Skip to content

Latest commit

 

History

History
82 lines (50 loc) · 4.06 KB

README.md

File metadata and controls

82 lines (50 loc) · 4.06 KB

FHE Gopher

Donut Programming Language 🍩

Donut is an easy to use runtime for developing and executing fully homomorphic programs with a new programming language by the same name.

Fully Homomorphic Encryption and Computation

Donut is a cryptosystem that supports arbitrary computation on ciphertexts known as fully homomorphic encryption (FHE). Under the hood it uses go-tfhe, which is the golang implementation of the TFHE scheme. Donut enables the construction of programs for any desirable functionality, which can be run on encrypted inputs to produce an encryption of the result. Since Donut never decrypts its inputs, it can be run by an untrusted party without revealing its inputs and internal state. Donut has practical implications in the outsourcing of private computations, for instance, in the context of cloud computing.

(Funfact: the T in TFHE stands for Torus, which geometrically resembles a donut 🍩. Also, I am 🇨🇦Canadian, and we love a good ol' toroidal confectionary with coffee 🍩☕. Ergo, the name of the language and runtime)

Buidl

make

Eval

Run donut eval in your terminal to enter into interactive mode and play around with the donut programming language.

Quickstart

Let's put together the workflow: develop an FHE program with Donut, compile it into intermediate encrypted bytecode, build an encrypted transaction, and execute it against the bytecode.

  1. Generate the public and private keys (only have to perform this step once):

donut -keys

The provider should only have access to the public.key file.

  1. Create a new donut file, foo.donut and add the following code:
// a simple function that adds two numbers
// when x is less than 10 and subtracts two
// when x is greater than or equal to 10
let calculate = func(x, y) {
    if (x < 10) {
        return x + y
    } else {
        return x - y
    }
}
  1. Compile the donut source file into intermediate bytecode (foo.cipher):

donut compile foo.donut

This compiled bytecode file, foo.cipher, can be hosted by any provider, on a public, private or hybrid cloud, or even on a completely untrusted computer.

  1. Create a transaction to execute against the 0th function (calculate), with inputs 3 and 2, outputting to a file called in.txn. This is the transaction that will be sent to the FHE donut program.

donut txn foo.cipher -n 0 -i 3,2 -o in.txn

  1. Execute the transaction against compiled bytecode, saving the resulting ciphertext to out.txn:

donut exec in.txn foo.cipher -o out.data

In a peer-to-peer situation, this would be executed by the provider on their system, again everything is fully encrypted.

  1. Decrypt and view the resulting ciphertext:

donut dec -f out.data

Peer-to-peer, the provider sends back the resulting output from the results of executing the transaction in step 4. The user can decrypt the results, and the private key has never left their computer!

TODO

  • Homomorphic branching
  • Serializable bytecode and transactions
  • Strongly typed ( u8, u16, i32, etc. )
  • Generalized serialization format for bytecode (via protocol buffers)
  • Addition of OO features for composable contracts ( classes, inheritance, etc )

References

[CGGI19]: I. Chillotti, N. Gama, M. Georgieva, and M. Izabachène. TFHE: Fast Fully Homomorphic Encryption over the Torus. In Journal of Cryptology, volume 33, pages 34–91 (2020). PDF

[CGGI16]: I. Chillotti, N. Gama, M. Georgieva, and M. Izabachène. Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds. In Asiacrypt 2016 (Best Paper), pages 3-33. PDF

[A Security Site]: Buchanan, W. et al. Security and So Many Things. https://asecuritysite.com/

Writing an interpreter in Go and Writing a compiler in Go books have been instrumental in providing a bedrock with which to build the donut runtime.