# Module BSV::Primitives::EncryptedMessage <a id="module-BSV-Primitives-EncryptedMessage"></a>

BRC-78 encrypted messages.

Provides confidential authenticated messaging using BRC-42 derived keys and
AES-256-GCM symmetric encryption. Both parties derive the same symmetric key
from their respective BRC-42 child keys via ECDH.

- **@see** `https://github.com/bitcoin-sv/BRCs/blob/master/peer-to-peer/0078.md`

**@example Encrypt and decrypt**
```ruby
ct = EncryptedMessage.encrypt(message, sender_priv, recipient_pub)
EncryptedMessage.decrypt(ct, recipient_priv) #=> message
```

## Constants
### `HEADER_SIZE` <a id="constant-HEADER_SIZE"></a> <a id="HEADER_SIZE-constant"></a>
Minimum message size: VERSION(4) + sender(33) + recipient(33) + key_id(32) =
102

### `VERSION` <a id="constant-VERSION"></a> <a id="VERSION-constant"></a>
Protocol version bytes: "BBx10x33"

## Public Class Methods
### `decrypt(data, recipient)` <a id="method-c-decrypt"></a> <a id="decrypt-class_method"></a>
Decrypt a BRC-78 encrypted message.
- **@param** `data` [String] the binary encrypted message (from {.encrypt})
- **@param** `recipient` [PrivateKey] the recipient's private key
- **@raise** [ArgumentError] if version is wrong, recipient doesn't match, or message is too short
- **@raise** [OpenSSL::Cipher::CipherError] if decryption fails (tampered or wrong key)
- **@return** [String] the decrypted plaintext (binary)

### `encrypt(message, sender, recipient)` <a id="method-c-encrypt"></a> <a id="encrypt-class_method"></a>
Encrypt a message using the BRC-78 protocol.
- **@param** `message` [String] the message to encrypt
- **@param** `sender` [PrivateKey] the sender's private key
- **@param** `recipient` [PublicKey] the recipient's public key
- **@return** [String] binary encrypted message (header + AES-GCM payload)
