Control flow / branching

I’ve also opened an issue here: Control flow / branching · Issue #323 · zama-ai/concrete · GitHub

It’s been a few years since I’ve looked into FHE (last time was around 2019/2020). I was able to use some other libraries back then to do some simple FHE operations, but I got stuck at control flow / branching. My main example project at the time was an FHE ERC20 token, but I couldn’t figure out how to implement the necessary checks to ensure funds could not be stolen, since I had no if statements.

Is there some way to emulate control flow / branching? Otherwise, isn’t FHE quite limiting? I’ve heard Zama is working on a set of blochchain libraries for implementing smart contracts, but how can we implement the type of logic commonly found in smart contracts without control flow?

Any help here would be appreciated. I’m working on top of the Internet Computer and I believe it could be well-suited already to running FHE programs, I just need some kind of control flow.


You have 2 ways to do it:

  1. Nullify the result of the computation based on a homomorphic comparison result:


balance[address, FheInt]

fn send(address, amount: FheInt)
flag = balance[self] >= amount // 1 if true, 0 otherwise
balance[self] -= flag * amount
balance[address] += flag * amount

  1. Use a decryption oracle with assertions:

fn send(address, amount: FheInt)
assert(balance[self] >= amount) //interrupts execution if false, but has to be decrypted at runtime
// the rest is fine since its not reachable if the assertion fails
balance[self] -= amount
balance[address] += amount

This is actually something we are working on, you can see some early designs in our ethCC talk: Private Smart Contracts using Homomorphic Encryption