Skip to main content

Understand PADO zkFHE Network


The potential value of data is increasingly recognized by enterprises and individuals. People's daily behavioral data provides corrections and feedback for different technology products, creating economic value and social impact. The effective mining of data value and the avoidance of individual privacy violations as much as possible are the main pain points in the process of data monetization.

Existing systems built from either zero-knowledge proofs, multi-party computations or other privacy-enhancing techniques cannot fully resolve the paradox of privacy protection and utilization of sensitive data, and various computational issues during data processing require further reliable integrity measures.

Leveraging the benefits of traceability and programmability from blockchain-like techniques, PADO’s zkFHE protocol enables an open infrastructure for librating data value with verifiable and confidential data processes while individual and organization developers can selectively contribute with either security, functional scalability and effectivity to the network.

The core advantages of zkFHE lie in its natural abilities from both zero-knowledge proofs and fully homomorphic encryptions, to perform customizable computations on encrypted data, with the correctness guaranteed by validity proofs for the whole computation circuits. The validity proofs solids the whole computation framework with cryptographic and computational trustlessness to facilitate the necessary security requirements of applications.

Roles in PADO Network

Data Provider

A data provider is an individual or organization that provides computing data to PADO Network. The data from the data provider is encrypted by the FHE algorithm and then uploaded to decentralized storage blockchains such as Arweave and Filecoin. A data provider can receive a portion of the computation fee for the data usage.


A worker is a node of PADO Network, providing computing resources, running the zkFHE algorithm on encrypted data, and providing PADO Network with a confidential computing environment and resources. A worker needs to generate a zero-knowledge proof while computing.

A worker also needs to provide the Data Encryption Public Key to a data provider to encrypt the data, and meanwhile, it needs to re-encrypt the confidential computation results into results that only the network consumer can decrypt.

zkFHE algorithm naturally guarantees data confidentiality and computation integrity. Workers can earn computation fees from the successful execution of a computation task.

Network Consumer

A network consumer is an individual or organization that uses computation and data resources of PADO network. The network consumer can specify the encrypted data uploaded by the data provider to initiate a computation task and obtain the result from the task execution. Network consumers shall pay for the computation service.

Network Architecture

With comprehensive consideration of decentralization, security and scalability, PADO Network is designed to separate consensus and computation for scalability. Workers mainly use the zkFHE algorithm to run confidential computations and generate proofs for integrity assurance. The proofs are verified through PADO contracts. Meanwhile, multiple modules including worker management, data management, task management, fee management, and worker incentives, compose PADO contracts.

Components of PADO Network


As mentioned here, workers are the key components that support confidential computation tasks to maintain the network liveness.

PADO Contracts

PADO Contracts are a collection of blockchain-like smart contracts deployed in multiple blockchains, including Ethereum, L2s, AO, and others. PADO Contracts consist of multiple modules including worker management, data management, task management, fee management, worker incentives, etc.


PADO SDK is a collection of developer tools. Developers can leverage the verifiable confidential computation capability of PADO Network through this SDK and implement various privacy-centric applications that can be alive in PADO Network.


PADO Scan is a user interface for exploring the information of PADO network. Through PADO Scan, one can find the details about workers, computable data, tasks, etc.

Logical Architecture and Workflow

The following figures show the logical architecture and the core workflow for computation execution within PADO network.

Logical Architecture of PADO

Network Workflow

Worker Registration

An eligible worker must be registered with the worker management module of PADO contracts. Confidential computation tasks shall only be dispatched to successfully registered workers. The registered information includes name, description, owner address, machine resources, RPC address and port, worker's public key, etc.

Task Submission and Data Encryption Public Key Generation

A network consumer can submit a confidential computing task through an application developed based on PADO SDK. To launch a confidential computation task, it is essential to pay the required fees for the computation and data resources. When a network consumer initiates a task, he shall publish his own public key, for which the final encrypted computation result is only derivable with regard to the private key paired to that public key.

Then the PADO SDK forwards the `submit_task request to the task management module. The task management module selects a group of workers who generate the data encryption public keys, and another group of workers who execute the task. In practice, the two worker groups can be the same. The first group of workers returns the data encryption public keys to the task management contract.

Data Upload

A data provider uses PADO SDK to obtain the data encryption public keys required by the task from the task management module. The data provider uses the FHE algorithm with those data encryption public keys to encrypt the data and upload the ciphertexts to a storage blockchain such as Arweave.

zkFHE Computation

The Workers who are designated to execute the task shall get the task information from the task management module, and also retrieve the encrypted data from the storage blockchain. They execute the zkFHE computation and output both the encrypted result and a validity proof.

Re-encryption of Result

The Workers who generate the data encryption public keys shall re-encrypt the encrypted result after the task execution, using the network consumer's public key, so that only the network consumer can decrypt the result correctly.

Proof Verification and Fee Settlement After the task execution, workers upload the encrypted result with the validity proof to the task management module. After the task management module successfully verifies the proof, it will invoke the fee management module for fee settlement. The fee will be distributed to the data providers and workers according to the requirements specified in the task.

Decryption of Result The network consumer uses its own private key through the FHE algorithm of PADO SDK for decryption, and obtains the raw result.