The Internet Computer’s Privacy Era: vetKeys Unlocked

By Andrea Cerulli

With the Niobium milestone, the Internet Computer Protocol takes a major leap forward in its mission to bring new levels of privacy to the blockchain. This milestone sees the implementation of the vetKeys feature, which is now live and available for all developers building on ICP. This upgrade opens the door to decentralized key management and onchain data privacy, marking the beginning of the Internet Computer’s privacy era.

Blockchains are transparent by default, which is ideal for integrity and availability. However, this is a limitation for many real-world applications that rely on confidentiality, like messaging, identity, healthcare, finance, governance, and gaming.

With vetKeys, developers can seamlessly integrate end-to-end encryption into their applications, ensuring sensitive data stays protected even on a public blockchain. By leveraging a protocol called verifiably encrypted threshold key derivation, vetKeys brings strong confidentiality and security even in a decentralized environment.

What Does the Niobium Milestone Introduce?

At the core of vetKeys is a newly integrated verifiably encrypted threshold key derivation protocol (vetKD). This enables smart contracts running on ICP, which are called canisters, to request strong cryptographic keys that are securely derived and managed by subnet nodes.

The derived keys are encrypted under a user-provided public key, ensuring that neither the subnet nodes nor the canister can access the derived keys. Furthermore, users can verify that the key was correctly generated according to the protocol, that it was correctly encrypted using their public key, and that the key was not tampered with.

Canisters can now access this new functionality through a newly introduced system API, giving developers direct access to decentralized key management from within their smart contracts, without relying on off-chain components. To make integration seamless, the Niobium milestone introduces user-facing and developer libraries that simplify incorporating vetKeys into both frontend workflows and backend canister logic, making it easier to build privacy-preserving dapps on the Internet Computer.

Additionally, the vetKD protocol enables canisters to access threshold decryption, where decryption operations are securely distributed across the nodes of a subnet. This distributed approach enhances security by eliminating single points of failure: no single party holds enough information to decrypt data on their own. Instead, decryption requires participation from a threshold of nodes, and the result is cryptographically verifiable.

Important Note: vetKeys guarantees strong confidentiality up to the point of decryption. Once the plaintext is handed off, for example, to a canister, it should no longer be assumed private. At that stage, it’s the developer’s responsibility to handle the data securely within the application logic. Furthermore, there are several applications that can benefit from canister-side decryption, where the decrypted content is intentionally revealed to all users at a specific time or event.

What Can You Build with vetKeys?

By introducing threshold key derivation to canisters, vetKeys opens the door to a broad set of privacy-preserving applications that need confidentiality, flexible access control, and stronger trust guarantees. Beyond privacy, vetKeys extends the chain-key capabilities of canisters with new advanced cryptographic functionalities, enabling more powerful and secure dapps.

Decentralized Key Management Services (DKMS)

Managing user keys, especially in multi-device and multi-user settings, is notoriously complex and error-prone. vetKeys enables the development of decentralized key management services that let users easily generate, retrieve, and share cryptographic keys across devices and with other users. By offloading key derivation to subnet nodes, without ever exposing the keys, vetKeys simplifies key distribution. Moreover, because threshold key derivation is deterministic, users can reliably retrieve their keys on demand, without having to explicitly store them anywhere.

Onchain Encrypted Storage

A core application of DKMS is the generation of encryption keys for securing data, whether stored in a canister, on another blockchain, or off-chain entirely. With vetKeys, these keys can be securely shared across devices and between users, enabling powerful privacy-preserving use cases. This includes private storage solutions, end-to-end encrypted messaging, password managers, and collaborative applications operating on confidential data.

Identity-Based Encryption (IBE)

vetKeys enable identity-based encryption, allowing data to be encrypted directly to an identity, such as a principal, an Internet Identity, an email address, or even an Ethereum address. This makes it possible to encrypt data for a specific user or account, even if that user has never previously interacted with the dapp. By authenticating with the dapp using their identity, the user can securely retrieve their decryption key and access the data.

Timelock Encryption

Another variant of advanced encryption enabled by vetKeys is timelock encryption, which allows a sender to encrypt to a specific timestamp, ensuring that the recipient can only decrypt after the specific time has passed. Canisters can enforce this time-based access control by requesting threshold decryption of a ciphertext only after a predetermined expiry time, keeping sensitive information sealed until the appropriate moment. This makes it possible to implement time-sensitive applications, like sealed-bid auctions, time-locked documents, dead-man switches, and delayed reveal NFTs.

Timelock encryption also serves as a key building block for protecting against Maximal Extractable Value (MEV): by keeping transaction details confidential until after block inclusion, it prevents adversaries from doing front-running and reordering of transactions.

Threshold BLS Signatures

Chain Fusion technology allows canisters to natively interact with other blockchains, such as Bitcoin or Ethereum, without relying on external bridges or trusted intermediaries. This is made possible through threshold signature schemes, which enable canisters to instruct subnet nodes to collectively compute ECDSA, Schnorr, and EdDSA signatures. vetKeys extends this capability by introducing a new threshold signature scheme to canisters: threshold BLS signatures. BLS signatures are particularly well-suited for multichain applications due to their compact size and efficient aggregation properties. By supporting threshold BLS, vetKeys further enhances ICP’s interoperability, empowering canisters to participate in more advanced multichain dapps and protocols.

Verifiable Randomness

vetKeys can also function as a Verifiable Random Function (VRF). This means that canisters can generate randomness that is not only unpredictable and tamper-proof but also publicly verifiable. Trusted randomness is a critical building block for a wide range of decentralized applications, including trustless online lotteries, fair casino games, and GameFi experiences where outcomes must be demonstrably fair. It also plays a key role in NFT ecosystems — for example, in assigning randomized traits or rarities during minting, or enabling dynamic, chance-based in-game interactions.

Start Building with vetKeys

Developers can start using vetKeys today using the official documentation:

• vetKeys developer docs
• Libraries and examples
• Reach out and interact with the community

The Internet Computer’s Privacy Era: vetKeys Unlocked was originally published in The Internet Computer Review on Medium, where people are continuing the conversation by highlighting and responding to this story.