Secret Store and Access Control in Encrypted Smart Contracts
This section focuses on access control and secure data management in encrypted smart contracts using the TFHE library within the fhEVM framework. It explains how:
Secrets are stored, verified, and processed securely with Fully Homomorphic Encryption (FHE).
Access Control Lists (ACLs) are used to manage permissions for manipulating ciphertexts, ensuring only authorized entities can access or modify encrypted data.
Automatic Temporary Allowances simplify contract development by granting transient permissions for operations like type conversions, random value generation, and computation results.
Best Practices prevent unauthorized access by requiring sender authorization checks before ciphertext processing.
Encrypted Transfers (e.g., in ERC20 token contracts) securely update balances and manage permissions without revealing sensitive values.
This section is critical for developers building privacy-preserving decentralized applications, ensuring encrypted operations remain secure, efficient, and robust.
Key Features Demonstrated
Secret Management: Ensures only authorized entities can access and manipulate secrets.
Automatic Transient Allowance: Simplifies operations by providing temporary access for computations, type conversions, and random value generation.
Access Control Verification: Protects sensitive operations by verifying sender permissions.
Re-encryption Support: Enables secure transfer of ciphertext between users and contracts.
Secure Transfer in ERC20 Tokens: Demonstrates an encrypted transfer function with homomorphic operations, maintaining data privacy and security.
This documentation is designed to provide developers with a comprehensive guide to implementing access control and secure computation workflows in encrypted smart contracts using TFHE and fhEVM.
Secret Store and Access Control
The following example illustrates how encrypted smart contracts manage secrets and ensure access control using TFHE:
Contract: SecretStore
Explanation:
Creation and Temporary Allowance: The SecretGiver contract generates a secret and temporarily allows the SecretStore contract to manipulate it.
Verification: The SecretStore contract verifies the caller's access to the secret using TFHE.isSenderAllowed.
FHE Computation: The secret is processed (e.g., TFHE.add operation) to produce a computation result.
Storage and Permanent Allowance: The computed result is stored in the contract with permanent access granted for future operations.
Automatic (Transient) Allowance
To streamline development, certain operations in TFHE automatically grant temporary access (using TFHE.allowTransient) for the contract performing the operation. This applies to:
Categories of Automatic Allowance
Type Conversion Functions:
TFHE.asEuintXX()
TFHE.asEaddress()
TFHE.asEbool()
Random Value Generation:
TFHE.randXX()
Computation Results
Operations such as TFHE.add() and TFHE.select().
Example: Generating and Storing a Random Value
Explanation:
A random encrypted value is generated with temporary allowance.
Permanent allowance is then granted to allow future operations or decryption.
Security Best Practices: Verifying Sender Access
It is crucial to verify the sender's access to any ciphertext before processing. This ensures that unauthorized users cannot exploit the function.
Verification Example:
Here is a simple code snippet:
Rationale:
Prevents attackers from passing unauthorized ciphertexts to exploit functions.
Secures contract behavior by ensuring only authorized senders can access sensitive data.
ACL for Re-encryption
If ciphertext needs to be re-encrypted for a user, explicit access must be granted. This is necessary for the user to request re-encryption securely.
Process:
A user signs a public key associated with a specific contract.
The ciphertext must be allowed for both the user and the contract.
Example: Transfer Function in an ERC20 Token Contract
Last updated