The two most challenging technical problems in crypto have been clear for a decade: scaling and confidentiality. Most of the discourse in the industry is around scaling; meanwhile, a handful of teams continue to quietly build a variety of advanced cryptographic techniques to enable confidentiality.
Today, I’m excited to announce that Multicoin has led a $7.5M investment into Fhenix, which is pioneering a fundamentally new approach to on-chain confidentiality.
Fully Homomorphic Encryption (FHE)
What is FHE? FHE is an advanced form of cryptography that enables arbitrary computation over encrypted data. To understand what FHE can enable, let’s consider one of the most popular apps in the world: Telegram.
Telegram has more than 800M MAUs. The application performance is simply outstanding; the app is butter smooth.
In order to achieve this performance, Telegram makes one major trade-off: it’s unencrypted. This means that Telegram’s servers store a copy of all of your messages in plaintext (meaning that Telegram servers, employees, and anyone who hacks into Telegram, can read them). Storing messages in plaintext is important for performance, but it’s paramount for one of the most important features in any text-heavy app: search. When you search on Telegram, Telegram’s servers search all of your prior messages to return search results. That search would be far too slow to run locally, especially on low-end Android devices (which represent most of Telegram’s users).
Now let’s consider an alternative version of Telegram in which they store encrypted messages on their servers. Intuitively, server-side search does not work. If the server just sees encrypted blobs of data, how can it search?
Using FHE, Telegram can run server-side search on a user’s encrypted data, without decrypting or reading the contents of the messages.
This is wild. It doesn’t even sound possible. But it is.
FHE is the holy grail of cryptography. In time, FHE will reshape the fabric of all computing, both in web2 and web3.
Fhenix is pioneering FHE on-chain, which will unlock not only confidential payments, but fully-generalizable, confidential DeFi, in addition to a host of other applications. Some other areas we are excited about:
- Bridging — Using FHE, one can store the private key for Chain B on Chain A. And vice versa. This can reduce the overall complexity of bridging by a factor of 100x or more.
- Governance — Right now, crypto governance votes are public from the moment they begin, which means they reveal votes as they come in. This can lead to voter bias and groupthink, which defeats the purpose of a vote. FHE enables confidential on-chain voting.
- Autonomous worlds — A lot of on-chain games can leverage FHE, especially in games that involve strategy around locations and commerce.
Developers will be able to trivially port their existing EVM code to Fhenix. And they’ll be able to make their existing code FHE-native with just a few tweaks. Developers will be able to choose which pieces of data they want to encrypt, and compute across encrypted and plaintext data.
Comparing Cryptographic Approaches
Previously, confidentiality-enabled DeFi has been somewhere near “impossible” on the difficulty spectrum.
Almost all prior cryptographic attempts at on-chain confidentiality have been using zero-knowledge proofs (ZKP). However, ZKPs—despite the name—were not naturally designed to support confidentiality in on-chain DeFi. To explain why, I’ll start with the simplest on-chain zkp-application: Zcash.
When a user sends a shielded transaction in Zcash, she constructs a proof that states, roughly:
- The entire history of on-chain shielded transactions is an encrypted blob
- There are some set of UTXOs that have been sent to her hidden addresses
- Such that the total value of UTXOs that have been sent to her is > 0, even after summing all of the value of the UTXOs she has sent out, including the current transaction
Or in simple terms: proving that her balance is >0 after this transaction.
One of the fundamental limitations to this approach is that there is no ability to execute any logic on the state of the system in a top down manner; by definition, it is impossible to see the current state of the system (because the state of the system is a function of a series of ZKPs), and so it is impossible for anyone—including the system itself—to apply any logic on the current state. As such, there is no way to answer even simple questions, such as “how many tokens are in the private pool?” More complex questions are impossible to answer.
Stated more plainly: zk-based approaches to on-chain confidentiality can never support shared, encrypted state. Virtually all DeFi is predicated on shared state.
A handful of incredible cryptography teams have been trying to solve these problems with advanced ZK techniques, and they have made some progress over the last few years. But fundamentally, there are limits to logic, and no amount of ZK-magic can overcome basic limitations in logic.
The beauty of FHE is that it allows the overall logic of a transparent financial system to be preserved. As such, developers can write programs under the assumption that they can compute over the state of the system as a whole as if it’s transparent, even though no one can actually see the current state of the system.
This is an incredible breakthrough in cryptography, and will reshape how the ecosystem approaches on-chain confidentiality.
Confidentiality vs. Privacy
In the wake of Tornado Cash, it’s important to understand what FHE is, and is not. FHE is not about privacy or obfuscating the identities of participants in a transaction. It’s about confidentiality in the substance of that transaction. There are subtle and important differences.
Tornado Cash was a mixer that would hide the identity of users. There are valid reasons for the existence of those technologies and legitimate concerns about some implications of its use, but those concerns do not apply to FHE or Fhenix.
Fhenix encrypts the content in transactions, but does not hide the fact that a specific user initiated some on-chain transaction. Instead of privacy, it allows for a user to be transparent about the existence of an action without revealing the contents of the transaction.
This paradigm maps to encryption in web2 systems. HTTPS does not hide the fact that computer A sent messages to server B. HTTPS just encrypts the message contents. FHE operates analogously in the context of on-chain payments and DeFi.
Team and Timeline
Fhenix is tackling some extraordinarily difficult technical problems. Given that, we thought it was especially important to back a team that is deeply committed to the mission of unlocking on-chain confidentiality. It is hard to imagine a team with a deeper commitment to this problem space.
Fhenix is led by two guys, both of whom are named Guy. Yes, true fact.
Guy Zyskind has been building on-chain confidentiality systems in the crypto space since Tushar and I launched Multicoin in 2017. He originally founded Enigma, which pioneered the use of MPC techniques around on-chain confidentiality. He then went on to build Secret Network, which leveraged Intel’s SGX. He continues his work on this mission moving forward with Fhenix.
Guy Itzhaki has decades of experience in confidential computing and cyber security. He has spent the last few years leading the FHE business development teams at Intel.
Fhenix launched a private devnet in July 2023. The devnet provides an approachable FHE playground for interested developers. To apply for early access, please click here.
Fhenix’s public testnet, “Renaissance,” is expected to open to developers in the first half of 2024. Renaissance will serve as an FHE blockchain playground for developers, with multiple testing and building incentivized campaigns.
Mainstreaming Confidential Crypto
I have devoted the last six years of my life to crypto because I believe it will change how humans coordinate economic activity. Enabling confidentiality—while allowing individuals and institutions to comply with the law—is paramount to fulfilling that vision.
I could not be more excited to back Guy and Guy and the Fhenix team as they build the future of on-chain confidentiality using FHE, enabling crypto to achieve its maximum impact on humanity.
Disclosure: Unless otherwise indicated, the views expressed in this post are solely those of the author(s) in their individual capacity and are not the views of Multicoin Capital Management, LLC or its affiliates (together with its affiliates, “Multicoin”). Certain information contained herein may have been obtained from third-party sources, including from portfolio companies of funds managed by Multicoin. Multicoin believes that the information provided is reliable but has not independently verified the non-material information and makes no representations about the enduring accuracy of the information or its appropriateness for a given situation. This post may contain links to third-party websites (“External Websites”). The existence of any such link does not constitute an endorsement of such websites, the content of the websites, or the operators of the websites. These links are provided solely as a convenience to you and not as an endorsement by us of the content on such External Websites. The content of such External Websites is developed and provided by others and Multicoin takes no responsibility for any content therein. Charts and graphs provided within are for informational purposes solely and should not be relied upon when making any investment decision. Any projections, estimates, forecasts, targets, prospects, and/or opinions expressed in this blog are subject to change without notice and may differ or be contrary to opinions expressed by others.
The content is provided for informational purposes only, and should not be relied upon as the basis for an investment decision, and is not, and should not be assumed to be, complete. The contents herein are not to be construed as legal, business, or tax advice. You should consult your own advisors for those matters. References to any securities or digital assets are for illustrative purposes only, and do not constitute an investment recommendation or offer to provide investment advisory services. Any investments or portfolio companies mentioned, referred to, or described are not representative of all investments in vehicles managed by Multicoin, and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. A list of investments made by funds managed by Multicoin is available here: https://multicoin.capital/portfolio/. Excluded from this list are investments that have not yet been announced (1) for strategic reasons (e.g., undisclosed positions in publicly traded digital assets) or (2) due to coordination with the development team or issuer on the timing and nature of public disclosure. * This blog does not constitute investment advice or an offer to sell or a solicitation of an offer to purchase any limited partner interests in any investment vehicle managed by Multicoin. An offer or solicitation of an investment in any Multicoin investment vehicle will only be made pursuant to an offering memorandum, limited partnership agreement and subscription documents, and only the information in such documents should be relied upon when making a decision to invest.*
Past performance does not guarantee future results. There can be no guarantee that any Multicoin investment vehicle’s investment objectives will be achieved, and the investment results may vary substantially from year to year or even from month to month. As a result, an investor could lose all or a substantial amount of its investment. Investments or products referenced in this blog may not be suitable for you or any other party.