Inventory reconstructible from docs.kaia.io accounts pages, the v1.2 whitepaper, the kaiachain/kaia Go client, and the KIP repository. No single consolidated cryptography reference page.

No PQ-safe primitive in active use.

0 PQ families deployed. Multiple classical families (Weierstrass-curve ECDSA, pairing-friendly BLS12-381, classical DH) but none PQ-safe.

ECDSA secp256k1 ≈ 128-bit classical / 0-bit post-Shor; BLS12-381 ≈ 128-bit classical / 0-bit post-Shor; Keccak-256 ≈ 128-bit post-Grover. No NIST PQC category mapped because no NIST PQC primitive in scope.

Kaia Go client (kaiachain/kaia) is a fork of go-ethereum lineage and inherits libsecp256k1 / standard Go crypto provenance. BLS implementation uses an EVM-precompile-compatible BLS12-381 library; not Kaia-specific cryptography. No machine-checked formal verification artifacts published for Kaia consensus or signature modules. Tier 1 (mature classical EC + Keccak).

EVM-style EOA model with secp256k1 pubkey revealed on first outbound tx. Klaytn legacy mainnet (June 2019) plus Kaia post-merger continuation produces a sizeable revealed-pubkey surface across DeFi, LINE-integrated mini-dapps, and stablecoin settlement flows.

Klaytn-origin accounts that have never signed retain Keccak-derived address protection. Kaia AccountKeyLegacy pattern matches Ethereum EOA exposure model; AccountKeyPublic explicitly stores a compressed pubkey on-chain at registration, exposing it independently of transaction history. Share of dormant unrevealed addresses is small relative to the active surface.

Every historical secp256k1 IBFT validator signature and account signature on Klaytn (2019-2024) and Kaia (2024-present) is forgeable post-CRQC. No signature expiry mechanism. Cross-chain bridge attestations to Ethereum / BSC / Polygon (Orbit Bridge, Stargate, Wormhole) extend signature trust off-chain.

Validator p2p and RPC TLS use classical X25519/ECDHE KEMs; no hybrid PQ KEM deployed on Kaia validators or on the dominant RPC providers. Validator gossip and mempool transport sit fully in classical-DH HNDL scope.

Fully transparent EVM-compatible ledger; pseudonymous addresses; no shielded pool. KaiaScan and equivalents make graph analysis straightforward.

RPC concentrated among Kaia Foundation public endpoints, Ankr, QuickNode, and a small set of GC-affiliated operators. ~30 permissioned GC validators (originally 31, with 2026 resignations) means mempool gossip is observable to a tight set. No validator-metadata-retention policy declared at protocol level.

Primary bridges: Orbit Bridge (Klaytn-origin, history of 2024 exploit), Stargate / LayerZero, Wormhole, and the Finschia legacy bridge surface. All are observable by passive cross-chain indexers.

Kaia has no shielded-pool layer. Standard Shor-on-secp256k1 + Shor-on-BLS12-381 retroactive risks apply but no additional ring-signature, ElGamal, or zk-SNARK encryption layer adds confidentiality exposure beyond the signing layer.

None at protocol level.

Kaia inherits Klaytn's modular AccountKey system supporting five key-structure types (Legacy, Public, Fail, WeightedMultiSig, RoleBased). The schema decouples cryptographic keys from addresses, allowing key rotation and role separation without changing the account address. No demonstrated production swap of the underlying signing curve in last 5 years; agility is architectural, not exercised against PQ primitives.

Kaia's AccountKey system provides native account-abstraction primitives well beyond ERC-4337: keys can be rotated (replace compromised keys without losing the account), multi-sig with weighted thresholds is native (AccountKeyWeightedMultiSig), and role-based keys (AccountKeyRoleBased) separate transaction-signing, account-update, and fee-payer roles. Native fee-delegation / gas-abstraction (paymaster equivalent) is a protocol primitive, not an ERC. This is a genuine migration-architecture asset for hybrid PQ deployment. No documented client-layer PQ migration path.

Klaytn / Kaia executed the August 2024 Klaytn-Finschia merger as a coordinated migration event. Standard hard-fork cadence sustained pre- and post-merger via the KIP / governance-proposal process. No contested fork on record. Permissioned-GC structure means coordination is faster than for permissionless L1s; the trade-off is centralisation.

AccountKeyRoleBased and AccountKeyWeightedMultiSig architecturally permit constructing a hybrid-key account (one role classical, one role PQ; or m-of-n with one PQ key) once a PQ scheme is added to the AccountKey type set. No KIP for AccountKeyPQC or hybrid-PQ AccountKey type. No EVM precompile for ML-DSA, FN-DSA, or SLH-DSA verification on Kaia.

N/A by default, no stateful hash scheme in scope; stateless schemes score full per v3.1 rubric.

Kaia IBFT consensus uses ECDSA secp256k1 per-validator signing without quorum-signature aggregation; the SimpleBlsRegistry BLS surface is for VRF / randomness, not consensus quorum aggregation. Per v3.1 rubric, 4f scoring applies to chains with Shor-vulnerable signature aggregation at consensus; Kaia's IBFT signing is non-aggregating-secp256k1, so 4f is N/A and weight redistributes to the other 4a-4d sub-scores.

0% of Kaia mainnet validator signatures or account signatures under any PQC primitive.

No PQ scheme merged into kaiachain/kaia. Repository searches return zero hits for falcon, dilithium, ml-dsa, sphincs, slh-dsa, or kyber in cryptographic modules. No PQ research fork analogous to DoraFactory's tendermint-pqc.

All ~30 GC validators (originally 31, with 2026 resignations) sign with ECDSA secp256k1. No GC member has registered a PQC consensus key. AccountKey schema does not yet include a PQC type.

VOIDED to 0 per v3.1 rule (5a = 0). No dated, enforcement-mechanism-backed PQC milestones for Kaia mainnet. No PQ entry in the Kaia 2025-2026 PGT (Permissionless · Governance · Tokenomics) roadmap.

Foundation channels (kaia.io, docs.kaia.io, kaiachain/kips, kaiachain/kaia) make zero PQC commitments. Kaia Wallet third-party listing markets quantum-resistant capability without a documented PQ primitive, narrative-only at the wallet vendor surface, not at the chain surface. Partial credit for chain-side restraint; deduction for vendor-surface mismatch.

No PQ deployment, no published bytes-per-block analysis under any PQ scheme for Kaia.

Top-3 wallets supporting Kaia: Kaia Wallet (Kaikas successor, Foundation-affiliated), MetaMask (via custom RPC), Ledger HW. Kaia Wallet's third-party quantum-resistant marketing claim has no documented PQ primitive backing it. Ledger Donjon has internal PQC research but no shipped Kaia PQ-signing integration.

Top-3 bridges in Kaia flow: Orbit Bridge (Klaytn-origin, ECDSA secp256k1 + BLS multi-sig classical), Stargate / LayerZero, Wormhole. None publishes a PQC roadmap for Kaia routes.

Top institutional custodians supporting KAIA: Coinbase Custody, BitGo, Korean local custody (Korbit / Bitgo Korea). None publishes a Kaia-specific PQC roadmap. None has MPC-PQ in production for KAIA signing.

Top RPC providers: Kaia Foundation public RPC, Ankr, QuickNode, and GC-operated endpoints. None publishes PQ-enabled RPC TLS. HSMs used by GC validators are standard YubiHSM2 / AWS KMS / Thales, no PQ signing in production. No TEE-attestation chain in Kaia's documented validator stack.

~30 permissioned Governance Council validators (originally 31, with 2026 resignations) with 5M-KAIA minimum stake. Vote cap of GC-size minus one is structural. Single execution client (kaiachain/kaia Go fork). Nakamoto coefficient is structurally low, small permissioned set with Foundation curation. Kaia has announced a PGT roadmap to transition toward permissionless validator participation; not yet executed.

August 2024 Klaytn-Finschia merger executed as a coordinated cross-foundation event. Standard upgrade cadence sustained via the KIP and on-chain governance process. No documented adversarial-pressure upgrade comparable to BSC Token Hub or Cosmos v19.2 emergency.

Kaia DLT Foundation (formerly Klaytn Foundation + LINE Next) operates as coordinator. Governance Council members named on Kaia Foundation site. KIP process documented at kips.kaia.io. No named PQC migration lead, no PQC working group charter, no PQC entry in the published 2025-2026 PGT roadmap.

Klaytn-Finschia merger involved coordinated migration of two distinct chain states, validator sets, and governance processes, a non-trivial coordination precedent. Orbit Bridge 2024 exploit response demonstrated emergency-response capacity at the bridge layer. No precedent of a coordinated cryptographic-primitive change while under attacker pressure.

No canary, honeypot, rate-limited spending rule, or cryptographic tripwire on Kaia.