Skip to content
/ ohmg-poc Public

Reference implementation of the OHMG garbling scheme

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

FairgateLabs/ohmg-poc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
benches
benches
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

OHMG: One Hot Modular Garbling

Reference implementation of the OHMG garbling scheme introduced in:

OHMG: One Hot Modular Garbling A. Futoransky, F. Barba, R. Fernández, G. Larotonda Cryptology ePrint Archive, Report 2025/2338

Purpose

This codebase is a reference implementation used to:

  1. Validate the mechanism — confirm that garbled circuit construction, evaluation, and authenticity checks behave as described in the paper across all wire representation types (Binary, OneHot, Arithmetic) and gate operations (add_mod, sub_mod, mul_mod, conversions).
  2. Benchmark primitive and circuit-level operations — measure the cost of garbling and evaluation under both an emulated ECC mode (raw field arithmetic) and real P-192 scalar multiplication, enabling concrete performance comparisons against boolean-circuit baselines.

It is not intended as a production library. No API stability guarantees are made.

Background

OHMG is a privacy-free garbling scheme for arithmetic circuits. It encodes wire values as one-hot vectors over a finite field, uses tensor products to garble multi-input gates with a single ciphertext per gate, and anchors authenticity via P-192 elliptic curve arithmetic. The scheme targets settings where privacy is not required but authenticity is — such as blockchain zero-knowledge proof verification — and achieves roughly a 100× reduction in circuit material (ciphertexts) compared to boolean garbling schemes for arithmetic-heavy circuits like Groth16 verification.

Wire representations

Type Description
Binary k wires encoding 2^k values as a bit-vector
OneHot n wires with exactly one active wire per value
Arithmetic single wire carrying a value in [0, n)

Conversions between all three representations are supported as circuit gadgets.

Running the tests

cargo test

Running the benchmarks

cargo bench

Benchmark groups:

  • conversion/* — all six pairwise conversions between wire types (B→O, B→A, O→B, O→A, A→O, A→B)
  • function_eval/onehot — add_mod, sub_mod, mul_mod on OneHot wires
  • primitives — field mul/inv/pow and P-192 scalar multiplication

Each group reports separate timings for generate (garbler/prover work), evaluate (evaluator work), and full (end-to-end), and compares emulated (no ECC point mul) vs real_ecc (full P-192 scalar mul) modes.

HTML reports are written to criterion/ after each run.

License

Licensed under the MIT License.

About

Reference implementation of the OHMG garbling scheme

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages