Condition
That said, there are possibilities to condition on ebool
with or without information leakage.
Decryption and condition
In this code, we first evaluate a homomorphic comparison checking that the user has bid more than the highest bid. This homomorphic comparison will return an encryption of 0 if false, or an encryption of 1 if true. Since we are decrypting this value with TFHE.decrypt
, we are leaking information: if the user didn't bid enough tokens, the transaction is reverted. For example, a user can know the value of the highest bid by trying every possible values and finally bid just one token above.
Homomorphic condition
It is important to keep in mind that each time we assign a value using TFHE.cmux
, the value changes, even if the plaintext value remains the same.
Optimistic encrypted require statements
The decryption statements described above may lead to important delays during the transaction execution as several of them may need to be processed in a single transaction. Given that those decryptions might be used for control flow by using the Solidity require
function, we introduce optimistic require statements (optReq
). These require statements take as input a value to type ebool
and are accumulated throughout the execution of the transaction. The accumulated boolean value is decrypted via the threshold decryption protocol either when an explicit decryption is executed, or at the very end of a transaction execution. If the decryption returns false
, the transaction is reverted. Otherwise, state changes are persisted as usual. Optimistic requires may be more efficient, but this efficiency comes at the price of paying the full transaction gas cost if one of the boolean predicates is false.
Last updated