2.1. Fully Homomorphic Encryption (FHE)
Fully Homomorphic Encryption (FHE) serves as the mathematical bedrock of the Fhenix-FairMarket protocol. It enables the system to perform cryptographic comparisons, settlement logic, and solvency verification without ever decrypting sensitive bid values on-chain or off-chain. By transitioning from synchronous, gas-intensive FHE execution to an Asynchronous Coprocessed (CoFHE) model, the protocol guarantees absolute bid confidentiality while maintaining economic viability and near-zero settlement overhead.
Version 2.0 enforces a strict zero-trust cryptographic perimeter: plaintext values never traverse the network, never enter the mempool, and are never persisted in blockchain state or event logs. All validation occurs through encrypted mathematical gates that preserve user privacy by design.
Core Cryptographic Principles
| Principle | Technical Implementation |
|---|---|
| Client-Side Encryption | Bids are encrypted locally via @cofhe/sdk ^1.2.0 before transmission. The Ciphertext is the only data broadcast to the network. |
| Zero Plaintext Exposure | No bid values, intermediate states, or decryption results are stored in Storage or emitted in Events. Enforced by CI linting. |
| Encrypted Solvency Gate | FHE.lte(encryptedBid, escrowBalances[msg.sender]) validates bid legitimacy on-chain without revealing either the bid amount or the exact escrow balance. |
| Constant-Time Execution | Off-chain FHEOS coprocessors utilize FHE.select multiplexers, ensuring execution clocks remain identical regardless of input magnitude. Neutralizes timing side-channel attacks. |
| SDK Isolation | All FHE operations route through CofheAdapter.sol, preventing direct dependency breaks in core contracts during @fhenixprotocol/cofhe-contracts upgrades. |
️ Technical Implementation
1. Client-Side Encryption Flow
The user’s browser acts as the first line of cryptographic defense. The @cofhe/sdk encrypts the bid before it touches the network layer.
// packages/frontend/src/lib/cofhe/encryption.ts
import { cofheClient, Encryptable } from '@cofhe/sdk';
export async function encryptBid(amount: number): Promise<InEuint32> {
// 1. Range validation (euint32 max: 2^32 - 1)
if (amount < 0 || amount > 2 ** 32 - 1) {
throw new Error('Bid amount exceeds euint32 range');
}
// 2. Local encryption via CoFHE SDK
const encryptedPayload = await cofheClient.encryptInputs([
Encryptable.uint32(amount)
]);
return encryptedPayload[0]; // Returns InEuint32 Ciphertext
}2. On-Chain Solvency Validation
Before accepting a bid, the contract performs an encrypted comparison against the publicly visible escrowBalances. This ensures users cannot bid beyond their deposited ceiling without revealing their actual financial position.
// packages/contracts/core/FhenixFairMarket.sol
function placeBid(uint256 auctionId, InEuint32 calldata encryptedBid) external {
require(state == AuctionState.ACTIVE, "Auction not active");
require(block.timestamp < auctions[auctionId].endTime, "Auction expired");
// Encrypted Solvency Check: FHE.lte executes without decryption
// Reverts if encryptedBid > escrowBalances[msg.sender]
FHE.lte(encryptedBid, FHE.asEuint32(escrowBalances[msg.sender]));
// O(1) Storage: Only the ciphertext hash is persisted
bytes32 bidHash = keccak256(abi.encode(encryptedBid));
ciphertextHashes[auctionId].push(bidHash);
emit BidPlaced(auctionId, msg.sender, bidHash);
}3. Constant-Time Off-Chain Execution
When finalizeAuction() triggers the off-chain CoFHE layer, FHEOS servers compare all bids using FHE.select multiplexers. These gates execute in fixed time regardless of whether they are comparing 1 ETH vs 1.1 ETH or 0.1 ETH vs 10 ETH. This mathematical uniformity completely neutralizes timing-based inference attacks.
️ Security Guarantees & Threat Mitigations
| Threat Vector | Attack Mechanism | FHE Protocol Mitigation |
|---|---|---|
| MEV Front-Running | Validators reorder transactions based on visible bid values | Bids arrive as opaque InEuint32 ciphertexts; ordering provides zero competitive advantage |
| Plaintext Leakage | Event logs or storage dumps exposing bid history | Only bytes32 hashes emitted; zero plaintext in Events, Storage, or console.log |
| Timing Side-Channels | Measuring execution time to infer bid magnitude ranges | FHE.select constant-time multiplexers ensure uniform execution clocks off-chain |
| SDK Version Breakage | External @cofhe/sdk updates breaking core contract logic | CofheAdapter.sol abstracts all FHE imports; core contracts interact only via stable interfaces |
| Invalid Bid Flooding | Spamming the coprocessor with unpayable ciphertexts | FHE.lte solvency gate reverts instantly on-chain; invalid bids never reach the off-chain queue |
Architectural Impact
| Metric | Traditional On-Chain FHE | Fhenix-FairMarket v2.0 FHE |
|---|---|---|
| Gas per Comparison | ~500k–2M+ (scales with bid count) | ~0 (comparisons offloaded to CoFHE) |
| Storage Complexity | Full ciphertext arrays per auction | O(1) → bytes32 hash per bid |
| Privacy Guarantee | Relies on ZK-circuit assumptions | Mathematically proven via homomorphic properties |
| Finality Latency | Blocked by L2 FHE circuit verification | Decoupled; asynchronous DecryptionRequested event dispatch |
Audit Gate Compliance (P0)
The protocol enforces strict cryptographic verification gates. Progression to subsequent phases is blocked until all P0 FHE items pass:
- [] Zero Plaintext in Events/Storage: CI lint rules fail the build if any
bytesoruintplaintext values are emitted alongside bid data. - []
FHE.lteSolvency Check: Encrypted bids strictly cannot exceedescrowBalances[msg.sender]; invalid bids revert pre-dispatch. - [] Adapter Isolation: Zero direct
import @fhenixprotocol/cofhe-contractsinFhenixFairMarket.sol; all calls route throughICofheAdapter. - [] Constant-Time Enforcement: Off-chain
FHEOSendpoints validated forFHE.selectmultiplexer uniformity; timing variance <±2msacross all input ranges. - [] Range Validation: Client-side
euint32bounds checked (< 2^32 - 1) before encryption to prevent overflow exploits.
Next Steps
- Proceed to 2.2. O(1) On-chain Storage to understand how ciphertext hashing prevents state bloat and DoS vectors.
- Review 2.3. Pull over Push Refund Pattern for gas-safe settlement mechanics.
- Explore Technical Components → CofheAdapter.sol for interface definitions and SDK abstraction layers.