[PATENT PENDING]

CipherExplain

./validate --fhe --explain --audit-ready

FHE Validation and Explainability. Two patent-pending technologies that make Fully Homomorphic Encryption production-ready: adversarial precision testing and encrypted SHAP explanations — with fhe_mode='ckks', the server never sees your data. Register your own models via a secure JSON API — no training data leaves your environment.

PCT/IB2026/053378 PCT/IB2026/053405 Custom Model API SDK
[get_api_key] [how_to_use]

The FHE Production Gap

Two unsolved problems block Fully Homomorphic Encryption from reaching regulated production deployments.

FHE programs have invisible precision bugs

Homomorphic schemes such as CKKS, BGV, and BFV accumulate noise input by input. Bugs occupy roughly one part in 10^5 of the input space, so uniform random testing finds nothing. Production deployments need an automated CI/CD validation gate that does not exist anywhere in the FHE toolchain today.

Encrypted AI cannot explain its decisions

GDPR and HIPAA require encryption of personal data. The EU AI Act, effective August 2026, requires feature-level explanations for high-risk AI. These two requirements collide head-on: explainability methods need plaintext access, encryption prevents plaintext access, and banks, healthcare networks, and hiring platforms have no compliant solution.

Two Patent-Pending Inventions

Both inventions ship with reproducible reference prototypes and validated benchmarks.

PCT/IB2026/053378

FHE Differential Testing Oracle

Adversarial search that finds CKKS precision bugs random testing misses entirely.

  • CMA-ES optimizer guided by FHE noise heuristics
  • Multi-objective fitness: divergence, noise budget, multiplication depth
  • CI/CD verification gate with auto-generated audit reports
  • Sensitivity map: identifies which input dimensions drive divergence
4,259x error amplification — 471 bugs found vs 0 by random testing
PCT/IB2026/053405

Homomorphic Encrypted SHAP

Compute feature attribution explanations entirely under FHE when using fhe_mode='ckks'.

  • Compressed coalition sampling: O(d log d) instead of 2^d evaluations
  • Input encrypted on your machine — server operates on ciphertexts only
  • SIMD slot packing: 390 coalitions evaluated in 3 ciphertext operations
  • 128-bit CKKS security, N=2^15, degree-27 Chebyshev sigmoid approximation
SHAP MAE 0.009 · FHE noise 1.35e-04 · axiom error 1.16e-16
Custom Model API SDK Key Rotation

Bring Your Own Model

Register any trained sklearn model with the API — weights only, no training data, no pickle. Your data never leaves your environment. With fhe_mode='ckks', SHAP explanations run server-side under FHE and results return to you encrypted.

  • Any linear classifier from any framework — sklearn, PyTorch, TensorFlow, JAX, statsmodels, R, or raw weights via from_weights()
  • sklearn: LogisticRegression, LinearSVC, and any object with coef_ / intercept_
  • PyTorch: nn.Linear or pure-linear nn.Sequential
  • Any framework: export weights as arrays, call from_weights(coef, intercept, ...)
  • Up to 512 features, binary or multi-class
  • Optional StandardScaler embedded in spec — raw inputs auto-scaled on /explain_raw
  • Per-key namespaced registry — tenants fully isolated
  • Models persist across server restarts (SQLite-backed)
  • Key rotation migrates all registered models automatically
  • Slot quotas: 1 model (free) · 10 (developer) · unlimited (enterprise)
No training data sent — only coefficients and intercepts. Any framework. Zero-knowledge model registration.

What Does It Actually Return?

Plain English. No maths required.

ENCRYPTED SHAP — THE INPUT AND OUTPUT

The input: one person, one decision

You send a feature vector — the attributes of the specific case you want explained. These are the same numbers your model used to make its prediction.

{
  "model_id": "loan-risk-v1",
  "features": [35,  55000, 0.3,  1,    8  ]
  //            ↑     ↑     ↑     ↑     ↑
  //           age income debt  new  yrs_emp
}

The feature names and order are whatever you defined when you registered your model. They can be anything — medical readings, transaction amounts, sensor data, survey scores.

The output: a number and a breakdown

{
  "prediction":    0.72,
  "base_rate":     0.50,
  "shap_values":   [0.08, 0.18, -0.06, 0.02, 0.00],
  "feature_names": ["age","income","debt","new","yrs"]
}

prediction: 0.72 — the model is 72% confident this applicant will repay. Your application maps this to "Approved" or "Low risk" — the label is your code's job, not ours.

base_rate: 0.50 — the average prediction across all applicants. This is the neutral starting point before any features are considered.

The SHAP values explain the gap from 0.50 to 0.72. Income drove most of it (+0.18). Debt ratio pulled it back (−0.06).

HOW TO READ SHAP VALUES

Each SHAP value is a signed number. Positive = pushed the prediction up. Negative = pushed it down. The size tells you how much relative to the other features.

income  +0.18

Main approval driver. Income was the single biggest reason the model said yes.

age      +0.08

Moderate positive signal. Added some confidence but was not the deciding factor.

debt     −0.06

Worked against approval. Still approved overall, but the debt ratio reduced confidence.

new      +0.02

Near-zero impact. Being a new customer barely changed this prediction either way.

The SHAP values always sum to exactly prediction − base_rate (0.72 − 0.50 = 0.22 in this example). This mathematical guarantee — called the efficiency axiom — means the explanation accounts for 100% of the model's decision. Nothing is hidden, estimated, or left unexplained.

SAME API — ANY DOMAIN

Healthcare — disease risk

Your features are whatever your model was trained on.

// Input
"features": [120,  7.2,  28.5, 1,       55 ]
//            ↑     ↑     ↑     ↑         ↑
//           bp  glucose  bmi  diabetic  age

// Output
"prediction": 0.87   // → your app shows "High risk"
"shap_values": [0.05, 0.31, 0.08, 0.12, -0.09]
//              bp   glucose bmi  diab   age

Glucose was the biggest risk driver (+0.31). Age actually reduced the score for this patient (−0.09). Your application displays the label "High risk" — CipherExplain only returns the numbers.

Finance — fraud detection

The features are transaction and session attributes.

// Input
"features": [249.99, 2,    44,      1,    0  ]
//            ↑       ↑     ↑         ↑     ↑
//          amount  hour  country  new  vpn_flag

// Output
"prediction": 0.94   // → your app flags "Suspected fraud"
"shap_values": [0.02, 0.38, 0.11, 0.08, -0.05]
//             amt   hour  cty   new   vpn

Transaction time (2 AM) was the strongest fraud signal (+0.38). The amount itself barely mattered (+0.02). The VPN flag slightly reduced the fraud score for this case (−0.05).

The API works identically across all domains. The features, label names, and business logic all live in your application. CipherExplain handles the encrypted computation and returns numbers.

FHE TESTING ORACLE — WHAT YOU GET BACK

PASS result

The oracle ran its adversarial search and could not find any inputs where your FHE model diverges beyond the threshold you set.

// HTTP 200 — exit code 0 in CI
{
  "verdict":      "PASS",
  "max_error":    0.0003,   // largest gap found
  "threshold":    0.01,     // your limit
  "tests_run":    500,
  "time_seconds": 0.04
}

// In plain English:
// "We tried 500 adversarial inputs.
//  The worst difference we found was 0.03%.
//  Your FHE circuit matches the original model."

A PASS report can be downloaded as a signed PDF audit report via POST /report — suitable for EU AI Act compliance documentation.

FAIL result

The oracle found at least one input where the encrypted model produces a significantly wrong answer. The response tells you exactly where and how bad.

// HTTP 200 — exit code 1 in CI
{
  "verdict":         "FAIL",
  "max_error":       0.491,   // 49% wrong — catastrophic
  "threshold":       0.01,
  "worst_input":     [1.72, 2.14, 1.42, ...],
  "plaintext_out":   0.893,   // what it should be
  "fhe_out":         0.402,   // what it returned
  "distance_from_center": 0.59
}

// In plain English:
// "At input [1.72, 2.14, ...] your FHE model
//  returned 0.40 but should have returned 0.89.
//  Fix your noise budget or modulus schedule
//  near this input region before deploying."

The worst_input array is the exact set of feature values that triggered the bug. You can reproduce it locally by calling both functions with those values. Random testing missed this because the bug affects only ~1 in 100,000 inputs.

MULTI-CLASS MODELS (3+ CATEGORIES)

If your model predicts between more than two categories, the API returns a probability for each class:

// e.g. diagnosing between three conditions
"predictions":    [0.05, 0.87, 0.08]
"dominant_class": 1

// Your application maps index → label:
// 0 → "Healthy"
// 1 → "Type 2 Diabetes"   ← predicted
// 2 → "Pre-diabetic"

All probabilities sum to 1.0. dominant_class is the index of the highest probability. The label mapping is defined entirely in your code — the API never stores or sees category names.

Validation

Every number below is reproducible from the working prototype.

4,259x
Error amplification over random testing
0.009
SHAP MAE vs ground-truth KernelSHAP
1.11e-16
Efficiency axiom error (machine epsilon)
130x
SIMD reduction at d=50 (390 → 3 ciphertexts)
9.2s
End-to-end CKKS latency (d=50, M1 CPU)
1.35e-04
FHE vs plaintext SHAP max difference
128-bit
CKKS security (HEStd_128_classic)

Every number above is reproducible from the prototype. Validation suites and benchmarks are available under NDA.

How to Use

Two products. Both work with a single API key.

STEP 1 — GET YOUR KEY

Sign up instantly — no waitlist. Enter your work email, verify with a 6-digit code, and your key arrives immediately.

Get a free key (3 runs/month) or upgrade to Developer (£299/mo).

vb_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Keys are sent to your email. Use the X-API-Key header on every request. Check your split usage at GET /usage — oracle runs and SHAP calls are tracked separately.

STEP 2A — FHE TESTING ORACLE (CI/CD)

What the Oracle does — plain English

When you encrypt a model with FHE (Fully Homomorphic Encryption), the encrypted version should produce the same outputs as the original model. In practice, encryption introduces tiny rounding errors — and occasionally those errors are catastrophically large in specific regions of the input space. Standard random testing never finds these bugs because they occupy roughly 1 in 100,000 possible inputs.

YOU PROVIDE

Two Python functions: your original model and its FHE-compiled version. The Oracle calls both with the same inputs and measures where they disagree.

PASS

The largest error found is below your threshold (e.g. 0.01). Your CI pipeline gets exit code 0. Safe to deploy.

FAIL

A divergence was found. Exit code 1 + a PDF report showing exactly which inputs triggered it and by how much. Block the merge, fix the circuit.

The Oracle uses CMA-ES — an adversarial optimiser that actively hunts for the worst-case inputs rather than sampling randomly. In our benchmark: random search found 0 bugs, CMA-ES found 471 from the same budget. The 4,259x error amplification number comes from this directly.

1. Add to your workflow

Create .github/workflows/fhe-check.yml in your repo:

name: FHE Precision Test
on: [push, pull_request]

jobs:
  fhe-check:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Run FHE Oracle
        run: |
          curl -X POST \
            https://cipherexplain.vaultbytes.com/oracle/run \
            -H "X-API-Key: ${{ secrets.VAULTBYTES_API_KEY }}" \
            -F "circuit=@src/my_circuit.py" \
            --fail-with-body
          # Exit 0 = PASS, Exit 1 = BUG FOUND (see report)

Add VAULTBYTES_API_KEY to your repo secrets (Settings → Secrets → New repository secret). The pipeline fails automatically if a precision bug is found — no code changes needed beyond adding this step.

2. Create your circuit file

Three required exports in src/my_circuit.py:

INPUT_DIM = 10  # how many input features your model takes

def plaintext(x):
    # Your original (unencrypted) model
    # This is the ground truth
    return float(model.predict(x))

def fhe_simulated(x):
    # Your FHE-compiled model
    # This is what we're testing
    return float(fhe_model.run(x))

# The Oracle calls both with the same inputs
# and finds the worst-case difference between them.

PASS = outputs agree everywhere → exit 0. FAIL = divergence found → exit 1 + PDF report with the exact input that triggered the bug, the size of the error, and a sensitivity map showing which features caused it.

STEP 2B — CIPHEREXPLAIN API (ENCRYPTED SHAP)

Python

Load the demo model, then call /explain_raw with raw (unscaled) values:

import requests

BASE = "https://cipherexplain.vaultbytes.com"
HDR  = {"X-API-Key": "vb_..."}

# One-time: load the built-in demo credit model
requests.post(f"{BASE}/startup", headers=HDR)

# Send the raw feature values for one person
r = requests.post(f"{BASE}/explain_raw", headers=HDR,
  json={
    "model_id": "credit_model",
    "features": [38,  13,    0,       0,      40 ]
    #             ↑    ↑      ↑        ↑        ↑
    #            age  edu  marital  occup  hrs/week
  }
)
data = r.json()

# What comes back:
# data["prediction"]    → 0.74   (74% probability — your app maps to a label)
# data["base_rate"]     → 0.50   (average across all cases — the neutral baseline)
# data["shap_values"]   → [0.12, -0.31, 0.05, 0.03, 0.09]
# data["feature_names"] → ["age", "education-num", "marital", "occup", "hours"]
#
# Reading the SHAP values:
#   education-num: -0.31 → biggest factor, pushed prediction DOWN
#   age:            0.12 → pushed it up
#   hours/week:     0.09 → positive signal
#   occupation:     0.05 → small positive
#   marital:        0.03 → almost no effect

/explain_raw auto-scales your values using the model's built-in scaler. Use /explain only if you have already scaled the features yourself.

curl

curl -s -X POST \
  https://cipherexplain.vaultbytes.com/explain_raw \
  -H "X-API-Key: vb_..." \
  -H "Content-Type: application/json" \
  -d '{
    "model_id": "credit_model",
    "features": [38, 13, 0, 0, 40]
  }' | python3 -m json.tool

All endpoints

POST /startup              → load demo credit model
GET  /models               → list your registered models
POST /models/register      → register your own model
DELETE /models/{id}        → remove a model
POST /explain              → SHAP (pre-scaled features)
POST /explain_raw          → SHAP (raw values, auto-scaled)
POST /report               → generate PDF audit report
POST /keys/rotate          → rotate your API key
GET  /usage                → quota used this month
GET  /health               → status (no key needed)

All endpoints except /health and /signup/* require X-API-Key. Returns JSON. 401 = missing key, 403 = invalid key, 429 = quota exceeded.
Full interactive docs: cipherexplain.vaultbytes.com/docs

STEP 2C — BRING YOUR OWN MODEL (OPTIONAL)

Register any linear classifier

Your model and data stay local. Only trained weights (numbers) are sent — no training data, no pickle files, no arbitrary code.

pip install cipherexplain

from cipherexplain_sdk import CipherExplainClient, extract_spec, from_weights

# --- sklearn (LogisticRegression, LinearSVC) ---
from sklearn.linear_model import LogisticRegression
spec = extract_spec(LogisticRegression().fit(X_s, y),
                    "my_lr", feature_names, scaler=scaler)

# --- PyTorch nn.Linear ---
import torch.nn as nn
spec = extract_spec(nn.Linear(n, 1), "my_pt", feature_names)

# --- Any other framework (TF, JAX, statsmodels, R, ...) ---
# Export coef/intercept as arrays, then:
spec = from_weights(coef, intercept, "my_model",
                    feature_names, classes=[0, 1])

# Register and explain
client = CipherExplainClient(api_key="vb_...")
client.register(spec)
result = client.explain_raw("my_model", x_raw)
print(result["shap_values"])

Supported: any linear classifier (logistic regression, linear SVM, linear layer). Non-linear models (trees, MLPs) are not supported — only linear weights can be serialised safely without pickle.

Model slots & key rotation

Each API key has a model slot quota by tier:

  • Free — 1 model
  • Developer — 10 models
  • Enterprise — no limit

Delete a model to free its slot:

client.delete("my_model")

Rotate your API key at any time — all registered models move automatically:

result = client.rotate_key()
# result["new_key"] → "vb_..."
# Your old key stops working immediately.

Models survive key rotation. No re-registration needed. Store the new key before it leaves your terminal.

Python SDK

Register models, run explanations, rotate keys — all from Python.

INSTALL

PyPI version Python 3.9+ License: AGPL v3 Downloads 

pip install cipherexplain

For client-side CKKS encryption (fhe_mode='ckks') add the [fhe] extra:

pip install 'cipherexplain[fhe]'

Base dependencies: httpx, numpy, scikit-learn. The [fhe] extra adds openfhe for local encrypt/decrypt. Source: github.com/VaultBytes/CipherExplain.

QUICK START
from cipherexplain_sdk import (
    CipherExplainClient,
    extract_spec,   # sklearn / PyTorch
    from_weights,   # any other framework
)

client = CipherExplainClient(api_key="vb_...")

# Register your model (weights only — no data sent)
spec = extract_spec(model, "my_model", feature_names)
client.register(spec)

# Explain any input
result = client.explain_raw("my_model", x_raw)
print(result["shap_values"])

# Key rotation — old key deactivated immediately
new = client.rotate_key()
print(new["new_key"])  # save this

API Docs

Interactive reference — try every endpoint directly in your browser.

Swagger UI

Try every endpoint live. Paste your API key once and run requests directly from the browser.

cipherexplain.vaultbytes.com/docs →

ReDoc Reference

Clean read-only API reference. Best for sharing with your team or reading offline.

cipherexplain.vaultbytes.com/redoc →
AUTHENTICATE IN SWAGGER
  1. Open cipherexplain.vaultbytes.com/docs
  2. Click Authorize (top right, 🔒 icon)
  3. Paste your vb_... key into the X-API-Key field
  4. Click AuthorizeClose
  5. Expand any endpoint and click Try it out

No key yet? Get one free — takes 30 seconds.

FULL CKKS ENCRYPTION MODE

fhe_mode='ckks' enables full CKKS homomorphic encryption. Your input is encrypted on your machine before transmission. The server evaluates the model and computes SHAP values without decrypting at any point. Results are returned encrypted and decrypted locally by your SDK. Measured at 9.2s end-to-end on Apple M1, single-threaded OpenFHE 1.2, d=50 features, 128-bit security. Supported for logistic_regression models. Async batch workflows recommended.

Pricing

Built for regulated deployments — credit, insurance, healthcare, hiring. Annual contracts, DPA, SLA, and on-prem available.

EU AI ACT ART. 13 GDPR ART. 28 DPA SR 11-7 / PRA SS1/23 SOC 2 TYPE II — IN PROGRESS ISO 27001 — IN PROGRESS PATENT PROTECTED
TEAM
£299
/ month
  • 1,000 SHAP calls / month
  • 50 oracle runs / month
  • Adversarial CMA-ES search
  • 10 custom model slots
  • PDF audit reports
  • Email support
  • For data-science teams evaluating CipherExplain
FOR REGULATED BUYERS
BUSINESS
£25,000
/ year · annual contract
  • 50,000 SHAP calls / month
  • 5,000 oracle runs / month
  • 50 custom model slots
  • EU hosting (Hetzner Frankfurt)
ENTERPRISE
From £75k
/ year · multi-year available
  • Unlimited SHAP calls & oracle runs
  • Unlimited model slots
  • Patent licensing (PCT/IB2026/053378, 053405)
  • Commercial (non-AGPL) licence available
DEVELOPERS & RESEARCHERS — free tier available

FREE — £0 forever

  • 50 SHAP calls / month
  • 3 oracle runs / month
  • 1 model slot · random sampling
  • Community support

WHAT'S MISSING

Free and Team tiers are for evaluation and non-production workloads. Regulated deployments (banks, insurers, health, hiring) require the Business or Enterprise plans for signed DPA, Art. 13 attestation, SLA, and audit evidence.

OVERAGE & COMMITTED VOLUME PRICING

Business and Enterprise contracts include committed monthly volume with overage pricing negotiated at signing. Standard rates:

  • SHAP explain — from £0.05/call at 100k+/month commitment
  • FHE oracle run — from £0.90/run at 10k+/month commitment

Team plan customers can enable per-call overage (£0.08/SHAP, £1.50/oracle) via POST /account/payg/enable with spend cap. Not recommended for regulated production workloads — use Business or Enterprise instead.

MANAGE YOUR ACCOUNT

Enter your API key to manage billing, cancel, enable PAYG, or check usage — all automated, no emails needed.

Manage subscription: cancel, update card, download invoices · No cancellation fees · Access continues to end of billing period

Who This Is For

Three audiences, one suite.

FHE Compiler Vendors

Your customers need a CI/CD validation gate for FHE programs. We have one. License the patent and integrate, or partner on co-development.

Enterprise FHE Platforms

Your regulated customers need compliance-grade audit reports and explainable encrypted predictions. CipherExplain provides both as a single suite.

Regulated AI Deployments

If you deploy AI in credit, insurance, healthcare, or hiring, the EU AI Act requires explanations. If you also handle personal data, GDPR requires encryption. CipherExplain is the only path that satisfies both.

Examples: Banks, insurers, healthcare networks, employment platforms.

ML Engineers & Data Teams

Already have a trained linear classifier? Register it in two lines of Python — sklearn, PyTorch, TensorFlow, JAX, or raw weight arrays. Only numbers travel over HTTPS. No training data, no pickle, no arbitrary code execution.

pip install cipherexplain

Patent Status

Both inventions are filed under the Patent Cooperation Treaty (PCT) with priority date April 7, 2026. International search reports expected August 2027. National phase entry deadline October 2028. Coverage spans 150+ countries via PCT.

PCT/IB2026/053378

System and Method for Adversarial Noise-Guided Differential Testing of Fully Homomorphic Encryption Programs

PCT/IB2026/053405

Homomorphic Encrypted Model Explanation: Computing SHAP Values Under FHE

Get Your API Key

Free tier is instant — verify your email and start in 30 seconds. Paid tiers via Stripe. Enterprise contracts available.

Enterprise licensing, NDA evaluations, and custom model adapter development also available — contact us.