IOSG Ventures: Why does FHE have a better application prospect in Web3?

Original author: IOSG Ventures

Privacy is a fundamental right for humans and organizations. For individuals, it helps people express themselves freely without having to reveal any information they dont want to share to third parties. For most organizations today, data is considered a primary commodity, and data privacy is essential to protect this commodity. The cypherpunk movement and the commoditization of data have accelerated the research and perkembangan of cryptographic primitives.

Cryptography is a fairly broad field, and when we look at cryptography in the context of computing, we have seen many different schemes such as zero-knowledge proofs, homomorphic encryption, secret sharing, etc., which have been continuously improved since their inception in the 1960s. These schemes are essential to unlocking private computing methods (data is the main commodity because people can discover insights from it). To this day, the field of private computing has made significant progress in multi-party computation and zero-knowledge proofs, but there are always privacy issues with the input data itself.

When the most important commodity is public, it is very difficult for any data owner to outsource the computation of this data without a legal agreement. Today, everyone relies on compliance standards for data privacy, such as HIPAA for health data and GDPR specifically for data privacy in the European region.

In the blockchain space, we believe more in the integrity of the technology than in the integrity of the regulators. As believers in permissionlessness and maximizing ownership, if we believe in a future where users own their data, we need trustless methods to perform computations on that data. The concept of performing computations on encrypted data had been elusive until Craig Gentry’s work in 2009. This was the first time anyone was able to perform computations (addition and multiplication) on ciphertext (i.e., encrypted data).

1. How Fully Homomorphic Encryption (FHE) works

So what exactly is this “magic math” that allows computers to perform calculations without understanding the input?

Fully homomorphic encryption (FHE) is a class of cryptographic schemes that allows computations to be performed on encrypted data (ciphertext) without decrypting the data, opening up a range of use cases for privacy and data protection.

In the FHE process, when data is encrypted, additional data called noise is added to the original data. This is the process of encrypting the data.

Each time you perform a homomorphic computation (addition or multiplication), additional noise is added. If the computation is too complex, adding noise each time will eventually make it very difficult to decrypt the ciphertext (it is computationally very heavy). This process is more suitable for addition because the noise grows linearly, while for multiplication, the noise grows exponentially. Therefore, if there are complex polynomial multiplications, decrypting the output will be very difficult.

If noise is the main problem and its growth makes FHE difficult to use, it must be controlled. This gave rise to a new process called Bootstrapping. Bootstrapping is the process of encrypting encrypted data with a new key and decrypting it in encryption. This is very important because it significantly reduces the computational overhead as well as the decryption overhead of the final output. While Bootstrapping reduces the final decryption overhead, there is a large amount of operational overhead in the process. This can be expensive and time consuming.

The main FHE schemes currently include: BFV, BGV, CKKS, FHEW, and TFHE. Except for TFHE, the abbreviations of these schemes are the names of their paper authors.

Think of these schemes as different languages spoken in the same country, each optimized for something different. The ideal would be to have a unified country where all these languages could be understood by the same machine. Many FHE working groups are working on making these different schemes composable. Libraries like SEAL (combining BFV and CKKS schemes) and HElib (BGV + approximate CKKS) help implement FHE schemes or combinations of schemes for different computations. For example, Zamas Concrete library is a Rust compiler for TFHE.

2. Comparison of FHE Schemes

Below is a performance comparison of different libraries by Charles Guter, Dimitris Mouris, and Nectarios George Tsousos in their paper SoK: New Insights into Fully Homomorphic Encryption Libraries via Standardized Benchmark (2022).

Web3 Use Cases

When we use blockchains and applications today, all data is public and visible to everyone. This is good for most use cases, but completely limits many use cases that require privacy by default or data confidentiality (such as machine learning models, medical databases, genomics, private finance, non-rigged games, etc.). FHE-powered blockchains or virtual machines essentially allow the state of the entire chain to be encrypted from the beginning, ensuring privacy, while allowing arbitrary computations to be performed on the encrypted data. All data stored or processed on an FHE-powered blockchain network is inherently secure. Zama has a fhEVM scheme that allows EVM computations to be performed in a fully homomorphic environment. This ensures privacy at the execution level for any L1/L2 project built using this library. Although privacy chains have always been a cool technology, the adoption rate and token performance have not increased significantly.

When it comes to outsourcing general purpose computation, FHE itself is not meant to replace ZK and MPC. They can complement each other to create a trustless private computing giant. For example, Sunscreen is building a privacy engine that essentially allows any blockchain application to outsource computation to their FHE computing environment and can feed the results back. The resulting computation can be verified via ZK proofs. Octra is doing something similar, but using a different type of cryptographic scheme called hFHE.

ZK proofs are good at proving something without revealing the data, but the prover still had access to that data at some point in time. ZK proofs cannot be used for computations on private data; they can only verify that some computation was done correctly.

MPC distributes the computation of encrypted data across multiple machines, performs the computation in parallel, and then stitches together the final computation results. As long as the majority of machines performing the computation are honest, the original data cannot be retrieved, but this is still a trust assumption. Due to the constant communication between parties required in MPC (data needs to be constantly split, calculated, and reconnected), it becomes difficult to scale through hardware.

In FHE, all computations are performed on encrypted data without decrypting it, and this can be done on a single server. The performance of FHE can be scaled with better hardware, more computing resources, and hardware acceleration.

Currently, the best use cases for FHE in the blockchain space are more about outsourcing general-purpose computation rather than building built-in FHE L1/L2. Here are some interesting use cases that FHE can unlock:

• First generation (crypto-native): on-chain DID, casinos, betting, voting, games, Private DeFi, private tokens, dark pools, 2FA, backups, passwords.

• Second generation (modular): “Chainlink for privacy”, outsourced private computing, end-to-end encryption between blockchain and contracts, encrypted data availability, verifiable secure data storage.

• Third generation (enterprise level): complex consumer applications, encrypted and decentralized LLM, artificial intelligence, wearable devices, communications, military, medical, privacy-preserving payment solutions, Private P2P payments.

Current industry projects based on FHE

The development of fully homomorphic encryption (FHE) has inspired several innovative blockchain projects that leverage this technology to enhance data privacy and security. This section dives into the technical details and unique approaches of notable projects such as Inco, Fhenix, and Zama.

Inco

Inco is pioneering the integration of FHE with blockchain, creating a platform that makes data computation both secure and private. Inco uses lattice-based cryptography to implement its FHE scheme, ensuring that operations on ciphertext (encrypted data) can be performed without exposing the underlying plaintext. The platform supports privacy-preserving smart contracts, allowing encrypted data to be processed directly on the blockchain.

• Lattice-Based FHE: Inco utilizes lattice-based cryptography for its FHE implementation, known for its post-quantum security properties, ensuring resilience against possible future quantum attacks.

• Privacy-preserving smart contracts: Inco’s smart contracts can execute arbitrary functions on encrypted inputs, ensuring that neither the contract nor the nodes executing the contract can access the plaintext data.

• Noise Management and Bootstrapping: To handle the problem of noise growth during homomorphic operations, Inco implements an efficient Bootstrapping technique to refresh the ciphertext and maintain decryptability while performing complex computations.

Feniks

Fhenix focuses on providing a strong infrastructure for privacy-preserving applications, using FHE to provide end-to-end encryption solutions to protect user data. Fhenixs platform is designed to support a wide range of applications from secure messaging to private financial transactions, ensuring data privacy during all computing processes.

• End-to-end encryption: Fhenix ensures that data remains encrypted from the point of entry to processing and storage. This is achieved by combining FHE and secure multi-party computation (SMPC) technology.

• Efficient Key Management: Fhenix integrates an advanced key management system to facilitate secure key distribution and rotation, which is key to maintaining long-term security in FHE environments.

• Scalability: The platform uses optimized homomorphic operations and parallel processing to efficiently handle large-scale computations, addressing one of the main challenges of FHE.

• Coprocessors: Fhenix has also pioneered the development of specialized coprocessors designed to accelerate FHE computations. These coprocessors are specifically designed to handle the intensive mathematical operations required for FHE, significantly improving the performance and scalability of privacy-preserving applications.

Zama

Zama is a leader in the FHE space, best known for its fhEVM scheme, which allows Ethereum EVM computations to be performed in a fully homomorphic environment, ensuring privacy at the execution level for any L1/L2 project built using the library.

• fhEVM solution: Zamas fhEVM solution integrates FHE with the Ethereum Virtual Machine to enable encrypted smart contract execution. This allows confidential transactions and computations in the Ethereum ecosystem.

• Concrete Library: Zamas Concrete library is a Rust compiler for TFHE (a variant of FHE). The library provides a high-performance implementation of homomorphic encryption schemes, making cryptographic computations more efficient.

• Interoperability: Zama is committed to creating solutions that work seamlessly with existing blockchain infrastructure. This includes supporting a wide range of cryptographic primitives and protocols, ensuring broad compatibility and ease of integration.

3. The key role of FHE in Crypto and AI Infra and applications

Today, the intersection of cryptography and AI is in full swing. Without diving into this intersection, it is worth noting that innovation in new models and datasets will be driven by open source collaboration among multiple parties. Beyond computation, what ultimately matters is data, and this data is the most important part of this collaborative pipeline. AI applications and models are ultimately only as useful as the data they are trained on, whether it is a base model, a fine-tuned model, or an AI intelligent agent. Keeping this data secure and private opens up a huge design space for open source collaboration while allowing data owners to continue to profit from training models or final applications. If this data is public in nature, it will be difficult to monetize (because anyone can access valuable datasets), so this data is more likely to be strictly protected.

In this context, FHE can play a key role. Ideally, it can train models without revealing the underlying dataset, which could unlock the monetization of datasets and greatly promote open source collaboration among dataset owners.

Source: Bagel Network

How FHE Enhances Privacy-Preserving Machine Learning (PPML)

• Data Privacy: By using FHE, sensitive data such as medical records, financial information, or personal identifiers can be encrypted before being fed into an ML model. This ensures that the data remains confidential even if the computing environment is compromised.

• Secure model training: Training ML models typically requires large amounts of data. Using FHE, this data can be encrypted, allowing models to be trained without exposing the original data, which is critical for industries that handle highly sensitive information and are subject to strict data privacy regulations.

• Confidential Inference: In addition to training, FHE can also be used for encrypted inference. This means that once the model is trained, predictions can be made on encrypted inputs, ensuring that user data remains private throughout the inference process.

• FHE PPML application areas:

• Healthcare: Training ML models in a privacy-preserving manner can lead to more personalized and effective treatments without exposing sensitive patient information.

• Finance: Financial institutions can use FHE to analyze encrypted transaction data for fraud detection and risk assessment while maintaining customer privacy.

• IoT and smart devices: Devices can collect and process data in encrypted form, ensuring that sensitive information such as location data or usage patterns remain confidential.

Problems with FHE:

As mentioned before, there is no unity between FHE schemes. Schemes are not composable, and many times different FHE schemes need to be combined for different types of computations. The process of experimenting with different schemes for the same computation is also quite cumbersome. The CHIMERA framework under development allows switching between different FHE schemes such as TFHE, BFV, and HEAAN, but it is far from being usable at the moment. This leads to the next problem, which is the lack of benchmarks. Benchmarks are very important for developers to adopt this technology. This will help save many developers time. Given the computational overhead (encryption, decryption, bootstrapping, key generation, etc.), a lot of existing general-purpose hardware is not very suitable. Some form of hardware acceleration is needed, or specific chips (FPGAs and/or ASICs) may need to be created to achieve more mainstream applications of FHE. The problems of these modes can be compared to those of the ZK (zero-knowledge) industry. As long as a group of smart mathematicians, applied scientists, and engineers are interested in this field, we will continue to be bullish on both fields: FHE for privacy and ZK for verifiability.

4. What will the FHE-driven future look like?

Will there be one FHE solution to rule them all? This discussion is still ongoing in the industry. Although the ideal is to have a unified solution, the diverse needs of different applications may always require specialized solutions optimized for specific tasks. Is interoperability between solutions the best solution? Interoperability may indeed be a practical approach, allowing flexibility to handle diverse computing needs while leveraging the strengths of various solutions.

When will FHE be available? Availability is closely tied to progress in reducing computational overhead, improving benchmarking standards, and developing specialized hardware. As progress is made in these areas, FHE will become more accessible and practical.

In summary, FHE provides a powerful tool for data privacy protection and secure computing. Although there are still challenges in interoperability, computational overhead, and hardware support, the potential of FHE in blockchain, privacy-preserving machine learning, and broader Web3 applications cannot be ignored. With the continuous development and innovation of technology, FHE is expected to play a key role in the future of privacy protection and secure computing.

This article is sourced from the internet: IOSG Ventures: Why does FHE have a better application prospect in Web3?

Related: Shibarium Completes Hard Fork Promising Blazing Fast Transactions: Price Impact

In Brief Shibarium completes hard fork, promises fast transactions. Update aims for affordable, accessible Shibarium network. SHIB may see price surge if it breaks above $0.00002349. Shibarium, the layer-2 network from the Shiba Inu (SHIB) ecosystem, successfully completed a significant hard fork on May 2. This update promises to deliver blazing-fast transactions and more predictable gas fees, enhancing user interactions with the network. Is Shiba Inu Poised For a Breakout After the Shibarium Hard Fork? The Shibarium Network announced on X (formerly Twitter) that it completed the hard fork at the block height of 4,504,576. A hard fork in blockchain technology entails a major upgrade that results in the split of the network into two chains. Introduced on April 24, this process introduces fundamental changes incompatible with the previous software…