Quantum Shield

Post-quantum asset protection protocol for Ethereum using NIST-standardized cryptography

What is Quantum Shield?

Quantum Shield protects smart contract assets against quantum computing threats using NIST FIPS 204 (ML-DSA/Dilithium) and FIPS 205 (SLH-DSA/SPHINCS+) dual post-quantum signatures, combined with a decentralized Prover Pool, VRF-based selection, and time-locked custody.

Key Features

• Dual PQC Signatures — ML-DSA-65 + SLH-DSA for defense-in-depth
• Prover Pool — Decentralized verification with stake-weighted selection via VRF
• Time-Locked Custody — 24h normal unlock, 7-day emergency path with bond
• Observer Network — Independent challenge system with quadratic slashing
• On-Chain Governance — veQS token voting, security council, insurance fund
• 11 Sub-Applications — Consumer, Prover, Observer, Explorer, Enterprise, Governance, Admin

Architecture

┌─────────────────────────────────────────────────────────────────┐
│  Frontend (Next.js 15)         11 apps, 136 routes, ja/en i18n │
├─────────────────────────────────────────────────────────────────┤
│  Backend API (Rust/Axum)       REST API, SIWE auth, Auto-Claim │
├──────────────────┬──────────────────────────────────────────────┤
│  L1: Sepolia     │  L3: Arbitrum Sepolia                       │
│  • Vault         │  • CoreLayer    • Governor                  │
│  • ProverRegistry│  • veQS         • RewardRouter              │
│  • SPHINCS+ Vfy  │  • QSToken      • InsuranceFund             │
└──────────────────┴──────────────────────────────────────────────┘

9 Core Sequences

Tech Stack

Deployed Contracts

L1: Ethereum Sepolia

L3: Arbitrum Sepolia (12 contracts)

All L3 contracts verified on Sourcify.

Quick Start

Prerequisites

• Docker & Docker Compose
• Rust 1.75+ with cargo
• Node.js 20+ with pnpm
• Foundry (forge, anvil)

Development Setup

# 1. Start infrastructure
docker compose up -d postgres redis rabbitmq l3-node minio minio-init

# 2. Run database migrations
cd src/api/api
DATABASE_URL="postgresql://quantum:quantum_dev@localhost:5432/quantum_shield" sqlx migrate run

# 3. Start backend API (port 8080)
cargo run --bin api-server

# 4. Start frontend (port 3000)
cd src/frontend/web
pnpm install
pnpm dev

Verify

curl http://localhost:8080/v1/health
# {"status":"healthy"}

Project Structure

quantum-shield/
├── src/
│   ├── api/api/              # Rust/Axum backend
│   │   ├── src/routes/       # API route handlers
│   │   ├── src/services/     # Business logic
│   │   ├── migrations/       # PostgreSQL migrations (17 files)
│   │   └── config/           # YAML configuration
│   ├── frontend/web/         # Next.js 15 frontend
│   │   ├── src/app/          # App Router pages (11 apps)
│   │   ├── src/components/   # 300+ React components
│   │   ├── src/hooks/        # React Query hooks per app
│   │   └── locales/          # ja/en translations
│   ├── l1/contracts/         # L1 Solidity contracts (Foundry)
│   ├── l3/                   # L3 governance contracts
│   └── frontend/sdk/wasm/    # WASM SDK (Dilithium + SPHINCS+)
├── docs/
│   ├── core/SEQUENCES.md     # 9 core sequence specifications
│   ├── ACTUAL_STATE.md       # Current implementation state
│   └── pitch/                # Pitch deck, grant applications
├── docker-compose.yml        # Development infrastructure
└── .github/workflows/        # CI/CD pipelines

Testing

# Backend
cd src/api/api && cargo test

# Frontend E2E
cd src/frontend/web && npx playwright test

# Smart Contracts
cd src/l1/contracts && forge test

Test Coverage: 137 E2E tests passing, 107 integration tests, 0 failures.

Security

• Cryptography: NIST FIPS 204 ML-DSA-65 + FIPS 205 SLH-DSA (post-quantum)
• Hashing: SHA3-256 (no keccak256 in application layer)
• Authentication: SIWE (Sign-In with Ethereum) + JWT
• Time Locks: 24h normal, 7-day emergency with bond collateral
• Slashing: Quadratic penalty for malicious provers

Audit Status

• Internal code review
• External audit (planned)

License

This project is licensed under the MIT License. See LICENSE for details.

Built for a post-quantum future.