Skip to main content
FHE explains why confidential smart contracts matter. CoFHE is how Fhenix makes them practical. CoFHE is an FHE coprocessor that lets any blockchain run computations on encrypted data. This makes confidentiality just another Solidity feature. There’s no migration to a specialized FHE chain, no new toolchain, and no cryptography to implement yourself. CoFHE handles the heavy FHE math offchain; your contract only ever touches lightweight handles to encrypted values, so code stays familiar. Values are encrypted — everything else feels like ordinary development.

Why a coprocessor?

The coprocessor model adds confidentiality without changing how applications are built — same Solidity, same chains, same tooling, with encrypted values as just another type to work with.
  • No migration — CoFHE attaches to existing blockchains. Confidential contracts deploy to the networks already in use, not a dedicated FHE L1.
  • Familiar code — contracts pass around lightweight handles (references to ciphertexts) rather than the ciphertexts themselves, so they read like normal Solidity. FHE operations add some gas overhead, but the onchain footprint stays small and predictable.
  • No cryptography to implement — the heavy FHE math runs offchain on the CoFHE server, which is built to do it efficiently. A contract calls FHE.add; CoFHE does the rest.
  • Trust-minimized by default — decryption is never in one party’s hands. A Threshold Network performs it through multi-party computation.

What CoFHE lets you build

Because computation happens on encrypted values, you can build applications where sensitive data never appears in plaintext onchain:
  • Confidential balances and transfers — token amounts and balances stay hidden while transfers still settle correctly.
  • Private state in contracts — per-user values (counters, scores, bids, positions) that no one, not even the contract or CoFHE, can read in the clear.
  • Sealed inputs — users submit encrypted inputs (votes, bids, orders) that are computed on without ever being revealed.
  • Selective disclosure — results are decrypted only for authorized parties, gated by signed permits.

How it works

Every CoFHE application follows the same three-phase lifecycle: encrypt → compute → decrypt.
1

Encrypt (client-side)

The user’s plaintext is encrypted in the client using the @cofhe/sdk, bundled with a zero-knowledge proof that the input is well-formed, and submitted to CoFHE. The blockchain only ever receives an encrypted handle — never the raw value.
2

Compute (onchain handle, offchain math)

The smart contract uses FHE.sol to operate on encrypted handles — adding, comparing, selecting — as if they were ordinary numbers. Each operation deterministically derives a new result handle and is recorded onchain; the CoFHE server independently computes the matching ciphertext offchain. Nothing returns to the contract, and plaintext is never exposed at any point.
3

Decrypt (optional, gated by permits)

When an authorized user wants a result, they present a signed permit. The Threshold Network decrypts via multi-party computation — either re-encrypting the value so only that user can read it (for display), or returning a verifiable plaintext with a signature (for onchain use).

The pieces

Developers only interact directly with two parts of CoFHE; the rest runs behind the scenes.

What you touch

ComponentWhereRole
@cofhe/sdkClientEncrypt inputs, manage permits, decrypt outputs
FHE.solOnchainSolidity API for operating on encrypted handles

What runs behind the scenes

ComponentRole
Task ManagerOnchain gateway that validates FHE requests and enforces access control
Slim ListenerWatches onchain events and forwards operations to the offchain layer
FHEOS ServerExecutes the actual FHE computations and holds encrypted state
Result ProcessorPublishes verified results back onchain
Threshold NetworkDecrypts via multi-party computation — no single party holds the key
RegistriesTrack ciphertexts and record result commitments so integrity can be verified before any decryption
For a component-by-component breakdown, see the CoFHE Architecture deep dive.

How CoFHE keeps data safe

  • Encrypted end-to-end — values are encrypted client-side and stay encrypted through computation; only handles touch the chain.
  • Verified inputs — zero-knowledge proofs ensure every encrypted input is well-formed before it enters the system.
  • Verified results — the coprocessor commits to each result onchain, and the Threshold Network checks integrity before it will decrypt anything.
  • No single point of trust for decryption — decryption requires the Threshold Network’s multi-party computation, gated by signed permits.

Next steps

Mental Model

Walk through encrypt → compute → decrypt with a concrete Counter example.

Client SDK

The TypeScript SDK for encrypting inputs and decrypting outputs.

FHE Library

The Solidity library for computing on encrypted data onchain.

Architecture Deep Dive

Every CoFHE component and data flow, in detail.