Understanding FHE Grade Private Smart Contracts: What They Are (Dero) and What They Are Not (Eth L2s)
Private smart contracts are one of those poorly defined things that some are rushing to turn into a buzzword before most people learn what the term actually means. As with everything else, the best way to understand something vague is to look at practical examples. In the case of smart contracts, the 2 extremes on the opposite sides of the privacy spectrum are Ethereum and Dero.
Ethereum is the biggest smart contract platform in the market today with a market capitalization of $361bn at the time of writing. Its smart contracts however are not private, they are completely transparent and censorable. In contrast, Dero has a market cap of only $35m at the time of writing and is the only L1 with private smart contracts by default.
To understand the distinguishing features of private smart contracts let’s break down smart contracts in their various components and evaluate where privacy would be desirable. So what does a smart contract consist of? Let’s see:
- Contract source code
- Parties interacting with the smart contract
- Smart Contract Token Minters
- Smart Contract Token Holders
Source Code
The source code of the smart contract defines the rules and logic governing the behavior of the smart contract, so that when certain conditions specified in the code are met the smart contract executes a certain action. If we take a vending machine as example, once we insert a coin and pick a drink (conditions) the vending machine will release the drink in the product dispensing area (execution). In crypto when we insert a currency such as ETH or Dero, the contract in return gives us a token. For us to interact with a smart contract however we need to be sure that the smart contract is not going to simply eat the coins we deposit without giving anything in return. Therefore we can all agree that hidden code is not a desirable feature for private smart contracts. For this reason in Dero the smart contract source code is transparent and verifiable by anyone. In Ethereum code is actually hidden since we only see the compiled bytecode, not the actual source code and have to trust the compiler used to convert the published source code into bytecode.
Parties Interacting with the Smart Contract
When it comes to the parties interacting with the smart contract, this is obviously a field where privacy might be desirable. In Ethereum every time you send a token to someone you are interacting with the smart contract. The smart contract owner can use this not only to track the movement of tokens but to also censor certain transactions or to freeze certain coins in certain wallets. In Dero, in the case of tokens, interactions are private by default because tokens in Dero are first class citizens. Once a token is received by an account, the account owner has full control over the token and doesn’t not interact with the smart contract when they transfer the token to another account. Other kinds of smart contract interactions can achieve anonymity through the use of ring signatures. Therefore we can state that contrary to Ethereum, smart contract interactions on Dero are private. Worth noting here is that the degree of privacy here is FHE, since token balances on Dero are always in encrypted state and updated in encrypted state through the ElGamal scheme. For a full explanation of why El Gamal in this case offers FHE grade privacy then read this.
Smart Contract Token Minters
Smart contract token minters is the set of addresses that initially mints a smart contract token. Tokenomics are a key aspect of any token because we always want to be able to verify its supply to make sure it’s capped or that at least there are no bugs in the smart contract that we missed in the source code inspection phase that can lead to out of control emissions. Therefore this is not a part of the process where we want privacy. Both in Ethereum and Dero the minting process is transparent and auditable.
Smart Contract Token Holders
Finally there is the 4th element, smart contract token holders. Once the tokens are minted they should ideally be free to circulate untraceably. On Ethereum this is not possible not only because we have to interact with the smart contract every time we move a token, but also because Ethereum accounts & their assets are public. On Dero this is private because all account holdings are encrypted so once a token is minted it’s impossible to monitor how it circulates. So contrary to Ethereum, Dero smart contract token holders are entirely private. Again one should bear in mind that the degree of privacy here is FHE as well since token balances are always in encrypted state so to break them one would have to break encryption.
To summarize we can agree that private smart contracts must have auditable code and auditable minting of tokens, but must support private interactions, untraceable tokens and untraceable token holders. Such FHE grade private smart contracts exist exclusively on Dero today. Thanks to private smart contracts, on Dero we have untraceable tokens and the possibility to add privacy to other processes such as voting (through ring signatures).
The fallacy of ETH L2 FHE Projects
Since Ethereum does not support private smart contracts there is today a whole group of projects that aim to create FHE islands within Ethereum, ie tokens that are sent/received through homomorphic transactions or trading protocols where the holdings of the users are hidden. Since everything on Ethereum is tracked, their approach is to resort a layer 2 (offchain) for FHE computations that are very limited in scope. These projects include Zama, Fhenix, Mind Network etc. None of these projects have reached mainnet so far. However, there is something fundamentally ill-conceived about L2 FHE projects because they are built on the assumptions that privacy is an edge case necessity and as result they end appealing to very small user bases that are the byproduct of multiple processes of upstream censorship. A surveillance L1 like ETH acts itself as a valve of upstream censorship. Since Eth is entirely surveilled and its smart contracts are not private then most people simply cannot use Eth and have already been filtered out of the ecosystem. As result ETH private L2 solutions are simply impractical for the wider market but remain a perk for existing Eth users that have passed through the existing censorship valves.
The real market remains upstream and that’s the market Dero appeals to.
