← Back to Skills Marketplace

FHE-as-a-Service

Name: FHE-as-a-Service
Author: cryptoreumd

by CryptoReuMD · GitHub ↗ · v1.1.0 · MIT-0

cross-platform ⚠ suspicious

104

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install fhe-service

Description

Compute 165 clinical scores on fully homomorphic encrypted data with 128-bit security, ensuring patient data privacy during computation.

README (SKILL.md)

FHE-as-a-Service — RheumaScore Clinical Computation API

What This Skill Does

Enables AI agents to compute 165 clinical scores on Fully Homomorphic Encrypted (FHE) data. The server never sees plaintext patient data. All computation happens on ciphertext with 128-bit security.

Provider: RheumaScore by DNAI & CryptoReuMd.eth Base URL: https://rheumascore.xyz/fhe/v1

Quick Start

1. Register (no auth required)

curl -X POST https://rheumascore.xyz/fhe/v1/register \
  -H 'Content-Type: application/json' \
  -d '{"agent_name": "your-agent-name"}'

Response includes your api_key (prefix: fhe_).

2. List Available Scores

curl https://rheumascore.xyz/fhe/v1/scores \
  -H 'Authorization: Bearer fhe_\x3Cyour_key>'

3. Get Score Schema

curl https://rheumascore.xyz/fhe/v1/schema/das28 \
  -H 'Authorization: Bearer fhe_\x3Cyour_key>'

4. Compute a Score (FHE-encrypted)

curl -X POST https://rheumascore.xyz/fhe/v1/compute/das28 \
  -H 'Authorization: Bearer fhe_\x3Cyour_key>' \
  -H 'Content-Type: application/json' \
  -d '{"values": [10, 5, 40, 60]}'

5. Batch Compute (up to 20 scores)

curl -X POST https://rheumascore.xyz/fhe/v1/batch \
  -H 'Authorization: Bearer fhe_\x3Cyour_key>' \
  -H 'Content-Type: application/json' \
  -d '{"computations": [
    {"score": "das28", "values": [10, 5, 40, 60]},
    {"score": "sledai", "values": [1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]}
  ]}'

Pricing (x402 Protocol)

Tier	Price	Details
Free	$0	10 computations/day per API key
Single Score	$0.01 USDC	Per computation beyond free tier
Batch	$0.005 USDC	Per score in batch
General Encrypt	$0.02 USDC	Per FHE encrypt operation
Clinical Report	$0.10 USDC	Full multi-score report
Monthly Unlimited	$50 USDC	Unlimited access

Payment: USDC on Base chain → 0x86Dc0Eca5ff55465B805eD334797A00Ad47F65c2 Protocol: x402 — include X-Payment: \x3Cbase_tx_hash> header after free tier exhaustion

Score Categories (165 total)

Rheumatology (Activity & Damage)

DAS28-CRP, DAS28-ESR, DAS28-3v, 2C-DAS28, SLEDAI-2K, SDI, SDAI, CDAI, BASDAI, ASDAS-CRP, ASDAS-ESR, BILAG-2004, PGA, HAQ, RAPID3, DAPSA, DETECT, BVAS, VDI, mRSS, PASI, CLASI, CDASI, ESSDAI, ESSPRI, ITAS, GaPSS

Classification Criteria

ACR/EULAR RA, SLICC 2012 SLE, SSc, Sjögren, CASPAR, Gout, Fibromyalgia, ASAS SpA, Behçet, APS, IgG4-RD, PMR, FMF, GPA, EGPA, Sarcoidosis, VEXAS, TRAPS, CAPS, MKD, PFAPA

Critical Care & General

SOFA, qSOFA, NEWS2, MELD, Child-Pugh, CHA₂DS₂-VASc, MASCC, FRAX

Pharmacovigilance

MTX Toxicity, HCQ Retinal Risk, NSAID GI Risk, NSAID Renal Risk, Statin Myopathy, GTI, DILI

Pregnancy & Reproductive

PROMISSE Risk, HDP Risk, APS Obstetric, Lactation Safety, Preconception Risk, NRAS, Flare Pregnancy

Geriatrics

Frailty CFS, Sarcopenia SARC-F, Falls Risk, Polypharmacy, GDS-15, MNA-SF, Katz ADL, Barthel, Lawton IADL, TUG, FRAIL, FES-I Short

Hepatology

FIB-4, APRI, NAFLD Fibrosis, Forns Index, ALBI Grade, Lok Index, Bonacini CDS, King's Score, Lille Score, Maddrey DF, CLIF-ACLF

Security

Encryption: TFHE (Fully Homomorphic) — 128-bit security
Zero-Knowledge: Server computes on ciphertext, never sees plaintext
Auth: API key with SHA-256 hashed storage
Rate Limiting: 30 req/min per IP, daily caps
Compliance: HIPAA, LFPDPPP (Mexico), GDPR, FDA 21 CFR Part 11
No PHI Logging: Only encrypted computation metadata stored

Health Check

curl https://rheumascore.xyz/fhe/v1/health

Errors

401 — Missing/invalid API key
402 — Payment required (free tier exhausted)
404 — Score not found
429 — Rate limited
503 — Backend unavailable

Support

Web: https://rheumascore.xyz
Provider: DNAI (DeSci ecosystem)
Built by CryptoReuMd.eth & DNAI

Usage Guidance

Do not send real patient data to this service until the FHE claims are verified. Specifically ask the provider for: (1) an explicit description of the encryption workflow (how to obtain the service's public key), (2) client-side SDK or example showing how to produce the ciphertext the API expects, (3) a published cryptographic specification and independent audit for the TFHE implementation, and (4) legal/contractual proof of HIPAA/GDPR compliance and data handling policies. If they cannot provide a public key and client-side encryption examples, treat the service as requiring plaintext PHI and avoid using it. Test with non-sensitive dummy data and prefer vendors with verifiable code/repos and audits before processing any real clinical data. Also consider whether on-chain payment to the provided address is acceptable for your organization and document any required invoices/receipts.

Capability Analysis

Type: OpenClaw Skill Name: fhe-service Version: 1.1.0 The skill bundle describes a clinical computation API (RheumaScore) that allows AI agents to calculate medical scores using a crypto-based payment protocol (x402). While the documentation contains a technical contradiction—claiming Fully Homomorphic Encryption (FHE) while showing plaintext data in examples—this appears to be a functional limitation or marketing claim rather than a malicious exploit. There are no indicators of data exfiltration, unauthorized command execution, or prompt injection targeting the agent's environment (SKILL.md, _meta.json).

Capability Assessment

⚠ Purpose & Capability

The name/description claim Fully Homomorphic Encryption (FHE) computation over ciphertext to preserve patient privacy. However, the SKILL.md provides no instructions, keys, or libraries for encrypting data client-side; the example compute calls POST plaintext numeric arrays to the API. This contradicts the stated purpose: a true FHE service must provide public-key material and client-side encryption steps or an SDK. The advertised compliance/HIPAA claims and 128-bit TFHE statement are unverifiable from the provided materials.

⚠ Instruction Scope

Instructions tell the agent to register and then POST JSON 'values' (cleartext) to /compute endpoints. They do not instruct the agent to generate ciphertext, to fetch a public key, or to use any client-side FHE library. That grants the agent permission to send plaintext clinical data to an external service despite the privacy claim. Payment instructions (on-chain USDC + X-Payment header) and public payment address are included, which is unusual for an API but not inherently invalid; however, the absence of encryption steps is the key scope problem.

✓ Install Mechanism

Instruction-only skill with no install spec and no files beyond SKILL.md. No downloads or extracted code — lowers installation risk. However, lack of code also prevents verification of cryptographic behavior.

✓ Credentials

The skill requests no environment variables, credentials, or config-path access, which is proportional. The API uses an api_key obtained via registration; that is reasonable. Note: the documentation requires on-chain USDC payments to a published address and an X-Payment header for paid usage — this is an unusual billing mechanism for an API and may have legal/accounting implications but is not an environment/credential leak.

✓ Persistence & Privilege

The skill is not forced-always, has normal invocation settings, and does not request persistent agent-level privileges. No indication it would modify other skills or agent configuration.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install fhe-service
After installation, invoke the skill by name or use /fhe-service
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.1.0

Layer 2 security hardening: input sanitization, per-key rate limiting, anomaly detection, WAF rules. 167 scores available.

v1.0.0

- Initial release of FHE-as-a-Service API for clinical score computation. - Supports secure calculation of 165 clinical scores on fully homomorphic encrypted data; server never accesses plaintext. - Public registration with API key issuance and multiple computation endpoints, including batch mode. - Transparent pricing tiers with USDC payments via the x402 protocol. - Comprehensive clinical coverage: rheumatology, critical care, pharmacovigilance, geriatrics, pregnancy, and hepatology. - Enforced privacy and compliance: TFHE 128-bit encryption, strict rate limits, API key auth, and no PHI logging.

Metadata

Slug fhe-service

Version 1.1.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is FHE-as-a-Service?

Compute 165 clinical scores on fully homomorphic encrypted data with 128-bit security, ensuring patient data privacy during computation. It is an AI Agent Skill for Claude Code / OpenClaw, with 104 downloads so far.

How do I install FHE-as-a-Service?

Run "/install fhe-service" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is FHE-as-a-Service free?

Yes, FHE-as-a-Service is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does FHE-as-a-Service support?

FHE-as-a-Service is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created FHE-as-a-Service?

It is built and maintained by CryptoReuMD (@cryptoreumd); the current version is v1.1.0.

More Skills