Skip to main content
Use this page after choosing a backend to see how that choice flows through Stoffel.toml, CLI flags, Rust SDK builders, bytecode metadata, local execution, and network/client configuration. If you need the app-level input, execution, and output flow, use MPC Integration. For backend selection guidance, start with MPC Backends. Stoffel records the selected MPC backend in the compiled program and carries it through the CLI, Rust SDK, VM, and network/client layers.

End-to-end path

HoneyBadger MPC runtime diagram showing client input/output paths, coordinator-managed sessions, preprocessing material, and peer protocol rounds between VM parties. Campaign-style networked privacy backend diagram showing client input and output paths, coordinator routing, preprocessing, and peer protocol messages. At runtime, clients submit protected inputs, the coordinator manages session lifecycle and IO routing, and the parties execute the VM while exchanging HoneyBadger protocol messages. The important invariant is that the compiled bytecode and the runtime agree on:
  • backend: HoneyBadgerMPC or AVSS;
  • curve/field where applicable;
  • parties and threshold;
  • client input/output schemas;
  • preprocessing demand for operations such as multiplication and randomness.

Backend selectors

At the SDK level, backend selection is represented as:
At the CLI/config level, the accepted string selectors are:
--field / curve = "..." sets the AVSS curve. HoneyBadgerMPC does not take a curve selector in the SDK config; it uses the field configuration expected by the HoneyBadger path.

Current config validation

Stoffel validates local and network MPC topology with:
This is the rule developers should use for project config, local runs, and network config. It is stricter than the baseline 3t + 1 threshold often used to introduce asynchronous Byzantine protocols because Stoffel’s current end-to-end path includes preprocessing and robust execution requirements. SDK summaries also expose the minimum reconstruction shares:
BackendReported reconstruction threshold
HoneyBadgerMPC2 * threshold + 1
AVSSthreshold + 1

Bytecode manifest

The .stflb manifest stores backend metadata so a runtime can reject mismatched execution settings early.
StoffelLang compilation writes this metadata from compiler options. The CLI and SDK set those options from project config or builder overrides.

Local MPC execution

stoffel run, stoffel dev, and SDK .execute_local().await? run the compiled program against a local MPC test network on the developer machine. The local runner receives:
  • the compiled program;
  • entrypoint name;
  • backend kind;
  • curve config;
  • parties and threshold;
  • ClientStore inputs and expected output-client metadata.
This lets the same source program be checked against HoneyBadgerMPC or AVSS by changing backend configuration instead of changing application code.

Network and off-chain client execution

The Rust SDK can generate network deployment configs and build client/server handles. Backend selection is part of those configs:
AVSS can be selected in the same builder:
The current SDK off-chain client I/O path supports HoneyBadgerMPC and AVSS over bls12_381. Other AVSS curves are still selectable for bytecode/runtime paths and curve-aware StoffelLang protocol examples; validate the specific client/network path you plan to use.

VM boundary

The VM does not expose different application syntax for each backend. Secret-register operations and builtins yield backend-specific work through the MPC runtime:
VM operationBackend effect
clear-to-secret inputCreates backend share data.
secret multiplicationUses backend multiplication/preprocessing path.
opening/revealReconstructs according to backend share type.
Share.random / Share.random_intProduces backend random share data.
Share.get_commitmentReturns commitment bytes when the backend share carries commitments.
Avss.* helpersInspect AVSS share metadata and commitments.
This separation lets developers write StoffelLang around secret T, Share, ClientStore, Mpc, and MpcOutput while selecting the backend in config.

Backend-specific notes

HoneyBadgerMPC

HoneyBadgerMPC share data is field-oriented and supports the general arithmetic path. Its local/network execution path uses robust field-share reconstruction and preprocessing for multiplication-heavy workloads.

AVSS

AVSS share data can carry Feldman commitment material. StoffelLang exposes AvssShare helpers and Share.get_commitment(...) when the output boundary needs public commitments, curve-encoded values, or scalar responses. Curve selection matters because scalar-field and group encodings must match the external verifier or protocol boundary.

Troubleshooting

SymptomCheck
Config says the threshold is invalidConfirm parties >= 4 * threshold + 1 and parties >= 5.
HoneyBadger rejects a curve selectorUse backend = "honeybadger" without a curve, or switch to AVSS for curve workflows.
AVSS client I/O fails on a non-BLS curveThe current SDK off-chain client I/O path supports AVSS over bls12_381; test other curves through supported local/runtime paths.
Runtime backend mismatchRebuild .stflb after changing [mpc] config or pass matching SDK/CLI backend overrides.
Multiplication exhausts preprocessingIncrease preprocessing in network config or reduce secret multiplications.

See also