Non-Fungible Programs
Private Full-Stack Applications for Web3
DOI:
https://doi.org/10.5195/ledger.2025.406Keywords:
Blockchain, Blockchain-Based Smart Contract, Non-Fungible Token, Decentralized Applications, Privacy, Blockchain gamingAbstract
The greatest advantage that Web3 applications offer over Web 2.0 is the evolution of the data access layer. Opaque, centralized services that compelled trust from users are replaced by trustless, decentralized systems of smart contracts. However, the public nature of blockchain-based databases, on which smart contracts transact, has typically presented a challenge for applications that depend on data privacy or that rely on participants having incomplete information. This has changed with the introduction of confidential smart contract networks that encrypt the memory state of active contracts as well as their databases stored on-chain. With confidentiality, contracts can more readily implement novel interaction mechanisms that were previously infeasible. Meanwhile, in both Web 2.0 and Web3 applications, the user interface continues to play a crucial role in translating user intent into actionable requests. In many cases, developers have shifted intelligence and autonomy onto the client, leveraging web technologies for computation, graphics, and networking. Web3’s reliance on such frontends has revealed a pain point though, namely that decentralized applications are not accessible to end users without a persistent host serving the web application. Here we introduce the Non-Fungible Program (NFP) model for developing self-contained frontend applications that are distributed via blockchain, powered by web technology, backed by encrypted databases, and controlled by confidential smart contracts. Access to frontend code, as well as backend services, is controlled and guaranteed by smart contracts according to the NFT ownership model, eliminating the need for a separate host. By extension, NFP applications bring interactivity to token owners and enable new functionalities—such as authorization mechanisms for oracles, supplementary web services, and overlay networks—in a secure manner. In addition to releasing an open-source software development kit for building NFPs, we demonstrate the utility of NFPs with an interactive Bayesian game implemented on Secret Network.
References
Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M. “Scalable, Transparent, and Post-Quantum Secure Computational Integrity.” Cryptology ePrint Archive (2018) (accessed 27 June 2025) https://eprint.iacr.org/2018/046.pdf.
Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M. “Succinct {Non-Interactive} Zero Knowledge for a Von Neumann Architecture.” In SEC’14: Proceedings of the 23rd USENIX Security Symposium 781–796 (2014) https://dl.acm.org/doi/10.5555/2671225.2671275.
Benet, J. “IPFS – Content Addressed, Versioned, P2P File System.” arXiv (2014) (accessed 27 June 2025) https://doi.org/10.48550/arXiv.1407.3561.
Bernstein, D. J. “Curve25519: New Diffie-Hellman Speed Records.” In M. Yung, Y. Dodis, A. Kiayias, T. Malkin (Eds.), PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography 207–228 (2006) https://doi.org/10.1007/11745853_14.
Biørn-Hansen, A., Majchrzak, T. A., Grønli, T.-M. “Progressive Web Apps: The Possible Web-Native Unifier for Mobile Development.” In T. A. Majchrzak, P. Traverso, K.-H. Krempels, V. Monfort (Eds.), Proceedings of the 13th International Conference on Web Information Systems and Technologies 344–351 (2017) https://doi.org/10.5220/0006353703440351.
Brown, D. R. L. “SEC 2: Recommended Elliptic Curve Domain Parameters.” (2010) (accessed 27 June 2025) https://www.secg.org/sec2-v2.pdf.
Buchman, E. “Tendermint: Byzantine Fault Tolerance in the Age of Blockchains.” University of Guelph (2016) PhD Thesis (accessed 27 June 2025) http://hdl.handle.net/10214/9769.
Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G. “Bulletproofs: Short Proofs for Confidential Transactions and More.” In 2018 IEEE Symposium on Security and Privacy (SP) 315–334 (2018) https://doi.org/10.1109/SP.2018.00020.
Buterin, V. “A Next-Generation Smart Contract and Decentralized Application Platform.” Ethereum.org (2014) (accessed 27 June 2025) https://ethereum.org/content/whitepaper/whitepaper-pdf/Ethereum_Whitepaper_-_Buterin_2014.pdf.
Buterin, V. “An Incomplete Guide to Rollups.” (2021) (accessed 27 June 2025) https://vitalik.eth. limo/general/2021/01/05/rollup.html.
Casassa Mont, M. “Dealing with Privacy Obligations: Important Aspects and Technical Approaches.” In S. Katsikas, J. Lopez, G. Pernul (Eds.), TrustBus 2004: International Conference on Trust, Privacy and Security in Digital Business 120–131 (2004) https://doi.org/10.1007/978-3-540-30079-3_13.
Cheng, R., et al. “Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts.” In 2019 IEEE European Symposium on Security and Privacy (EuroS&P) 185–200 (2019) https: //doi.org/10.1109/EuroSP.2019.00023.
Costan, V., Devadas, S. “Intel SGX Explained.” Cryptology ePrint Archive (2016) (accessed 27 June 2025) https://eprint.iacr.org/2016/086.pdf.
Daniel, E., Tschorsch, F. “IPFS and Friends: A Qualitative Comparison of Next Generation Peer-to-Peer Data Networks.” IEEE Communications Surveys & Tutorials 24.1 31–52 (2022) https://doi.org/10.1109/COMST.2022.3143147.
Doan, T. V., Psaras, Y., Ott, J., Bajpai, V. “Towards Decentralised Cloud Storage with IPFS: Opportunities, Challenges, and Future Considerations.” IEEE Internet Computing 26.6 7–15 (2022) https://doi.org/10.1109/MIC.2022.3209804.
Dobbertin, H., Bosselaers, A., Preneel, B. “RIPEMD-160: A Strengthened Version of RIPEMD.” In D. Gollmann (Ed.), FSE 1996: International Workshop on Fast Software Encryption 71–82 (1996) https://doi.org/10.1007/3-540-60865-6_44.
Entriken, W., Shirley, D., Evans, J., Sachs, N. “ERC-721: Non-Fungible Token Standard.” Ethereum.org (2018) (accessed 27 June 2025) https://eips.ethereum.org/EIPS/eip-721.
Gentry, C. “A Fully Homomorphic Encryption Scheme.” Stanford University (2009) PhD Thesis (accessed 27 June 2025) https://crypto.stanford.edu/craig/craig-thesis.pdf.
Gueron, S., Langley, A., Lindell, Y. “AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption.” RFC Editor RFC 8452 (accessed 27 June 2025) https://doi.org/10.17487/RFC8452.
Hofstetter, R., et al. “Crypto-Marketing: How Non-Fungible Tokens (NFTs) Challenge Traditional Marketing.” Marketing Letters 33.4 705–711 (2022) https://doi.org/10.1007/s11002-022-09639-2.
Hoschka, P. “Synchronized Multimedia Integration Language (SMIL) 1.0 Specification.” W3C (accessed 27 June 2025) https://www.w3.org/TR/1998/REC-smil-19980615/.
Hume, D. Progressive Web Apps. Shelter Island: Manning (2017).
Jackson, D., Ferraiolo, J., Fujisawa, J. “Scalable Vector Graphics (SVG) 1.1 Specification.” W3C (accessed 27 June 2025) https://www.w3.org/TR/2003/REC-SVG11-20030114/.
Jean-Louis, N., et al. “SGXonerated: Finding (and Partially Fixing) Privacy Flaws in TEE-Based Smart Contract Platforms Without Breaking the TEE.” Cryptology ePrint Archive (2023) (accessed 27 June 2025) https://eprint.iacr.org/2023/378.
Johnson, D., Menezes, A., Vanstone, S. “The Elliptic Curve Digital Signature Algorithm (ECDSA).” International Journal of Information Security 1 36–63 (2001) https://doi.org/10.1007/s102070100002.
Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C. “Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts.” In 2016 IEEE Symposium on Security and Privacy (SP) 839–858 (2016) https://doi.org/10.1109/SP.2016.55.
Lilley, C., et al. “Scalable Vector Graphics (SVG) 1.1 (Second Edition).” W3C (accessed 27 June 2025) https://www.w3.org/TR/2011/REC-SVG11-20110816/.
Mertens, J. F., Zamir, S. “Formulation of Bayesian Analysis for Games with Incomplete Information.” International Journal of Game Theory 14 1–29 (1985) https://doi.org/10.1007/BF01770224.
Murray, A., Kim, D., Combs, J. “The Promise of a Decentralized Internet: What Is Web3 and How Can Firms Prepare?” Business Horizons 66.2 191–202 (2023) https://doi.org/10.1016/j.bushor.2022.06.002.
No Author. “Cosmos SDK.” Tendermint (2023) (accessed 27 June 2025) https://tendermint.com/sdk/.
No Author. “CosmWasm.” CosmWasm (2023) (accessed 27 June 2025) https://cosmwasm.com/.
No Author. “Oasis.” Oasis (accessed 27 June 2025) https://oasis.net/.
No Author. “Secret network.” Secret (accessed 27 June 2025) https://scrt.network/.
Steiner, T. “What Is In a Web View: An Analysis of Progressive Web App Features when the Means of Web Access Is Not a Web Browser.” In WWW’18: Companion Proceedings of the The Web Conference 2018 789–796 (2018) https://doi.org/10.1145/3184558.3188742.
Sun, X., Yu, F. R., Zhang, P., Sun, Z., Xie, W., Peng, X. “A Survey on Zero-Knowledge Proof in Blockchain.” IEEE Network 35.4 198–205 (2021) https://doi.org/10.1109/MNET.011.2000473.
Wang, Q., Li, R., Wang, Q., Chen, S. “Non-Fungible Token (NFT): Overview, Evaluation, Opportunities and Challenges.” (2021) (accessed 27 June 2025) https://doi.org/10.48550/arXiv.2105.07447.
West, M. “Secure Contexts.” W3C (accessed 27 June 2025) https://www.w3.org/TR/2023/CRD-secure-contexts-20231110/.
Wincer, B. “SNIP-721: Private, Non-Fungible Tokens.” Secret Foundation (2021) (accessed 27 June 2025) https: //github.com/SecretFoundation/SNIPs/blob/30a70a6bc71cc0d1711b5bc4d7b3b1a7a547625a/ SNIP-721.md.
Woetzel, C. “Secret Network: A Privacy-Preserving Secret Contract & Decentralized Application Platform.” Secret Foundation (2016) (accessed 27 June 2025) https://www.securesecrets.org/Secret_Network_Graypaper_2.0.1_1.pdf.
Wuille, P., Maxwell, G. “BIP-173: Base32 Address Format for Native v0-16 Witness Outputs.” Bitcoin Improvement Protocols (2017) (accessed 27 June 2025) https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki.
Yang, X., Li, W. “A Zero-Knowledge-Proof-Based Digital Identity Management Scheme in Blockchain.” Computers & Security 99 102050 (2020) https://doi.org/10.1016/j.cose.2020.102050.
Zetzsche, D. A., Arner, D. W., Buckley, R. P. “Decentralized Finance (DeFi).” Journal of Financial Regulation 6 172–203 (2020) https://doi.org/10.1093/jfr/fjaa010.
Zhang, F., Maram, D., Malvai, H., Goldfeder, S., Juels, A. “Deco: Liberating Web Data Using Decentralized Oracles for TLS.” In CCS’20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security 1919–1938 (2020) https://doi.org/10.1145/3372297.3417239.
Zyskind, G., Nathan, O., Pentland, A. “Decentralizing Privacy: Using Blockchain to Protect Personal Data.” In 2015 IEEE Security and Privacy Workshops 180–184 (2015) https://doi.org/10.1109/SPW.2015.27.
Additional Files
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Blake Regalia, Benjamin Adams

This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- The Author retains copyright in the Work, where the term “Work” shall include all digital objects that may result in subsequent electronic publication or distribution.
- Upon acceptance of the Work, the author shall grant to the Publisher the right of first publication of the Work.
- The Author shall grant to the Publisher and its agents the nonexclusive perpetual right and license to publish, archive, and make accessible the Work in whole or in part in all forms of media now or hereafter known under a Creative Commons Attribution 4.0 International License or its equivalent, which, for the avoidance of doubt, allows others to copy, distribute, and transmit the Work under the following conditions:
- Attribution—other users must attribute the Work in the manner specified by the author as indicated on the journal Web site;
- The Author is able to enter into separate, additional contractual arrangements for the nonexclusive distribution of the journal's published version of the Work (e.g., post it to an institutional repository or publish it in a book), as long as there is provided in the document an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post online a prepublication manuscript (but not the Publisher’s final formatted PDF version of the Work) in institutional repositories or on their Websites prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work. Any such posting made before acceptance and publication of the Work shall be updated upon publication to include a reference to the Publisher-assigned DOI (Digital Object Identifier) and a link to the online abstract for the final published Work in the Journal.
- Upon Publisher’s request, the Author agrees to furnish promptly to Publisher, at the Author’s own expense, written evidence of the permissions, licenses, and consents for use of third-party material included within the Work, except as determined by Publisher to be covered by the principles of Fair Use.
- The Author represents and warrants that:
- the Work is the Author’s original work;
- the Author has not transferred, and will not transfer, exclusive rights in the Work to any third party;
- the Work is not pending review or under consideration by another publisher;
- the Work has not previously been published;
- the Work contains no misrepresentation or infringement of the Work or property of other authors or third parties; and
- the Work contains no libel, invasion of privacy, or other unlawful matter.
- The Author agrees to indemnify and hold Publisher harmless from Author’s breach of the representations and warranties contained in Paragraph 6 above, as well as any claim or proceeding relating to Publisher’s use and publication of any content contained in the Work, including third-party content.
- The Author agrees to digitally sign the Publisher’s final formatted PDF version of the Work.
Revised 7/16/2018. Revision Description: Removed outdated link.