SGX-internal key seal-key derivation (AES-flavour) is not separately specified in the public encryption-specs.

0 PQ families on mainnet (curve25519/secp256k1/Ed25519 are pre-quantum DL families; AES and SHA-2 are symmetric primitives, not a PQ family). No lattice, hash-based signature, code-based, or isogeny PQ primitive deployed.

No primitive in active use maps to NIST PQC categories 1-5. AES-128 ~128-bit classical (Grover-weakened to ~64-bit, below cat 1). No ML-KEM, ML-DSA, SLH-DSA, or FN-DSA deployment.

AES-128-SIV is RFC 5297-standardized (IV-misuse-resistant choice). HKDF-SHA256 is RFC 5869. CometBFT Ed25519 path inherits ed25519-consensus / ed25519-zebra hardening. SCRT Labs has run public bug bounty since 2020 and engaged Trail of Bits and Informal Systems on consensus-layer audits. Constant-time engineering for SGX-internal HKDF/AES-SIV path not separately documented. No formal verification.

Cosmos-SDK secp256k1 account public keys revealed at first transaction. CometBFT Ed25519 validator pubkeys published in validator set and signed in every block. ~50-80 active validators. Mitigating: SGX seal keys (which protect contract state) are AES-flavour symmetric and NOT directly Shor-broken, Forge of SGX-DCAP attestation ECDSA key allows attacker to forge attestations and onboard malicious enclave.

SCRT cold/dormant balances at standard Cosmos-SDK addresses derived as bech32(ripemd160(sha256(secp256k1-pubkey))). Pubkey not visible until first spend (Bitcoin-P2PKH-style). After first spend it is published. No published quantification of share of SCRT supply at never-spent vs spent addresses.

Every CometBFT pre-vote and pre-commit since mainnet launch (2020-09-15 secret-2 → 2021-04-26 secret-4) is verifiable post-Shor against forged Ed25519 version, breaking historical non-repudiation of consensus. Validator long-term keys persistent across many epochs.

Validator-to-validator gossip in CometBFT 0.38.x runs over secret-handshake/p2p protocol authenticating with Ed25519 node keys and deriving session key via x25519 ECDH (no published hybrid PQ KEM). RPC endpoints terminate classical TLS. By inference and foundation silence on transport PQC, entire validator-mesh and RPC layer uses classical X25519 KEM and is HNDL-vulnerable.

Encrypted contract state is sealed inside SGX enclave under SGX seal keys (AES-flavour symmetric primitives, Grover-weakened but NOT Shor-broken). On-chain ciphertext for Secret transaction's input/output uses AES-128-SIV under key derived via HKDF-SHA256 from consensus_io_exchange_privkey (curve25519) ECDH'd with user's transaction key. Two HNDL surfaces: (i) curve25519 ECDH establishing per-transaction symmetric key is Shor-broken; (ii) AES-128-SIV ciphertext opens with no further work once symmetric key recovered. Sealed STATE of Secret contract lives inside enclave seal-key envelope not transmitted on-chain at all. Recovering state requires combining Shor on curve25519 ECDH with replaying historical transactions OR compromising enclave hardware.

Secret's privacy is contract-state-level, not transaction-graph-level. CometBFT layer publishes sender address, gas fee, validator set, and block timing. CosmWasm contract calls visible at consensus layer (function name, calling contract, gas) although input/output payloads encrypted under AES-128-SIV. SNIP-20/SNIP-25 hide balances and amounts inside contract state but call itself is on-chain. Closer to Zcash transparent-with-shielded-pool than to Monero.

Top-3 RPC providers are Figment, Ankr, and Lavender.Five Nodes / Keplr-hosted, with concentration concerns typical of Cosmos chains. Mempool gossip observable to all CometBFT validators by design. Validator metadata retention policy: undeclared by foundation as of 2026-05-01.

Secret integrates with Cosmos ecosystem via IBC and with Ethereum/EVM chains via Axelar's General Message Passing. IBC packets carry sender/receiver addresses across chain boundaries. Privacy property of Secret applies to contract-state side; bridge transit itself is public on both endpoints.

Two retroactive-decryption surfaces: (i) Shor on curve25519 enables recovery of every per-transaction tx_encryption_key, allows post-Shor decryption of every historical Secret transaction's input/output payload that adversary has harvested; (ii) sealed contract state inside SGX enclave protected by SGX seal keys (AES-flavour, Grover-weakened to ~64-bit if AES-128 / ~128-bit if AES-256), NOT decryptable purely from on-chain harvested bytes, recovering it requires either Shor-then-replay against transaction stream OR SGX hardware compromise.

Secret Network does not run mix-network or cryptographic shuffle protocol at protocol layer.

No Secret Network Foundation, SCRT Labs, or community proposal announces post-quantum migration of AES-128-SIV/curve25519 ECDH transaction-encryption layer or SGX-enclave sealed-state path. Published 2026 roadmap addresses TEE-hardware diversification, with no PQ KEM, no hybrid encryption testnet.

Cosmos-SDK module architecture allows protocol extensions via on-chain governance-coordinated upgrades, Secret has shipped 24 mainnet versions (current v1.24.x as of Q1 2026) including v1.22 (Sep 2025, governance-driven permissioned-mode tightening post-WireTap), v1.21 (on-demand network seed rotation). However, no algorithm-switch event in cryptographic primitives themselves has occurred, Ed25519 / secp256k1 / curve25519 / AES-128-SIV / HKDF-SHA256 stack is unchanged since secret-4 launch in 2021.

Cosmos-SDK accounts use BIP-39 / BIP-44 / secp256k1 with no native account-abstraction primitive comparable to ERC-4337 or EIP-7702. Validator key rotation supported but not protocol-mandated and rare in operational practice. On-demand network seed rotation in v1.21.6 is network-level (not account-level) primitive.

Secret has shipped at least 24 mainnet versions with on-chain governance coordination and CometBFT validator coordination. xAPIC patch in November 2022 was successful coordinated forced-eject + re-attest of entire active validator set, completed within 30-day window from disclosure (Oct 3) to patch (Nov 2). v1.22 (Sep 2025) governance-driven permissioned-mode change executed cleanly.

No public hybrid PQ design exists at any layer. 2026 roadmap addresses TEE-hardware diversification (AMD + Intel + cloud) but not cryptographic-primitive diversification. Architecturally, Cosmos-SDK module pattern would permit parallel ML-DSA validator-signing module but no spec/no testnet/no foundation statement.

Secret Network does not use stateful hash-based signature schemes. CometBFT Ed25519 and Cosmos secp256k1 are stateless. Default credit.

N/A, CometBFT validator pre-vote and pre-commit signatures are Ed25519 (one signature per validator per round, aggregated only via 2f+1 vote-counting, not BLS-aggregated cryptographically). The Ethereum-class concern about BLS-aggregation PQ replacement does not apply.

0% of consensus signing (Ed25519), account signing (secp256k1), inter-node consensus-seed exchange (curve25519 ECDH), or transaction input/output encryption (AES-128-SIV under curve25519-ECDH-derived key) runs on a PQC primitive as of 2026-05-01.

scrtlabs/SecretNetwork and its scrtlabs/tendermint (CometBFT) fork contain no merged PQC primitive (no ML-DSA, no SLH-DSA, no ML-KEM, no FRI proof system) as of 2026-05-01.

0 of ~50-80 active validators run PQC consensus keys.

VOIDED to 0 per v3.1 rule (5a = 0). No dated, enforcement-mechanism-backed PQ milestone exists in SCRT Labs 2026 roadmap, on-chain governance proposals, or GitHub release plan. Roadmap milestones target SGX decoupling, AMD SEV-SNP support (Q1 2026 CPU-only, Q2 2026 expansion), Azure attestation (v1.23), and SecretVM cloud expansion, none PQ-related.

Announced PQC = 0 in trailing 12 months. Shipped PQC = 0. Ratio undefined; not deduction-eligible. Chain scores full 15. SCRT Labs is honest about current posture by silence on PQ.

Undisclosed. With no announced PQ scheme, bytes-per-block footprint under PQ is unknown. ML-DSA-65 substitution at validator consensus signing (~3,300 byte sigs vs 64-byte Ed25519) across ~50 validators per pre-commit round would produce ~50× consensus-signature footprint inflation.

Top wallets are Keplr (Cosmos-default, de-facto wallet for Secret), Leap Wallet (Cosmos-broad), and Fina (Secret-specific mobile). None has published PQC roadmap. Hardware wallet support: Ledger app for SCRT signs secp256k1, no PQC roadmap from Ledger.

Cross-chain via IBC (no PQC roadmap from Cosmos IBC working group as of 2026-05-01) and via Axelar General Message Passing. Wormhole and LayerZero are not currently primary Secret bridges.

Coinbase Custody and BitGo referenced as institutional custody options for SCRT. No top-tier custodian has published PQC roadmap covering Cosmos secp256k1/Ed25519 keys. Fireblocks supports Cosmos-broad, MPC-PQ readiness not announced.

RPC providers (Figment, Ankr, Lavender.Five Nodes, Keplr-hosted), no PQC roadmap. HSMs: standard Ledger Nano X / Nano S+. TEE: Secret's supply chain most distinctive, validator hardware path REQUIRES Intel SGX (mandatory until SGX decoupling ships) with transition planned to AMD SEV-SNP and Intel TDX in 2026. TEE supply chain has been the source of every confidentiality incident.

~50 active validators per Secret Network Wiki, with protocol cap of 80 active validator slots. Single-client diversity (scrtlabs/SecretNetwork is the reference). Stake distribution skews to small set of professional Cosmos validators. SGX-capable hardware requirement adds centralizing pressure.

xAPIC response (Oct 3 2022 disclosure → Nov 2 2022 patched, with forced-eject of all unpatched nodes and rotated consensus seeds) is the cleanest documented Cosmos-stack adversarial-coordinated upgrade. v1.22 (Sep 2025) governance-driven shift to permissioned mode in response to WireTap/Battering RAM was similarly fast and clean.

SCRT Labs (the core development entity, named CEO) and Secret Network Foundation. Public governance via on-chain governance proposals and Secret Network forum. SCRT Labs publishes annual roadmaps. No named PQ migration WG or PQ-lead role.

xAPIC incident (2022) and WireTap/Battering RAM/TEE.Fail family (2025) provide track record of coordinated cryptographic-/hardware-security-related upgrades under live external researcher pressure. Foundation's published position: funds were never at risk because Secret intentionally does not rely on SGX for correctness, only privacy.

No community honeypot, no rate-limited spending rule, no cryptographic tripwire embedded in consensus, no automated-response mechanism for Shor/curve25519-ECDH breakage published. On-demand network seed rotation (v1.21.6) is manual-governance primitive, not automated tripwire.