spec.filecoin.io documents the active primitives end-to-end with mechanism. Inventory complete and reconstructible.

Zero PQ-safe families. All deployed primitives are classical (pairing-DL, plain DL, classical hashes).

VOIDED (no PQ primitive deployed mainnet maps to a NIST PQC category).

rust-fil-proofs, blstrs/bls12_381, bellperson, Protocol Labs maintained, audited (Trail of Bits historic SDR audit cited in spec). No machine-checked PQ proofs in lotus, venus, or rust-fil-proofs. Stateless. Cryptanalytic tier 1 for ECDSA/SHA, tier 2 for Blake2b, tier 4 for Poseidon.

Storage providers sign Window PoSt approximately every 24 hours per sector partition; block leaders sign every epoch (30s). All BLS12-381 G1 public keys are on-chain and derivable from f3 addresses; secp256k1 public keys are revealed on first spend from f1 addresses. Active TVL exposure spans the entire ~$1.4–2B FIL market cap.

54 months mainnet (genesis 2020-10-15). f1 addresses hide pubkey until first spend; f3 (BLS) addresses commit-to-pubkey directly (no hash wrapper), so cold f3 funds are pubkey-exposed even before spending. No coin-burn or sunset mechanism declared.

Every historical Filecoin block, Window PoSt, Winning PoSt, PreCommit/ProveCommit, and drand round is a BLS12-381 or Groth16-BLS12-381 artifact. Post-Shor, an attacker can forge historical sector proofs and re-derive sealed sector data attestations; chain history is structurally non-reauditable in a post-CRQC world without re-proving under PQ-safe schemes.

libp2p transport (TLS 1.3 with X25519, or Noise XX with Curve25519) carries validator gossip, RPC traffic, and provider-client data deals. No hybrid PQ KEM deployed. Client-side data encryption is application-layer responsibility, typically AES-256 with classical KEM, HNDL-vulnerable for sealed but encrypted client data.

Pseudonymous and fully transparent. All deals (provider, client, piece CID, size, duration, price) are on-chain and queryable via filfox.info, glif.io, beryx.io. Provider-to-client mapping is public by construction.

Top public RPC endpoints concentrate via Glif (api.node.glif.io), Ankr, ChainStack, and Infura (FVM-only). drand beacon distribution is multi-relay. Mempool (mpool) is gossiped via libp2p pubsub. Validator metadata retention not declared.

Two production bridges to/from Filecoin: Axelar and Celer cBridge. Cross-chain flows from Polygon, Ethereum, BNB, Avalanche correlate Filecoin addresses with EVM addresses. FVM (EVM-equivalent runtime) launched 2023-03-14.

Post-Shor, every historical signing key (BLS12-381 and secp256k1) is recoverable from on-chain pubkeys. Sealed sector PoRep proofs reveal which provider sealed which piece CID; combined with deal records, this exposes the full provider↔client↔data graph forever.

L1 profile uses 4 sub-scores for Dim 3; this entry not scored.

FIP process has shipped 100+ network upgrades and added new precompiles (FIP-0105 BLS12-381 in NV27, 2025-09-24). Address types f1/f3 allow signature-scheme distinction at the wallet boundary, but Groth16-BLS12-381 is hard-coded into PoRep/PoSt circuits and SnarkPack. A PQ-safe replacement for sector seal proofs would require replacing the entire sealing pipeline. No spec FIP exists.

No native account abstraction at the protocol layer comparable to ERC-4337 / EIP-7702. f4 actor addresses (FIP-0048) bind FVM smart-contract accounts; users can deploy multisig or smart-contract accounts on FVM, which provides app-level rotation but not protocol-level signature-scheme upgrade for f1/f3 EOA accounts.

Filecoin has executed 27 numbered network upgrades since genesis (NV0 → NV27, 2020-10 to 2025-09). FIP-0086 introduced F3 Fast Finality. FIP-0100 changed sector economics. Coordination via core-devs meetings and weekly governance updates is documented and consistent.

No hybrid signature, hybrid KEM, or hybrid SNARK deployment announced or specced.

Default for stateless. No stateful-hash scheme deployed; no XMSS/LMS/leanXMSS in the stack.

Filecoin Expected Consensus (EC) uses BLS12-381 for block signatures and drand uses threshold BLS12-381 for randomness. F3 Fast Finality (FIP-0086) layers a GossiPBFT-style finality gadget on top, also using BLS aggregation. No PQ aggregation path declared, specced, or piloted.

0%. Zero PQ-safe primitives sign mainnet bytes.

lotus, venus, and forest clients ship classical primitives only. No ML-DSA, SLH-DSA, ML-KEM, Falcon, FRI/STARK, or any NIST PQC primitive code path merged into mainnet client release branches.

Every block leader and storage provider signs with BLS12-381 (and/or secp256k1). 0% of stake or storage power uses PQ keys.

VOIDED (5a = 0). No named, dated, enforcement-mechanism-backed PQ milestones.

Announced PQC trailing 12 months = 0; shipped PQC = 0; ratio undefined → no washing tag. Foundation has not made marketing claims of PQ readiness.

No PQ signature scheme deployed; multiplier undisclosed. Reference: ML-DSA-44 ~38× over BLS12-381 G2; SLH-DSA-128s ~110–125×, significant for a chain whose 2M+ daily Groth16 proofs and per-epoch BLS aggregations dominate block bandwidth.

Top-3 by Filecoin user share: Ledger (hardware), Glif (web multisig + Vault), MetaMask (FVM only, does not support native f1/f3 addresses, Snap-mediated). None publish a PQC roadmap for Filecoin signing primitives.

Top-2 production bridges Axelar and Celer cBridge. No PQC roadmap from either covering Filecoin endpoints.

Top-3 by FIL holdings: Coinbase Custody, Anchorage, Fireblocks. None publish FIL-specific PQ key custody roadmap.

RPC (Glif api.node.glif.io, Ankr, ChainStack), no PQ TLS commitment. HSMs in storage-provider operations vary (commodity Linux, AWS KMS, occasional Thales/YubiHSM); no documented PQ-key support for BLS12-381 signing keys. TEE attestation not part of consensus.

Q3 2025 ~3,000 active storage providers with measurable storage power; capacity 3.0 EiB. Storage power Nakamoto coefficient is mid-range. Client diversity: lotus (Go, primary), venus (Go), forest (Rust).

27 numbered upgrades NV0→NV27 (2020-10 to 2025-09-24) executed without contested forks. Multiple FIPs have been delayed or revised, but coordination process (core-devs, weekly governance updates) holds.

Filecoin Foundation (CEO Marta Belcher) and Protocol Labs are the named coordinating organizations; FIP editors documented in repo. No PQ-migration named lead, no PQ working group chartered.

FIP-0036 base-fee revision (2022) and FIP-0100 economics changes (2025) coordinated under provider economic pressure, not under cryptographic-attack pressure. No precedent for coordinated cryptographic primitive replacement under active attack.

No quantum canary, no rate-limited spending rule, no cryptographic tripwire.