I’m trying to understand how the encryption and decryption works. As far as I understand we’re getting the public key of the blockchain which is used to encrypt the data. Can anyone tell me how is the data decrypted?
I have been able to decrypt the data using fhevmjs after reencrypting it but I’m not sure how to decrypt the data if it’s not reencrypted
Also, can we use our own public and private keys to encrypt and decrypt data and send it to the smart contract instead of using blockchain’s public key?
Hello!
Data on the blockchain are encrypted with a key owned by a KMS, a key management service. This service could be a secured service handled by a trusted entity or it could be a multiple node using a MPC protocol to decrypt data using threshold decryption. In the end, it depends of the blockchain using the fhEVM.
Since all the data are encrypted by a blockchain key, for any decryption or reencryption, you need to use this KMS. A reencryption is the possibility to reencrypt the data from the blockchain key to a user’s public key. Note that the user’s keys are not TFHE keys but NaCl keys. These are the keypairs generated by fhevmjs with generatePublicKey.
We currently do not plan to support the storage and computation over data encrypted with various keys. This is because using individual keys for each user would break the composability for smart contracts.
If you want to know more, you can take a look at our whitepaper