SPDZCoder: Combining Expert Knowledge with LLMs for Generating Privacy-Computing Code

TL;DR

SPDZCoder introduces a rule-based framework that blends expert knowledge with LLMs to translate Python privacy computing code into MP-SPDZ without extra training data. By decomposing the translation into a three-stage pipeline—Refactoring to Canonical Form Python, generation with demonstrations and self-reflection, and repair via test feedback—it effectively addresses high and low level semantic-expressing differences and data-oblivious constraints. The authors provide SPDZEval, a 313-pair benchmark across six challenging MP-SPDZ tasks, and demonstrate that SPDZCoder significantly outperforms strong baselines in pass@1 and pass@2, with up to $85.94\%$ and $92.01\%$ accuracy, respectively. The results highlight the practical impact of combining expert-driven rules with LLMs for privacy-preserving code synthesis and offer a reusable blueprint for translating GPLs into privacy-focused MPC implementations.

Abstract

Privacy computing receives increasing attention but writing privacy computing code remains challenging for developers due to limited library functions, necessitating function implementation from scratch, and data-oblivious requirement, contradicting intuitive thinking and usual practices of programmers. Automating the generation of privacy computing code with Large Language Models can streamline development effort and lower the barrier to using privacy computing frameworks. However, existing LLMs still encounter challenges in code translation for privacy-preserving computation, such as translating Python to MP-SPDZ, due to the scarcity of MP-SPDZ data required for effective pre-training or fine-tuning. Moreover, the lack of a benchmark further complicates the evaluation of translation quality. To address the limitations, this work proposes SPDZCoder, a rule-based framework that combines LLMs with expert knowledge for generating privacy-computing code without requiring additional training data. Specifically, SPDZCoder employ a rigorous procedure for collecting high-quality expert knowledge to represent the semantic-expressing differences between Python and MP-SPDZ, and to derive transformation rules for translating Python to MP-SPDZ based on these knowledge. Then, SPDZCoder progressively converts Python code into MP-SPDZ code using transformation rules in a three stage pipeline. To evaluate SPDZCoder, we manually constructed a benchmark dataset, SPDZEval, which comprises six data splits, each representing a distinct class of challenging tasks in MP-SPDZ implementation. Extensive experiments show that SPDZCoder achieves superior performance, significantly surpassing baselines in pass@1 and pass@2. Specifically, SPDZCoder attains an overall correctness of 85.94% and 92.01% in pass@1 and pass@2, respectively, whereas the best-performing baseline achieves 63.58% and 76.36%, respectively.

Figures (6)

• Figure 1: Overall functional correctness (pass@1 and pass@2) of direct translation by the most recent advanced general, code and reasoning LLMs on SPDZEval (described in \ref{['subsection:dataset']}). Pass@1 is represented in light colors, while pass@2 is represented in dark colors. DSK stands for DeepSeek.
• Figure 2: Overview of SPDZCoder for automatic Python to MP-SPDZ code translation
• Figure 3: QR decomposition: a difficult example for SPDZCoder.
• Figure 4: Example of the repair component correcting the faulty logic in a bubble sort function.
• Figure 5: Average token consumption of SPDZCoder vs. baselines. SPDZCoder* represents the one without repair stage. The y-axis is on a logarithmic scale.