Security

Risks and Limitations

Technical Risks

LUT Storage Overhead: AFHE's lookup tables require significant storage. For operations over large input domains (e.g., 64-bit multiplication), table sizes can reach gigabytes — prohibitive for on-chain storage given Solana's account size limits and rent costs. Tables are stored off-chain by coprocessor operators with on-chain commitments for verification. Mitigation: domain partitioning, hierarchical table structures, table compression research, and progressive table loading.

New Cryptographic Construction: While AFHE's security reduces to the Multivariate Quadratic (MQ) problem — proven NP-hard with over 40 years of classical cryptanalysis — the LUT-based construction itself is novel and has not undergone the decades of cryptanalysis that ring-based schemes have. Mitigation: independent cryptographic audit is being pursued, ongoing academic review, bug bounty program, and conservative parameter selection.

Solana Dependency: AFHE is purpose-built for Solana. A critical vulnerability in Solana's runtime, validator set centralization, or a chain halt directly impacts AFHE operations. Mitigation: architecture designed for potential multi-chain deployment.

Economic Risks

Token Concentration: Early investors and the team hold 25% of supply (subject to vesting). Post-cliff unlock events could create significant sell pressure. Mitigation: extended vesting schedules and staking incentives to encourage long-term holding.

Mining Sustainability: FHE mining rewards decrease over time by design. If fee-based revenue does not sufficiently compensate miners, table generation could slow, degrading network capability. Mitigation: treasury reserve for supplementary mining incentives.

Regulatory Risks

Privacy Technology Scrutiny: Privacy-preserving technologies face regulatory scrutiny globally, particularly following enforcement actions against Tornado Cash. AFHE differs architecturally (encrypted computation vs. mixing) but may face similar classification challenges. The team engages proactively with regulators and designs compliance hooks (e.g., optional auditability for institutional users).

Token Classification: The AURA token's governance and staking features may attract securities classification in certain jurisdictions. Legal counsel has been engaged across key markets.