Post-Quantum Cryptography Glossary - EternaX Labs

Core Concepts

PQ-Native

A system where post-quantum authorization is built into the protocol from inception rather than retrofitted later. PQ-native issuance avoids migration debt entirely because the authorization model is quantum-safe from day one.

Post-Quantum Cryptography (PQC)

Cryptographic algorithms designed to be secure against both classical and quantum computers. NIST finalized three post-quantum standards in August 2024: ML-KEM (key encapsulation), ML-DSA (signatures), and SLH-DSA (hash-based signatures).

Information-Theoretic Security

Security not based on computational hardness assumptions and resilient regardless of attacker compute power. Unlike computational security, information-theoretic security cannot be broken even with unlimited computational resources, including quantum computers. In multi-party cryptography, constructions such as SILMARILS’s three-party broadcast mode can achieve simulation-based security with uniform 1/p error across pure-IT, IT+ROM, and QROM analyses.

Cryptographically Relevant Quantum Computer (CRQC)

A quantum computer with sufficient qubits and error correction to break current cryptographic schemes. Google's March 2026 paper estimates fewer than 500,000 physical qubits required to break secp256k1, down from prior estimates of ~9 million.

Q-Day

The anticipated day when a cryptographically relevant quantum computer becomes operational and can break currently deployed cryptography. Google's whitepaper authors explicitly state that Q-Day will likely arrive without significant advance notice.

Institutional Risk Framework

Cryptographic Migration Debt

The accumulated financial, operational, and coordination cost of moving from classical signatures to post-quantum authorization. Migration debt accrues at issuance time, not at break time. Every new asset issued on a quantum-vulnerable rail compounds the debt. First-order estimate: $57B-$135B across major institutional digital asset programmes.

Control-Plane Vulnerability

Risk concentration in admin keys, mint/burn/freeze authority, governance multisigs, transfer-agent signing, and bridge attesters. For enterprises, the governance layer is more exposed than individual end-user accounts. A quantum attacker targeting the admin key governing $200B in stablecoins does not need to attack a single wallet.

Rail-Induced Asset Contamination

When assets issued on non-PQ-safe rails absorb a market risk premium that their underlying credit, legal structure, or reserve quality would otherwise not justify. A stablecoin backed 1:1 by dollars should not trade at a rail-induced discount. A tokenized Treasury fund should not absorb blockchain cryptographic risk.

Privacy Contamination

On-chain data is permanent. The cryptographic assumptions protecting it are not. Balances, counterparties, flow timing, and treasury movements on public rails carry permanent retroactive exposure risk as quantum capabilities improve. Historical transaction data remains vulnerable to future decryption.

Vendor Dependence Risk

Tokenization providers, custodians, exchanges, and middleware may have no credible PQ roadmap. The institution's migration is governed by its slowest supplier. "The chain will upgrade later" does not fix supplier risk.

Liquidity Fragmentation

During migration, assets bifurcate into old and new forms across venues, custodians, and DeFi protocols. Pricing divergence, capital inefficiency, and compliance complexity arrive before the first key is attacked.

Disclosed PQ Roadmap Standard

To qualify as "disclosed," a roadmap must be: publicly available, time-bound, and cover the full workflow — including custody, admin control surfaces, settlement mechanics, interoperability, and privacy. "The chain may upgrade later" does not qualify. "We are monitoring the quantum threat" is not sufficient.

Attack Taxonomy

Harvest Now Decrypt Later (HNDL)

Threat model where encrypted data is collected today and decrypted later when quantum capabilities improve. State actors are already collecting blockchain data for retroactive decryption. Every treasury movement, counterparty relationship, and settlement flow recorded on a public rail today is being archived.

On-Spend Attack

Targets live mempool transactions before confirmation. Requires fast-clock CRQC. ~9 minute window for Bitcoin (41% success probability within 10-min block time). Ethereum's ~12s finality narrows this. Solana's ~400ms finality provides structural protection against on-spend attacks specifically.

At-Rest Attack

Targets permanently exposed public keys with no time pressure — days or more available. Both fast-clock and slow-clock CRQCs can execute this. Every exposed admin key is a permanent, never-expiring target. Ethereum permanently exposes public keys on first transaction with no rotation without account abandonment.

On-Setup Attack

One-time quantum computation recovers "toxic waste" from a cryptographic ceremony (e.g., Ethereum's KZG trusted setup for Data Availability Sampling), creating a permanent reusable classical backdoor. Bitcoin is immune. Requires CRQC only once — all subsequent exploits are classical.

Post-Quantum Standards and Schemes

ML-DSA (Dilithium)

NIST FIPS 204 standard post-quantum digital signature algorithm, formerly known as CRYSTALS-Dilithium. Lattice-based signature scheme. Signature sizes: 2,420-4,595 bytes depending on security level.

FN-DSA (Falcon)

Compact lattice-based post-quantum signature scheme family frequently used as a throughput comparison baseline. Representative sizes are on the order of ~690 bytes for Falcon-512 at 128-bit security (smaller than ML-DSA, still far larger than classical ECDSA/Ed25519). Often referenced in blockchain PQ migration analysis.

SLH-DSA (SPHINCS+)

NIST FIPS 205 stateless hash-based post-quantum signature standard. Security based only on hash function properties. Larger signatures (for example ~7,856 bytes for SPHINCS+-128s-style parameters up through tens of kilobytes at higher parameters) but conservative security assumptions. EternaX uses SPHINCS+ as a conservative post-quantum anchor in the identity layer alongside compact validator-path authentication.

ML-KEM (Kyber)

NIST FIPS 203 standard post-quantum key encapsulation mechanism, formerly known as CRYSTALS-Kyber. Used for key exchange and encryption, not signatures.

secp256k1

The elliptic curve used by Bitcoin, Ethereum, and most blockchains for digital signatures. Vulnerable to Shor's algorithm on a sufficiently powerful quantum computer. Google estimates fewer than 500,000 qubits required to break.

BLS Signatures

Boneh-Lynn-Shacham signature scheme used in Ethereum's Proof-of-Stake consensus layer. Google considers BLS quantum-vulnerable. ~37 million staked ETH secured by BLS signatures.

SILMARILS and Designated-Verifier Authentication

Terms aligned with EternaX’s SILMARILS blog and arXiv:2605.03230.

SILMARILS

EternaX’s designated-verifier signature primitive for compact post-quantum transaction authentication: a 160-byte record at the 256-bit field level in the two-party transferable designated-verifier (TDV) mode analyzed in the ROM and QROM, plus a complementary three-party broadcast mode with simulation-based security and information-theoretic error 1/p. It is not a drop-in replacement for NIST-standardized public-verifier PQ signatures; it targets validator-mediated validity paths where consensus later supplies public audit evidence. See the paper “SILMARILS: Information-Theoretic and Quantum-Secure Designated-Verifier Signatures” (arXiv:2605.03230) and the Rust reference implementation.

Designated-Verifier (DV) Signature

A signature scheme where only an identified verifier (or set of protocol participants acting in that role) can confirm validity under the definition of the construction. Compared with public-verifier signatures, DV designs can shrink the authentication footprint when third parties are not meant to re-verify every message from public data alone. Blockchain validators already sit on the authorization path, which is a natural fit for analyzing DV constructions in throughput-sensitive post-quantum designs.

Post-Quantum Size Tax

The persistent bandwidth, storage, sync, and verification cost of deploying NIST-style post-quantum public signatures on every transaction and archival record. ML-DSA and SLH-DSA signatures are orders of magnitude larger than classical ECDSA/Ed25519; that overhead compounds for high-throughput chains and institutional-scale archives. Mitigations include protocol architectures that separate identity anchoring from per-transaction authentication and use compact records where the trust model allows.

Dual-Layer Post-Quantum Authentication (EternaX)

Separation of concerns between long-lived identity anchoring and transaction-time authorization: conservative hash-based signing (SPHINCS+ / SLH-DSA) for the post-quantum anchor where public verification from standard assumptions is required, and SILMARILS for a compact authentication layer inside the validator validity path, with a small published receipt (for example 32 bytes) for independent checks after consensus where the protocol defines it.

Infrastructure and Settlement

Auditable Privacy

Privacy model combining confidential transaction data with selective disclosure and verifiable settlement proofs. Confidential by default, verifiable in settlement, selectively disclosable under policy. Designed for routing that needs confidentiality without losing accountability. Where authentication is validator-mediated rather than a permanent public per-account signature object, the ledger can reduce persistent account-graph exposure; EternaX builds tiered selective disclosure and per-transaction unlinkability against external observers on that structure (see the SILMARILS companion discussion).

Spendable Finality

Time after which a transfer is safely usable for downstream settlement without rollback risk. EternaX targets ~120ms spendable finality. Critical for market-speed payments and settlement.

RWA Tokenization

Issuance of real-world assets as programmable on-chain representations. Includes tokenized treasuries, money market funds, securities, real estate, and other off-chain assets. $36B+ tokenized RWAs (ex-stablecoins) on-chain as of late 2025.

Admin Keys

Privileged keys governing mint/burn/freeze authority, contract upgrades, and governance functions. Google estimates $200B in stablecoins and tokenized RWAs on Ethereum depends on admin keys permanently exposed on-chain.

PQ-Safe Vault

Preserve-first controls for treasuries, custodians, exchanges, and foundations. Reduces cryptographic exposure immediately through controlled policy and operational safeguards, without requiring an immediate ecosystem-wide upgrade.

Transfer Agent

In tokenized securities, the entity responsible for maintaining shareholder records, processing transfers, and ensuring compliance. Transfer-agent logic in smart contracts creates admin key exposure that is separate from end-user wallet risk.

Bridge Attester

Signer nodes that validate cross-chain transfers. Oracle and bridge attesters are among the highest-value at-rest targets in the ecosystem. A forged bridge attestation can drain the entire locked-value reserve of a bridge.

EternaX Post-Quantum Glossary