Phad is a re-encryption optimistic Rollup layer for the Move and Aptos ecosystems based on the Cyferio SDK.

Cyferio SDK is a modular rollup framework with Fully Homomorphic Encryption (FHE) integration that simplifies the creation and management of confidential rollups, providing developers with the necessary tools to build privacy-preserving applications.

By leveraging FHE, advanced modular rollup designs, and parallelism in computational proofs within a trustless computing layer, Cyferio SDK enables secure, near real-time computations on both public and private on-chain states while preserving composability and interoperability.

• Modular Architecture: Highly adaptable zk-rollup framework integrating state-of-the-art privacy-preserving solutions like FHE and Zero-Knowledge Proofs (ZKPs).

• Module System Interface:

  • Supports both stateless and stateful modules, enhancing composability.
  • Incorporates FHE-powered modules using the TFHE-rs library for computations on encrypted data.

• Data Availability Interface:

  • Integrates with various data availability solutions (e.g., Celestia, Avail).
  • Compatible with mainstream Layer 1 blockchains for settlement layers.

• zkVM Interface:

  • Supports optimistic, zero-knowledge, and verifiable FHE virtual machines.
  • Compatible with various zkVMs, including RISC Zero and SP1.
  • Produces succinct verifiable proofs for transaction executions.

• Threshold Service Network:

  • Secure key management for FHE keys.
  • Robust FHE key generation and threshold decryption using MPC protocols.

The Architecture of Cyferio SDK

• DeFi:

  • Dark Pools: Enable private large trades to reduce market impact.
  • Blind Auctions: Conduct auctions with hidden bids to prevent manipulation.
  • MEV-Resistant DEXs: Build exchanges where transactions can't be front-run.
  • Private Prediction Markets: Enable on-chain prediction markets with confidential betting.

• Social Applications:

  • Efficient Identity Verification: Perform identity checks without constant off-chain data retrieval.
  • Privacy-Preserving Interactions: Ensure all user interactions remain private.

• Gaming:

  • Real-Time Response: Enable near real-time transaction responses in distributed systems.
  • Secure Interactions: Operate nodes in a "dark forest" state for enhanced security.
  • Asset Integration: Flexible combination of DeFi and GameFi assets.
  • Flexible Gas Fees: Implement dynamic gas fee structures to lower entry barriers.

The Workflow of Cyferio SDK

Cyferio SDK is integrated with the Cyferio Hub in default. That means for local development environment, you have to run the Cyferio Hub node as DA layer before creating your confidential rollup with Cyferio SDK. Please refer to the Cyferio Hub README for more details.

Note that for local debugging, you can simply switch to mock_da by changing the feature flag in crates/rollup/Cargo.toml

[features]
default = ["mock_da", "risc0"]

This guide provides step-by-step instructions for setting up and interacting with the confidential-token module, which enables confidential token operations using Fully Homomorphic Encryption (FHE).

We use an optimistic-like rollup configuration since applying a zk prover to FHE is still under development. Check the research report by Zama for the latest updates on verifiable FHE.

Set the following environment variables:

export SKIP_GUEST_BUILD=1
export SOV_PROVER_MODE=skip

The rollup requires a set of keys: {public key, server key, private key}.

Note: For demo purposes, keys are stored insecurely in a JSON file. In production, store the public and server keys securely on-chain and the private key within the node.

Generate the FHE keys:

# Run this command in the project root directory

cargo run --release --bin fhe-keygen

These scripts will be used to invoke confidential operations like token creation, transfer, and minting.

Generate the scripts:

# Run this command in the project root directory

cargo run --release --bin request-scripts-gen

cd crates/rollup/

To start with a fresh rollup:

make clean-db
make clean-wallet

Note: Skip this step if you wish to retain the previous wallet setup.

Compile and start the rollup node:

# Ensure environment variables are set
# Use --release for optimized performance

cargo run --release --bin node

• Navigate to the crates/rollup/ directory.
• Ensure the environment variables from the configuration section are set.

Import the token deployer's keys from test-data/keys/token_deployer_private_key.json:

make check-sov-cli

Retrieve the FHE public key for encrypting transactions:

make get-fhe-public-key

Create and mint 1,000 encrypted tokens to the address sov1l6n...r94:

# Wait 5–10 seconds for the transaction to complete

make test-fhe-create-token

Monitor the server logs for FHE operations.

Fetch the total token supply:

• Encrypted (Ciphertext):

  make test-fhe-token-raw-supply-of

• Decrypted (Plaintext):

  make test-fhe-token-supply-of

Mint an additional 500 encrypted tokens to the same address:

# Wait 5–10 seconds for the transaction to complete

make test-fhe-mint-token

Verify the updated total supply as in the previous step.

Transfer 100 encrypted tokens from sov1l6n...r94 to sov15vs...7gc:

# Wait 5–10 seconds for the transaction to complete

make test-fhe-token-transfer

Replace "user_address": "ADDRESS_TO_QUERY" with the desired address.

curl -sS -X POST -H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"confidentialToken_rawBalanceOf","params":{"user_address":"sov1l6n...r94", "token_id":"TOKEN_ID"},"id":1}' \
http://127.0.0.1:12345

curl -sS -X POST -H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"confidentialToken_balanceOf","params":{"user_address":"sov1l6n...r94", "token_id":"TOKEN_ID"},"id":1}' \
http://127.0.0.1:12345

• Security Considerations: This setup is for demo purposes. In production, implement secure key storage and management practices.
• Performance: Use --release mode for faster FHE operations.
• Monitoring: Check server logs to monitor FHE operations and transaction processing.

Feel free to explore and contribute to the project. For any questions or issues, please open an issue or contact the maintainers.

DubheOS https://github.com/0xobelisk/DubheOS

Aptos-k8s-Cacher https://github.com/0xobelisk/phad-k8s-cacher

Aptos-Simple-DA-Record https://github.com/0xobelisk/aptos-phad-package