diff --git a/libs/common/spec/utils.ts b/libs/common/spec/utils.ts
index db9a7e0842c..1eb4ab2d6a7 100644
--- a/libs/common/spec/utils.ts
+++ b/libs/common/spec/utils.ts
@@ -2,8 +2,11 @@
 // @ts-strict-ignore
 import { mock, MockProxy } from "jest-mock-extended";
 
-import { EncString } from "@bitwarden/common/key-management/crypto/models/enc-string";
+import { ContainerService } from "@bitwarden/common/platform/services/container.service";
+import { KeyService } from "@bitwarden/key-management";
 
+import { EncryptService } from "../src/key-management/crypto/abstractions/encrypt.service";
+import { EncString } from "../src/key-management/crypto/models/enc-string";
 import { EncryptionType } from "../src/platform/enums";
 import { Utils } from "../src/platform/misc/utils";
 import { SymmetricCryptoKey } from "../src/platform/models/domain/symmetric-crypto-key";
@@ -27,8 +30,10 @@ export function BuildTestObject<T, K extends keyof T = keyof T>(
   return Object.assign(constructor === null ? {} : new constructor(), def) as T;
 }
 
+/** @deprecated */
 export function mockEnc(s: string): MockProxy<EncString> {
   const mocked = mock<EncString>();
+  mocked.data = s;
   mocked.decrypt.mockResolvedValue(s);
 
   return mocked;
@@ -77,4 +82,12 @@ export const mockFromSdk = (stub: any) => {
   return `${stub}_fromSdk`;
 };
 
+export const mockContainerService = () => {
+  // Mock the container service for decryption
+  const keyService = mock<KeyService>();
+  const encryptService = mock<EncryptService>();
+  (window as any).bitwardenContainerService = new ContainerService(keyService, encryptService);
+  return (window as any).bitwardenContainerService;
+};
+
 export { trackEmissions, awaitAsync } from "@bitwarden/core-test-utils";
diff --git a/libs/common/src/platform/interfaces/decryptable.interface.ts b/libs/common/src/platform/interfaces/decryptable.interface.ts
index 35895bfd6ff..367af3472f2 100644
--- a/libs/common/src/platform/interfaces/decryptable.interface.ts
+++ b/libs/common/src/platform/interfaces/decryptable.interface.ts
@@ -1,3 +1,5 @@
+import { UserId } from "@bitwarden/user-core";
+
 import { SymmetricCryptoKey } from "../models/domain/symmetric-crypto-key";
 
 import { InitializerMetadata } from "./initializer-metadata.interface";
@@ -8,5 +10,6 @@ import { InitializerMetadata } from "./initializer-metadata.interface";
  * @example Cipher implements Decryptable<CipherView>
  */
 export interface Decryptable<TDecrypted extends InitializerMetadata> extends InitializerMetadata {
-  decrypt: (key: SymmetricCryptoKey) => Promise<TDecrypted>;
+  /** @deprecated - Encryption and decryption of domain objects should be implemented in the SDK */
+  decrypt: (key: SymmetricCryptoKey, userId?: UserId) => Promise<TDecrypted>;
 }
diff --git a/libs/common/src/platform/models/domain/domain-base.ts b/libs/common/src/platform/models/domain/domain-base.ts
index a144353f5bc..35d3c7ecbad 100644
--- a/libs/common/src/platform/models/domain/domain-base.ts
+++ b/libs/common/src/platform/models/domain/domain-base.ts
@@ -1,32 +1,41 @@
 import { ConditionalExcept, ConditionalKeys } from "type-fest";
 
+import { UserId } from "@bitwarden/user-core";
+
 import { EncString } from "../../../key-management/crypto/models/enc-string";
 import { View } from "../../../models/view/view";
 
 import { SymmetricCryptoKey } from "./symmetric-crypto-key";
 
+/** @deprecated */
 // eslint-disable-next-line @typescript-eslint/no-unsafe-function-type
 type EncStringKeys<T> = ConditionalKeys<ConditionalExcept<T, Function>, EncString>;
+/** @deprecated */
 export type DecryptedObject<
   TEncryptedObject,
   TDecryptedKeys extends EncStringKeys<TEncryptedObject>,
 > = Record<TDecryptedKeys, string> & Omit<TEncryptedObject, TDecryptedKeys>;
 
 // extracts shared keys from the domain and view types
+/** @deprecated */
 type EncryptableKeys<D extends Domain, V extends View> = (keyof D &
   ConditionalKeys<D, EncString | null | undefined>) &
   (keyof V & ConditionalKeys<V, string | null | undefined>);
 
+/** @deprecated */
 type DomainEncryptableKeys<D extends Domain> = {
   [key in ConditionalKeys<D, EncString | null | undefined>]?: EncString | null | undefined;
 };
 
+/** @deprecated */
 type ViewEncryptableKeys<V extends View> = {
   [key in ConditionalKeys<V, string | null | undefined>]?: string | null | undefined;
 };
 
 // https://contributing.bitwarden.com/architecture/clients/data-model#domain
+/** @deprecated encryption and decryption of domain objects should be moved to the SDK */
 export default class Domain {
+  /** @deprecated */
   protected buildDomainModel<D extends Domain>(
     domain: D,
     dataObj: any,
@@ -48,6 +57,7 @@ export default class Domain {
     }
   }
 
+  /** @deprecated */
   protected buildDataModel<D extends Domain>(
     domain: D,
     dataObj: any,
@@ -69,6 +79,7 @@ export default class Domain {
     }
   }
 
+  /** @deprecated */
   protected async decryptObj<D extends Domain, V extends View>(
     domain: DomainEncryptableKeys<D>,
     viewModel: ViewEncryptableKeys<V>,
@@ -76,6 +87,8 @@ export default class Domain {
     orgId: string | null,
     key: SymmetricCryptoKey | null = null,
     objectContext: string = "No Domain Context",
+    // Unused until a follow-up PR in the PR-chain merges
+    userId: UserId | null = null,
   ): Promise<V> {
     for (const prop of props) {
       viewModel[prop] =