signed_call

Execute a signed read operation (eth_call) with encrypted calldata and a decrypted response. This allows reading private contract state that requires authentication or privacy, without broadcasting a transaction to the network.

Overview

A signed read is like a regular eth_call, but with Seismic's encryption:

1. Your calldata is encrypted using AES-GCM (like shielded writes)

2. The call is authenticated with your signature

3. The TEE executes the call inside its secure environment

4. The response is encrypted by the TEE and decrypted by your client

This is useful for:

• Reading private state (balances, allowances, account data)

• Querying view functions that require authentication

• Testing write operations before broadcasting

Signatures

Parameters

All parameters are keyword-only.

Returns

Type: HexBytes

• Decrypted response from the contract (raw bytes)

• Empty HexBytes if the contract returned no data

Examples

Sync Usage

Async Usage

With ABI Encoding

Using Contract Namespace

Custom Security Parameters

With Value

Custom Gas Limit

Using EIP-712 Signing

Implementation Details

RPC Method

This method uses a Seismic-specific RPC call:

The call includes:

• Encrypted calldata

• Signature proving your identity

• Security parameters (block hash, expiry, nonce)

Encryption Process

The SDK performs the following steps:

1. Fetch security parameters (if not provided):

   • Get latest block hash for freshness proof

   • Generate random 12-byte AES-GCM nonce

   • Calculate expiry block (current + 100 blocks)

2. Construct metadata:

   • Sender address

   • Chain ID, nonce, to, value

   • Block hash, expiry, encryption nonce

   • Mark as signed read

3. Encrypt calldata:

   • Use ECDH-derived AES-GCM key

   • Bind ciphertext to metadata via AAD

4. Sign and send:

   • Sign the transaction (raw or EIP-712)

   • Send via seismic_signedCall

5. Decrypt response:

   • TEE encrypts the response

   • SDK decrypts using the shared key

   • Returns the plaintext result

No State Changes

Signed calls do not modify blockchain state. They are read-only operations, similar to eth_call. The signature is used for:

• Authentication (proving who is calling)

• Encryption key derivation

• Access control (contracts can enforce read permissions)

Gas Limit

Unlike eth_call, signed calls have a gas limit (default: 30,000,000). This prevents infinite loops and ensures the call completes in reasonable time.

If your call requires more gas, increase the gas parameter.

Privacy Guarantees

What Gets Encrypted

• Function selector (4 bytes)

• All function arguments

• Encoding metadata

• The response from the contract

What Remains Visible

• Your IP address (to the RPC node)

• The contract address you're calling

• Timing information

An observer watching network traffic can see you made a call to a contract, but cannot see:

• Which function you called

• What arguments you passed

• What data was returned

Use Cases

Reading Private State

Access-Controlled Queries

Testing Before Broadcasting

Security Considerations

Signed Read Flag

Every signed call includes a signed_read: true flag in its Seismic elements. This prevents the transaction from being replayed as a write transaction.

The node enforces:

• Signed reads cannot modify state

• They use seismic_signedCall, not eth_sendRawTransaction

Block Hash Freshness

Like shielded writes, signed calls include a recent block hash to prevent replay attacks and ensure freshness.

Transaction Expiry

Signed calls expire after a certain number of blocks (default: 100). If the call takes too long or is retried after expiry, it will be rejected.

Nonce Uniqueness

Each signed call uses a cryptographically random encryption nonce. The SDK generates this automatically — never reuse nonces.

Error Handling

When to Use

Use signed_call() When

• You need low-level control over the call

• You have pre-encoded calldata

• You're implementing custom encryption logic

Use contract.read When

• You're calling a contract function with known ABI

• You want automatic ABI encoding and decoding

• You prefer high-level, ergonomic API

Use contract.tread When

• The data is public (no privacy needed)

• You want to save gas and reduce latency

• The function doesn't require authentication

Notes

Requires Wallet Client

This method is only available on wallet clients created with create_wallet_client(). It requires:

• A private key for signing

• Encryption state (derived from TEE public key)

No Transaction Hash

Unlike send_shielded_transaction(), this method does not return a transaction hash. It returns the decrypted response directly.

Nonce Not Incremented

Signed calls do not increment your account nonce. You can make multiple signed calls without affecting your ability to send transactions.

See Also

• contract.read — High-level signed read API

• send_shielded_transaction() — Send write transactions

• contract.tread — Transparent reads without encryption

• SeismicSecurityParams — Security parameter reference

• Signed Reads Guide — Full guide to authenticated reads