Institutional crypto sits on ECDSA-secured chains that can't migrate. We're building a NIST-standard ML-DSA-87 verification checkpoint institutions can add inside their own authorization flow — independently checkable, no chain migration, no custody of keys or funds.
Post-Quantum Verification • Live & Early
Institutional crypto sits on chains secured by ECDSA. Those public keys are exposed to "harvest now, decrypt later" — data captured today can be broken once a cryptographically relevant quantum computer exists. Institutions can't migrate chains to fix it.
ECDSA Exposure
Harvest now, decrypt later.2030s (Uncertain)
When quantum may threaten ECDSA. Estimates vary.Built For Retail, Not Institutions
Existing PQC tools target retail wallets. Institutional custody needs different infrastructure.We're building the verification layer institutions can add to their existing ECDSA flows — no protocol changes, no chain migration, and no custody of keys or funds.
1. Verification API
A stateless REST service that verifies ML-DSA-87 signatures and returns a signed, independently-verifiable attestation. Live and early.
2. Institutional Integration
An added post-quantum check alongside existing custody flows. No migration, no key custody. (In design.)
3. Earn Trust Through Audits
Independent security review, then institutional pilots. The standard that wins is the one a regulator can stand behind.
NIST finalized its post-quantum cryptography standards in 2024 (FIPS 204, ML-DSA). The cryptography is standardized and ready to build real infrastructure on.
Existing post-quantum efforts target wallets or base-layer protocol upgrades. Nobody has shipped a verification layer that adds quantum-safe assurance to custody flows already running on today's chains — no migration required. That's the specific gap we're building for.
Whoever institutions trust here will be whoever can show real, auditable cryptography — not the loudest claims. We're building to be checkable, not just heard.
An already-exposed public key stays vulnerable to an attacker broadcasting directly to the chain — no external verification layer changes that. Only the chain itself closes that gap, through migration or opt-in account abstraction (e.g. Ethereum's EIP-8141 direction). What we add is a verification checkpoint inside an institution's own process, today.
Direction, not a promise of dates. Timelines depend on audits and partners.
Build the ML-DSA-87 verification API with signed attestations. The cryptographic core and a live verification service exist today; persistent attestation identity and hardening are in progress.
Third-party review of the API and cryptography. Publish results. Security is the barrier to institutional adoption — earning trust here is the work.
Profile post-quantum verification against real custodian and rollup traffic. Honest assessment of fit, including where it doesn't fit yet.
If the cryptography holds up under audit and real use, Qubex aims to become a verification layer institutions can rely on for the quantum transition.
We're building in public, honestly — real cryptography, clearly labelled. Join the community and follow the work as it ships.