Skip to main content

Primus FHE

What is FHE?

Fully Homomorphic Encryption (FHE) is a form of encryption that allows arbitrary computations to be performed directly on encrypted data, without ever decrypting it. The result of the computation remains encrypted and, when decrypted by the data owner, matches exactly what would have been obtained had the same operations been performed on the plaintext. This property removes the traditional trade-off between using data and protecting it: a party can outsource computation to an untrusted server, cloud, or network, and that party never needs to see the underlying data to process it correctly.

The concept dates back to the late 1970s, but it remained a theoretical curiosity until Craig Gentry's 2009 breakthrough, which introduced the first construction supporting unlimited computation on ciphertexts. Since then, FHE schemes (such as BGV, BFV, CKKS, and TFHE) have matured significantly, with steady improvements in efficiency through techniques like bootstrapping, packing, and hardware acceleration. While FHE is still computationally heavier than working on plaintext, it has moved from a purely academic construct to a practical tool used in privacy-preserving machine learning, secure multi-party computation, and confidential data processing.

In crypto, FHE lets smart contracts and off-chain compute networks operate directly on encrypted state, enabling use cases like confidential transactions, private DeFi logic, encrypted on-chain voting, and secure computation on sensitive financial or identity data. Because inputs, intermediate state, and outputs never need to be decrypted during processing, privacy is enforced by the cryptography itself rather than by trusting an operator or validator to behave honestly.

Core Techniques of Primus FHE

Primus FHE techniques focus on solving industrial problems and practical applications. In particular, Primus brings FHE to blockchains and smart contracts, enabling secure and private computation on sensitive data. The Primus team has dedicated itself to FHE research and development since 2023, working toward industrial-grade solutions that close the persistent gap between cryptographic theory and practical industry problems.

FHETransform: Primus FHE Computation Framework

The core technical product is FHETransform, a framework that powers privacy-preserving computation on EVM-compatible blockchains. It lets developers build confidential smart contracts, whose inputs, state, and outputs stay encrypted end to end, while keeping the decentralization, composability, and security guarantees of the underlying chain.

FHETransform Architecture

Conceptually, FHETransform has three components:

  • The privacy decentralized application: the developer creats an application contract and uses the Primus FHE tools to transform it into a confidential contract automatically.
  • The on-chain coordination layer: it consists of smart contracts deployed on the host chain. They perform symbolic execution: they manipulate compact handles, enforce access control, coordinate decryption, and settle payments. They never run real cryptographic computations.
  • The off-chain execution layer: it consists of FHE nodes as the computing service and the key management service. They perform the genuine, computationally heavy work: encrypting inputs, running homomorphic operations, and decrypting results.

For further details of FHETransform, readers can refer to the official documentation.

zkFHE: A Verifiable FHE Protocol

In parallel, Primus is also researching and developing zkFHE, often referred to as verifiable FHE (vFHE) that combines the privacy guarantees of FHE with cryptographic proofs of computation correctness. Note zkFHE is not a straightforward combination of zero-knowledge proofs and fully homomoprhic encryption schemes together, but a special type of FHE schemes that support the verification of homomorphic computations.

The motivation behind such a protocol is to ensure the correctness of outsourced computations over encrypted data. In practical settings, a computing node may behave maliciously by returning an incorrect computation result while still producing a ciphertext that can be successfully decrypted and treated as the computation result. Without additional verification mechanisms, the client has no reliable way to determine whether the computation was performed correctly or whether the result was arbitrarily fabricated. Traditional FHE schemes provide confidentiality but do not guarantee computational integrity. This lack of verifiability represents a significant limitation for many privacy-preserving applications, where both input data confidentiality and computation correctness are essential.

zkFHE Flow

zkFHE provides an ideal solution to this challenge. During homomorphic computation, a cryptographic proof is generated alongside the computation result. The client can then verify the proof to ensure that the computation was executed correctly and that the service provider has not tampered with or falsified the result.

Primus team has designed a zkFHE protocol named "HasteBoots" in the paper of Usenix Security 2026. The HasteBoots paper lays the foundation for practical zkFHE, but substantial work remains to transform this research into a scalable and production-ready solution. Addressing challenges in performance, proof generation, and system engineering will require continued innovation and long-term investment. Primus is committed to advancing this vision through ongoing research and development.