While it is true that FHE requires intensive computation and cannot support use cases that require scale (such as training ML models on top of encrypted data), it is currently fast enough to support crypto use cases. This is because not all the operations within a smart contract are confidential, and the waiting period for producing new blocks provides enough time for the computation needed.

Trusted execution environments (TEEs), and zero knowledge proofs (ZK).

• TEEs:

  • Blockchain systems built upon Trusted Execution Environments (TEEs) employ an approach where encrypted data is stored on the blockchain itself. The process involves decrypting the data within secure enclaves, such as Intel SGX, which securely house the decryption keys. However, it's crucial to acknowledge that these secure enclaves are not immune to potential vulnerabilities, notably those stemming from side-channel attacks that could compromise their integrity and security.

• ZK:

  • Zero-Knowledge Proofs (ZKPs) enable the verification of accurate computations without revealing the underlying confidential data. However, a limitation arises from the requirement that sensitive input data must be in its original plaintext form and stored externally. As a consequence, the concept of composability is hindered, limiting ZKPs to applications involving a single participant. This constraint narrows the scope of their utility to scenarios where privacy is essential but participation remains singular and non-collaborative.

We expect our initial mainnet to handle 10 TPS with a blocktime of around 8 seconds with CPU, and if needed, we can transition to GPU and scale to 20-50 TPS. However, we expect that FPGA hardware acceleration in 2025 will allow us to scale to 100-1000 TPS.

Our TFHE scheme is based on lattice cryptography, which has been endorsed by the National Institute for Standards and Technology (NIST) to be resistant to quantum computers.

During the ciphertext creation, the plaintext is encrypted using the public key of the global FHE key, and a zero-knowledge proof of plaintext knowledge (ZKPoK) is also generated. The ZKPoK guarantees that 1) the ciphertext correctly generated 2) the user knows the plaintext value 3) the ciphertext cannot be used in another smart contract. In sum, a ciphertext is only valid if the ZKPoK is also validated in the transaction.