Skip to main content

Privacy & Confidential Execution

Why Privacy Matters for Portfolio Managers

DeFi today is transparent by default - which is powerful, but often limiting.

In particular, vault curation of public, blockchain-based DeFi products is one of the most promising business models for the next generation of finance. However, its scalability and long-term sustainability are limited by a fundamental issue: the need for portfolio managers to protect their alpha.

In today's DeFi environment, vault tokenization standards expose real-time portfolio compositions and trading behaviors. Copycats and freeloaders can easily monitor, reverse-engineer, and replicate strategies without bearing the associated research and execution costs.

Without privacy, managers interested in avoiding liquidity fragmentation are forced into an impossible trade-off between:

  • Sharing all their moves and risking the loss of their edge, or
  • Operating off-chain, undermining the auditability and composability of DeFi.

If DeFi is to scale professional asset management, confidentiality must become a first-class primitive - just as composability, security, and permissionlessness already are.

Our Commitment to Onchain Privacy

Through innovations like confidential smart contracts, Orion enables:

  • Protection of proprietary strategies without sacrificing onchain composability;
  • Private portfolio management with verifiable, encrypted performance;
  • Auditability for users and LPs without exposing sensitive manager behavior: vault strategies remain private, with holdings and trades encrypted, while performance remains auditable.
  • MEV protection, safeguarding trade execution against frontrunning and sandwich attacks;
  • Users to deposit into vaults without revealing their positions or allocations.

By integrating confidential computing natively into our architecture, Orion brings institutional-grade privacy to the permissionless world of DeFi - unlocking a new era of scalable, professionalized, and competitive onchain asset management.

Confidential Smart Contracts: A Key Enabler

Orion integrates advancements in cryptography1 2 to power private vault strategies and encrypted performance tracking. This integration enables the execution of confidential smart contracts on encrypted data - ensuring both data privacy and composability within blockchain environments.

Transaction inputs and on-chain states are encrypted, ensuring that sensitive information remains confidential, while fully onchain, non-custodial and verifiable by anyone.

Architecture

Technical Overview

Let:

  • NN be the number of active privacy-preserving portfolios.
  • MM be the number of distinct assets (tokens) active in the netted portfolio.
  • ai,ja_{i,j} denote the (encrypted) amount of asset jj held by portfolio ii, where i{1,,N}i \in \{1, \dots, N\} and j{1,,M}j \in \{1, \dots, M\}.

Each portfolio ii is defined as a vector:

ai=[ai,1,,ai,M]i{1,,N}a_i = [a_{i,1}, \dots, a_{i,M}] \quad\forall \medspace i \in \{1, \dots, N\}

where entries are encrypted amounts associated with a whitelisted investment universe shared by every portfolio (i.e., the union of unique symbols across all portfolios).

Let:

  • AjA_j denote the total (observable) amount of asset jj across all portfolios.
Aj=i=1NDecrypt(ai,j)j{1,,M}A_j = \sum_{i=1}^{N} \text{Decrypt}(a_{i,j}) \quad \forall \medspace j \in \{1, \dots, M\}

These totals AjA_j are used to compute the single, batched portfolio finally executed on-chain.

Note that we can decrypt the sum, not sum decrypted entries, using homomorphic encryption, to further minimize trust:

Aj=Decrypt(i=1Nai,j)j{1,,M}A_j = \text{Decrypt} \left( \sum_{i=1}^{N} a_{i,j}\right) \quad \forall \medspace j \in \{1, \dots, M\}

Let:

  • RjR_j be the plaintext price of asset jj as returned by an on-chain oracle.

The Profit and Loss of each portfolio ii is computed as the inner product of its holdings with the public assets return:

P&Li=j=1MDecrypt(ai,j)RjP\&L_i = \sum_{j=1}^{M} \text{Decrypt}(a_{i,j}) \cdot R_j

As above, using FHE:

P&Li=Decrypt(j=1Mai,jRj)P\&L_i = \text{Decrypt}\left( \sum_{j=1}^{M} a_{i,j} \cdot R_j \right)

Proof

For an outside observer, the number of unknowns is NMN \cdot M (portfolio states).

The number of equations is M+NM + N (one for each asset and one for each portfolio):

{i=1NDecrypt(ai,j)=Ajj{1,,M}j=1MDecrypt(ai,j)Rj=P&Lii{1,,N}\begin{cases} \sum_{i=1}^{N} \text{Decrypt}(a_{i,j}) = A_j \quad \forall \medspace j \in \{1, \dots, M\} \\ \sum_{j=1}^{M} \text{Decrypt}(a_{i,j}) \cdot R_j = P\&L_i \quad \forall \medspace i \in \{1, \dots, N\} \end{cases}

Thus, the system is underdetermined and has infinitely many solutions if and only if:

NM>M+NN \cdot M > M + N

Which is easily satisfied for N,M2N, M \geq 2.

Footnotes

  1. Zama - Welcome to fhEVM

  2. TenSEAL - A library for doing homomorphic encryption operations on tensors

Last updated on