
Type: HexBytes
The transaction hash returned by eth_sendRawTransaction.
Examples
Sync Usage
Async Usage
Sending ETH
Custom Security Parameters
With ABI Encoding
Using EIP-712 Signing
Implementation Details
Encryption Process
The SDK performs the following steps:
Fetch security parameters (if not provided):
Get latest block hash for freshness proof
Generate random 12-byte AES-GCM nonce
Calculate expiry block (current + 100 blocks)
Construct metadata:
Sender address
Chain ID, nonce, to, value
Block hash, expiry, encryption nonce
Encrypt calldata:
Use ECDH-derived AES-GCM key
Bind ciphertext to metadata via AAD (Additional Authenticated Data)
Build transaction:
Construct
TxSeismic(type0x4a)Include Seismic elements (encryption metadata)
Sign and broadcast:
Sign transaction with private key (raw or EIP-712)
Broadcast via
eth_sendRawTransaction
Gas Estimation
If gas=None, the SDK:
Calls
eth_estimateGaswith the encrypted transactionAdds a buffer for potential variations
Uses the estimated value
If the estimation fails, consider providing an explicit gas limit.
Gas Price
If gas_price=None, the SDK uses eth_gasPrice to fetch the current network gas price.
Privacy Guarantees
What Gets Encrypted
Function selector (4 bytes)
All function arguments
Encoding metadata
What Remains Visible
These fields are not encrypted:
from— Your wallet addressto— Contract addressvalue— ETH amount sentgasandgas_price— Gas parametersnonce— Transaction nonceEncryption metadata (block hash, expiry, nonce)
An observer can see you sent a transaction to a contract, but cannot see which function you called or what arguments you passed.
Security Considerations
Block Hash Freshness
Every shielded transaction includes a recent block hash as a freshness proof. The node validates:
The block hash corresponds to a real block
The block is recent (within the chain's freshness window)
This prevents replay attacks and stale submissions.
Transaction Expiry
Transactions include an expiry block number (default: current + 100 blocks). After this block, the node rejects the transaction.
If your transaction doesn't get mined in time, you must create a new one with updated parameters.
Nonce Uniqueness
Each transaction uses a cryptographically random 12-byte encryption nonce. Never reuse nonces — this breaks AES-GCM security.
The SDK generates random nonces automatically. Only override if you know what you're doing (e.g., testing).
Error Handling
When to Use
Use send_shielded_transaction() When
send_shielded_transaction() WhenYou need low-level control over transaction construction
You have pre-encoded calldata
You're implementing custom encryption logic
You need to handle contract deployment (use
to=None)
Use contract.write When
contract.write WhenYou're calling a contract function with known ABI
You want automatic ABI encoding
You prefer high-level, ergonomic API
Notes
Requires Wallet Client
This method is only available on wallet clients created with create_wallet_client(). It requires:
A private key for signing
Encryption state (derived from TEE public key)
Public clients (create_public_client) do not have this method.
Transaction Type
This method creates TxSeismic (type 0x4a) transactions. These are Seismic-specific and not compatible with standard Ethereum nodes.
Nonce Management
The SDK automatically fetches and increments the nonce using eth_getTransactionCount. You don't need to manage nonces manually.
See Also
contract.write — High-level contract write API
debug_send_shielded_transaction() — Send with debug info
signed_call() — Execute signed reads instead of writes
SeismicSecurityParams — Security parameter reference
Shielded Write Guide — Full encryption workflow
Last updated