A preprint posted to arXiv on June 18, 2026 describes bioETH-Beacon, a smart-contract prototype that runs a genomic-data query directly over encrypted values on a fully homomorphic Ethereum Virtual Machine (fhEVM). The authors, Christos Galanopoulos, Kimon Antonios Provatas, and Ilias Georgakopoulos-Soares, position the work against a concrete privacy problem in genomics infrastructure rather than a generic blockchain use case, which is what makes it a distinct entry on the on-chain-cryptography beat.

The starting point is the Global Alliance for Genomics and Health (GA4GH) Beacon protocol. As the authors describe it, Beacon lets a researcher ask whether a genomic variant has been observed in a participating cohort and receive aggregate variant-level counts in return. The paper identifies two privacy risks that persist as Beacon networks grow: the host institution that runs a node can see the plaintext query, and repeated queries against rare variants can support membership-inference attacks that probe whether a specific individual is in a cohort. bioETH-Beacon is presented as a prototype that addresses both at once by moving the computation onto encrypted data held in a smart contract.

"We present bioETH-Beacon, a smart-contract prototype that runs the Beacon \"aggregate count\" query over encrypted data on a fully homomorphic Ethereum Virtual Machine (fhEVM)."— bioETH-Beacon abstract, arXiv, source

The mechanics, as the abstract lays them out, separate the parties cleanly. Hospitals upload encrypted marker-count entries. Authorized researchers submit encrypted marker queries. The contract computes over those ciphertexts and returns an encrypted answer. That answer is then released only to the requester named in the contract's on-chain access-control list, and the release happens through an off-chain key-management service rather than by exposing a key on-chain. The design therefore keeps the query, the stored counts, and the result encrypted throughout the on-chain computation, while a named-requester ACL governs who can decrypt the output.

A tier-by-query-family grid

The paper organizes its design as a 3x4 tier-by-query-family grid. The four query families named are genotype, sex, age, and phenotype queries. The three tiers, per the abstract, trade stronger confidentiality for lower query cost — a framing that matters on a blockchain platform, where every operation carries a gas cost and stronger cryptographic handling generally means more computation. For the genotype paths specifically, the authors state the prototype can add bounded on-chain noise to mitigate probing attacks, which connects back to the membership-inference risk flagged at the outset: adding bounded noise to counts is a differential-privacy-style defense against an adversary who repeatedly queries rare variants to infer membership.

The evaluation uses synthetic panels derived from a Polygenic Score (PGS) catalog. The authors report that these experiments show the expected scaling behavior and demonstrate that pre-aggregation can substantially reduce query gas when public marker presence is an acceptable trade-off. In other words, where it is acceptable for the presence of a marker to be public even though its counts stay encrypted, aggregating ahead of time lowers the per-query cost on-chain. That is reported as a measured trade-off in the prototype, not a universal recommendation — the authors tie it to the condition that public marker presence is acceptable for a given deployment.

What the prototype claims, and what it does not

The framing the authors give is deliberately bounded. They describe bioETH-Beacon as a research prototype for confidential Beacon-style genomic querying that operates without a trusted compute evaluator. That last phrase is the load-bearing one for a blockchain audience: the point of running the aggregate-count query over a fully homomorphic EVM is that no single host institution has to be trusted to compute honestly on plaintext, because the computation happens over ciphertext on a shared contract and the result is gated by an on-chain ACL. The trust that remains is concentrated in the off-chain key-management service that controls decryption for the named requester, and in the correctness of the fhEVM and the contract itself — the paper does not claim to eliminate trust altogether, only to remove the trusted plaintext evaluator that a conventional Beacon node represents.

Several details in the abstract bound the result further. The system is described as a prototype evaluated on synthetic panels, not on production genomic cohorts, and the reported gas reductions from pre-aggregation are conditioned on public marker presence being acceptable. The bounded-noise mitigation is described for genotype paths; the abstract does not extend that claim to every query family in the grid. And the confidentiality-versus-cost tiering is presented as a design space the prototype spans, with the explicit acknowledgment that stronger confidentiality costs more per query. These are the kinds of qualifications that separate a sourced research record from a marketing claim, and they are stated by the authors rather than inferred here.

For the on-chain-cryptography lane, bioETH-Beacon sits at the intersection of two threads that usually run separately: fully homomorphic encryption, which lets computation proceed over encrypted data, and smart-contract execution, which provides a shared, auditable venue with an explicit access-control list. The paper's contribution, as stated, is to combine them for a specific, externally defined protocol — the GA4GH Beacon aggregate-count query — and to measure how the resulting confidentiality tiers scale and what pre-aggregation buys. Readers who want to examine the tier-by-query-family grid, the noise mechanism, or the gas measurements directly can read the preprint at the canonical arXiv record linked below.

It is also worth noting what the paper inherits from the Beacon protocol it implements. GA4GH Beacon, as the authors describe it, is fundamentally an aggregate-disclosure interface: a researcher learns counts, not records, and the whole design exists to let cohorts share variant-level signal without exposing individual genomes. The two risks the authors call out — a host institution seeing plaintext queries, and rare-variant probing enabling membership inference — are precisely the failure modes of that aggregate interface when it is run in the clear by a trusted node. bioETH-Beacon's response is to keep the aggregate semantics identical (the answer is still a count) while changing the trust and visibility model underneath: the count is computed over ciphertext, the query is never seen in plaintext by a host, and on the genotype paths the bounded on-chain noise is layered on top so that even an authorized requester running repeated rare-variant queries faces a degraded probing signal. The contribution, in the authors' framing, is not a new query semantics but a new substrate — a fully homomorphic EVM with an on-chain ACL — for an existing, externally specified one.