Smart Privacy
starts here

Better dApps require smarter privacy. Use cutting edge tools from Oasis to add customizable confidentiality to any Web3 application.

Explore

Smart Privacy
starts here

Better dApps require smarter privacy. Use cutting edge tools from Oasis to add customizable confidentiality to any Web3 application.

Explore

Smart Privacy
starts here

Better dApps require smarter privacy. Use cutting edge tools from Oasis to add customizable confidentiality to any Web3 application.

Explore

Building Blocks of Smart Privacy

Oasis Sapphire

Sapphire is the first and only production-ready confidential EVM with end-to-end encrypted transactions and storage that allows smart contacts to manage secret data, sign or verify cryptographic signatures, and more.

Explore

Oasis Privacy Layer

Oasis Privacy Layer (OPL) is a wrapper for Sapphire that enables builders on any EVM compatible chain to easily access the confidentiality and encryption features of Sapphire.

Explore

Smart Privacy
in Action

Oasis Sapphire enabling Secure Prediction Feeds on Ocean Protocol

Feature Highlights

Sapphire

Oasis Privacy Layer

Production
Ready

Sapphire is the first and only production-ready confidential EVM with end-to-end encrypted transactions and encrypted storage. Sapphire empowers Web3 developers to build dApps with Smart Privacy, both natively on Oasis or on other EVM-based chains. On Sapphire, smart contacts can operate on secret data, encrypt and decrypt information, generate random numbers and sign or verify cryptographic signatures.

2 - Factor
Authentication

Transparent EVM chains can’t use TOTP because it requires the contract to know the secret seed which generates the familiar 6 digit code on your phone that many companies require as a second factor authenticator. TOTP is widely used when logging into websites (in combination with rate-limiting so you can’t try all 1 million combinations every 30 seconds) and is the most popular 2FA method of enterprises & corporations across the globe to secure access to services.

TouchID & PassKeys

Every recent Android and iPhone, and most web browsers, support WebAuthN / Passkeys. Sapphire fully supports the Ed25519 and EdDSA standards for signing and verification used by WebAuthN, meaning almost everybody on the planet can log-in and authorize actions in your application with a device-secured identity without the need for MetaMask, Web3 technologies, or costly intermediating third-parties.

End-to-End Encryption

Sapphire contracts with private storage can have their own secrets, and by using the Encryption, Decryption and Key Derivation operations for Solidity you can be assured that information passing through third-parties remains secure and tamper-free. Many valuable Web3 ideas can be radically simplified by making the trustless contract generate an encrypted token containing information that only it can see.

Full-Spectrum Data Privacy

Smart privacy technology will define the future of Web3. Transparency-first smart contract development must be balanced with adequate privacy protections for safeguarding sensitive on-chain data and financial transactions. Oasis is leading the industry toward smart privacy with an ecosystem that is unhindered by dangerously public systems. Oasis Sapphire and OPL bring confidential data with selective privacy features to smart contracts, bridging the gap between the mainstream and Web3.

EVM Compatibility

Oasis supports multiple EVM-compatible runtime environments (called “ParaTimes”) that support a wide range of applications running Ethereum smart contracts while being built on or bridging to the Oasis Network. 

Production
Ready

2 - Factor
Authentication

TouchID & PassKeys

End-to-End Encryption

Full-Spectrum
Data Privacy

EVM
Compatibility

Interested in exploring how Sapphire or OPL can fit your needs? Get in touch with the Oasis team to dive deeper.

Let’s Connect

Production
Ready

2 - Factor
Authentication

TouchID & PassKeys

End-to-End Encryption

Full-Spectrum
Data Privacy

EVM
Compatibility

Interested in exploring how Sapphire or OPL can fit your needs? Get in touch with the Oasis team to dive deeper.

Let’s Connect

Production
Ready

2 - Factor
Authentication

Full-Spectrum
Data Privacy

EVM
Compatibility

Interested in exploring how Sapphire or OPL can fit your needs? Get in touch with the Oasis team to dive deeper.

Let’s Connect

EVM
Compatible

With full support for the two most popular frameworks, Truffle and Hardhat, you can develop, test, debug and deploy your dApp using OPL just like you normally do.

Low
Complexity

From core protocol cryptography to developer support and tooling, Oasis makes the start-to-finish developer experience of using and building on Oasis faster and easier than building anywhere else – even if a dApp runs on another network.

Cross-Chain Convenience

Web3 user safety starts with versatile, cross-chain privacy. The message-passing bridge built into OPL offers easy synchronization between dApp state and the host network using Sapphire’s secure runtime.

Cryptographic Primitives

Confidential Sapphire contracts have access to a range of cryptographic primitives for random number generation, encryption, and asynchronous signatures with widely adopted algorithms such as Ed25519 and Secp256k1.

EVM
Compatible

Low
Complexity

Cross-Chain Convenience

Cryptographic Primitives

Interested in exploring how Sapphire or OPL can fit your needs? Get in touch with the Oasis team to dive deeper.

Let’s Connect

Understanding the Oasis Privacy Layer and Smart Privacy in Web3

A Workshop with Harry Roberts

What can you build with Oasis Sapphire?

DeFi

Sapphire is a production-ready confidential EVM with end-to-end encryption for transactions and data storage. This confidentiality allows smart contracts to hold secret data, protect from MEV searchers, encrypt and decrypt information, generate random numbers, and sign or verify cryptographic signatures.

Gaming

Maintaining secret game state is essential for many Web3 games. Card games, strategy games and RPGs must manage secret state such as cards in a deck, other players’ hands, fog of war or puzzles/riddles/quests. However, current Web3 games have to move these features off-chain, sacrificing the high integrity and trustless guarantees unique to Web3 gaming. Fortunately, with Sapphire and the Oasis Privacy Layer, this trade off is no longer necessary.

For instance, a role-playing game can leverage the Oasis Privacy Layer to include an on-chain puzzle with an NFT prize. During gameplay, the dApp will prompt the user to submit the solution in a signed encrypted message. If the puzzle is solved correctly, a message can then be sent back to the game on its home chain, unlocking an NFT reward that the player can use in the game.

Account Abstraction

Contracts pay for gas on-chain where the message is sent from, this means you can ‘send and forget’ and can expect the contract on the target chain will be called with the message. See Web3 account abstraction, Celer IM Overview and the Fee Mechanism pages for more info.

Onboarding and Social

OPL uses the Celer’s Interchain Messaging (IM) Framework. This plug-and-play cross-chain tooling allows privacy upgrades that often require no modifications to already-deployed code for existing dApps.

DAOs & Secret Ballots

Messages transmitted via the bridge are not encrypted, however any computation which happens on Sapphire is fully confidential and can operate on secret data.

DID

The Celer IM bridge is secured by the ‘State Guardian Network’ and has additional dApp safeguards with the Celer IM app guardian. See docs for more.

Sapphire is secured by Trusted Execution Environments (TEE) and the Oasis Layer1 BFT Proof-of-Stake consensus system, see the WhitePaper.

NFTs

Yes, the ‘Secret Ballot Lite’ application shows how you can vote in private using OPL, where the main contract runs on a Transparent EVM chain such as Binance Smart Chain or Polygon.

Discover dApps Powered by Oasis Smart Privacy:
Want to
discuss your 
use-case?
Let's Get in Touch

Unlocking Smart Privacy Features on the Oasis Network

Smart-ContractsClient Integration

// SPDX-License-Identifier: MIT
contract Riddle {
  address _owner;
  string prompt;
  string private answer;


  constructor(string memory _prompt, string memory _answer) payable {
    prompt = _prompt;
    answer = _answer;
    _owner = msg.sender;
  }


  function submitAnswer(string memory _answer) external view returns (bool   isCorrect) {
    return keccak256(abi.encodePacked(_answer)) ==      keccak256(abi.encodePacked(answer));
  }


  function getPrompt() external view returns (string memory) {
    return prompt;
  }
}



bytes32 key = ... ;
bytes32 nonce = ... ;
bytes memory text = "plain text";
bytes memory ad = "additional data";
bytes memory encrypted = Sapphire.encrypt(key, nonce, text, ad);
bytes memory decrypted = Sapphire.decrypt(key, nonce, encrypted, ad);



bytes memory seed = hex"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef";
bytes memory publicKey;
bytes memory privateKey;
(publicKey, privateKey) = Sapphire.generateSigningKeyPair(Sapphire.SigningAlg.Ed25519Pure, seed);




package com.wavesplatform.wavesj;


import com.wavesplatform.transactions.account.Address;
import com.wavesplatform.wavesj.exceptions.NodeException;

import java.io.IOException;

public class Example {
	public static void main(String[] args) throws NodeException, IOException {
  	// Creating a Node instance
  	Node node = new Node(Profile.TESTNET);
 		// Creating an Address from base 58 string format. Getting balance by the address
 System.out.println("Balance: " + node.getBalance(Address.as("3Mx3zmXrMcLFCafMuPtXAzR4ZPVeZYb6qLz")))
  	}
  }



/ SPDX-License-Identifier: MIT
import {Host, Result} from "@oasisprotocol/sapphire-contracts/contracts/OPL.sol";


contract Sender is Host {
  event HeardReply(string);


  constructor(address _receiver) Host(_receiver) {
    registerEndpoint("listenToReply", _listenToReply);
  }


  function sendToListener(string memory _message) external payable {
    postMessage("confirmMessage", abi.encode(_message));
  }


  function _listenToReply(bytes calldata _args) internal returns (Result) {
(string memory reply) = abi.decode(_args, (string));
    emit HeardReply(reply);
    return Result.Success;
  }
}



import { HardhatUserConfig } from "hardhat/config";
import "@oasisprotocol/sapphire-hardhat";
import "@nomicfoundation/hardhat-toolbox";


const config: HardhatUserConfig = {
  solidity: "0.8.17",
  networks: {
    sapphire_testnet: {
      // This is Testnet! If you want Mainnet, add a new network config item.
      url: "https://testnet.sapphire.oasis.dev",
      accounts: process.env.PRIVATE_KEY ? [process.env.PRIVATE_KEY] : [],
      chainId: 0x5aff,
    },
  },
};


export default config;



import * as sapphire from '@oasisprotocol/sapphire-paratime';


const provider = sapphire.wrap(window.ethereum);



import { sapphireTestnet } from 'viem/chains';
import * as sapphire from '@oasisprotocol/sapphire-paratime';

const provider = sapphire.wrap(window.ethereum! as EIP1193Provider);
const walletClient = createWalletClient({
  chain: sapphireTestnet,
  transport: custom(provider),
})



import sapphire "github.com/oasisprotocol/sapphire-paratime/clients/go"


func main() {
  privateKey, err := crypto.HexToECDSA("")
  if err != nil {
    log.Fatal(err)
  }
  c, err := ethclient.Dial("https://testnet.sapphire.oasis.dev")
  if err != nil {
    log.Fatal(err)
  }
  var client *sapphire.WrappedBackend
  client, err = sapphire.WrapClient(*c, func(digest [32]byte) ([]byte, error) { return crypto.Sign(digest[:], privateKey) })
}



from sapphirepy import sapphire

w3 = Web3(Web3.HTTPProvider('https://testnet.sapphire.oasis.dev'))
w3.middleware_onion.add(construct_sign_and_send_raw_middleware(account))
Explore Docs
Join Dev Discord

Frequently Asked Questions

What is Oasis Smart Privacy?

Better dApps require smarter privacy. This is why Oasis focuses on delivering Smart Privacy to Web3 in the form of a flexible, fully customizable confidentiality framework that replaces the rigid, complex and inefficient tools in the status quo. With technologies like the Sapphire runtime and its accompanying Oasis Privacy Layer (OPL) for EVM-based chains, Oasis brings cutting edge confidentiality to any Web3 developer, even ones that don’t build directly on the Oasis Network. For applications running on a separate host chain, OPL allows the powerful privacy features of Sapphire to be integrated on any layer of Web3. By creating a spectrum of confidentiality with unlimited customizability, Oasis is redefining how developers think about integrating privacy and reshaping the toolset available for prioritizing privacy in Web3.

How Oasis is different from other Web3 Privacy Tech, i.e.: ZK-Snarks, Fully-Homomorphic Encryption (FHE) or Multi-Party-Computation (MPC)?

On Sapphire it is much easier to build confidential dApps with customisable privacy and confidentiality. When the EVM is run inside a Trusted Execution Environment (TEE) - in the case of Oasis Sapphire this is Intel SGX hardware isolation - the node operators cannot see transaction inputs, return values or smart contract state because all memory used by the enclave is encrypted. The EVM runs at nearly full speed in comparison to other privacy solutions such as ZK or FHE which are very computationally expensive.

What is the difference between Sapphire and OPL?

Sapphire is a foundational Oasis ParaTime designed for building dApps with inherent privacy, leveraging advanced encryption. Oasis Privacy Layer (OPL) is a message passing bridge and suite of utilities that enables you to easily access the confidentiality and encryption features of Sapphire from many other EVM compatible chains without your dApp users worrying about how to pay gas. Both Sapphire and OPL are EVM compatible, streamlining the development for builders familiar with tools like Truffle or Hardhat.

Who pays for gas?

Contracts pay for gas on-chain where the message is sent from, this means you can ‘send and forget’ and can expect the contract on the target chain will be called with the message. See Celer IM Overview and the Fee Mechanism pages for more info.

How secure are Sapphire & OPL?

Sapphire is secured by Trusted Execution Environments (TEE) and the Oasis Layer1 BFT Proof-of-Stake consensus system, see the WhitePaper.OPL uses the Celer Inter-chain Message (Celer IM) Framework. It is very easy-to-use and allows a "plug'n'play" upgrade that often requires no modifications with already deployed code. The Celer IM bridge is secured by the ‘State Guardian Network’ and has additional dApp safeguards with the Celer IM app guardian. See docs for more. 

Have questions about Oasis 
Smart Privacy? Let’s get in touch!

Fill out the form below and we’ll get back to you as soon as possible.

Get Involved

How we use cookies?

At Oasis Foundation we believe in your privacy, so you can choose to browse our site without any tracking or by clicking “Accept”, you help us to improve our site and help us grow our ecosystem. View our Privacy Policy for more information.
AcceptDecline