Stoffel.toml, CLI flags, Rust SDK builders, bytecode metadata, local execution, and network/client configuration. If you need the app-level input, execution, and output flow, use MPC Integration. For backend selection guidance, start with MPC Backends.
Stoffel records the selected MPC backend in the compiled program and carries it through the CLI, Rust SDK, VM, and network/client layers.
End-to-end path

- backend: HoneyBadgerMPC or AVSS;
- curve/field where applicable;
- parties and threshold;
- client input/output schemas;
- preprocessing demand for operations such as multiplication and randomness.
Backend selectors
At the SDK level, backend selection is represented as:--field / curve = "..." sets the AVSS curve. HoneyBadgerMPC does not take a curve selector in the SDK config; it uses the field configuration expected by the HoneyBadger path.
Current config validation
Stoffel validates local and network MPC topology with:3t + 1 threshold often used to introduce asynchronous Byzantine protocols because Stoffel’s current end-to-end path includes preprocessing and robust execution requirements.
SDK summaries also expose the minimum reconstruction shares:
| Backend | Reported reconstruction threshold |
|---|---|
| HoneyBadgerMPC | 2 * threshold + 1 |
| AVSS | threshold + 1 |
Bytecode manifest
The.stflb manifest stores backend metadata so a runtime can reject mismatched execution settings early.
Local MPC execution
stoffel run, stoffel dev, and SDK .execute_local().await? run the compiled program against a local MPC test network on the developer machine.
The local runner receives:
- the compiled program;
- entrypoint name;
- backend kind;
- curve config;
- parties and threshold;
- ClientStore inputs and expected output-client metadata.
Network and off-chain client execution
The Rust SDK can generate network deployment configs and build client/server handles. Backend selection is part of those configs:bls12_381. Other AVSS curves are still selectable for bytecode/runtime paths and curve-aware StoffelLang protocol examples; validate the specific client/network path you plan to use.
VM boundary
The VM does not expose different application syntax for each backend. Secret-register operations and builtins yield backend-specific work through the MPC runtime:| VM operation | Backend effect |
|---|---|
| clear-to-secret input | Creates backend share data. |
| secret multiplication | Uses backend multiplication/preprocessing path. |
| opening/reveal | Reconstructs according to backend share type. |
Share.random / Share.random_int | Produces backend random share data. |
Share.get_commitment | Returns commitment bytes when the backend share carries commitments. |
Avss.* helpers | Inspect AVSS share metadata and commitments. |
secret T, Share, ClientStore, Mpc, and MpcOutput while selecting the backend in config.
Backend-specific notes
HoneyBadgerMPC
HoneyBadgerMPC share data is field-oriented and supports the general arithmetic path. Its local/network execution path uses robust field-share reconstruction and preprocessing for multiplication-heavy workloads.AVSS
AVSS share data can carry Feldman commitment material. StoffelLang exposesAvssShare helpers and Share.get_commitment(...) when the output boundary needs public commitments, curve-encoded values, or scalar responses. Curve selection matters because scalar-field and group encodings must match the external verifier or protocol boundary.
Troubleshooting
| Symptom | Check |
|---|---|
| Config says the threshold is invalid | Confirm parties >= 4 * threshold + 1 and parties >= 5. |
| HoneyBadger rejects a curve selector | Use backend = "honeybadger" without a curve, or switch to AVSS for curve workflows. |
| AVSS client I/O fails on a non-BLS curve | The current SDK off-chain client I/O path supports AVSS over bls12_381; test other curves through supported local/runtime paths. |
| Runtime backend mismatch | Rebuild .stflb after changing [mpc] config or pass matching SDK/CLI backend overrides. |
| Multiplication exhausts preprocessing | Increase preprocessing in network config or reduce secret multiplications. |