The five airdrop flows.

Operator calls the factory to mint a per-cohort airdrop clone. Clone holds the encrypted cohort balance + the claim signature registry.

1. factory.createConfidentialAirdrop({ params, userSalt }) where params = { token, startTimestamp, endTimestamp, canExtendClaimWindow, admin }, CREATE2 deterministic
2. Receipt's ConfidentialAirdropCreated event carries the clone address
3. params.admin gets DEFAULT_ADMIN_ROLE; the factory's feeCollector gets FEE_COLLECTOR_ROLE

Operator transfers encrypted tokens into the clone. The pot's plaintext total stays opaque; only per-recipient ACL on claim reveals fragments.

1. Operator's wallet calls setOperator on the source token (one-time per chain)
2. useFundConfidentialAirdrop({ amount }), SDK encrypts amount, submits transfer
3. Receipt's ConfidentialAirdropFunded event flagged with the clone address

An address with DEFAULT_ADMIN_ROLE signs an EIP-712 typed message per recipient. The signature is portable, distribute via email, QR, link, anything. No on-chain registration step.

1. Off-chain: build the Claim struct {recipient, encryptedAmount}
2. useSignClaimAuthorization signs over the typed-data domain
3. Ship the signature + handle to the recipient

Recipient submits the signature + the encrypted-amount handle. Clone verifies signer ∈ DEFAULT_ADMIN_ROLE, marks the signature claimed, transfers.

1. Recipient calls useClaim with the signature payload
2. Clone ECDSA.recovers the signer, checks role, checks no double-claim
3. Atomic confidential transfer to recipient (FHE.allowTransient to the token + confidentialTransfer); decrypt access comes from the separate getClaimAmount write

Pull unclaimed funds back to the operator after the campaign closes, withdraw fees, manage role membership.

1. useWithdrawOtherConfidentialToken / useWithdrawOtherToken
2. useAirdropGrantRole / useAirdropRevokeRole for admin or fee-collector rotation
3. Pausable surface via useSetPaused (DEFAULT_ADMIN_ROLE) if a fault is detected