Oumuamua Labs

PQ Crypto Suite

Crates.io Docs.rs CI License: Apache 2.0

Standalone AIR chiplets for the Hekate ZK proving system, expressing NIST-standardized post-quantum primitives, and AES, natively over GF(2^128). Each chiplet is an AIR over a FIPS execution; Hekate proves it with sumcheck + Brakedown PCS (linear-time prover, bounded memory, no FFTs). Result: prove decapsulation, signature verification, or block encryption without revealing the witness, with verification cheap enough for a phone.

ML-KEM Chiplet

FIPS 203 (Kyber) decapsulation as a composite AIR: NTT, basemul, twiddle ROM, Keccak, and RAM chiplets linked by LogUp buses. Proves a shared secret was recovered correctly without exposing the secret key.

ML-DSA Chiplet

FIPS 204 (Dilithium) signature verification as an AIR: norm-check, high-bits, NTT, Keccak, and RAM chiplets. Verdict-by-existence — a forged signature yields an unsatisfiable constraint system, so a proof that exists is a proof that verifies.

AES Chiplet

FIPS 197 AES-128 and AES-256 round function as a binary-field AIR over GF(2^8) — SubBytes / ShiftRows / MixColumns / AddRoundKey native, S-box as a separate ROM chiplet wired in via LogUp. ~70 µs of proving cost per block on M3 Max.