# Understanding Public Decryption via on-chain events

The unshield process uses an event and public decryption:

1. **Indexers monitor blockchain events** for UnwrappedStarted events
2. **Encrypted handle is exposed** by the indexer (from the event)
3. **You decrypt using the fhEVM SDK** - the value is publicly decryptable, so that anyone can decrypt it
4. **Call finalise with decrypted value** - no cryptographic proof needed since decryption is done client-side

## **How Public Decryption Works** <a href="#how-public-decryption-works" id="how-public-decryption-works"></a>

When the wrapper calls `FHE.makePubliclyDecryptable()`, it marks the encrypted value so that anyone can decrypt it using the fhEVM SDK. This differs from confidential encrypted values, which only authorised parties can decrypt.

The flow:

1. Wrapper marks burned amount as publicly decryptable
2. `UnwrappedStarted` event contains the encrypted handle
3. Indexer exposes this handle (or you read it directly from the event)
4. Frontend uses fhEVM SDK to decrypt: `fhevm.decryptPublic(handle)`
5. You call f`inalizeUnwrap(requestId, abiEncodedClearBurnAmounts, decryptionProof)` with the plaintext amount, along with a proof that Zama decrypted the value and corresponds to the encrypted value.

## **Security Model** <a href="#security-model" id="security-model"></a>

You might wonder: If anyone can decrypt, isn't this insecure?

This is by design! The unshield process **must** reveal the amount because:

* The wrapper needs to know how many original tokens to send you
* Wrapping/unwrapping necessarily exposes amounts (you're converting to/from public tokens)
* Only the burned amount for **this specific unwrap** is public, not your remaining balance

Your remaining cToken balance stays encrypted and confidential.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://zaiffer.gitbook.io/wiki/zaiffer/unshielding-tokens-unwrapping/understanding-public-decryption-via-on-chain-events.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.