Base inherits Ethereum's user-layer primitives and posts batches as Ethereum calldata signed by the batch-poster's ECDSA key. Coinbase Smart Wallet supports a second user-layer signing path: WebAuthn / passkey on secp256r1. Fault proofs use Cannon (Keccak-256-rooted MIPS instruction commitments). Base V1 (Sepolia 2026-04-20) introduces a multi-proof system with TEE/ZK proof options. No canonical primitive-inventory document at base.org.

Base has zero post-quantum cryptography in active production use. No lattice, hash-based, code-based, or isogeny family has shipped at any layer of the Base stack.

No NIST FIPS 203/204/205 PQC primitive deployed by Base or Coinbase on the Base chain.

OP Stack components audited by Sigma Prime, Trail of Bits, Spearbit (multiple reports 2023-2025); Coinbase Smart Wallet contracts audited (OpenZeppelin, Certora). The FreshCryptoLib P-256 verifier used by Smart Wallet is implemented in Solidity and is constant-time at the algorithmic level. Tier 1 (classical ECC + Keccak-256 + SHA-256).

Base is the largest L2 by activity in 2025-2026, with TVL peaking above $5.6B in October 2025 and accounting for ~46.6% of all L2 DeFi TVL. Tens of millions of EOAs are active on Base; Coinbase Smart Wallet adoption among new users is high but legacy EOAs dominate by volume. Smart Wallet passkey accounts (secp256r1) reveal the P-256 pubkey at smart-account deployment / first userop and inherit the same Shor-break exposure.

Base has been mainnet since 2023-08-09 (~33 months at evaluation date), younger than Arbitrum or Optimism, but old enough for material dormant-balance accumulation.

Sequencer batch-poster ECDSA signatures and Ethereum L1 state-root output proposer signatures are forgeable post-Shor against historical chain history.

Public Base RPC endpoints served over standard TLS 1.3 (typically X25519/P-256 ECDHE + AES-GCM). Flashblocks gossip (200 ms preconfirmation flow shipped 2025-07-16) operates over standard transport. No documented hybrid PQ KEM in use on any Base RPC, sequencer, or Flashblocks endpoint.

Pseudonymous transparent EVM ledger; full tx graph public. Coinbase Smart Wallet creates linkable user identities (passkeys are device-bound and onboarding often uses Coinbase exchange KYC), giving Base a higher de-facto identification rate than other L2s.

Sequencer is operated by Coinbase (single sequencer, NC=1 for ordering). The August 2025 sequencer outage held block production stuck for ~29 minutes. Public RPC concentrated heavily on Coinbase-operated mainnet.base.org, Alchemy, and QuickNode. Pre-Flashblocks, Base used a private mempool; Flashblocks (since 2025-07-16) stream 200 ms preconfirmations to the public, increasing observability of pre-confirmation state.

Canonical Base Bridge (L1StandardBridge) deposits and withdrawals are direct on-chain links between Ethereum L1 and Base. Across, LayerZero, Hop, Stargate make L1↔L2 hops traceable. Coinbase exchange Send to Base pathway also creates a CEX-internal linkage that, combined with KYC, is a strong de-anonymization vector.

No shielded pool on Base; transparent ledger. ECDSA Shor-break does not change tx-graph privacy (it was never private), but does enable retroactive recovery of any private key whose pubkey ever appeared on-chain.

No on-chain mixer integrated into the Base protocol.

Base inherits Ethereum's hard-fork-driven crypto-agility. EIP-7702 is live since 2025-05-07 (Pectra) at Ethereum L1 and propagated to Base. Coinbase Smart Wallet implementation already exercises algorithm flexibility at the user layer: a single smart account can verify either secp256k1 or secp256r1 signatures via on-chain verifier contracts. The 2026-02-18 announcement that Base is consolidating into base/base gives Base independent control of its hard-fork cadence going forward, a meaningful agility increase, but explicitly without inheriting Optimism's announced 10-year PQ roadmap.

Coinbase Smart Wallet is the most concrete account-abstraction deployment on any L2: ERC-4337 contract wallet, passkey-based onboarding (no seed phrase), multi-owner architecture allowing both secp256k1 EOA owners and secp256r1 passkey owners on the same account. EIP-7702 EOA-delegation is live. Base does NOT inherit the Optimism Superchain 10-year EOA-to-PQ-AA roadmap (announced 2026-01-26, targeting January 2036).

Coordinated upgrade record over 36 months: Base mainnet launch (2023-08-09); Bedrock, Canyon, Delta, Ecotone, Fjord, Granite, Holocene OP Stack hard forks; Fault Proofs activated (2024-10); Stage 1 decentralization with permissionless fault proofs and 10-entity Security Council requiring 75% consensus; Flashblocks (2025-07-16); Base V0 announcement (2026-02-18); Base V1 activates on Sepolia 2026-04-20.

Coinbase Smart Wallet's multi-owner architecture (secp256k1 EOA + secp256r1 passkey verifiable by the same account) is an existing template for parallel-signature verification at the smart-account layer. A hybrid (classical ECDSA + PQ ML-DSA) signature path is architecturally constructible by adding a PQ verifier alongside the existing ones. No such hybrid has been spec'd or shipped.

Base has no stateful hash scheme (XMSS/LMS/leanXMSS) at the protocol level; default-pass per v3.1.0 rule.

N/A. Base is a rollup with a single Coinbase-operated sequencer for transaction ordering and a permissionless fault-proof game (Cannon/MIPS-rooted, transitioning to multi-proof in V1) for state validity. There is no BFT consensus with BLS signature aggregation at the Base layer; consensus is inherited from Ethereum L1.

Zero PQ signatures observed in Base's transaction stream. No PQ KEM in TLS termination is documented for Coinbase / Alchemy / QuickNode Base RPC endpoints. No Base contract or precompile shipped that exposes ML-DSA / ML-KEM / SLH-DSA / Falcon.

A grep of the OP Stack reference clients (op-node, op-geth, and the new base-reth-node) yields no ML-DSA, ML-KEM, SLH-DSA, Falcon, XMSS, or SPHINCS+ implementation. The crypto packages use go-ethereum and Reth primitives.

The Base sequencer is operated by Coinbase under standard secp256k1 keys. There is no validator set on Base proper, Stage 1 fault proofs allow any party to bond and propose state roots, but proposers use Ethereum-format keys.

VOIDED to 0 per v3.1 rule (5a = 0). No PQC-specific dated milestones published by Coinbase (in its capacity as Base operator) or by the Base team. Coinbase as a parent corporation has announced an institutional quantum-proof custody product targeting late 2026, this is a Coinbase Custody product announcement, not a Base-chain milestone.

Trailing-12-month PQC announcement count from official Base channels (base.org, blog.base.org, blog.base.dev, docs.base.org): 0 Base-chain-specific PQC announcements located. Shipped PQ on Base mainnet: 0. The cleanest possible washing posture, paired with the absence of a roadmap. The corporate parent (Coinbase) has made considerable PQC-related noise via the April 2026 advisory-board paper and Custody product announcement, but that operates at the Coinbase-corporate level, not Base-chain level.

No PQ signature deployed; no mainnet bytes-per-block multiplier observable.

Top-3: Coinbase Smart Wallet (deeply integrated, the de-facto native wallet of Base), MetaMask, Rabby. Hardware: Ledger, Trezor. Trezor Safe 7 (released 2025) ships ML-DSA-44 device attestation + SLH-DSA-SHA2-128s bootloader signature verification, the only top-3-class hardware wallet vendor with shipped PQ in production, and it is for device attestation/firmware integrity, not transaction signing. Coinbase Smart Wallet does not have a shipped PQ roadmap at the smart-account verifier layer; passkey signing is secp256r1 (Shor-vulnerable).

Top-3: canonical Base Bridge (L1StandardBridge), Across, LayerZero. Canonical Base Bridge inherits ECDSA + Keccak-256 from Ethereum L1 settlement; no PQ verification path. Across uses ECDSA-signed UMA Optimistic Oracle proofs; no PQ path. LayerZero has stated quantum durability is on the long-term agenda but no shipped PQ DVN configuration on Base or any other endpoint.

Top-3: Coinbase Custody (parent-company operator and largest custodian of Base-native assets), BitGo, Fireblocks. Coinbase Custody, operated by the same corporate parent that operates Base, has publicly stated plans for a quantum-proof institutional custody offering targeting late 2026, combining existing encryption with emerging post-quantum standards under NIST review. The most-developed custodian PQC posture among any chain in the v3.1 pilot, but it is announced, not shipped, and the announcement covers Coinbase Custody as a service across multiple chains rather than a Base-specific PQ key migration.

Top-3 RPC: Coinbase-operated mainnet.base.org, Alchemy, QuickNode → no public PQ TLS termination roadmap. HSM: AWS KMS shipped ML-DSA support 2025-06; Thales/YubiHSM pilots, none Base-bound. TEE attestation chains → Base V1 introduces TEE-based proof options (likely Intel TDX / SGX), but the attestation chains themselves remain classical (RSA / ECDSA at the platform-attestation roots), and no shipped PQ-attestation path is documented.

Sequencing centralized at Coinbase (NC=1 for ordering). Stage 1 decentralization (announced 2024-10 / confirmed Q1 2025) introduced permissionless fault proofs and a 10-entity Security Council requiring 75% consensus. Client diversity changes after Base V0: pre-V0, Base ran op-node + op-geth alongside Optimism; post-V0 Base consolidates to its own consensus client and base-reth-node execution client, reducing Superchain-wide implementation diversity.

33-month track record of coordinated upgrades through Coinbase + Optimism Collective channels: Bedrock, Fault Proofs (Oct 2024), Stage 1 decentralization (early 2025), Flashblocks mainnet (2025-07-16), Base V0 announcement (2026-02-18), Base V1 Sepolia (2026-04-20). The August 2025 sequencer outage (29 minutes) was handled with public RCA. The 2026-02-18 separation from OP Stack was executed without contested fork.

Coinbase (NASDAQ: COIN, public company) is the named protocol-development entity for Base. Jesse Pollak is the publicly identified Base team lead. Coinbase has a published mandate, OCC banking-trust-charter status (initial nod 2026-04-02), and a corporate-grade incident-response apparatus. No designated PQ lead within the Base team.

Coinbase as parent is a publicly listed company with a mature security-incident response track record. Sequencer outage (Aug 2025) recovered without contested fork. No precedent of a coordinated cryptographic-primitive change under active attacker pressure on Base specifically.

No quantum canary (community honeypot, rate-limit, cryptographic tripwire, or automated response) embedded in Base protocol.