Ika Network: Sub-second MPC Infrastructure

The newly launched Ika network of the Sui ecosystem is an innovative infrastructure based on multiparty secure computation (MPC) technology, with the main feature being sub-second response speed. Ika is highly compatible with Sui in terms of underlying design such as parallel processing and decentralized architecture, and will be directly integrated into the Sui development ecosystem in the future, providing plug-and-play cross-chain security modules for Move smart contracts.

The core technology of Ika includes:

1. Improved 2PC-MPC signature protocol, which decomposes the signing operation into a process involving both the user and the network.

2. Utilize parallel computing to split the signature task into multiple subtasks for simultaneous execution, significantly improving speed.

3. A large-scale network supporting thousands of nodes, each node only holds a part of the key shard.

4. Cross-chain control and chain abstraction, allowing smart contracts on other chains to directly control accounts in the Ika network.

Ika is expected to have the following impacts on the Sui ecosystem:

1. Provide cross-chain interoperability, supporting the low-latency and high-security integration of assets such as BTC and ETH into the Sui network.

2. Provide a decentralized asset custody mechanism, which is more flexible and secure than traditional centralized custody.

3. Simplify cross-chain interaction processes, allowing contracts on Sui to directly operate accounts and assets on other chains.

4. Provide a multi-party verification mechanism for AI automation applications to enhance transaction security and credibility.

However, Ika also faces some challenges:

1. As a "universal standard" for cross-chain interoperability, it needs to gain more recognition from blockchain and projects.

2. The issue of the irreversibility of MPC signature permissions remains to be resolved.

3. Dependence on the stability of the Sui network, and adjustments may be needed in line with Sui consensus upgrades.

Comparison of Privacy Computing Technologies

FHE Project

Zama & Concrete:

• General-purpose compiler based on MLIR
• Adopt a "Layered Bootstrapping" strategy
• Supports "Hybrid Encoding"
• Provide "key packaging" mechanism

Fhenix:

• Optimization for EVM instruction set
• Use "Ciphertext Virtual Register"
• Design off-chain oracle bridging module

TEE Project

Oasis Network:

• Introduce the concept of "layered trusted root"
• Use a lightweight microkernel to isolate suspicious instructions.
• The ParaTime interface uses Cap'n Proto binary serialization.
• Develop the "Durability Log" module to prevent rollback attacks

ZKP Project

Aztec:

• Integrated "Incremental Recursion" technology
• Implement a parallel depth-first search algorithm using Rust
• Provide "Light Node Mode" to optimize bandwidth

MPC Project

Partisia Blockchain:

• Extension based on the SPDZ protocol
• Add "preprocessing module" to pre-generate Beaver triples
• Use gRPC communication, TLS 1.3 encrypted channel
• Parallel sharding mechanism with dynamic load balancing support

Comparison of Privacy Computing Technologies

Overview of Different Technologies

Fully Homomorphic Encryption ( FHE ):

• Allows arbitrary computation on encrypted data
• Ensures security based on complex mathematical problems
• High computational overhead, performance is the main bottleneck

Trusted Execution Environment ( TEE ):

• Isolated secure memory areas provided by the processor
• Performance close to native computing, low overhead
• Relying on hardware trust poses potential risks

Multi-Party Computation ( MPC ):

• Multiple parties jointly compute without disclosing private inputs.
• No single point of trust hardware, but requires multi-party interaction
• High communication overhead, affected by network

Zero-Knowledge Proof ( ZKP ):

• Verify statements without disclosing information
• Implemented based on elliptic curves or hash functions
• Suitable for verification rather than calculation

Technical Adaptation Scenarios

Cross-chain signature:

• MPC is best suited for 2PC-MPC parallel signatures like in the Ika network.
• TEE can also be implemented, but there are hardware trust issues.
• FHE theory is feasible but has excessive costs.

DeFi Multi-signature Wallet/Custody:

• Mainstream MPC, such as Fireblocks distributed signing
• TEE is used for hardware wallets, but there are trust risks.
• FHE is mainly used for upper-level privacy logic.

AI and Data Privacy:

• The advantages of FHE are obvious, with encrypted computation throughout.
• MPC can be used for federated learning, but the communication cost is high.
• TEE is subject to memory limitations and has side-channel risks.

Technical Differentiation

Performance and Latency: FHE > ZKP > MPC > TEE( from high to low )

Trust assumption: FHE/ZKP > MPC > TEE( from weak to strong)

Scalability: ZKP/MPC > FHE/TEE

Integration Difficulty: TEE < MPC < ZKP/FHE

FHE is not universally superior to other solutions

FHE, TEE, ZKP, and MPC face the "impossible triangle of performance, cost, and security" in practical applications. FHE theoretically provides the strongest privacy protection, but its low performance limits its applications. TEE, MPC, and ZKP are more feasible in scenarios that are sensitive to real-time requirements and costs.

Different technologies have different trust models and applicable scenarios:

• ZKP is suitable for verifying complex off-chain computations.
• MPC is suitable for multi-party shared private state computation.
• TEE is mature in mobile and cloud environments.
• FHE is suitable for extremely sensitive data processing.

Future privacy computing may be a complement and integration of various technologies, such as Nillion combining MPC, FHE, TEE, and ZKP. The choice of appropriate technology should depend on specific needs and performance trade-offs, in order to build a modular solution.