The Big Whale: Firstly, can you explain simply what Zama does?
Rand Hindi: Zama is a company that develops open source technology around what is known as Fully Homomorphic Encryption (FHE). The idea behind it is to enable encrypted data to be processed without the need to decrypt it first.
Imagine you are a user of a blockchain product. Currently, all your transaction data is visible to everyone. For example, when you make a token transfer, your balance and the amount transferred are visible to everyone, limiting confidentiality.
With homomorphic encryption, your transaction amounts and on-chain balance can be encrypted, allowing validators to execute smart contracts without ever seeing the actual data. For you, the user, nothing changes - except that your data remains encrypted from start to finish.
In practical terms, how does this work when a transaction is sent?
Before submitting a transaction, the user must first encrypt the data they wish to include, such as the amount of tokens to be sent. Then, the validators process the transaction by performing the same operations they would if the data were not encrypted: they subtract the amount from your balance and add it to the recipient's balance.
The logic remains the same, but it operates on encrypted data. In simpler terms, it's as if the smart contract code remains the same, but all the "magic" happens at the cryptographic level.
The lack of confidentiality is one of the main obstacles to the arrival of large financial institutions on public blockchains. Do you think that the transparency of public blockchains is compatible with the needs of traditional players?
When it comes to confidentiality on a blockchain, there are two elements to hide: the actual data, such as transaction balances and amounts, and the metadata, such as the sender and recipient addresses.
Most current confidentiality solutions aim to anonymise the transaction trail but leave the data itself public. For example, with Tornado Cash, you can see that an address has received 100 tokens, but you can't identify the sender, which doesn't please the regulators.
FHE, on the other hand, doesn't hide the transaction itself, but masks the content. It's like Signal compared to Tor. With Signal, you use a public network, but the content is encrypted.
Similarly, with FHE, the data on the blockchain is encrypted, allowing traceability to be maintained while protecting the content. For a financial institution, this means that it can be seen that it holds tokens without knowing the amounts or the identity of the holders.
Would you say that confidentiality is the biggest barrier to adoption at the moment?
Yes, clearly. From a regulatory point of view, you're often not even allowed to disclose certain data for confidentiality reasons. It's not just a product issue; there are regulatory obligations to keep certain information private.
But confidentiality isn't just about token transactions - it's also crucial for identity. Today, if you want to use a decentralised finance (DeFi) product in a compliant way, there is no simple way to do this. You could perhaps do off-chain KYC and be whitelisted, but there is no way for DeFi protocols to verify on-chain identity at the moment. With homomorphic encryption, you could keep your on-chain identity but encrypted.
Information like age, salary, nationality could all be encrypted. When a DeFi protocol needs to verify something, for example to make sure you're not American, it could do an encrypted verification of your encrypted identity. So your identity becomes a composable part of the DeFi application, which is essential for compliance.
Currently, Zama is one of the only companies working on homomorphic encryption. Is that right?
We're not the only ones, but we're the only ones with a working solution.
So in your opinion, homomorphic encryption is the most interesting technology for managing on-chain confidentiality?
Yes, and there are two reasons for that. Firstly, FHE doesn't require you to learn any new cryptography or language. If you've ever tried to use a ZK (Zero-knowledge proof) for complex applications, you know it's very difficult.
FHE, on the other hand, is directly integrated into Solidity, Ethereum's programming language, so you just write Solidity code as usual. Everything happens in the smart contract, which makes it simple to use. For example, if you want to give someone access to your balance, you can simply write the relevant Solidity code. Nothing happens outside the smart contract.
The second reason is composability. ZKs allow you to manage fewer parameters in terms of confidentiality; they were not designed for confidential calculation. They are only used to verify calculations.
For example, if you want to prove that you are over 18, your wallet could contain this information, and you could generate a ZK proof to prove your majority.
But on-chain, you can only verify this proof; you cannot use this information as input to another application. On the other hand, FHE allows composability of on-chain encrypted data. So if your priority is off-chain confidentiality, ZK is perfect. But if you need composability on on-chain encrypted data, FHE is a better solution.
When will your solution be operational?
We are still in the development phase, but we currently have 10 protocols that integrate FHE.
Can you name a few?
I can mention the ones that are public. Shiba is one of them. Shiba is now using FHE in its Layer 2 ecosystem. You might wonder why a memecoin would need privacy, but it's actually very clever.
Shiba has developed a brand, a bit like Disney with Mickey Mouse, and they've built a whole universe around the Shiba dog. This includes games where certain aspects of gameplay could remain confidential, confidential tokens, and even a metaverse where land ownership could be private.
In Shiba's case, FHE is not being used for financial applications but to create otherwise impossible experiences. By the way, this hat I'm wearing is a collectible signed by Shiba's main developers.
Another example is Fenix, which builds FHE rollups, allowing anyone to launch a rollup with FHE. Inco is also involved, working on an FHE solution for a Layer 1.
Zama will also soon be launching what we call FHE coprocessors, designed to enable FHE applications on channels that don't natively support FHE. This will allow you to deploy FHE contracts on Ethereum, Base, Solana, and others. With all these players - Zama, Phoenix, Inco, Shiba, and others - the infrastructure is there. Now, the goal is to encourage developers to build applications on this technology.
What kind of applications do you hope developers will build on FHE?
For example, we're working with a company that's building a Venmo on-chain. For those who don't know, Venmo is a payment app where you can send money to your friends.
Venmo shows you that you've sent money without disclosing the amount, and that's exactly what FHE can do on a blockchain: show that Rand has sent money to someone without disclosing the amount. Creating something like Venmo on-chain hasn't been possible with FHE until now.
There's also a company creating an on-chain data marketplace, allowing people to sell their encrypted data, for example to train AI models.
In addition, some companies are using FHE for on-chain machine learning to keep user inputs private. The growth of the FHE ecosystem has been rapid; since the launch of our FHE VM product a year ago, the ecosystem built around it has already reached a value of $1 billion.
Beyond Shiba, can you at least name the categories of players you work with the most?
We work with three main types of company. Firstly, we have Web3 infrastructure companies, such as those building L1 and L2 blockchains with integrated FHE. Shiba is one example.
The second group includes traditional financial institutions. They are not necessarily looking to use public blockchains, but they are interested in blockchain technology for private exchanges.
For example, they want to use a blockchain to replace the SWIFT network while maintaining the confidentiality of each institution's positions - a major use case made possible by the FHE.
Finally, the third type of company concerns application developers. Whether these applications run on Zama's hosted coprocessors, Shiba or other platforms, it doesn't matter.
Currently, our main focus is traditional finance, tokenisation and application development. We already have a strong FHE infrastructure for L1 and L2 channels, so our current need is to encourage more applications and expand use cases beyond Web3.
You recently raised $73 million. What are your priorities for the coming months and years?
The first priority is to move our partners' infrastructure onto our mainnet by early 2025, so in the first or second quarter. This will be the first official launch of the FHE mainnet.
The second priority is to encourage developers to start building with FHE. Having blockchain infrastructure is great, but we need applications for users. Currently, in the blockchain space, there are more Layer 1s and Layer 2s than applications, which is crazy when you think about it. So, for FHE, our goal is to grow the ecosystem with as many developers and users as possible.
If I understand correctly, anyone will be able to build their solution from your technical foundation.
Exactly. Whether developers build on one of our partners' chains or on Zama's coprocessors, they will be able to deploy their smart contracts directly. It's entirely permissionless. However, Zama may charge a fee - after all, we're a business and need to generate revenue at some point.
This brings me to my next question: what is Zama's business model?
Everything we create is open source. We believe this is necessary to build trust. On the other hand, while every line of code is open source, we also hold patents on our technology. This means that we patented our technology and then made it open source.
To be clear, anyone can experiment with our technology, but for commercial use, companies must license the patents contained in our open source code.
It's a simple model, similar to that of open source companies like MongoDB. We provide open source code with a commercial licence that monetises through services or self-managed licences.
Are you planning to launch a token in the future?
We don't have to. Our partners are already launching tokens on the blockchains they are building. If Zama were to launch a token, it might be for one of our hosted services, but no decision has been made.
But if we were to launch one, we would do so with certain principles.
That is?
There is a dilemma today. Companies have to raise funds to build their blockchain and launch a token, which leads to a high valuation of the token as soon as it is launched. It's a bit of a chicken and egg problem.
But back in the day, products were launched very early, and tokens were offered at public sales or auctions (ICOs - Initial Coin Offering), making them more accessible and affordable.
As Zama doesn't need funding, if we decide to launch a token, we'll make sure it's accessible and not overly expensive.
HEF requires a lot of computing power. How do you intend to solve this scalability problem?
When we started four years ago, FHE had three main problems: it was too slow, difficult to use without advanced cryptographic knowledge, and limited to basic applications.
We solved the usability issue by integrating FHE into Solidity, so developers don't need to master cryptography. We've also extended the applicability of FHE to include machine learning and blockchain smart contracts. In terms of speed, we are now 100 times faster than when we started.
To give an idea, in our first tests, our FHE VM could handle 0.2 transactions per second (TPS). A year later, we reached 5 TPS, and now we're up to 20 TPS. With GPUs and improvements to come, we hope to reach 50 to 100 TPS by mid-2025. And that's for a single channel; but with FHE rollups, scalability is basically solved.
People often underestimate the potential for exponential growth, especially in tech. The speed of FHE is improving with Moore's Law, so although it was slow to begin with, it is now reaching an inflection point. Within two to five years, FHE could support thousands of TPSs, without compromising privacy on the blockchain.
Currently, you focus on the Ethereum ecosystem (EVM). Do you plan to extend your solution to other ecosystems?
The majority of liquidity is currently in the Ethereum ecosystem, making it a convenient starting point. But we'll also be supporting ecosystems like Solana and Ton soon. We just want to go where the users are.
The reason we're only in the Ethereum ecosystem is also to prioritise our engineering resources. We have a large team - I would say the largest crypto team in the blockchain. But even with a large team, you can't do everything at once.
Today, what does Zama represent in terms of headcount or turnover?
We have big announcements planned for 2025, so we prefer to save the financial and customer details for when the time comes. Once our customers are online on the mainnet, we'll be able to say more about our progress.
On the other hand, I can tell you about our team. For my part, I completed a PhD in Artificial Intelligence in 2007 at the age of 21, and then founded and sold an AI company in 2019.
My co-founder, Pascal Paillier, is a pioneer of homomorphic encryption, with his own encryption scheme - the Paillier scheme. It's a bit like launching a blockchain with Vitalik Buterin as co-founder. His reputation has attracted some of the best cryptographers in the world, such as Nigel Smart and Marc Joye.
Currently, we have 75 employees, half of whom are cryptographic researchers and engineers with PhDs. So we have more researchers in homomorphic encryption than any other company in the world.
When do you plan to be profitable?
From the start, I told our investors that we wouldn't turn a profit for three or four years, because we need to get our technology working first.
Our strategy was to build a kind of "OpenAI for FHE", with a focus on open source work and developer adoption. After three years, we started commercialising, and by 2025 our customers will be on the mainnet.
In deep tech, it takes a certain amount of incompressible research time to get to market. For years, it feels like nothing is happening, then suddenly it works and everything accelerates. We're now at that inflection point with FHE; there's a lot of momentum because the technology started working a year ago.
If a regulator needs access to a transaction, how would it work?
Zama is simply a technology provider. We don't hold any decryption keys, so it's impossible for us to access the encrypted data. We simply provide the technology or perform calculations, much like AWS does.
Breaking homomorphic encryption would mean breaking post-quantum cryptography, which is not a realistic problem to consider.
When it comes to compliance, one of the advantages of FHE is that compliance rules can be built directly into the smart contract or the application itself.
For example, you could require users to provide an encrypted identity to prove they are not American, or authorise a US regulator to decrypt certain transactions involving US citizens.
This approach builds compliance into the application without requiring any additional action from the end user.
Are you not concerned about the risk of ending up in a similar situation to Tornado Cash, where a privacy tool becomes the target of regulators?
It's quite different. Tornado Cash aimed to hide identities, which governments don't like because it prevents the traceability of transactions.
As long as a transaction can be traced back to someone, as our solution potentially allows, regulators can investigate if necessary.
With FHE, the identity remains visible, but the data itself is encrypted. This traceability and accountability of on-chain transactions is what governments are looking for; they know who to approach if they need further information.
That's the key difference. Tornado Cash, for example, like Tor - anonymises the identities of users accessing public content, which governments don't like. FHE is more like Signal; it uses a traceable public infrastructure to exchange encrypted data.
What do you see as the horizon for mass adoption, particularly for a hybrid model of private and public blockchains?
By 2025, we expect FHE to be in production, ideally in a bull market, which should drive broad adoption. I'm optimistic that the FHE ecosystem could grow a hundredfold by the end of 2025 or 2026. But this is just the beginning.
But blockchain and finance are entry points for broader on-chain use cases. Imagine not just money, but governance, voting, even health services, all on-chain, with the FHE ensuring confidentiality.
In time, we could have central state functions like identity, currency, finance and voting, all operating on-chain thanks to the FHE.
In the future, I imagine what I call a "state operating system" powered by the EHF, managing everything from salaries to taxes.
There are already entities interested in this vision, whether it's states like Argentina exploring new digital infrastructures. This is a unique opportunity to make these services entirely on-chain.
After finance, I think blockchain will go mainstream to include all sorts of state services. Once that point is reached, the next step will be to apply FHE to internet services in the broadest sense - machine learning, cloud computing, etc.
The long-term vision is to start with blockchain, expand to state and network services, and eventually achieve end-to-end encryption across all internet applications.
For you, blockchain will be a layer on top of the traditional internet, where blockchain would be used in every transaction or action?
Exactly. But I think beyond blockchain. Blockchains are an excellent initial use case for FHE because everything on them is public by default.
But eventually, this could apply to the whole internet. For example, imagine using ChatGPT with end-to-end encryption - that's achievable with FHE. There are scalability challenges right now, but we'll overcome them over time.
If every online action could be end-to-end encrypted, whether on a blockchain, a government service or an AI model, privacy concerns would disappear - not because people don't care, but because privacy would be guaranteed by design.
That's our ultimate goal. People shouldn't have to worry about privacy because the technology would automatically protect it.
You mentioned AI earlier. How does EHF fit into AI?
Rand Hindi: Privacy in AI is critical. Without it, we simply give all our data to companies. Some might say, "I trust Google with my data," but in a blockchain context, where everything is public, privacy is crucial.
Beyond that, privacy in AI is essential to run on-chain AI models.
My background is in AI - I've been in it since 2003 and in crypto since 2013. It's clear that just as people demand privacy in blockchain applications, they will also demand it in AI applications.
The stakes are simply too high to ignore, even if implementing privacy in AI applications will take longer due to the complexity of AI models compared to smart contracts.