pqc security

QoreChain is built with post-quantum cryptography (PQC) at genesis -- not retrofitted as an upgrade. The x/pqc module provides lattice-based digital signatures and key encapsulation as the primary cryptographic primitives, with a governance-controlled algorithm agility framework for long-term resilience.

Design Principles

• PQC-first: Post-quantum signatures are the primary authentication scheme. Classical ECDSA is available as an optional fallback, not the default.

• Hybrid mode: Transactions can carry both classical and PQC signatures simultaneously, enabling a gradual migration path.

• Algorithm agility: The cryptographic algorithm registry is governance-controlled, allowing the network to adopt new algorithms or deprecate compromised ones without hard forks.

• Deterministic verification: All signature verification is deterministic and reproducible across validator nodes.

Supported Algorithms

Both algorithms operate at NIST Security Level 5, the highest standardized security category, providing protection equivalent to AES-256 against both classical and quantum adversaries.

Rust FFI Bridge

PQC operations are implemented in Rust for performance and memory safety, with a C FFI bridge exposing them to the Go runtime.

Architecture

Go (x/pqc module)
    |
    v
CGO (C bridge interface)
    |
    v
C FFI Layer (bridge.h)
    |
    v
Rust (libqorepqc)
    |
    v
pqcrypto crate family
    - pqcrypto-dilithium v0.5.0
    - pqcrypto-kyber v0.8.1

The Rust library (libqorepqc) is compiled as a shared library (.dylib on macOS, .so on Linux) with platform-specific CGO linker flags:

• darwin/arm64: lib/darwin_arm64/libqorepqc.dylib

• darwin/amd64: lib/darwin_amd64/libqorepqc.dylib

• linux/amd64: lib/linux_amd64/libqorepqc.so

• linux/arm64: lib/linux_arm64/libqorepqc.so

All Go builds require CGO_ENABLED=1 to link the PQC library.

FFI Operations

The PQCClient interface provides both legacy algorithm-specific operations and a unified algorithm-aware API:

Legacy operations (backward compatibility):

• DilithiumKeygen(), DilithiumSign(), DilithiumVerify()

• MLKEMKeygen(), MLKEMEncapsulate(), MLKEMDecapsulate()

• GenerateRandomBeacon(seed, epoch)

Algorithm-aware operations (v0.6.0+):

• Keygen(algorithmID) -- Generate a keypair for any registered algorithm

• Sign(algorithmID, privkey, message) -- Create a signature

• Verify(algorithmID, pubkey, message, signature) -- Verify a signature

• AlgorithmInfo(algorithmID) -- Query key/output sizes

• ListAlgorithms() -- Enumerate all supported algorithms

Key Registration

Accounts register PQC keys via MsgRegisterPQCKey (legacy, defaults to Dilithium-5) or MsgRegisterPQCKeyV2 (algorithm-aware). Each message includes:

• Sender: The account address registering the key.

• PublicKey: The PQC public key bytes.

• AlgorithmID: The PQC algorithm identifier (v2 only).

• KeyType: One of three registration modes:

Hybrid Signatures (v1.1.0)

The hybrid signature system allows transactions to carry both a classical signature and a PQC signature simultaneously. This provides defense-in-depth: even if one scheme is broken, the other protects the transaction.

TX Extension Format

PQC signatures are attached to transactions as a TX extension with type URL /qorechain.pqc.v1.PQCHybridSignature:

The pqc_public_key field is optional. If present and the account has no registered PQC key, the ante handler will auto-register the key on first use.

PQCHybridVerifyDecorator

The PQCHybridVerifyDecorator ante handler processes hybrid signatures with three-way verification logic:

Hybrid Signature Modes

The chain-wide hybrid enforcement level is governance-configurable:

The recommended migration path is: Optional (default at genesis) --> Required (via governance proposal when PQC wallet adoption reaches sufficient levels).

Algorithm Agility Framework

The algorithm agility framework provides a governance-controlled registry for PQC algorithms, enabling the network to add new algorithms, deprecate vulnerable ones, and migrate accounts -- all without hard forks.

Algorithm Lifecycle

Each registered algorithm has a lifecycle status:

Dual-Signature Migration

When an algorithm is deprecated, a migration period begins (default: 1,000,000 blocks, approximately 69 days at 6s/block). During this period:

1. Accounts with keys using the deprecated algorithm must migrate to the replacement.

2. Migration requires dual signatures (MsgMigratePQCKey): one from the old key and one from the new key, proving ownership of both.

3. Both algorithms are accepted for verification throughout the migration period.

Governance Messages

Extensibility

New algorithms are implemented as Rust traits in the libqorepqc library. Adding a new algorithm requires:

1. Implementing the algorithm in Rust behind the unified FFI interface.

2. Submitting a MsgAddAlgorithm governance proposal with the algorithm metadata.

3. Once approved, the algorithm becomes available for key registration and verification.

SHAKE-256 Foundation

QoreChain uses SHAKE-256 (SHA-3 extendable-output function) as its quantum-resistant hash primitive. The x/pqc module provides pure-Go SHAKE-256 utilities:

These utilities serve as the foundation for:

• Merkle tree node hashing (preparatory for future quantum-safe state tree replacement)

• Hash commitments in cross-layer attestations

• Domain separation for different hash contexts (e.g., "leaf:" vs "node:")

Bridge PQC

All cross-chain bridge attestations and state commitments use Dilithium-5 signatures. The x/multilayer module requires PQC aggregate signatures on every MsgAnchorState submission, and ML-KEM commitments secure key exchange channels between bridge relayers.

This ensures that cross-chain security is not degraded by the use of classical cryptography in bridge infrastructure, maintaining quantum resistance across the entire protocol stack.

Module Parameters