What it is. SKALE runs a whole pool of interlinked chains off one shared set of operators, and so far it has said nothing about how it would protect that setup once a future quantum computer can break today's protections.
What we found. The operators do reshuffle their shared signing keys among themselves, but that reshuffling keeps using the same math a quantum computer is expected to crack, so it buys no real protection, and no plan, test, or target date for fixing this exists yet.
Why it matters. Every account and every connection between these chains could be exposed at once if that day comes, and coins left untouched since the 2020 launch are most at risk because nobody can move them to safety on your behalf.
Multi-chain elastic network using BLS threshold signatures over alt_bn128 (~100-128 bit classical) with DKG-rotated keys per chain. Every consensus, account, and inter-chain primitive is Shor-vulnerable; libBLS is self-described alpha software with no security audit; no PQ migration plan published.
Summary
SKALE secures a pool of EVM-compatible chains via BLS threshold signatures over alt_bn128, coordinated by Distributed Key Generation. The libBLS library (self-described alpha, unaudited, 1,550+ commits) and SKALE Manager Ethereum smart contracts run validator coordination. Every consensus signature, every account secp256k1 key, and the threshold-encryption inter-chain channel is Shor-broken. Gate 1a-Sig FAIL, Gate 1a-KEM FAIL, 4f BFT-aggregation path = 0 (no published PQ-compatible aggregation strategy). FAIR L1 launch (June 2025) introduces the BITE Protocol but does not address PQ. SKALE Manager migration to FAIR is operationally meaningful but cryptographically same-stack. No foundation PQ statement, no testnet, no spec. QRI 23 ± 7, Band 3 Planning (lower edge), Migration Stage 1.
What the gates say
- Gate 1a, Hybrid signature: FAIL , no documented hybrid signature composition; consensus pure BLS over alt_bn128, accounts pure secp256k1
- Gate 1a, Hybrid KEM: FAIL , validator transport classical TLS; inter-chain threshold-encryption uses BLS-pairing-based primitives, Shor-vulnerable
- Gate 1b, Commit-to-hash: COND , no OR-composition declared
- Gate 2, Evidence reconstruction: PASS , every sub-score has ≥ 3 evidence sources
- Gate 3, Primitive naming: PASS , BLS over alt_bn128, DKG, secp256k1, Keccak-256, SHA-256
Burn-vs-rescue policy on file
Declared option f, Undeclared. SKALE Labs and the N.O.D.E. Foundation have not published a position on dormant-balance handling or on the consensus-key migration path post-Shor.
Seven dimensions
Each dimension scores 0–100 internally; the weighted roll-up produces the QRI.
1 Cryptographic Exposure weight 15% 26 / 100
libBLS and SKALE Manager primitives explicitly named. Validator gossip transport-layer cipher suite not specified in foundation document.
BLS signatures over alt_bn128 (Barreto-Naehrig) · DKG over alt_bn128 · secp256k1 (EVM account signing) · Keccak-256 (block/transaction hash) · SHA-256 (BLS hash-to-curve) BLS over alt_bn128→ Shor-break-via-pairingsDKG over alt_bn128→ Shor-break-via-pairingssecp256k1→ Shor-break-via-DLKeccak-256→ Grover-weaken (effective 128-bit)SHA-256→ Grover-weaken (effective 128-bit)
Zero PQ families deployed. Pre-cap state.
No primitive maps to NIST PQC categories 1-5. alt_bn128 ~100-128 bit classical per libBLS docs. Shor breaks all curve/pairing primitives; Grover halves hash levels.
libBLS self-described 'alpha software' with no published security audit. 1,550+ develop-branch commits indicate active maintenance. No constant-time validation, no formal verification cited. Construction is well-studied academically (BLS Tier 1-2 mature ECC/pairings).
2 Quantum Recovery Exposure weight 10% 27 / 100
Default SKALE Chain accounts use Ethereum-style secp256k1 pubkey revealed at first transaction. Validator threshold-BLS keys continuously active per consensus round. DKG-rotation reduces validator long-term cold exposure but not user-account exposure.
SKALE Mainnet Phase 1 launched 2020; substantial cold/dormant secp256k1 exposure on user accounts. Validator BLS keys rotate via DKG per chain creation/maintenance event; cold balances on Ethereum-style accounts do not rotate without user action.
Every historical secp256k1 transaction signature and BLS threshold signature on the chain since 2020 forgeable post-Shor. No PQ attestation layer.
Validator gossip and RPC use standard TLS (X25519/RSA/ECDH per Ethereum convention). No PQC KEM. libBLS includes threshold encryption for inter-chain communication, but underlying primitive is BLS-pairing-based, Shor-vulnerable.
3 Metadata, Anonymity & Confidentiality weight 13% 24 / 100
Pseudonymous transparent ledger across SKALE Chains. EVM-compatible, public addresses, public balances, public state. No native shielded transactions.
Per-chain validator subset operates RPC. Concentration varies per chain. Mempool gossip observable to chain's validator subset. Validator metadata retention undeclared.
Inter-Manager Agent (IMA) bridges SKALE Chains and Ethereum, plus inter-SKALE-Chain communication. Cross-chain transactions observable on both sides.
Shor on alt_bn128 breaks BLS threshold signatures and DKG. Retroactive linkability is high but no shielded data exists to 'de-anonymize' beyond what is already public.
No on-chain mixer, no native commit-reveal shuffle, no integrated mixnet.
4 Migration Architecture weight 10% 36 / 100
SKALE V2 multi-chain interconnection upgrades and SKALE Manager evolution; Hoodi testnet migration (July 2025); planned SKALE Manager → FAIR migration. Operational coordination but no algorithm-switch event for BLS/alt_bn128 stack. No published crypto-agility specification.
DKG enables threshold-key rotation for validator subsets, meaningful key rotation primitive at consensus layer. EVM compatibility means SKALE Chains can support EIP-7702 / ERC-4337 if individual chain operators enable them, chain-by-chain not protocol-default. No documented client-layer PQC path.
Coordinated SKALE V2 upgrades, Hoodi testnet migration (July 2025), FAIR L1 launch (June 2025), planned SKALE Manager migration. Multi-year track record. No contested forks documented.
No public hybrid PQ design. BLS/alt_bn128 consensus and DKG deeply integrated; replacing threshold scheme requires redesigning consensus and SKALE Manager DKG flow.
No stateful hash signature schemes. Default 15/15.
SKALE consensus is BLS-aggregated by design, canonical BFT-aggregation surface. No PQ aggregation path declared, no spec, no testnet pilot, no published direction.
5 Deployment Execution weight 22% 15 / 100
0% of consensus signing, transaction signing, or DKG runs on a PQC primitive.
libBLS, skale-manager, SKALE node software contain no merged PQC primitive.
0 validators run PQC consensus keys.
VOIDED to 0 per v3.1 rule (5a = 0). No dated PQ milestone in any SKALE blog post or roadmap publication.
Announced PQC = 0, Shipped PQC = 0, Ratio 0/0 (undefined). Honest by silence.
Undisclosed. With no announced PQ scheme, bytes-per-block under PQ unknown.
6 Supply Chain Vendor Readiness weight 22% 15 / 100
EVM-compatible: top wallets MetaMask, WalletConnect-compatible wallets, Ledger via EVM RPC. None has published a SKALE-specific PQC roadmap.
Inter-Manager Agent (IMA) is canonical SKALE-Ethereum and inter-SKALE bridge; no PQC roadmap. External bridges (Wormhole, LayerZero, Axelar) do not list SKALE-specific PQC commitments.
Top custodians (Coinbase Custody, BitGo, Anchorage, Fireblocks) support SKL via standard EVM custody. No SKALE-specific PQC migration timetable from any.
RPC: validator-node operated. HSMs: standard validator setups (AWS KMS, YubiHSM), no SKALE-specific PQC HSM commitment. TEEs: not in core consensus path. No PQC roadmap on any infra tile.
7 Governance & Coordination weight 8% 40 / 100
Validator pool secures all SKALE Chains via shared SKL staking. Per-chain validator subsets randomly assigned (security-by-randomization). Total validator count and Nakamoto coefficient not published as canonical metric in foundation docs at evaluation date.
SKALE V2 (2024-2025), Hoodi testnet migration (July 2025), FAIR L1 launch (June 2025), planned SKALE Manager migration. Multi-year coordinated upgrades. No demonstrated coordination under live attacker pressure.
SKALE Labs (development organization). N.O.D.E. Foundation oversees decentralized governance. SKALE Manager smart contracts encode coordination rules on Ethereum. No named PQ migration WG or PQ-lead role.
No major adversarial-coordination event in SKALE's history. Multi-year clean operational record is positive but not a true adversarial test.
No published rate-limit canary, no cryptographic tripwire, no Hourglass-equivalent mechanism, no community honeypot.
X + Y vs Z, when does the math turn against you?
v3.1 demotes the X+Y vs Z timing test to a secondary signal, the headline output is Migration Stage. The timing test still answers the question: can this chain finish migrating before the threat lands?
Verdict
X+Y reaches 2034–2041, Crisis Zone (vs Z10 2030); partial Outside risk window (vs Z25 2035)
Z-compliance
Outside compliance window, BLS over alt_bn128 and secp256k1 non-compliant under NIST 2030 deprecation / 2035 disallowance
Source-disagreement disclosure
v3.1 requires every chain card to publish material divergences among authoritative sources, plus the delta-QRI under alternative weighting.
Some industry commentary frames threshold-key rotation via DKG as partial mitigation against cryptographic attacks. LayerQu's reading: DKG rotates among validators on the same Shor-vulnerable curve; rotation does not address the underlying primitive's quantum vulnerability.
Delta-QRI under alternative weighting
Under alternative weighting that gives more credit for DKG threshold rotation in 4b, SKALE QRI rises ~+2 to 25.
Announcement-to-shipped ratio
Announced: 0. Shipped: 0. Ratio: 0.
Tag: none, no announcement to falsify; honest by silence
Peers in the L1 profile
9 chains closest to SKALE by Stage then QRI.