A privacy-preserving prediction market built with TFHE (Fully Homomorphic Encryption) and Monero multisig.
- 🔒 Private Betting: Bets are encrypted using FHE - individual amounts and choices remain private
- 🧮 Fair Payouts: Homomorphic computation ensures fair payout distribution without revealing individual bets
- 💰 Monero Integration: Designed to use Monero multisig for trustless fund custody
- 🔐 Cryptographic Claims: Commitment-based system allows only legitimate winners to claim payouts
- 🚀 High-Level API: Easy-to-use REST API and CLI tools
┌─────────┐ ┌──────────────┐ ┌────────┐
│ Bettor │ ◄─────► │ Coordinator │ ◄─────► │ Oracle │
└─────────┘ └──────────────┘ └────────┘
│ │ │
│ │ │
▼ ▼ ▼
[FHE Keys] [Computes Payouts] [Signs Results]
[Holds FHE Keys]
│
▼
[Monero Multisig 2-of-2]
cargo build --releaseTerminal 1:
cargo run --release --bin monero-predictTerminal 2:
./test_market.shSee TESTING.md for detailed testing guide.
cargo run --bin bettor -- bet \
--market-id btc-100k-2025 \
--outcome YES \
--amount 10.5This will:
- Generate/load FHE client keys
- Encrypt your bet (outcome + amount)
- Save a nonce file for claiming later
- Submit the encrypted bet to the coordinator
cargo run --bin bettor -- claim \
--market-id btc-100k-2025 \
--nonce-file bet_<commitment>.nonce \
--payout-address monero:your_addressPOST /market/create- Create a new prediction marketGET /market/:id/info- Get market information
POST /market/:id/bet- Submit an encrypted betGET /market/:id/bets- Get bet count
POST /market/:id/resolve- Resolve market with oracle signatureGET /market/:id/result- Get market result
POST /market/:id/claim- Claim payout with commitment proof
GET /fhe/server_key- Get compressed server key for verification
src/
├── lib.rs # Library exports
├── main.rs # Axum server
├── types.rs # Core data structures
├── fhe.rs # FHE context and payout calculator
├── client.rs # Bettor client
├── coordinator.rs # Market coordination logic
└── bin/
└── bettor.rs # CLI tool
- Bettor generates FHE client keys
- Encrypts outcome (0 for YES, 1 for NO) and amount (in piconeros)
- Creates commitment:
H(nonce) - Sends Monero to market multisig address
- Submits encrypted bet + tx proof to coordinator
- Oracle determines the winning outcome
- Signs the result
- Coordinator receives oracle signature
- Computes payouts homomorphically:
- Total pool = sum of all bets
- Total winning = sum of winning bets
- Individual payout = (bet_amount / total_winning) * total_pool
- All computations happen on encrypted data!
- Winner reveals their nonce
- Coordinator verifies:
H(nonce) == commitment - Coordinator checks bet outcome matches winning outcome
- Triggers Monero multisig payout
- Coordinator: Trusted to compute correctly but cannot steal funds (multisig)
- Oracle: Trusted to report accurate outcomes
- Monero Multisig: 2-of-2 between Coordinator and Oracle prevents unilateral fund access
- ✅ Individual bet amounts are hidden
- ✅ Individual outcome choices are hidden
- ✅ Only aggregate statistics revealed (total pool, total winners)
- ✅ Winners can claim anonymously with commitment proof
- Coordinator knows the decryption key (simplified version)
- No prevention of Coordinator revealing bets (would need threshold FHE)
- Oracle is trusted (could use multiple oracles + voting)
- Threshold FHE to distribute decryption key
- Multi-oracle system with dispute resolution
- Actual Monero wallet integration (currently mock)
- Web frontend
- Support for multiple outcomes (not just YES/NO)
- Automated market maker (AMM) for dynamic odds
- Zero-knowledge proofs for enhanced privacy
cargo testcargo doc --opencargo clippy
cargo fmt- tfhe - Fully homomorphic encryption
- axum - Web framework
- tokio - Async runtime
- monero - Monero library
- sha3 - Cryptographic hashing
- clap - CLI argument parsing
This is a research/educational project. See PROMPT.md for the original specification.
This project demonstrates FHE-based privacy for prediction markets. Contributions welcome for:
- Additional privacy features
- Better Monero integration
- UI/UX improvements
- Documentation
- Test coverage