Aura FHE is the encrypted compute layer for the Solana Virtual Machine. It runs Solana programs on data that stays sealed end-to-end using a novel LUT-FHE scheme over Multivariate Quadratic structure. The protocol delivers privacy as a mathematical guarantee — not a policy, access control, or trusted enclave.

What is Fully Homomorphic Encryption (FHE)?

Fully Homomorphic Encryption (FHE) is a form of encryption that allows computations to be performed directly on encrypted data without decrypting it first. The result of the computation remains encrypted and can only be opened by the data owner. This enables truly privacy-preserving computation where sensitive data is never exposed — not at rest, not in transit, and not during processing.

How is Aura FHE different from zero-knowledge proofs?

Zero-knowledge proofs (ZK) prove that a computation happened correctly without revealing the underlying inputs. Aura FHE performs the computation directly on encrypted data and returns an encrypted result. ZK verifies correctness; FHE enables private computation. They solve different problems and are often complementary — every Aura coprocessor output ships with a cryptographic correctness proof that validators verify without decrypting.

How fast is Aura FHE compared to other FHE solutions?

Aura FHE delivers approximately 1000× speedup over TFHE-based alternatives across typical arithmetic workloads. Integer addition executes in roughly 0.04 microseconds, compared with Zama's ~50ms gate evaluation. Verification time is approximately 0.1 seconds. The architecture is bootstrap-free — the scheme is structurally noise-free, so it never needs the expensive ciphertext refresh that defines other production FHE schemes. Independent benchmark verification is in progress.

Does Aura FHE require a new blockchain?

No. Aura FHE operates as a coprocessor and integrates with existing chains at the SDK and wallet level. A Solana program submits an encrypted compute request to the Aura coprocessor network, receives a verifiable ciphertext result, and proceeds with on-chain settlement. The architecture is chain-agnostic by design; Aura ships first on Solana, with cross-chain expansion planned from Q1 2027.

Can Aura FHE support enterprise use cases?

Yes. The same coprocessor that serves a Solana DEX can serve a hospital, hedge fund, government agency, or AI inference pipeline. The cryptography does not care whether a request originates from a smart contract or a REST API. This makes Aura suitable for regulated, compliance-sensitive environments — financial services, healthcare AI, legal applications, defense, and any enterprise requiring privacy-preserving computation.

Is Aura FHE quantum-resistant?

Yes. Security reduces to the Multivariate Quadratic (MQ) problem, proven NP-hard by Garey and Johnson in 1979. Unlike lattice-based FHE schemes whose hardness rests on conjectured assumptions about Learning With Errors (LWE), MQ-hardness has a stronger theoretical foundation and no known efficient quantum attack. Post-quantum security is a structural property of the scheme, not a future upgrade path.

What can Aura FHE be used for?

Aura FHE unlocks application categories that are impossible on transparent blockchains: sealed-bid prediction markets (AuraPoly is live and clearing real flow), encrypted DEXes and dark pools, confidential AI inference on medical, legal, and financial data, private real-world asset tokenization, encrypted DAO governance with sealed voting, and autonomous AI agents with private wallets and encrypted memory. More than $100 trillion in institutional capital is currently blocked from on-chain markets because state is fully visible — Aura is the encryption layer that removes that ceiling.

What is the AURA token used for?

AURA is the unit of account for every encrypted computation processed by the network. It has four primary utilities: (1) per-transaction compute fees for FHE workloads called through the SDK, (2) staking by coprocessor miners and validators, (3) wallet balances held by end users to pay for their own encrypted operations, and (4) governance over protocol parameters. Total supply is fixed at 1,000,000,000 AURA with no protocol-level inflation beyond the published mining emission schedule.

When will Aura FHE launch?

AURA SDK v5 is already in production, and AuraPoly is clearing real flow on the encrypted compute layer today. The Token Generation Event (TGE) is targeted for Q3 2026, coordinated with the AuraPoly token integration and broader dApp launches. The Proof of Encrypted Work mining protocol launches publicly in Q4 2026 with genesis emissions beginning against real workload mix. Chain-agnostic expansion onto a second chain begins Q1 2027. Each milestone is a demoable, announceable event rather than a promise.

How does Aura FHE compare to Zama?

Zama has established itself as Ethereum's encryption layer, validated by $130M+ raised and ERC-7984 ratification. Aura FHE targets Solana, where Zama's CPU-based approach (20+ TPS, GPU acceleration targeting 'hundreds of TPS per chain' by Q3 2026) cannot match Solana's 400ms block time. Aura's bootstrap-free LUT-FHE is fundamentally different mathematics designed for chain-speed finance — integer addition in ~0.04μs versus Zama's ~50ms gate evaluation, with a 3.7MB WASM runtime. The two protocols are optimized for different chain regimes rather than directly competing.

What makes Aura FHE's technology different?

Aura FHE's core innovation is LUT-FHE — a fully homomorphic encryption scheme built on precomputed lookup tables defined over Multivariate Quadratic structure rather than ring-based ciphertext arithmetic. Two structural advantages follow. First, the scheme is bootstrap-free: the algebraic structure does not accumulate noise, so there is no need for the expensive ciphertext refresh that bottlenecks every lattice-based FHE scheme. Second, security reduces to MQ-hardness, proven NP-hard and post-quantum secure. The construction is the product of more than 12 years of cryptographic research and is protected by 9 patents.

Why Every DeFi Transaction You Make Is Being Stolen — And How to Fix It · AFHE

Last year, you were robbed. You probably didn't notice.

If you made any trades on a decentralized exchange in 2025, bots extracted value from your transactions. Not through hacking. Not through a bug. Through a feature built into how public blockchains work.

This is called MEV — Maximal Extractable Value. And in 2025, bots extracted more than $1.5 billion from regular DeFi users.

How the robbery works

When you submit a transaction to Solana (or Ethereum, or any public blockchain), it doesn't execute immediately. It enters a public queue called the mempool.

In that brief moment — before your transaction confirms — every bot on the network can see exactly what you're trying to do.

If you're buying SOL with USDC, a bot sees this. It immediately:

Buys SOL before you, driving the price up slightly
Lets your transaction execute at the higher price
Sells the SOL it bought for an instant profit

You get worse execution. The bot makes money. This happens in milliseconds, thousands of times per day, on every public chain.

Why existing solutions fail

Some projects have tried to solve MEV with:

Transaction ordering services: Delay when transactions are revealed. Still public, just later.
ZK proofs: Hide the sender, not the transaction content. MEV bots can still see the trade.
Commit-reveal schemes: Two-step transactions. Add latency, don't solve the root problem.

None of these fix the fundamental issue: the transaction data is eventually public, and bots are fast enough to exploit any window.

The only real solution: encrypt the transaction itself

Fully Homomorphic Encryption (FHE) does something remarkable: it lets a computer perform computations on encrypted data without decrypting it first.

What this means in practice: your swap order can be encrypted, processed encrypted, and executed encrypted. No one — including validators — ever sees the plaintext transaction until it's fully confirmed.

MEV becomes mathematically impossible because there's nothing to front-run. The data is encrypted from your wallet to final execution.

This exists today

Shield.afhe.io is the first fully encrypted token swap on Solana. Powered by Aura's FHE runtime, every trade is cryptographically private.

We've processed thousands of swaps. Zero MEV extracted from any of them.

This isn't a roadmap promise. It's live. Try it: shield.afhe.io