Circuit compilation
Compilation is the step that turns a circuit configuration into a runnable binary. The security of the system depends on a single rule: the compilation service never retains user secrets. This page explains how that is achieved — ephemeral build environments, network isolation, and the “deliver and destroy” model — without showing code.
Ephemeral build environments
When a compilation request arrives, the compiler service creates a temporary, isolated build directory. The user’s configuration is written into the build environment, compiled (e.g. Rust release build), and the resulting binary’s SHA256 hash is computed. The binary is returned to the caller (or uploaded to cloud storage). Then the entire build directory is destroyed. The configuration existed on the server only for the duration of the compilation — typically seconds — and never persists to disk in any permanent form. There is no compilation history, no configuration cache, and no secret backup.
Network isolation
The compiler service has no public internet ingress. It runs on an internal-only network segment. The web application (or other authorized caller) communicates with the compiler via internal service-to-service calls, authenticated by workload identity. So even if the public-facing web app were compromised, an attacker could not directly reach the compiler to exfiltrate configurations. Secrets never traverse the public network in the clear; they are sent only over the internal path to the compiler and are present only in memory and in the ephemeral build directory.
Deliver and destroy
The compiler follows a strict model: produce the artifact, deliver it, destroy all traces. If the user loses their binary and cannot remember their configuration, they must create a new identity. There is no “forgot my circuit” recovery that bypasses the proof ceremony — deliberately, because any system that can recover your identity for you is a system that stores enough information to impersonate you. ENI6MA ensures that the only place your identity exists in complete form is in the circuit binary you hold.
SHA256 and integrity
Each compiled binary has a SHA256 hash that uniquely identifies it. This hash is used for revocation (remove the hash from the authorized set), for distribution manifests, and for audit. Clients can verify a downloaded binary against the advertised hash. The hash is computed after compilation and is included in manifests and API responses; it does not require the compiler to retain the binary or the configuration.
Source of truth
This narrative is drawn from product.MD §9 and the system-design GUIDE. For deployment and architecture details, see DOCS/system-design.