How Can Fully Homomorphic Encryption (FHE) Work With DeFi?

This is a guest post from Rishabh Gupta. Rishabh is an expert in ZK proofs and cryptography, with experience at Goldman Sachs, Amazon, and academia. He holds an MS from IIT Kharagpur and is currently building Encifher, a suite of encrypted products on Bitcoin utilizing FHE. His expertise includes cryptographic primitives like MPC, SNARKs, STARKs, and designing ZK-based systems for distributed environments.

Introduction

When we first started exploring how to build privacy-focused applications in DeFi, the gap between what traditional finance offers and what DeFi exposes became glaringly obvious. In traditional finance, there’s always an implicit expectation of privacy—your transactions, account balances, and trading strategies are kept under wraps by the institutions handling your money. But DeFi flips that model on its head. It’s a world where everything is open, where anyone can see your balances, trades, and even your liquidation thresholds. And while that transparency is powerful for trust and composability, it leaves a huge hole when it comes to privacy.

The Need For Privacy In DeFi

One of the earliest issues that exposed the need for privacy in DeFi was front-running. In a DEX, transactions first enter the mempool before being confirmed on-chain. During this time, miners or bots can observe pending transactions and insert their own orders in advance to profit from price movements or arbitrage opportunities—an issue known as MEV. This behavior distorts markets, forcing traders to either accept losses or pay higher fees to prioritize their transactions.

Currently, our solution will leverage FHE from ZAMA to address this problem by encrypting AMM orders within the DEX. This approach enables several encrypted states, allowing us to batch transactions securely. While certain on-chain interactions, such as smart contract calls and address information, remain visible to the network, critical details like token amounts and transaction specifics (e.g., swaps or liquidity provision amounts) remain encrypted.

We batch trades into epochs, and once the epoch ends, trades are decrypted through threshold decryption. This ensures that the pool reserves are publicly updated after each epoch while individual trade amounts and liquidity contributions remain private. By doing this, we maintain transparency at the aggregate level without revealing sensitive individual trade data.

Another critical issue is that DeFi inherently exposes trading strategies. For experienced traders, their alpha—their unique strategies—are their most valuable asset. If a trader's positions, orders, or portfolio rebalancing moves are visible on-chain, competitors can simply copy or front-run them.

Here’s a brief demo of Encifher (Devnet) showcasing a swap with the world’s first encrypted DEX with no MEV leakage:

On the payments side, privacy isn't just about concealing large trades or strategies; it's also about securing everyday transactions. Most users do not want their wallet addresses linked to their identity. In DeFi, when making simple payments, the exposure of a wallet address allows anyone to view past transactions and current holdings and track spending patterns. This creates vulnerabilities not only for privacy but also for targeted attacks and phishing schemes.

Users often create new accounts when receiving assets from different sources or trying new apps (often keep primary addresses unexposed). While they typically use most of the liquidity from these accounts, this practice results in hundreds of wallets with small amounts of liquidity, sometimes across multiple chains. As a result, their liquidity gets scattered among numerous wallets. Often, the remaining liquidity is so minimal that users feel too lazy to transfer it to their primary wallet.

DeFi users deserve protection from these risks. Publicly visible order flows expose users to front-running and other MEV strategies, which drain value from their trades and lead to worse execution due to manipulated prices. By using FHE, we can prevent these vulnerabilities, ensuring that users' transactions are both secure and private while still interacting transparently with the protocol.

How can FHE be used to compute on Shared Private State?

FHE can efficiently manage Shared Private State (SPS) in blockchain environments by enabling private data to be computed on-chain without revealing sensitive details. Here’s how FHE can address the challenges and enable new applications for shared private state:

1. Private Computations Over Shared State

In systems where multiple parties need to interact with the same private state—such as a dark pool AMM or a private lending pool—FHE allows them to perform computations on encrypted data without decrypting it. This ensures that private data remains protected while still allowing updates to the state based on multiple inputs.

For example, in a dark pool AMM using FHE, each participant can submit their swap or liquidity provision transaction encrypted, and the pool’s overall state can be updated without ever revealing individual trade amounts. This enables the private composability of states, allowing multiple users to interact with shared data while keeping their actions confidential.

2. Improved Composability

One of the key advantages of FHE over other privacy-preserving technologies (e.g., ZKPs or MPC) is its ability to support composability within a single transaction or across multiple users. With FHE, multiple users can contribute to a shared private state within the same block, enabling complex, privacy-preserving operations like multi-party swaps or liquidity pooling.

For example, in a private DeFi pool, multiple users can interact with encrypted liquidity and execute trades simultaneously. The pool state is updated with encrypted data, and only the aggregated, public information—like total liquidity—becomes visible. This supports applications such as multi-party trading, private auctions, or private prediction markets.

3. Secure Computation by Validators

Another key benefit of FHE is that computation on encrypted data can be offloaded to network validators. Validators, equipped with specialized hardware, can perform complex calculations on private states without ever decrypting the underlying data. This reduces the computational burden on users and improves the overall user experience (UX), as participants no longer need powerful devices to handle private-state computations.

For example, in a private voting system, validators could tally votes that remain encrypted throughout the process, ensuring that individual votes remain private while providing an accurate count.

4. Collaboration in Shared Private Environments

FHE supports scenarios where multiple entities need to collaborate on shared private data. For instance, in on-chain AI models where private data inputs are required, FHE allows the model operator to compute this encrypted data without needing to decrypt it. This opens up opportunities for collaborative AI and multi-party decision-making systems, where data privacy is crucial.

In use cases like private multiplayer games (e.g., Poker), FHE ensures that the game state remains private and only accessible to active participants, while computations involving shared data—such as card deck shuffling—can be performed without revealing sensitive information.

Balancing Privacy and Transparency in DeFi

Complete privacy is impossible as well as not feasible because financial systems rely on publicly available data for key functions like setting prices, interest rates, and fees. This concept, called selective disclosure, allows certain pieces of information to remain private while essential data, such as aggregated market metrics, must be made public.

In practice, this means that markets cannot function efficiently without some level of transparency. For example, a financial system needs to disclose price information to match supply and demand. Similarly, for investors to assess risks or returns, interest rates or fees must be visible. This disclosure helps create trust and efficiency in markets.

Moreover, while private data (such as individual balances) can remain hidden, the system must still release aggregated outputs derived from this private data, like indices or averages. Thus, financial privacy often involves balancing between what needs to be kept secret and what must be revealed to ensure the market functions properly. This delicate balance prevents the implementation of a completely private financial system.

Final Thoughts

Privacy isn't merely about concealing data; it's about creating a level playing field for all participants. It's a fundamental cornerstone of well-functioning financial systems, not a tool primarily used for covert activities or evading authorities.

You can follow Rishabh on Twitter here and you can follow along on the work he is doing at Encifher here