Security

Security is a property, not a feature.

QuanChain is built quantum-adaptive from genesis. Every layer — wallets, consensus, tooling, governance — assumes a cryptographically relevant quantum computer is a near certainty, and degrades gracefully when one arrives.

Six pillars

TADEQS at the wallet layer

Twenty cryptographic levels, ephemeral child wallets, SpendAndRotate on every transaction. The Level 20 parent identity is signed with the ML-DSA-87 + SLH-DSA-SHA2-256f composite (FIPS 204 + 205). Public keys are never exposed between blocks.

Architecture spec

Quantum Canary monitor

Network-wide watchdog that simulates lattice and hash-family attacks against unfunded canary addresses every block. The day a real attack succeeds against the canaries, every wallet on the chain receives a priority rotation event before the same attack reaches user funds.

Oracle details

Dollar-priced cracking-cost model

Every level carries a published cracking cost in USD, updated daily against current hardware pricing. Three tiers trigger user-visible action: Suggested (3×), Automatic (1.5×), Emergency (10×). Funds rotate up the ladder long before the threat lands.

Cracking-cost model

Three-channel isolation

Channel 1 (200 ms) handles transfers. Channel 2 (2 s) handles smart contracts. Channel 3 (10 s) holds large data. A bug or congestion event on one channel cannot stall the others — and signing primitives are tier-isolated per channel.

Channel design

Validator slashing + bounded penalties

Honest-mistake penalties are capped at fractions of stake. Demonstrable equivocation costs the full stake of the offending node and triggers a 30-day stake-key ban. No protocol-level admin keys exist that can move user funds.

Validator policy

Open spec + reproducible builds

Whitepaper, reference Rust implementation, and SDKs are public. Node binaries are reproducible from source. Every release is hash-pinned and signed; releases ship with SBOM and Sigstore attestations.

Whitepaper

Threat model

What QuanChain defends against

The threat model is intentionally pessimistic. The chain assumes an adversary with store-now-decrypt-later capability today, and full Shor-class capability inside the next decade. Defences are designed around that adversary's reach — never around a particular calendar date.

Pre-quantum theft

Classical key compromise via supply-chain, phishing, or weak entropy. Mitigated by hardware-backed signing and per-spend child rotation.

Harvest-now, decrypt-later

Recording today's on-chain public keys to crack on tomorrow's quantum hardware. Mitigated because public keys never sit on-chain — they appear only inside the spend block.

Sudden quantum capability

A real Shor attack reaches scale faster than expected. Mitigated by the Quantum Canary monitor + emergency rotation to Level 20 composite signing.

Validator collusion

A coalition of validators tries to censor or reorder. Mitigated by three-channel isolation, slashing, and a low single-node stake ceiling.

Smart-contract bugs

Composite-signed administrative entry points contain the blast radius. Audits + bounty programme catch issues before mainnet.

Programme

Audit + bounty roadmap

Q1 2026

Cryptography audit

External review of TADEQS composite signing, Merkle proof verification, and SpendAndRotate semantics. Trail of Bits + a second independent firm.

Q2 2026

Smart-contract VM audit

Full audit of the Channel 2 EVM extensions (VERIFYCOMPOSITE, PARSELEVEL, MERKLEVERIFY) and the @quanchain/contracts standard library.

Q3 2026

Mainnet bug bounty

Bounty tiers from $500 to $1 M scaling with severity. Coordinated with Immunefi. Mainnet criticals carry the full ceiling.

Continuous

Validator-set monitoring

Public dashboard tracks slashing events, missed-slot ratios, and stake distribution. Operators receive automated alerts on anomalous patterns.

Disclosure policy

Found a vulnerability?

Coordinated disclosure. Report any suspected issue to security@quanchain.ai encrypted with the published PGP key. Acknowledgement inside 24 hours, triage inside 72. Public credit + bounty payout once a patch is live.

PGP fingerprint · 9F4C 1B72 EE3A 21D0 8A8F 0E55 4B22 9C71 D3FA 7CDE