Encryption API Reference¶
Overview¶
The Encryption API provides endpoints for managing data encryption within AIDDDMAP, supporting multiple encryption modes including Fully Homomorphic Encryption (FHE), Zero-Knowledge Proofs (ZK), and Basic Encryption.
Authentication Requirements¶
All API requests require authentication using an API key:
API Base URL¶
Encryption Endpoints¶
Data Encryption¶
Encrypt data using the specified encryption mode.
Encryption Request Body¶
{
"data": "base64_encoded_data",
"mode": "FHE",
"parameters": {
"scheme": "BFV",
"securityLevel": 128,
"precision": 16
}
}
Encryption Response¶
{
"encryptedData": "encrypted_data_base64",
"metadata": {
"mode": "FHE",
"scheme": "BFV",
"timestamp": "2024-01-14T12:00:00Z"
}
}
Data Decryption¶
Decrypt previously encrypted data.
Decryption Request Body¶
Decryption Response¶
Encryption Key Generation¶
Generate encryption keys for a specific mode.
Key Generation Request Body¶
Key Generation Response¶
{
"publicKey": "public_key_base64",
"privateKey": "private_key_base64",
"metadata": {
"keyId": "key-123",
"createdAt": "2024-01-14T12:00:00Z",
"expiresAt": "2024-02-14T12:00:00Z"
}
}
Encryption Key Status¶
Get the status and metadata of a specific encryption key.
Key Status Response¶
{
"keyId": "key-123",
"status": "active",
"metadata": {
"mode": "FHE",
"scheme": "BFV",
"createdAt": "2024-01-14T12:00:00Z",
"expiresAt": "2024-02-14T12:00:00Z"
}
}
FHE Operations¶
FHE Computation¶
Perform computations on encrypted data without decryption.
FHE Computation Request Body¶
{
"operation": "add",
"operands": ["encrypted_data_1_base64", "encrypted_data_2_base64"],
"parameters": {
"scheme": "BFV",
"precision": 16
}
}
FHE Computation Response¶
{
"result": "encrypted_result_base64",
"metadata": {
"operation": "add",
"timestamp": "2024-01-14T12:10:00Z"
}
}
Zero-Knowledge Proofs¶
ZK Proof Generation¶
Generate a zero-knowledge proof for data verification.
ZK Proof Generation Request Body¶
{
"data": "data_to_prove_base64",
"circuit": "circuit_definition",
"parameters": {
"scheme": "Groth16"
}
}
ZK Proof Generation Response¶
{
"proof": "zk_proof_base64",
"publicInputs": "public_inputs_base64",
"metadata": {
"scheme": "Groth16",
"timestamp": "2024-01-14T12:15:00Z"
}
}
ZK Proof Verification¶
Verify a zero-knowledge proof.
ZK Proof Verification Request Body¶
{
"proof": "zk_proof_base64",
"publicInputs": "public_inputs_base64",
"circuit": "circuit_definition"
}
ZK Proof Verification Response¶
API Error Responses¶
The API uses standard HTTP response codes:
200- Success400- Bad Request401- Unauthorized403- Forbidden404- Not Found500- Internal Server Error
Error response format:
{
"error": {
"code": "INVALID_ENCRYPTION_PARAMETERS",
"message": "Invalid encryption parameters provided",
"details": {
"parameter": "securityLevel",
"reason": "Must be 128, 192, or 256"
}
}
}
API Rate Limiting¶
API requests are limited to:
- 50 requests per minute for standard users
- 500 requests per minute for enterprise users
Rate limit headers are included in responses:
SDK Code Examples¶
TypeScript Implementation¶
import { AIDDDMAPClient } from "@aidddmap/sdk";
const client = new AIDDDMAPClient({
apiKey: "YOUR_API_KEY",
});
// Encrypt data using FHE
const encryptedData = await client.encryption.encrypt({
data: Buffer.from("sensitive data").toString("base64"),
mode: "FHE",
parameters: {
scheme: "BFV",
securityLevel: 128,
},
});
// Perform homomorphic operation
const result = await client.encryption.fhe.compute({
operation: "add",
operands: [encryptedData1, encryptedData2],
parameters: {
scheme: "BFV",
},
});
Python Implementation¶
from aidddmap import Client
import base64
client = Client(api_key='YOUR_API_KEY')
# Encrypt data using FHE
data = base64.b64encode(b'sensitive data').decode('utf-8')
encrypted_data = client.encryption.encrypt(
data=data,
mode='FHE',
parameters={
'scheme': 'BFV',
'securityLevel': 128
}
)
# Generate ZK proof
proof = client.encryption.zk.prove(
data=data,
circuit='circuit_definition',
parameters={
'scheme': 'Groth16'
}
)
Encryption Methods¶
Security Implementation¶
Helper Methods¶
Security Guidelines¶
ZKHandler¶
The ZKHandler class provides methods for generating and verifying zero-knowledge proofs, with support for various proof types and post-quantum security.
Methods¶
initialize()¶
Initializes the ZK system with the specified configuration.
Parameters:
config(optional): Configuration options for the ZK systemscheme: Proof scheme ('groth16' | 'pghr13')securityLevel: Security level (1 | 3 | 5)useGPU: Enable GPU accelerationoptimizationLevel: Circuit optimization level ('basic' | 'aggressive')
generateKeys()¶
Generates proving and verification keys for a given circuit.
Parameters:
circuit: The circuit description for which to generate keys
generateProof()¶
Generates a zero-knowledge proof for given inputs.
async generateProof(
circuit: ZKCircuit,
privateInputs: any[],
publicInputs: any[]
): Promise<ZKProof>
Parameters:
circuit: The circuit descriptionprivateInputs: Private witness inputspublicInputs: Public inputs
verifyProof()¶
Verifies a zero-knowledge proof.
Parameters:
proof: The proof to verify
generateRangeProof()¶
Generates a proof that a value lies within a specified range.
Parameters:
value: The value to proverange: The range constraints
generateEqualityProof()¶
Generates a proof that two values are equal.
Parameters:
value1: First valuevalue2: Second value
generateMembershipProof()¶
Generates a proof that a value is a member of a set.
Parameters:
value: The value to prove membership forset: The set to prove membership in
cleanup()¶
Cleans up resources and resets the ZK system.
PostQuantumScheme¶
The PostQuantumScheme class provides methods for post-quantum cryptography operations.
Methods¶
initialize()¶
Initializes the post-quantum scheme with specified parameters.
Parameters:
config: Configuration for the post-quantum schemescheme: Post-quantum scheme ('kyber' | 'dilithium' | 'sphincs')securityLevel: Security level (1 | 3 | 5)params: Scheme-specific parameters
generateKeyPair()¶
Generates a post-quantum key pair.
encapsulate()¶
Performs key encapsulation (Kyber).
async encapsulate(publicKey: Uint8Array): Promise<{ ciphertext: Uint8Array; sharedSecret: Uint8Array }>
Parameters:
publicKey: The public key for encapsulation
decapsulate()¶
Performs key decapsulation (Kyber).
Parameters:
ciphertext: The encapsulated ciphertextprivateKey: The private key for decapsulation
sign()¶
Generates a post-quantum signature (Dilithium/SPHINCS+).
Parameters:
message: The message to signprivateKey: The private key for signing
verify()¶
Verifies a post-quantum signature (Dilithium/SPHINCS+).
Parameters:
message: The original messagesignature: The signature to verifypublicKey: The public key for verification
CircuitOptimizer¶
The CircuitOptimizer class provides methods for optimizing ZK circuits.
Methods¶
optimize()¶
Optimizes a circuit based on the specified configuration.
Parameters:
circuit: The circuit to optimize
initializeGPU()¶
Initializes GPU context for circuit optimization.
processConstraints()¶
Processes constraints using GPU acceleration.
Parameters:
constraints: The constraints to process
ZeroKnowledgeVM¶
The ZeroKnowledgeVM class provides a virtual machine for executing ZK proofs.
Methods¶
initialize()¶
Initializes the ZKVM with specified parameters.
Parameters:
config: Configuration for the ZKVMmemoryLimit: Maximum memory usagemaxInstructions: Maximum number of instructionsoptimizationLevel: Optimization level
executeCircuit()¶
Executes a circuit in the ZKVM.
Parameters:
circuit: The circuit to execute
getMemoryState()¶
Returns the current state of the VM memory.
Error Handling¶
All methods may throw the following errors:
ZKError: Base class for all ZK-related errorsInitializationError: Error during initializationProofGenerationError: Error generating a proofVerificationError: Error verifying a proofOptimizationError: Error during circuit optimizationPostQuantumError: Error in post-quantum operationsVMError: Error in ZKVM execution