๐ Read white paper | ๐ Documentation | ๐ธ Community support
Cypher, FHE-EVM Layer is the core of the DeAI ecosystem, designed to optimize blockchain for AI applications. It integrates Fully Homomorphic Encryption (FHE) with Ethereum Virtual Machine (EVM) compatibility, allowing encrypted AI computation without sacrificing performance. This combination ensures that data remains secure while being processed by AI, maintaining both confidentiality and efficiency.
The FHE-EVM integration supports encrypted data processing within smart contracts, enabling secure AI execution on-chain. It includes precompiled cryptographic contracts that embed FHE operations to optimize execution and reduce computational overhead. Additionally, FHE gas optimization adjusts gas calculations specifically for FHE operations, ensuring efficient resource use.
The purpose of homomorphic encryption is to allow computation on encrypted data. Thus data can remain confidential while it is processed, enabling useful tasks to be accomplished with data residing in untrusted environments. In a world of distributed computation and heterogeneous networking this is extremely valuable.
A homomorphic cryptosystem functions similarly to other types of public encryption in the sense that it utilizes a public key to encrypt data and only permits the person with the corresponding private key to access the unencrypted data. Its distinctiveness, however, lies in its use of an algebraic system that enables a range of computations (or operations) on the encrypted data.
Why Is This a Revolution? - Because It Enables Decentralized Blockchain Scaling with Encrypted Transactions!
Previously, encrypted transactions were difficult to process at scale because nodes couldn't perform computations on encrypted data. Homomorphic encryption solves this by allowing computations on encrypted transactions without needing to reveal the underlying data. This is revolutionary because the nodes no longer require the private key used to encrypt the information in order to process it. As a result, blockchain networks can scale in a fully decentralized manner while maintaining the confidentiality of the data.
In this system, separate gateway nodes act as decryptors. Upon request, they verify user access, decrypt the data, re-encrypt it with the user's public key for secure transmission, and deliver it back. The user can then decrypt the data using their private key, preserving confidentiality throughout the process.
-
Solidity integration: fhEVM contracts are simple solidity contracts that are built using traditional solidity toolchains.
-
FHEVM Encryption: Cypher integrates fully homomorphic encryption (FHE) into smart contracts, allowing computations to be performed on encrypted data without ever needing to decrypt it, ensuring maximum privacy and security.
-
Optimized Rollup Technology: With Rollup design, Cypher achieves faster execution and lower transaction costs, making it ideal for high-throughput decentralized applications.
-
Decentralized Layer 3 Deployment: Utilizing Rollup, Cypher enables decentralized deployment of Layer 3 solutions, giving developers more control and flexibility in building applications.
-
Privacy-Preserving Computations: By using FHE, Cypher ensures that all computations are private, allowing sensitive data to remain encrypted while still enabling meaningful operations, ideal for industries requiring high levels of data confidentiality.
-
Low-Cost Transactions: Cypher benefits from Rollup Layer 2 infrastructure, providing a low-cost environment for executing smart contracts without sacrificing security or decentralization.
-
Scalability: Cypher enhances the scalability of Ethereum, allowing more complex and resource-intensive decentralized applications (dApps) to run seamlessly on its platform.
-
Layer 2 (L2) - Rollup: Acts as the parent chain, utilizing optimized rollup technology for efficient execution. It batches and processes transactions off-chain, offering high throughput and low fees while maintaining Ethereum's security model.
-
Layer 3 (L3) - Cypher with FHEVM Integration: Built on Rollup, Cypher introduces FHE capabilities into smart contracts, enabling secure and private computations on encrypted data.
-
fhevm-go Library: Cypher integrates the fhevm-go library into the go-ethereum client, a component of Rollup. This integration allows smart contracts to perform computations on encrypted data seamlessly, leveraging fully homomorphic encryption capabilities.
-
Containerized Execution: The modified go-ethereum client runs within a Docker container under rollup. This setup ensures isolated and efficient execution of Layer 3 operations, enhancing scalability and security.
-
Key Management Service (KMS): Validators do not possess the blockchain's private key; instead, a dedicated KMS securely manages it. This approach enhances security by preventing any single validator from accessing sensitive key material.
-
Gateway Service: Acts as an intermediary for decryption and re-encryption requests, handling two primary scenarios:
-
Smart Contract Decryption: When a smart contract requires plaintext data, the Gateway listens for decryption request events and returns the decrypted value via a callback function.
-
dApp Re-encryption: For decentralized applications needing plaintext, the Gateway provides an API to re-encrypt ciphertext with the dApp's public key, allowing the dApp to decrypt it locally.
-
Access Control List (ACL): Defines which addresses can manipulate or access ciphertexts, ensuring unauthorized users can't access sensitive data.
-
TFHE Executor: Manages all encrypted data operations through the TFHEExecutor interface, enabling secure computations on encrypted data.
-
KMS Verifier: Handles the verification of signatures, ensuring the validity of transactions by managing verifiers.
-
Gateway: Acts as the intermediary for encryption and decryption requests, relaying them between the smart contract and the Key Management Service (KMS), which provides decryption results securely.
-
Ciphertext Retrieval: The smart contract implements a view function (e.g., balanceOf) to return the encrypted data (ciphertext) that needs to be re-encrypted. This ciphertext is initially encrypted with the FHE blockchain key.
-
Client-Side Setup: The dApp initiates a connection to the FHEVM network via fhevmjs and generates a NaCl keypair (public and private keys) to be used for the re-encryption process.
-
EIP712 Signature: The dApp creates an EIP712 object containing the public key and contract details, which the user must sign. This ensures the re-encryption process is authorized by the user.
-
Ciphertext Re-encryption: The dApp retrieves the ciphertext from the contract and sends it, along with the userโs signature and public key, to the FHEVM Gateway service. The Gateway re-encrypts the ciphertext using the provided public key.
-
Decryption: The re-encrypted ciphertext is returned to the dApp, which can now decrypt it using the previously generated private key. This decrypted data can be securely used by the dApp while maintaining privacy throughout the process.
๐ก Attention:: The user must have appropriate permissions set in the Access Control List (ACL) to allow re-encryption, ensuring that only authorized users can perform this operation.
-
Request Decryption: The dApp or smart contract calls Gateway.requestDecryption, passing the encrypted data (ciphertext), a callback function selector, and other parameters like maximum timestamp and signature verification requirements.
-
Gateway Processing: The Gateway contract emits an EventDecryption, which is picked up by a relayer. The relayer sends the ciphertext to the Key Management Service (KMS) for decryption. The KMS signature ensures authenticity.
-
Callback Function: Once decryption is complete, the Gateway contract calls the specified callback function in the requesting contract, passing the decrypted values. The contract must protect this callback using the onlyGateway modifier to ensure only the Gateway can trigger it.
-
Asynchronous Fulfillment: The decryption process can take time and is fulfilled asynchronously, usually within 2 blocks on the fhEVM testnet. The relayer ensures timely delivery of the decryption results, but the contract can specify a maximum timestamp for valid decryption results.
-
Relayer and KMS: The relayer simply forwards decryption requests, while the KMS signature verification ensures that the relayer cannot tamper with the decryption result.
๐ก Attention:: Once decrypted on smart contract, information becomes accessible to everyone on the blockchain. Therefore, strict access controls are essential.
๐ก Attention:: The decryption operation is asynchronous. To use it, your contract must extend the GatewayCaller contract. This will import automatically the Gateway solidity library as well.
import "fhevm/lib/TFHE.sol";
contract Counter {
euint32 counter;
function add(einput valueInput, bytes calldata inputProof) public {
euint32 value = TFHE.asEuint32(valueInput, inputProof);
counter = TFHE.add(counter, value);
TFHE.allow(counter, address(this));
}
}
import "fhevm/lib/TFHE.sol";
contract Rand {
euint8 public value8;
constructor() payable {
TFHE.setFHEVM(FHEVMConfig.defaultConfig());
}
function generate8() public {
value8 = TFHE.randEuint8();
TFHE.allowThis(value8);
}
}
Check the documetation for a step by step guide how to run own
