Oasis Sapphire

Sapphire is the first and only confidential EVM that empowers Web3 & AI with Smart Privacy. Developers can build EVM-based on-chain dApps with smart contracts that are 100% confidential, 100% public, or anywhere in between.

Get started building confidential dApps on Sapphire

Trusted by

Key Features

Private Storage

Sapphire offers end-to-end encryption and encrypted storage for executing contracts that include secret data. Sapphire also simplifies the technical workflow for building dApps that generate random numbers, sign or verify cryptographic signatures, and more.

EVM Compatibility

Applications built on any EVM network can be ported over to Sapphire without making any major changes if the developers build with tools like Hardhat or Ethers (with many more to come!). All dApps also remain compatible with MetaMask and other window.ethereum providers.

Encryption Precompiles

Precompiled contracts for random number generation, keypair generation, signing and verification, and more encrypted processes are available for all developers running dApps on Sapphire.

Free View Calls

Sapphire view functions are free. View calls also have access to private state information for contracts running on Sapphire. With free view calls, Sapphire offers important functionality to Web3 dApps that are not possible on transparent EVM networks – all without added costs to users.

Web2 Authentication

Web2 AuthenticationSapphire offers end-to-end encryption and encrypted storage for executing contracts that include secret data. Sapphire also simplifies the technical workflow for building dApps that generate random numbers, sign or verify cryptographic signatures, and more.

ROFL (Runtime OFf-chain Logic)

ROFL (Runtime OFf-chain Logic) is a framework that adds support for off-chain components to runtimes like Oasis Sapphire, enabling non-deterministic behavior and access to remote network resources. ROFL allows for off-chain components to seamlessly communicate with the on-chain realm, bringing about full composability across different blockchain platforms and off-chain computation stacks.

Building better dApps starts with Sapphire

Building on Oasis positions any dApp to achieve the most important features and use cases for every Web3 audience.

Integrate & Deploy in minutes

Get ready to experience the fast and frictionless development experience of building on Sapphire.

function signTransaction(uint64 nonce, uint256 gasPrice)
   internal returns (bytes memory)
   (address signerAddr, bytes32 signerSecret) = EthereumUtils.generateKeypair();
   payable(signerAddr).transfer(1 ether);
   return EIP155Signer.sign(
    signerAddr, signerSecret,
           nonce: nonce,
           gasPrice: gasPrice,
           gasLimit: 250000,
           to: address(this),
           value: 0,
           data: data,
           chainId: block.chainid

Use Cases

Be Compliant and Keep Information Safe

Keep sensitive information hidden from bad actors, spammers and phishers by encrypting it so only those who need to know can see it. Programmable privacy allows contracts to selectively reveal only what is required and necessary to abide by regulations in a way which is auditable and safe from abuse or dragnet surveillance. The range of cheap cryptographic primitives available on Sapphire EVM allows you to develop contracts which are end-to-end encrypted, compliant and safe.

TOTP 2-factor authentication

Transparent EVM chains are unable to use TOTP because the authentication requires a contract to know the secret seed that generates the familiar 6-digit code. But because many companies require a second factor authenticator, this is essential for Web3 mainstream adoption. Networks like the Sapphire runtime are able to support TOTP because of its confidential design. By protecting secret information managed by smart contracts, Sapphire empowers developers to build the apps they need with features users demand.

TouchID &


Every recent Android and iPhone, and most web browsers, support WebAuthN / Passkeys. Sapphire fully supports the Ed25519 and EdDSA standards for signing and verification used by WebAuthN, meaning almost everybody on the planet can log-in and authorize actions in your application with a device-secured identity without the need for MetaMask, Web3 technologies, or costly intermediating third-parties.

End-to-End Encryption

Sapphire contracts with private storage can have their own secrets, and by using the Encryption, Decryption and Key Derivation operations for Solidity you can be assured that information passing through third-parties remains secure and tamper-free. Many valuable Web3 ideas can be radically simplified by making the trustless contract generate an encrypted token containing information that only it can see.

Keep Customer Information Safe

Transparent smart-contract blockchains such as Ethereum have been widely proposed as the enabler for next-generation industries, however they lack the privacy necessary for sensitive data and financial transactions to be used in-practice. The power of network effects and the limitation that only a select few can integrate with an ecosystem has often hindered widespread adoption of closed-source and ‘enterprise API’ systems. Oasis Sapphire and OPL brings confidential data with selective privacy to smart contracts to bridge the gap connecting the real-world with Web3 and Industry 4.0.

Full-Spectrum Data Privacy

Smart privacy technology will define the future of Web3. Transparency-first smart contract development must be balanced with adequate privacy protections for safeguarding sensitive on-chain data and financial transactions. Oasis is leading the industry toward smart privacy with an ecosystem that is unhindered by dangerously public systems. Oasis Sapphire and OPL bring confidential data with selective privacy features to smart contracts, bridging the gap between the mainstream and Web3.

Dive into the codebehind Sapphire

Explore the public Github repository and start adding it to your projects.

Explore the public Github repository and start adding it to your projects.

Build with Oasis

Curious about Oasis developer
tools? Want to build with Oasis?


Are transactions encrypted?

When a dApp uses the Sapphire provider wrapper all transactions are end-to-end encrypted between the browser and the smart contract without any additional changes. However, signing encrypted transactions will look slightly different than normal in MetaMask due to EIP-712.

What is a TEE?

When the EVM is run inside a Trusted Execution Environment (TEE) - in the case of Oasis Sapphire this is Intel SGX hardware isolation - the node operators cannot see transaction inputs, return values or smart contract state because all memory used by the enclave is encrypted. The EVM runs at nearly full speed in comparison to other privacy solutions such as ZK or FHE which are very computationally expensive.

What consensus algorithm does Sapphire use?

The Sapphire ParaTime uses the Oasis Layer-1 BFT Proof-of-Stake consensus system, see the WhitePaper.

Is it compatible with Ethereum?

Yes, most applications can be ported over with no changes if they use Truffle or Hardhat. To take advantage of the full potential of confidential contracts dApps will need some minor changes.

Is it compatible with MetaMask?

Yes, dApps will remain compatible with MetaMask and other window.ethereum providers with or without the Sapphire encryption wrapper.

Do I need a bridge?

While OPL provides a bridge to many EVM chains via Celer IM, contracts on Sapphire can generate Ethereum and Bitcoin compatible keypairs, allowing them to conditionally sign their own transactions.

Can Sapphire do Web2.0 Authentication?

Yes, with support for EcDSA, EdDSA and confidential storage you can implement authentication using strong credentials present on every modern mobile device and browser.

Does it work with Hardhat and Truffle?

Developing dApps for Oasis Sapphire has full support the two most popular smart contract development frameworks. Truffle works out of the box using the Sapphire wrapper.

For Hardhat there is an extra plugin you can use, just add this to the beginning of your hardhat.config.ts file:
import '@oasisprotocol/sapphire-hardhat';

How is Sapphire different from Oasis Privacy Layer?

Oasis Privacy Layer (OPL) is a message passing bridge and suite of utilities that enables you to easily access the confidentiality and encryption features of Sapphire from many other EVM compatible chains without your dApp users worrying about how to pay gas.

Stay Up to Date in

Stay Up to Date in Web3 & AI Privacy

Web3 & AI Privacy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

More than just a newsletter, Oasis provides key insights into the Web3 privacy landscape, updates for the Oasis, ecosystem, community, and more.

How we use cookies?

At Oasis Foundation we believe in your privacy, so you can choose to browse our site without any tracking or by clicking “Accept”, you help us to improve our site and help us grow our ecosystem. View our Privacy Policy for more information.