Rebased mainnet documents four signature flags. Identity layer documents ML-DSA / SLH-DSA / Falcon, but explicitly Identity-layer, not base ledger. Inventory is named precisely; small deduction because Rebased docs do not list a default.

Base-ledger consensus signatures are 100% Shor-vulnerable. PQ primitives exist only at the off-chain Identity layer.

1 family deployed at base ledger: classical EC (Ed25519 + ECDSA variants, same family for PQ purposes). Identity-layer adds 2 PQ families (lattice + hash) but those are not in the consensus path. Diversity Cap fires for base-ledger PQ scope (zero PQ families deployed at consensus).

Ed25519: not a NIST PQC standard, classical-128-bit; ML-DSA-44 (Identity): NIST cat 2; ML-DSA-65 (Identity): NIST cat 3; Falcon-512 (Identity): NIST cat 1; SLH-DSA (Identity): cat 1-5 depending on parameter set. No NIST-PQC categorized primitive in the consensus path.

Ed25519-dalek (Rust) has known constant-time implementation, RFC 8032 compliance, ZIP215 signature-validation rule. Move VM provenance via Mysten Labs fork. ZKryptium library (LINKS Foundation, October 2023) for selective-disclosure credentials in IOTA Identity. PQ libraries cited in Identity 1.7-beta as experimental, suitable for developer testing but not production deployments pending further NIST alignment.

Ed25519 addresses derive from the public key hash (Blake2b-256). On first spend, the public key is revealed in the transaction; subsequent spends from the same address have a revealed key. No active-key migration plan published for the base ledger.

Pre-Chrysalis (≤2021-04-28) addresses on the legacy Tangle were W-OTS-derived (hash-based, Shor-resistant). TIP-17 forced migration to Ed25519. Cold W-OTS funds that did not migrate by the deadline are no longer spendable on the live network. Post-Chrysalis dormant Ed25519 addresses sit on Shor-vulnerable curves.

DAG history under Rebased is signed under Ed25519 / ECDSA. Historical pre-Chrysalis W-OTS signatures were valid only on the legacy network (now decommissioned beyond the migration receipt mechanism). Post-Shor, all currently verifiable signatures on Rebased mainnet are forgeable.

Validator gossip and RPC use standard TLS (default classical X25519/ECDH/RSA, IOTA does not document a non-standard transport). No hybrid PQ KEM is documented.

DAG transaction graph is fully public. Pseudonymous addresses, like Bitcoin/Ethereum. No native shielding.

Rebased launched May 5 2025 with 13 Genesis Validators (IOTA Foundation, IOTA Ecosystem DLT Foundation, Tangle Ecosystem Association, DLT GREEN, P2P.org, LugaNodes, Twinstake, Kiln, Stakin, Nansen, Blockscope, Coinage x DAIC, Staketab). DPoS network designed to ramp to 50 validators initially, then 150. Foundation-aligned operators dominate the genesis set.

IOTA Mainnet integrated LayerZero and Stargate January 2026, building on LayerZero/Stargate support added to IOTA EVM in September 2024. Connects to 150+ chains including Ethereum, Solana, Base, BSC. Cross-chain correlation surface is large; bridge-side privacy not addressed.

Post-Chrysalis transactions are signed under Ed25519; under Shor, public keys revealed in transactions enable retroactive linking. Pre-Chrysalis W-OTS portion is not retroactively de-anonymizable at the signature layer (hash-based) but the legacy Tangle is no longer the production ledger.

No on-chain mixer, no commit-reveal, no shuffle node infrastructure documented.

IOTA has shipped three crypto-migration hard forks: Curl-P → Kerl/Keccak (2017 vulnerability response), W-OTS → Ed25519 (Chrysalis, 2021-04-28), Stardust → Move VM Rebased (2025-05-05). Move VM permits adding signature flags without consensus hard fork (Rebased already supports four flags). Adding a fifth flag for ML-DSA or SLH-DSA is architecturally feasible but not documented as planned.

Rebased inherits Sui-style account model (Move-based) with signature-scheme agility per signing flag. Multisig is native (flag 0x03). Key rotation primitives at account layer are present in Move's address model. No deployed PQ client-layer path.

Chrysalis (2021), Stardust (2023), Rebased (2025-05-05), Starfish Consensus Upgrade (2026-04-28). Foundation-coordinated; no contested forks documented.

Move VM admits new signature flags. IOTA Identity 1.7-beta deploys hybrid signatures (id-MLDSA44-Ed25519 / id-MLDSA65-Ed25519 via LINKS Foundation's compositeJwk DID verification material), but this is at the Identity (off-chain credential) layer, not the base ledger. No base-ledger hybrid composition spec or testnet has been published.

Chain currently has no stateful-hash scheme deployed.

IOTA Rebased validator consensus mechanism documented as DPoS/Move-based (Mysten Sui-derived). The arXiv-published IOTA Tangle 2.0 research paper references BLS12-381 for aggregated signatures, but Rebased-mainnet validator consensus implementation does not document BLS aggregation as a deployed feature distinct from the signature flags.

Zero PQ signing traffic on Rebased mainnet base ledger. All consensus signatures are Ed25519 / ECDSA / Multisig. Identity 1.7-beta PQ signatures are off-chain credential-layer, not on-chain consensus traffic.

IOTA Rebased core node software does not document merged PQ signature verification code (the four signature flags are all classical).

No validator PQ key registration documented.

VOIDED per v3.1 because 5a = 0. IOTA Identity 1.7-beta release (October 2025) and QUBIP Horizon Europe project participation are documented PQ milestones but apply to the Identity layer, not base-ledger consensus.

IOTA's PQ messaging in 2025-2026 (Identity 1.7-beta blog post; QUBIP coordination announcements; community articles citing IOTA quantum-proof) is moderate but presents a clear gap between Identity-layer (real PQ deployment in beta) and base-ledger (no PQ deployment). Some external community claims of IOTA is quantum-resistant trace back to historical W-OTS heritage rather than current Ed25519 mainnet, a washing risk. Estimated announced-vs-shipped ratio ≈1.5-2.0x.

Rebased base-ledger has no PQ signature in production; multiplier under PQ undisclosed.

Top-3 wallets for IOTA Rebased: new browser-based IOTA Wallet (replaces deprecated Firefly post-Rebased), Nightly (community), Bloom Wallet (community). Ledger Nano S/X support inherited from Firefly migration. None publicly document a base-ledger PQ signature roadmap.

Top-3 bridges: LayerZero (integrated January 2026 to mainnet, September 2024 to IOTA EVM), Stargate (LayerZero-aligned), and IOTA-native bridges. LayerZero and Stargate themselves do not publish PQC roadmaps.

Institutional staking provider P2P.org operates as Genesis Validator. Fireblocks, BitGo, Coinbase Custody have varying levels of MIOTA support; none publish IOTA-specific PQ custody roadmaps.

IOTA Foundation-operated nodes plus Genesis Validator nodes provide RPC. Ledger HSM line support exists for IOTA via Ledger Nano S/X; Ledger does not publish a PQ device-firmware roadmap that names IOTA. No TEE attestation chain documented.

Rebased DPoS started with 13 Genesis Validators (May 5 2025), targeting 50 then 150. Genesis set is Foundation-and-partner-dominated; Nakamoto coefficient is low at launch, expected to rise with permissionless validator onboarding.

Three crypto-migration hard forks (Chrysalis 2021, Stardust 2023, Rebased 2025) plus Starfish Consensus Upgrade (2026-04-28) plus historical Curl-P emergency response (2017).

IOTA Foundation (Berlin-registered, multiple public principals; co-founder Dominik Schiener active publicly). Tangle Ecosystem Association and IOTA Ecosystem DLT Foundation as additional coordinating bodies. No named PQC working group lead at the base-ledger level (PQ work currently led at Identity-layer through QUBIP coordination with LINKS Foundation).

2017 Curl-P vulnerability response and Coordinator deprecation through Coordicide both demonstrate willingness to migrate primitives under external researcher / community pressure. Strong precedent.

No canary, honeypot, rate-limit-spending rule, or cryptographic tripwire is documented in IOTA's consensus or governance specs.