Cryptographic Access Control
for Onchain Data Flows
ZK proves policy compliance without disclosure; FHE computes on encrypted state;
together they form a programmable confidentiality layer for agentic workflows.
Access Control = Who can decrypt what, when, under which policy
- Data path is explicit: inputs → encrypted compute → gated outputs.
- Decryption is a governed event: keys are not a server secret.
- Proofs make policies auditable: without ever revealing payloads.
Client
Encrypt
Encrypted State
FHE Eval
Encrypted Result
ZK Proof:
Policy Satisfied
Policy Satisfied
Policy Contract
Key Release /
Threshold Decrypt
Threshold Decrypt
Decrypted Output
Zero-Knowledge Proofs: Correctness Without Disclosure
Fully Homomorphic Encryption (CKKS): Compute on Encrypted State
CKKS is a homomorphic encryption scheme for approximate arithmetic, where precision/scale management and rounding errors are central to the design.
Verifiable Confidential Computation
Combining the two creates a powerful paradigm for decentralized applications.
Encrypted Execution
FHE keeps the state encrypted throughout the lifecycle, while ZK provides the proof that "policies were respected" during execution.
Gated Decryption
Decryption becomes a "privileged event" visible on-chain. ZK proofs and logs ensure that decryption only happens when specific conditions are met.
Zero-Exhaust Audit
Perfect for inter-institutional collaboration (e.g., AML checks) where you need to verify compliance without ever sharing the raw sensitive data.
Decentralized Key Management
Threshold Decryption as Access Control
- Split Control: Threshold FHE splits the decryption key among multiple parties. Decryption requires collaboration (PartDec/FinDec).
- Low Communication: Modern protocols focus on low-communication overheads, sometimes adding a randomization preprocessing step (ServerDec).
In this model, "Secrets-as-a-Service" is not just encrypted storage, but a decryption governance protocol.
Threat Model
| Entity | Scope |
|---|---|
| Adversary | Compute operator, chain observers, collaborating institutions, compromised client devices (limited scope). |
| Protected | Raw inputs, intermediate FHE states, counterparty data, business logic parameters (optional). |
| Not Protected | Endpoint compromise (malware on user device), side-channel attacks on hardware, incorrect policy authoring. |