Sui Launches Sub-second MPC Network Ika: Comparison of FHE, TEE, ZKP, and MPC Technologies

1. Overview and Positioning of the Ika Network

The Ika network is an innovative infrastructure based on multi-party secure computing ( MPC ) technology, strategically supported by the Sui Foundation. Its most notable feature is sub-second response speed, which is a first in MPC solutions. Ika is highly compatible with the underlying design concepts of parallel processing and decentralized architecture of the Sui blockchain, and will be directly integrated into the Sui development ecosystem in the future, providing plug-and-play cross-chain security modules for Sui Move smart contracts.

From a functional positioning perspective, Ika is building a new type of security verification layer: serving as a dedicated signature protocol for the Sui ecosystem while also providing standardized cross-chain solutions for the entire industry. Its layered design balances protocol flexibility with development convenience, and it is expected to become an important practical case for the large-scale application of MPC technology in multi-chain scenarios.

1.1 Core Technology Analysis

The technical implementation of the Ika network revolves around high-performance distributed signing. Its innovation lies in utilizing the 2PC-MPC threshold signature protocol in conjunction with Sui's parallel execution and DAG consensus, achieving true sub-second signing capability and large-scale decentralized node participation. Ika creates a multi-party signature network that meets both ultra-high performance and strict security requirements through the 2PC-MPC protocol, parallel distributed signing, and close integration with Sui's consensus structure. The core innovation is the introduction of broadcast communication and parallel processing into the threshold signature protocol, with main functions including:

• 2PC-MPC Signature Protocol: Adopts an improved two-party MPC scheme, breaking down the user private key signing operation into a process jointly participated by the "User" and the "Ika Network". It switches to a broadcasting mode, keeping the user computation communication overhead at a constant level.

• Parallel Processing: Utilizing parallel computing, the single signature operation is decomposed into multiple concurrent subtasks executed simultaneously across nodes, significantly increasing speed. Combined with Sui's object parallel model, there is no need to achieve global sequential consensus for each transaction.

• Large-scale node network: Supports thousands of nodes participating in signing. Each node only holds a part of the key shard, and even if some nodes are compromised, the private key cannot be recovered independently.

• Cross-chain control and chain abstraction: Allows smart contracts on other chains to directly control accounts in the Ika network (dWallet). Cross-chain verification is achieved by deploying lightweight clients of the corresponding chain within its own network.

1.2 Ika's Empowerment of the Sui Ecosystem

After Ika goes live, it is expected to expand the capability boundaries of the Sui blockchain and provide support for the infrastructure of the Sui ecosystem.

• Cross-chain interoperability: Supports the connection of on-chain assets such as Bitcoin and Ethereum to the Sui network with low latency and high security, enabling cross-chain DeFi operations.

• Decentralized custody: Provides multi-signature methods to manage on-chain assets, which is more flexible and secure than traditional centralized custody.

• Chain abstraction: Allows smart contracts on Sui to directly operate accounts and assets on other chains, simplifying cross-chain interaction processes.

• AI Application Support: Provides a multi-party verification mechanism for AI automation applications, enhancing the security and credibility of AI executing transactions.

1.3 Challenges faced by Ika

Although Ika is closely tied to Sui, to become a "universal standard" for cross-chain interoperability, it still requires acceptance from other blockchains and projects. Existing cross-chain solutions like Axelar and LayerZero have been widely used in different scenarios, and Ika needs to find a better balance between decentralization and performance.

The MPC scheme itself has controversies regarding the difficulty of revoking signing permissions. Although 2PC-MPC enhances security through continuous user participation, it still lacks a complete mechanism for securely and efficiently replacing nodes, posing potential risks.

Ika relies on the stability of the Sui network and its own network conditions. If Sui undergoes significant upgrades in the future, Ika will also need to adapt accordingly. Although the Mysticeti consensus supports high concurrency and low fees, it may increase network complexity, leading to new sorting and consensus security issues.

2. Comparison of Projects Based on FHE, TEE, ZKP, or MPC

2.1 FHE

Zama & Concrete:

• Adopt a "layered bootstrapping" strategy to decompose large circuits and dynamically splice them together.
• Supports "mixed encoding", balancing performance and parallelism.
• Provide a "key packaging" mechanism to reduce communication overhead.

Fhenix:

• Optimization for the Ethereum EVM instruction set
• Use "Ciphertext Virtual Register" instead of plaintext register
• Design an off-chain oracle bridging module to reduce on-chain verification costs.

2.2 TEE

Oasis Network:

• Introduce the concept of "hierarchical trusted roots"
• Adopting a lightweight microkernel to isolate suspicious instructions
• Use Cap'n Proto binary serialization to ensure efficient communication.
• Develop "Durability Log" module to prevent rollback attacks

2.3 ZKP

Aztec:

• Integrate "incremental recursion" technology to bundle multiple transaction proofs
• Implementing a parallel depth-first search algorithm in Rust
• Provide "Light Node Mode" to optimize bandwidth usage

2.4 MPC

Partisia Blockchain:

• Expansion based on the SPDZ protocol, adding a "preprocessing module"
• Use gRPC communication and TLS 1.3 encrypted channels
• Supports a parallel sharding mechanism with dynamic load balancing

3. Privacy Computing FHE, TEE, ZKP and MPC

3.1 Overview of Different Privacy Computing Solutions

• Fully Homomorphic Encryption ( FHE ): Allows arbitrary computations to be performed in an encrypted state, theoretically possessing complete computational capability, but with a significant computational overhead.

• Trusted Execution Environment ( TEE ): A trusted hardware module provided by the processor that runs code in an isolated environment, with performance close to native computing, but relies on hardware trust.

• Multi-Party Computation (MPC): Multiple parties jointly compute function outputs without revealing private inputs, without a single point of trust, but with high communication overhead.

• Zero-Knowledge Proof ( ZKP ): The verifier validates the truthfulness of a statement without acquiring additional information. Typical implementations include zk-SNARK and zk-STAR.

Adaptation scenarios of 3.2 FHE, TEE, ZKP and MPC

Cross-chain signature:

• MPC is suitable for scenarios requiring multi-party collaboration and avoiding single point private key exposure.
• TEE can run signature logic through SGX chips, which is fast but relies on hardware trust.
• FHE has limited applications in signature computation.

DeFi scenarios ( multi-signature wallets, vault insurance, institutional custody ):

• MPC is a mainstream method, such as Fireblocks splitting signatures across different nodes.
• TEE is used to ensure signature isolation, but there are hardware trust issues.
• FHE is mainly used to protect transaction details and contract logic.

AI and Data Privacy:

• The advantages of FHE are obvious, enabling fully encrypted computation.
• MPC is used for federated learning, but faces communication costs and synchronization issues.
• TEE can run models directly in a protected environment, but there are memory limitations, etc.

3.3 Differentiation of different plans

• Performance and Latency: FHE has high latency, TEE has the lowest, ZKP and MPC are in between.
• Trust Assumption: FHE and ZKP do not require trust in third parties, TEE relies on hardware, and MPC depends on the behavior of participants.
• Scalability: ZKP and MPC support horizontal scaling, while FHE and TEE scaling is resource-constrained.
• Integration Difficulty: TEE has the lowest access threshold, ZKP and FHE require specialized circuits and compilation, and MPC requires protocol stack integration.

4. Evaluation of FHE, TEE, ZKP and MPC Technologies

There are trade-offs among various technologies in terms of performance, cost, and security. FHE offers strong theoretical privacy protection, but its poor performance limits its application. TEE, MPC, and ZKP are more feasible in real-time and cost-sensitive scenarios. Different technologies are suitable for different trust models and application requirements. The future privacy computing ecosystem may lean towards a combination of various technologies to build modular solutions.

For example, Ika focuses on key sharing and signature coordination, while ZKP excels at generating mathematical proofs. The two can complement each other: ZKP verifies the correctness of cross-chain interactions, and Ika provides the foundation for asset control. Projects like Nillion are beginning to integrate various privacy technologies, balancing security, cost, and performance. The choice of technology should depend on specific application requirements and performance trade-offs.