Smart Privacy starts here
Better dApps require smarter privacy. Use cutting edge tools from Oasis to add customizable confidentiality to any Web3 and AI application.
.webp)
BUIDL with
Smart Privacy
Better dApps require smarter privacy. Use cutting edge tools from Oasis to add customizable confidentiality to any Web3 application.
Building Blocks of Smart Privacy
Sapphire is the first and only production-ready confidential EVM with end-to-end encrypted transactions and storage that allows smart contacts to manage secret data, sign or verify cryptographic signatures, and more.
Oasis Privacy Layer (OPL) is a wrapper for Sapphire that enables builders on any EVM compatible chain to easily access the confidentiality and encryption features of Sapphire.
Powering Decentralized AI with Privacy
We offer the technology stack that AI needs to protect its users. From autonomous AI agents, NFT collections that have a mind of their own, responsible AI training, oracles, chain abstraction and defense in depth, the potential use-cases for privacy-powered AI are endless.
Smart Privacyin action
Oasis Sapphire enabling Secure Prediction Feeds on Ocean Protocol
Featured Highlights
Sapphire offers end-to-end encryption and encrypted storage for executing contracts that include secret data. Sapphire also simplifies the technical workflow for building dApps that generate random numbers, sign or verify cryptographic signatures, and more.
Precompiled contracts for random number generation, keypair generation, signing and verification, and more encrypted processes are available for all developers running dApps on Sapphire.
There is no cost to use eth_call, and on Sapphire the contract has full access to its private state. Taking advantage of this gives your dApps the ability to do things that can't be done on on transparent EVM chainsand it won't cost a penny for your users.
Interested in exploring how Sapphire or OPL can fit your needs? Get in touch with the Oasis team to dive deeper.
Different dApps require different levels of privacy. From fully public to completely confidential, OPL enables privacy on any point of the spectrum, from fully public to completely confidential. Features of a dApp that require privacy can run on Sapphire via OPL while users and assets remain on their host network.
Web3 user safety starts with versatile, cross-chain privacy. The message-passing bridge built into OPL offers easy synchronization between dApp state and the host network using Sapphire’s secure runtime.
Forcing all on-chain activity to be completely public can be counterproductive. Instead of relying on basic smart contracts that offer no secrecy, OPL empowers Solidity developers to fine-tune discretionary transparency to the level that best suits their application.
OPL brings the power of Sapphire, the first and only confidential EVM, to all of Web3 with interoperable on-chain privacy compatible with every EVM network.
Understanding the Oasis Privacy Layer and Smart Privacy in Web3
A Workshop with Harry Roberts
What can you build?
Decentralized AI — built on the three principles of fairness, privacy, and transparency — ensures that AI technology is used in a way that respects individual data rights. Ocean Predictoor demonstrates the powerful security of AI dApps with fair, private data security using our confidentiality to protect crowd-sourced, on-chain prediction markets. Smartwhales AI utilizes the Oasis Privacy Layer to protect its users’ data.
We bring confidential smart contracts with flexible privacy features to DeFi. Our ecosystem partners accelerate this mission through building the first confidential EVM DEX (illumineX), supporting confidential accounting for synthetic assets (Synthr), and confidential onchain copy trading (SmartWhales).
Every NFT collector wants to protect the metadata associated with their assets, and gamers need certain things to be unpredictable, hidden from other players, or otherwise unknown and secret in a strategic way. From onchain player-versus-everyone games to decentralized poker applications, games and NFTs need secrets.
By design, contracts on Oasis Sapphire can create and manage private keys, encrypt and decrypt data, generate cryptographically secure random numbers, and sign or verify signatures. By combining its confidential state with native support for contract managed accounts, Sapphire offers tremendous potential to the future Web3 utility of account abstraction.
OPL uses the Celer’s Interchain Messaging (IM) Framework. This plug-and-play cross-chain tooling allows privacy upgrades that often require no modifications to already-deployed code for existing dApps.
All forms of voting and governance have historically demanded a degree of privacy. Confidentiality for these processes are important to ensure fairness and unbiased participation. Fostering honest and authentic governance practices starts with shielding participants from transparency-by-default networks and avoiding distorted elections from the influence of personal onchain data.
The Celer IM bridge is secured by the ‘State Guardian Network’ and has additional dApp safeguards with the Celer IM app guardian. See docs for more.
Sapphire is secured by Trusted Execution Environments (TEE) and the Oasis Layer1 BFT Proof-of-Stake consensus system, see the WhitePaper.
Every NFT collector wants to protect the metadata associated with their assets, and gamers need certain things to be unpredictable, hidden from other players, or otherwise unknown and secret in a strategic way. From onchain player-versus-everyone games to decentralized poker applications, games and NFTs need secrets.
Discover dApps Powered by Oasis Smart Privacy
.svg)
.svg)
Want to discuss your use case?
Unlocking Smart Privacy Features on the Oasis Network
Smart Contacts
contract MessageBox {
string private _message;
address public author; function setMessage(string calldata in_message) external {
_message = in_message;
author = msg.sender;
} function message() external view returns (string memory) {
if (msg.sender!=author) {
revert("not allowed");
}
return _message;
}
}
bytes32 key = ... ;
bytes32 nonce = ... ;
bytes memory text = "plain text";
bytes memory ad = "additional data";
bytes memory encrypted = Sapphire.encrypt(key, nonce, text, ad);
bytes memory decrypted = Sapphire.decrypt(key, nonce, encrypted, ad);
bytes memory seed = hex"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef";
bytes memory publicKey;
bytes memory privateKey;
(publicKey, privateKey) = Sapphire.generateSigningKeyPair(Sapphire.SigningAlg.Ed25519Pure, seed);
function signTransaction(uint64 nonce, uint256 gasPrice)
internal returns (bytes memory)
{
(address signerAddr, bytes32 signerSecret) = EthereumUtils.generateKeypair();
payable(signerAddr).transfer(1 ether);
return EIP155Signer.sign(
signerAddr, signerSecret,
EIP155Signer.EthTx({
nonce: nonce,
gasPrice: gasPrice,
gasLimit: 250000,
to: address(this),
value: 0,
data: data,
chainId: block.chainid
}));
}
import {Host, Result} from "@oasisprotocol/sapphire-contracts/contracts/OPL.sol";
contract Sender is Host {
event HeardReply(string);
constructor(address _receiver) Host(_receiver) {
registerEndpoint("listenToReply", _listenToReply);
} function sendToListener(string memory _message) external payable {
postMessage("confirmMessage", abi.encode(_message));
} function _listenToReply(bytes calldata _args) internal returns (Result) {
(string memory reply) = abi.decode(_args, (string));
emit HeardReply(reply);
return Result.Success;
}
}
Client Integration
import '@oasisprotocol/sapphire-hardhat';functionn setMessage(addr: string, message: string) {
// Wrapped MessageBox instance.
let messageBox =
await hre.ethers.getContractAt('MessageBox', addr);
// Encrypted setMessage transaction.
await messageBox.setMessage(message);
);export default const config: HardhatUserConfig = {
networks: {
'sapphire': {
url: 'https://sapphire.oasis.io',
chainId: 0x5afe,
},
'sapphire-testnet': {
url: 'https://testnet.sapphire.oasis.dev',
chainId: 0x5aff,
},
},
};export default config;
import * as sapphire from '@oasisprotocol/sapphire-paratime';
import { type MessageBox__factory } from 'my-messagebox-backend';
const provider = sapphire.wrap(window.ethereum);
functionn setMessage(addr: string, message: string) {
// Wrapped MessageBox instance.
const messageBox =
MessageBox__factory.connect(addr, provider.getSigner());
// Encrypted setMessage transaction.
await messageBox.setMessage(message);
}
import { sapphireTestnet } from 'viem/chains';
import * as sapphire from '@oasisprotocol/sapphire-paratime';
const provider = sapphire.wrap(window.ethereum! as EIP1193Provider);
const walletClient = createWalletClient({
chain: sapphireTestnet,
transport: custom(provider),
})
import sapphire "github.com/oasisprotocol/sapphire-paratime/clients/go"
func main() {
privateKey, err := crypto.HexToECDSA("")
if err != nil {
log.Fatal(err)
}
c, err := ethclient.Dial("https://testnet.sapphire.oasis.dev")
if err != nil {
log.Fatal(err)
}
var client *sapphire.WrappedBackend
client, err = sapphire.WrapClient(*c, func(digest [32]byte) ([]byte, error) { return crypto.Sign(digest[:], privateKey) })
}
from sapphirepy import sapphirew3 = Web3(Web3.HTTPProvider('https://testnet.sapphire.oasis.dev'))
w3.middleware_onion.add(construct_sign_and_send_raw_middleware(account)from web3 import Web3
from web3.middleware import construct_sign_and_send_raw_middleware
from web3.contract.contract import Contract
from sapphirepy import sapphireaccount = Account.from_key("...")w3 = Web3(Web3.HTTPProvider('http://localhost:8545'))
w3.middleware_onion.add(
construct_sign_and_send_raw_middleware(account)
)
w3 = sapphire.wrap(w3) # Wrapped providerdef setMessage(addr, message):
# Wrapped MessageBox instance.
messageBox = w3.eth.contract(address=addr, abi=abi)
# Encrypted transaction.
messageBox.functions.set_message(message).transact({'gasPrice': w3.eth.gas_price})
FAQs
Better dApps require smarter privacy. This is why Oasis focuses on delivering Smart Privacy to Web3 in the form of a flexible, fully customizable confidentiality framework that replaces the rigid, complex and inefficient tools in the status quo. With technologies like the Sapphire runtime and its accompanying Oasis Privacy Layer (OPL) for EVM-based chains, Oasis brings cutting edge confidentiality to any Web3 developer, even ones that don’t build directly on the Oasis network. For applications running on a separate host chain, OPL allows the powerful privacy features of Sapphire to be integrated on any layer of Web3. By creating a spectrum of confidentiality with unlimited customizability, Oasis is redefining how developers think about integrating privacy and reshaping the toolset available for prioritizing privacy in Web3.
On Oasis Sappihre it is easy to build confidential dApps with customisable privacy and confidentiality. When the EVM is run inside a Trusted Execution Environment (TEE) - in the case of Oasis Sapphire this is Intel SGX hardware isolation - the node operators cannot see transaction inputs, return values or smart contract state because all memory used by the enclave is encrypted. The EVM runs at nearly full speed in comparison to other privacy solutions such as ZK or FHE which are very computationally expensive.
Sapphire is a foundational Oasis ParaTime designed for building dApps with inherent privacy, leveraging advanced encryption. Oasis Privacy Layer (OPL) is a message passing bridge and suite of utilities that enables you to easily access the confidentiality and encryption features of Sapphire from many other EVM compatible chains without your dApp users worrying about how to pay gas. Both Sapphire and OPL are EVM compatible, streamlining the development for builders familiar with tools like Truffle or Hardhat.
Contracts pay for gas on-chain where the message is sent from, this means you can ‘send and forget’ and can expect the contract on the target chain will be called with the message. See Celer IM Overview and the Fee Mechanism pages for more info.
Sapphire is secured by Trusted Execution Environments (TEE) and the Oasis Layer1 BFT Proof-of-Stake consensus system, see the WhitePaper. OPL uses the Celer Inter-chain Message (Celer IM) Framework. It is very easy-to-use and allows a "plug'n'play" upgrade that often requires no modifications with already deployed code. The Celer IM bridge is secured by the ‘State Guardian Network’ and has additional dApp safeguards with the Celer IM app guardian. See docs for more.
%20(1).webp)
Have questions about Oasis Smart Privacy?
Let's get in touch
Fill out the below and we’ll get back to you as soon as possible.
.png)
More than just a newsletter, Oasis provides key insights into the Web3 privacy landscape, updates for the Oasis, ecosystem, community, and more.
