Pool public, position private.

FHE Market is a non-custodial, confidential prediction-market protocol. Each market asks a binary question. Users buy YES or NO shares against a Polymarket-style FPMM. Winning shares redeem 1:1 for cUSDT at resolution.

The twist: per-user share balances are encrypted on-chain. Outsiders can see the pool, the price, and the outcome — they cannot see your YES/NO position, your cumulative exposure, or how a particular wallet leans. Only you, holding the right EIP-712 signature, can decrypt your own balance.

The bet amount on a single transaction reveals at the executeBuy step (necessary to update reserves), but your cumulative position across many bets stays opaque — an observer cannot link multiple actions to a single position size without breaking FHE.

Each market is a standalone PredictionMarket contract using a Fixed-Product Market Maker (FPMM). Two cleartext reserves — yesReserve and noReserve — sit on the constant-product curve k = yesReserve · noReserve. Buying YES removes YES from the pool, pushing implied probability up; selling does the reverse. Prices stay between $0.00 and $1.00 and sum to one.

1. Factory deploys a market and seeds it with cUSDT pulled from the treasury.
2. Trader runs setOperator on cUSDT, then submits buyIntent.
3. Zama relayer publicly decrypts the transferred ciphertext (~10–60s on Sepolia).
4. executeBuy runs CPMM math, mints encrypted shares, forwards fee.
5. At resolve time, factory submits the outcome.
6. Winners trigger claimIntent → relayer decrypt → executeClaim.

Buy, sell, and claim split into intent + execute. The intent locks an encrypted snapshot and marks it publiclyDecryptable; the execute step verifies the relayer's cleartext via FHE.checkSignatures and then settles. Latency between the two is the relayer round-trip, ~10–60s on Sepolia.

const ct = await fhe.encryptU64(amount, market, user);
await market.buyIntent(side, ct.handle, ct.proof, minSharesOut);

const r = await fhe.publicDecrypt([handle]);
// { clearValues, decryptionProof }

await market.executeBuy(user, cleartext, proof);

Sells branchlessly clamp the user's input to their encrypted balance via FHE.le + FHE.selectin the intent step — selling more than you own can't leak comparison results because the clamp happens entirely in ciphertext. The clamped value is what gets revealed.

Two paths take cleartext off-chain.

• Connect wallet on Sepolia, open any market, enter cUSDT amount or shares.
• First interaction signs cUSDT.setOperator(market, until) — a 24h permission.
• Minimum bet is 0.01 cUSDT so fees never round to zero.
• Each action is two wallet pops (intent + execute) plus a relayer wait between.

Flat platform fee of 1.50% on both buy and sell. Forwarded on-chain to Treasury via cUSDT.confidentialTransfer. No deposit/withdraw fees, no spread.

Capped on-chain by MAX_FEE_BPS = 500 (5%), owner-tunable below that.

• YES / NO: winning shares redeem 1 cUSDT each via the 2-tx claim flow.
• CANCELLED: all positions refund — both YES and NO 1:1.
• After all winners claim, factory sweeps residual cUSDT back to treasury.

Live, Etherscan-verified addresses. Market addresses come from MarketFactory.getAllMarkets().

Contracts
  @fhevm/solidity         0.11.1
  @fhevm/hardhat-plugin   0.4.2
  @openzeppelin/contracts ^5.1.0
  hardhat                 ^2.28.4
  solc                    0.8.27 + cancun + viaIR

Frontend
  next                    16.2.4
  wagmi                   ^2.19
  viem                    ^2.48
  @rainbow-me/rainbowkit  ^2.2
  @zama-fhe/relayer-sdk   0.4.1

Browser bundle requires Cross-Origin-Opener-Policy: same-origin + Cross-Origin-Embedder-Policy: require-corp for SharedArrayBuffer (configured in next.config.ts).

Source + issues: github.com/joymadhu49/fhe-market. Twitter: @zx_joy_.

FHE Market is provided "as is" on Sepolia for research and evaluation. Trading involves risk of loss; do not deposit funds you cannot afford to lose.