Original author: Poopman
Original translation: Joyce, BlockBeats Editor's note:
"FHE" is a hot technical topic in the crypto community recently.
Two weeks ago, Ethereum Layer 2 Fhenix announced the completion of a $15 million Series A round led by Hack VC. As early as last year, Fhenix had received a seed round led by Multicoin. Fhenix is an Ethereum L2 powered by FHE Rollups and FHE Coprocessors, which can run FHE-based smart contracts with on-chain confidential computing. Yesterday, Sam Williams, the founder of Arweave, which is undergoing a major update, also posted on social media that the function of using FHE for private computing within the AO process will be launched soon.
There are many FHE ecological projects. This long article by community KOL Poopman gives a basic review of the concept of FHE and ecological projects, and proposes the technical challenges and possible solutions faced by FHE. BlockBeats compiled it as follows:
FHE opens up the possibility of computing on encrypted data without decrypting it. When combined with blockchain, MPC, ZKP (scalability), FHE provides the necessary confidentiality and supports a variety of on-chain use cases.
In this article, I will introduce four issues, namely the background of FHE, how FHE works, 5 landscapes of the FHE ecosystem, and current challenges and solutions for FHE.
Background on FHE
FHE was first proposed in 1978, but due to its computational complexity, it was not practical and was rather theoretical for quite a long time. It was not until 2009 that Craig developed a working model for FHE, which sparked research interest in FHE.
In 2020, Zama launched TFHE and fhEVM, bringing FHE to the forefront of the cryptocurrency space. Since then, we have seen the emergence of universal EVM-compatible FHE L1/L2 (such as Fhenix, Inco, and FHE compilers such as Sunscreen, etc.).
How does FHE work?
You can imagine a blind box with a puzzle inside. However, the blind box cannot know anything about the puzzle you gave it, but it can still calculate the result mathematically.
If that’s too abstract, you can learn more from my simplistic explanation of FHE. FHE is a privacy technology that allows computations to be performed on encrypted data without first decrypting it. In other words, any third party or cloud can process sensitive information without having access to any data inside.
So what are the use cases for FHE? Enhanced privacy for machine learning, cloud computing, on-chain gambling through ZKP and MPC. Private on-chain transactions/private smart contracts/privacy-focused virtual machines such as FHEVM, etc.
Some FHE use cases include: private on-chain computation, on-chain data encryption, private smart contracts on public networks, confidential ERC 20, private voting, NFT blind auctions, more secure MPC, front-running protection, trustless bridges.
FHE Ecosystem
In general, the prospects of on-chain FHE can be summarized into five areas: general FHE, FHE/HE for specific use cases (applications), FHE accelerated hardware, FHE Wif AI, and "alternative solutions".
Generic FHE blockchains and tools
They are the backbone to achieve blockchain confidentiality. This includes SDK, coprocessor, compiler, new execution environment, blockchain, FHE module... The most challenging one is to bring FHE to EVM, namely fhEVM.
fhEVM:
Zama (@zama_fhe ), as the representative of fhEVM - the first provider of TFHE (fully homomorphic encryption) + fhEVM (fully homomorphic virtual machine) solution.
Fhenix(@FhenixIO), implements FHE L2 (second layer) + FHE coprocessor on ETH.
Inco network (@inconetwork), focusing on EVM compatible FHE L1 in areas such as gaming/RWA (real world assets)/DID (decentralized identity)/social.
FairMath (@FairMath ), a Fully Homomorphic Virtual Machine (FHE-(E)VM) research organization working with openFHE to promote the implementation and adoption of FHE.
FHE Infrastructure Tools:
Octra network (@octra ), a blockchain that supports HFHE (high-order fully homomorphic encryption) isolated execution environments.
Sunscreen (@SunscreenTech ), a fully homomorphic compiler based on Rust, relies on Microsoft's SEAL library.
Fairblock (@0x fairblock ), a provider of programmable encryption and conditional decryption services, also supports tFHE (threshold fully homomorphic encryption).
Dero (@DeroProject ), L1 with HE (homomorphic encryption) support for private transactions (not FHE).
Arcium (@ArciumHQ), an L1 that combines HE (homomorphic encryption) + MPC (multi-party computation) + ZK (zero-knowledge proof) privacy, developed by the @elusivprivacy team.
Shibraum FHE chain, FHE L1 made with zama TFHE solution.
FHE/HE for specific applications
Penumbrazone (@penumbrazone): A cross-chain Cosmos dex (appchain) that uses tFHE as its shielded exchange/pool.
zkHold-em (@zkHoldem): is a poker game on Manta that uses HE and ZKP to prove the fairness of the game.
Hardware-accelerated FHE
Whenever FHE is used for intensive computations such as FHE-ML, bootstrapping to reduce noise growth is critical. Solutions such as hardware acceleration play an important role in facilitating bootstrapping, with ASICs performing best.
Optalysys (@Optalysys), a hardware company focused on accelerating all TEE-related software, including FHE, through optical computing.
Chain Reaction (@chainreactioni 0 ), a hardware company that makes chips that help make mining more efficient. They plan to launch an FHE chip by the end of 2024.
Ingonyama (@Ingo_zk) is a semiconductor company focusing on ZKP/FHE hardware acceleration. Existing products include ZPU.
Cysic (@cysic_xyz) is a hardware acceleration company whose existing products include self-developed FPGA hardware, as well as the upcoming ZK DePiN chip, ZK Air and ZK Pro.
Each company specializes in producing hardware such as chips, ASICs, and semiconductors that can accelerate the boot/computation of FHE.
AI X HE
Recently, there has been a growing interest in integrating FHE into AI/ML, where FHE can prevent machines from learning any sensitive information while processing it and provide confidentiality for data, models, and outputs throughout the process.
Ai x FHE members include:
Mind network (@mindnetwork_xyz), a FHE re-staking layer for securing Proof-of-Stake (PoS) and AI networks through high-value data encryption and private voting, reducing opportunities for node collusion and manipulation.
SightAl (@theSightAI), a verifiable FHE AI inference blockchain with verifiable FHE-ML. The blockchain consists of three main parts: the Sight Chain, the Data Aggregation Layer (DA Layer), and a Sight Inference Network, where FHE-ML tasks are performed.
Based AI (@getbasedai), Based AI is an L1 blockchain that integrates FHE with Large Language Models (LLMs) using a mechanism called Cerberus Squeezing, which can convert any LLM into an encrypted zero-knowledge large language model (ZL-LLM).
Privasea Al (@Privasea_ai), Privasea AI is an AI network that allows users to encrypt their data or models using the FHE scheme in the HESea library and then upload to the Privasea-AI network where the blockchain processes the data in an encrypted state.
The HESea library is comprehensive, contains different libraries for TFHE, CKKS, and BGV/BFV, and is compatible with a range of schemes.
「Alternative solution」MPC/ZKFHE
Some do not use FHE, but use MPC to protect high-value data and perform "blind computations", while others use ZKSNARK to guarantee the correctness of FHE calculations on encrypted data. They are:
Nillion Network (@nillionnetwork), a computing network that uses MPC to decentralize and store high-value data while allowing users to write programs and perform blind computations. Nillion consists of two main components: the coordination layer and the Petnet. The coordination layer acts as a payment channel, while the Petnet performs blind computations and storage of high-value data.
Padolabs (@padolabs), Pado is a computing network that uses FHE to process sensitive data while leveraging MPC-TLS and ZKP to ensure the correctness of the computation.
FHE Challenges and Solutions
Unlike ZK and MPC, FHE is still in its early stages. What is the bottleneck of FHE now? In order to enhance the security of the calculation, some "noise" is added to the ciphertext during encryption. When too much "noise" accumulates in the ciphertext, it becomes too "noisy" and eventually affects the accuracy of the output. Different solutions are exploring how to effectively eliminate noise without imposing too many restrictions on the design, including TFHE, CKKS, BGV, etc.
The main challenges of FHE include:
Slow performance: Currently, private smart contracts using fh-EVM have only 5 TPS. TFHE is now about 1000 times slower than pure data.
Not yet developer-friendly: There is still a lack of standardized algorithms and overall supported FHE tools.
High computational overhead (cost): This may lead to node centralization due to noise management and complex computation bootstrapping.
Risks of FHE on unsecured chains: To ensure the security of any threshold decryption system, the decryption keys are distributed among nodes. However, due to the high overhead of FHE, this may lead to a small number of validators and therefore a higher probability of collusion.
Solutions include:
Programmable Boost: It allows calculations to be applied during boot, thus improving efficiency while being application specific.
Hardware Acceleration: Develop ASICs, GPUs, and FPGAs along with the OpenFHE library to accelerate FHE performance.
Better threshold decryption system. In short, in order to make on-chain FHE more secure, we need a system (can be MPC) to ensure: low latency; lower node entry barriers and achieve decentralization; fault tolerance.
Original link