What is FHE
Fully homomorphic encryption (FHE) was first discussed in the 1970s, but has always been elusive. The basic idea is to encrypt data and perform computations on it without decrypting it. Initially, only simple operations such as addition or multiplication could be performed on encrypted data, which was called partially homomorphic encryption. The breakthrough came in 2009 when Craig Gentry showed that any computation could be performed on encrypted data, leading to the development of fully homomorphic encryption.
FHE is an advanced form of cryptography that allows computation to be performed on encrypted data without first decrypting it. This means that operations can be performed on ciphertext (encrypted data) to produce an encrypted result that, when decrypted, is identical to the result of the operation on plaintext (unencrypted data).
Key features of fully homomorphic encryption
Homomorphism
Addition: Addition operation on ciphertext is equivalent to addition operation on plaintext.
?(?+?)=?(?)+?(?)
Multiplication: Multiplication of ciphertext is equivalent to multiplication of plaintext.
?(?×?)=?(?)×?(?)
Noise management: When data is encrypted using FHE, noise is added to the ciphertext to ensure security. However, these noises increase after each operation. It is important to manage and minimize noise because if the noise becomes too large, calculations may become inaccurate or fail.
Unlimited operations: Unlike partially homomorphic encryption (PHE), which only supports one operation (addition or multiplication) and a finite number of operations, FHE supports unlimited additions and multiplications. This allows any type of computation to be performed on the encrypted data.
Strictly speaking, fully homomorphic encryption is a special case of homomorphic encryption. Homomorphic encryption means that adding or multiplying ciphertext is equivalent to performing the same operation on plaintext, that is:
?(?+?)=?(?)+?(?)
?(?×?)=?(?)×?(?)
In this context, a and E(a), and b and E(b) can be considered equivalent. However, there are two important challenges to note:
The equivalence between plaintext and ciphertext involves adding some noise to the plaintext before performing operations to obtain the ciphertext. If the noise causes large deviations, the calculation may fail. Therefore, controlling noise is crucial to various algorithms.
Addition and multiplication are very expensive. Computation on ciphertext can be 10,000 to 1,000,000 times more expensive than computation on plaintext. Fully homomorphic encryption is only achieved when an infinite number of additions and multiplications can be performed on the ciphertext.
Different types of homomorphic encryption have unique value in their respective fields and can be classified as follows according to their degree of implementation:
Types of Homomorphic Encryption Partially Homomorphic Encryption (PHE): supports an infinite number of operations of one type (addition or multiplication). For example, RSA is partially homomorphic with respect to multiplication.
Some kind of homomorphic encryption (SHE): supports addition and multiplication, but a limited number of times. This is useful for specific applications that only require a small number of operations.
Fully Homomorphic Encryption (FHE): supports unlimited additions and multiplications, allowing arbitrary computations to be performed on encrypted data. This makes FHE extremely powerful, but also computationally intensive.
The main advantage of FHE is the ability to perform any type of computation on encrypted data, ensuring privacy and security throughout the computation process.
Application of FHE in blockchain
Vitalik pointed out that FHE may become a key technology for blockchain scalability and privacy protection. The current blockchain is transparent by default, and every transaction and smart contract variable is public. FHE can transform a fully transparent blockchain into a partially encrypted form while still being controlled by smart contracts.
For example, Zama is developing an FHE virtual machine that allows programmers to write Solidity code that operates FHE primitives. This approach could solve privacy issues on blockchains today, making use cases like crypto payments, slot machines, and casinos possible while preserving the transaction graph, making it more regulatory-friendly than solutions like Tornado Cash.
Another key application of FHE is to improve the usability of privacy projects. Projects like Zcash, Aztec, and Tornado Cash have significant usability issues with long retrieval times for balance information and synchronization delays. FHE provides a solution through Private Message Retrieval (OMR), which allows wallet clients to sync without exposing access to content.
However, FHE does not directly solve blockchain scalability issues like Rollup technology. Combining FHE with zero-knowledge proofs (ZKP) may solve some scalability challenges. Verifiable FHE can ensure that the calculation is executed correctly, similar to ZK Rollups, providing a trusted calculation mechanism for the blockchain environment.
The relationship between FHE and zero-knowledge proofs (ZKPs)
FHE and ZKP are complementary technologies but serve different purposes. ZKP allows verifiable computation and zero-knowledge properties, providing privacy for private state. However, ZKP does not provide privacy for shared state, which is critical for permissionless smart contract platforms like Uniswap. This is where FHE and multi-party computation (MPC) come into play, allowing computation on encrypted data without exposing the data itself.
Combining ZKP and FHE significantly increases computational complexity and is impractical unless required for a specific use case.
Current stage and future prospects of FHE
FHE is about three to four years behind ZKP in development, but is catching up quickly. The first generation of FHE projects are launching testnets, and the mainnet is expected to be released later this year. Although FHE still has a higher computational overhead than ZKP, its potential for mass adoption is imminent. Once FHE enters production and scales, it is expected to grow as fast as ZK Rollups.
Challenges and bottlenecks
The adoption of FHE faces several challenges, including computational efficiency and key management. The bootstrapping operation in FHE is computationally intensive, but is improving with algorithmic advances and engineering optimizations. For specific use cases like machine learning (ML), alternatives that do not use bootstrapping operations may be more efficient.
Key management also poses challenges. Projects like Zama’s fhEVM, Inco, or Phoenix require threshold key management involving a set of validators with decryption capabilities. This approach needs to be further developed to overcome the single point of failure problem.
Use Cases:
FHE Market Status
Crypto venture capital firms like 1kx have been actively investing in the FHE space, recognizing its potential. 1kx led an investment in the Inco project, which is built on Zama and focuses on fhEVM use cases. Inco is working with partners to develop applications such as slot machines, casinos, commercial payments, and games.
Threshold FHE (TFHE) is particularly promising, combining FHE with MPC and blockchain, opening up new use cases. The developer-friendliness of FHE, which can be programmed using Solidity, makes it both practical and feasible in application development.
Competitive Landscape Arcium (formerly Elusiv)
Arcium is a DePIN network on Solana for parallel confidential computing. Founded by Yannik Schrade, Julian Deschler, Nicolas Schapeler, and Lukas Steiner, it was rebranded from the zk-based compliant privacy protocol Elusiv to Arcium on May 8, 2024.
Arcium supports developers and applications such as DeFi, DePIN, and AI, and provides flexible trustless, verifiable, and high-performance services through the DA layer and consensus layer calls of the underlying blockchain.
Confidential computing capabilities. It is not a blockchain, but allows developers to deploy confidential smart contracts on different blockchains, and also provides non-blockchain users with the ability to configure the blockchain layer trust model on demand.
In May 2024, Arcium completed a $5.5 million strategic financing round led by Greenfield Capital, with participation from Coinbase Ventures, Heartcore Capital, Longhash VC, L2 Iterative Ventures, Stake Facilities, Smape Capital, Everstake, Solana co-founder Anatoly Yakovenko and Monad co-founder Keone Han.
Cysic
Cysic is a hardware acceleration company focused on real-time generation and verification of zero-knowledge (ZK) proofs. They provide ZK Compute-as-a-Service (ZK-CaaS) based on proprietary ASIC, FPGA, and GPU chips. Cysic has developed FPGA hardware and plans to launch ZK DePIN chips/devices called ZK Air and ZK Pro, which will form DePIN's Prover Network.
In February 2023, Cysic completed a $6 million seed financing round led by Polychain Capital, with participation from HashKey, SNZ Holding, ABCDE, A&T Capital and Web3.com Foundation.
Exist
Zama is an open source cryptography company that develops FHE solutions for blockchain and AI. Co-founded by Hindi and Pascal Paillier, a famous cryptographer and one of the inventors of FHE, in early 2020, Zama provides FHE solutions for Web3 projects such as the TFHE-re library, the TFHE compiler Concrete, the privacy-preserving machine learning Concrete ML, and the confidential smart contract fhEVM.
Zama focuses on TFHE (Threshold Fully Homomorphic Encryption). TFHE-re is implemented in pure Rust for encrypted Boolean and integer calculations, allowing developers and researchers to have fine-grained control over TFHE to achieve advanced functions. fhEVM integrates TFHE-re into EVM, making homomorphic operations as pre-compiled contracts without modifying compilation tools.
On March 7, 2024, Zama completed a $73 million Series A round led by Multicoin Capital and Protocol Labs, with participation from Metaplanet, Blockchange Ventures, Vsquared Ventures, Stake Capital, Filecoin founder Juan Benet, Solana co-founder Anatoly Yakovenko, and Ethereum co-founder Gavin Wood. The funds will be used to continue research and development of their FHE tools.
Sunscreen
Sunscreen is a privacy startup that helps engineers build and deploy private applications using encryption technologies such as FHE. They open sourced the FHE compiler, a Web3 native compiler that converts standard Rust functions into equivalent private FHE functions, providing the best performance for arithmetic operations without hardware acceleration. The compiler also supports the BFV FHE scheme, and a ZKP-compatible compiler is being developed to ensure computational integrity when combined with FHE.
In July 2022, Sunscreen completed a $4.65 million seed financing round led by Polychain Capital, with participation from Northzone, Coinbase Ventures, dao5, and individuals such as Naval Ravikan and Tux Pacific.
Octra
Octra is a FHE blockchain network that supports isolated execution environments. It proposes a new type of FHE called HFHE (Fully Homomorphic Encryption) that runs on a hypergraph. According to the official documentation, HFHE can be compatible with any project and run independently. Most of Octra's codebase is developed in OCaml, AST, ReasonML (for smart contracts and applications that interact with Octra), and C++. This approach is relatively new and academic discussions are limited. The security of the solution has not been verified and needs further verification.
Fhenix
Fhenix is an Ethereum Layer 2 (L2) supported by FHE Rollups and FHE Coprocessors, fully compatible with EVM and Solidity, using FHE to implement on-chain confidential smart contracts. Fhenix does not use zkFHE, but uses Optimistic Rollup and Zama's FHE, achieves on-chain confidentiality through fhEVM, and focuses on TFHE (Threshold FHE).
In September 2023, Fhenix completed a $7 million seed financing round led by Sora Ventures, Multicoin Capital and Collider Ventures, with participation from Node Capital, Bankless, HackVC, TaneLabs and Metaplanet. The public testnet will be released in early 2024 to support ecosystem application development.
Mind Network
Mind Network is an FHE re-staking layer for DePIN and AI, powered by Zama, and aims to achieve "HTTPZ" (end-to-end encrypted Internet). Products include MindLayer, an FHE re-staking solution, MindSAP, an FHE-authorized stealth address protocol, and MindLake, an FHE DataLake built through MindLayer's FHE verification network. Users can re-stake BTC and ETH LST tokens to Mind Network, introduce FHE-enhanced validators, and ensure end-to-end encryption during verification and calculation of AI and DePIN networks. The smart PoI (Proof of Intelligence) consensus mechanism for AI machine learning tasks ensures fair and secure distribution among FHE validators. FHE calculations can be hardware accelerated. MindLake is a data storage Rollup for on-chain encrypted data calculations.
In June 2023, Mind Network completed a US$2.5 million seed financing round, with participation from Binance Labs, Comma3 Ventures, SevenX Ventures, HashKey Capital, Big Brain Holdings, Arweave SCP Ventures, Mandala Capital and others.
Inco
Inco Network is a modular confidential computing Layer 1 blockchain and Web3 universal privacy layer that provides privacy protection for on-chain applications. It combines Ethereum EVM and FHE, protected by EigenLayer, allowing programs to operate and calculate on encrypted data without decryption, using on-chain local randomness. Inco launched the Gentry testnet to solve the challenges of Web3 privacy protection, supporting applications such as games, DeFi (including dark pools, private lending and blind auctions), enterprise solutions (such as confidential stablecoins, private RWA and private voting).
In February 2024, Inco Network completed a $4.5 million seed financing round led by 1kx, with participation from Circle Ventures, Robot Ventures, Portal VC, Alliance DAO, Big Brain Holdings, Symbolic, GSR, Polygon Ventures, Daedalus, Matter Labs and Fenbushi.
Regulatory environment The regulatory environment for privacy technologies such as FHE
Varies in different regions. While data privacy is widely supported, financial privacy remains a gray area. FHE has the potential to enhance data privacy, allowing users to retain ownership of their data and potentially profit from it, while maintaining social benefits such as targeted advertising.
Looking ahead, incremental improvements in theory, software, hardware, and algorithms are expected to make FHE increasingly practical. The development of FHE is currently transitioning from theoretical research to practical applications, and significant progress is expected in the next three to five years.
in conclusion
Fully homomorphic encryption (FHE) is on the verge of revolutionizing the crypto space, providing advanced privacy and security solutions. With continued advancements and growing attention from venture capital, FHE is poised to achieve mass adoption, solving key issues of blockchain scalability and privacy protection. As the technology matures, it is expected to unlock new possibilities and drive innovation in a wide range of applications in the crypto ecosystem.