What it is. VeChain is built for businesses that track real-world goods like supply chains and sustainability records, run by a fixed set of vetted validators that one foundation organizes, and it has said nothing about how it would defend against future quantum computers.
What we found. That same tight foundation control could let VeChain upgrade everyone's security in one coordinated move faster than most networks, yet it has drawn up no plan, run no test, and made no promise to do so.
Why it matters. The businesses relying on VeChain are exactly the ones facing official deadlines to drop today's vulnerable security, so the gap between what the foundation could organize and what it has actually started leaves their records open to being faked or denied once a capable quantum machine arrives.
Enterprise-focused L1 with 101 KYC'd Authority Masternodes (now weighted-DPoS post-Hayabusa 2025-12-02). Pure secp256k1 / Blake2b-256 / Keccak-256 stack. Foundation-coordinated AM set is the strongest migration asset and biggest centralization liability; no published PQ position despite Renaissance roadmap execution capacity.
Summary
VeChainThor's Renaissance roadmap shipped Galactica (2025-07-01: dynamic fee market, typed transactions, Shanghai EVM) and Hayabusa (mainnet activation 2025-12-02: PoA → weighted-DPoS), substantial coordinated upgrades with no PQ component. Account and consensus signing remains pure secp256k1; transaction signing-hash is Blake2b-256. Gate 1a-Sig FAIL, Gate 1a-KEM FAIL. The Foundation-coordinated 101-AM set could execute PQ migration faster than permissionless chains in principle, but no spec, no testnet, no announcement. Enterprise customer base (supply chain, RWA, sustainability) is uniquely exposed to compliance-driven PQ pressure (NIST 2030/2035, EU NIS2 derivative). Renaissance's third 'Interstellar' phase is unspecified, natural slot for a PQ direction. QRI 24 ± 7, Band 3 Planning, Migration Stage 1.
What the gates say
- Gate 1a, Hybrid signature: FAIL , no documented hybrid signature composition; account and consensus signing pure secp256k1
- Gate 1a, Hybrid KEM: FAIL , validator transport classical TLS X25519/RSA/ECDH; no PQ KEM
- Gate 1b, Commit-to-hash: COND , no OR-composition declared
- Gate 2, Evidence reconstruction: PASS , every sub-score has ≥ 3 evidence sources
- Gate 3, Primitive naming: PASS , secp256k1, Blake2b-256, Keccak-256, DPRP
Burn-vs-rescue policy on file
Declared option f, Undeclared. VeChain Foundation has not published a position on dormant-balance handling or consensus-key migration post-Shor. Implicit posture (PoA Foundation-coordination) would favor coordinated migration via AM-set hard fork, but no formal statement exists.
Seven dimensions
Each dimension scores 0–100 internally; the weighted roll-up produces the QRI.
1 Cryptographic Exposure weight 15% 28 / 100
Thor DevKit cryptography primitives explicitly named. Validator gossip transport-layer cipher suite not specified in foundation document.
secp256k1 (account / certificate / transaction signing) · Blake2b-256 (transaction signing-hash) · Keccak-256 (EVM-compatible smart-contract hashing post-Galactica Shanghai alignment) · DPRP, Deterministic Pseudo-Random Process (AM selection) · Authority Masternode block-production signing (secp256k1) secp256k1→ Shor-break-via-DL (256-bit ECC, ~128-bit classical)Blake2b-256→ Grover-weaken (effective 128-bit)Keccak-256→ Grover-weaken (effective 128-bit)DPRP (hash-based AM selection)→ Grover-weaken via underlying hash
Zero PQ families deployed. Pre-cap state.
No primitive maps to NIST PQC categories 1-5. secp256k1 ~128-bit classical; Blake2b-256 / Keccak-256 ~128-bit classical post-Grover. Shor breaks secp256k1 fully.
Multiple official Thor DevKit SDKs (Python, Java, JavaScript). Constant-time engineering not explicitly documented; Foundation relies on standard secp256k1 library implementations. No machine-checked formal verification cited. secp256k1 (Tier 1), Blake2b/Keccak-256 (Tier 2), mature classical baseline.
2 Quantum Recovery Exposure weight 10% 29 / 100
Default accounts use secp256k1; pubkey recoverable via ECDSA ecrecover so first-spend reveals pubkey on-chain. 101 AMs have publicly-known identities (Foundation KYC) and continuously-active block-production signing keys.
Mainnet launched June 2018; ~95 months. Substantial cold/dormant secp256k1 exposure on user accounts and early-distribution wallets. Hayabusa weighted-DPoS introduced delegation but does not migrate cold balances.
Every historical secp256k1 transaction signature and AM block-production signature since 2018 forgeable post-Shor. Enterprise-data-anchoring use cases (supply-chain provenance, sustainability tokens, RWA attestations) lose non-repudiation post-Shor.
Validator gossip and RPC use standard TLS (X25519/RSA/ECDH per EVM-stack convention). No PQC KEM. No published hybrid PQ KEM testnet for validator transport.
3 Metadata, Anonymity & Confidentiality weight 13% 23 / 100
Pseudonymous transparent ledger. EVM-compatible. No native shielded transactions. Enterprise-data-anchoring focus pairs with off-chain encrypted data referenced via on-chain hashes, on-chain layer fully transparent.
Top-3 RPC: Foundation mainnet.vechain.org, vechainstats, third-party providers. Concentration moderate; precise share not published. Mempool gossip observable to AM set. Validator metadata retention undeclared.
Limited canonical bridge ecosystem. Bridges from third parties observe both sides classically.
Shor on secp256k1 breaks AM block-production signatures and account signatures. AM identities already public, so retroactive impact small. User-account de-anonymization bounded by transparent ledger.
No on-chain mixer, no native commit-reveal shuffle, no integrated mixnet.
4 Migration Architecture weight 10% 38 / 100
Galactica (2025-07-01) and Hayabusa (mainnet 2025-12-02) coordinated mainnet upgrades. No algorithm-switch event for secp256k1/Blake2b stack. No published crypto-agility specification covering signing-primitive replacement.
Multi-Party Payment (MPP) and Multi-Task Transaction (MTT) provide AA-adjacent functionality (fee delegation, batched user-operations) established before EIP-7702/ERC-4337. Galactica's Shanghai EVM alignment opens compatibility with ERC-4337-style AA. No native protocol-level AA. No documented client-layer PQC path.
Galactica + Hayabusa shipped within five months on schedule per Renaissance roadmap. Earlier 2018-2024 upgrades uncontested. Foundation-coordinated AM set produces tightly-coordinated upgrade path.
No public hybrid PQ design. Galactica typed-transactions framework could in principle accommodate a new transaction type with hybrid signature payload, but no proposal. Renaissance's third 'Interstellar' phase not specified at evaluation date.
No stateful hash signature schemes. Default 15/15.
VeChain consensus does not use BLS aggregation. PoA / PoA 2.0 / Hayabusa weighted-DPoS uses individual secp256k1 signatures from selected AMs/delegates per block. Per v3.1 rubric 4f is N/A for non-aggregating-consensus chains; conservative scoring 0 reflects absence of declared PQ aggregation strategy.
5 Deployment Execution weight 22% 15 / 100
0% of consensus signing or transaction signing runs on a PQC primitive.
Thor-devkit and VeChainThor node software contain no merged PQC primitive.
0 of 101 Authority Masternodes (or post-Hayabusa weighted-DPoS delegates) run PQC consensus keys.
VOIDED to 0 per v3.1 rule (5a = 0). Renaissance roadmap dated and partially shipped, but contains no PQ-specific milestone.
Announced PQC = 0 trailing 12 months. Shipped PQC = 0. Ratio 0/0 (undefined). Honest by silence.
Undisclosed.
6 Supply Chain Vendor Readiness weight 22% 17 / 100
VeWorld (official Foundation wallet), Sync2 (legacy desktop), Ledger HW VeChain app. No top-3 wallet has published a PQC roadmap covering VeChain key derivation.
Limited canonical bridge ecosystem on VeChain. No bridge tile has a published PQC roadmap.
Top custodians (Coinbase Custody, BitGo, Anchorage, Fireblocks) provide VET custody. None has published a VeChain-specific PQC migration timetable. Enterprise customers operate own treasury via Foundation guidance; no PQC commitment from those treasuries.
RPC: Foundation mainnet.vechain.org, vechainstats, third-party providers. HSMs: standard validator setups; no VeChain-specific PQC HSM commitment. TEEs: not in core consensus path.
7 Governance & Coordination weight 8% 43 / 100
101 AMs selected by Foundation KYC + 25M VET collateral. Foundation-controlled selection makes validator set highly coordinated but introduces centralization concentration. Hayabusa weighted-DPoS broadens delegation but core validator selection retains Foundation oversight.
Galactica + Hayabusa shipped within five months on schedule. Multi-year Renaissance roadmap execution. Foundation-coordinated AM set enables tightly-managed upgrade coordination, positive for upgrade velocity, concentration risk for governance independence.
VeChain Foundation (Singapore non-profit). Public chain-leadership: Sunny Lu (CEO), Antonio Senatore (CTO joined 2024 from Deloitte Global), broader Foundation team. No named PQ migration WG or PQ-lead role.
No major adversarial-pressure coordination event in VeChain's history. Multi-year clean operational record but not a true adversarial test.
No published rate-limit canary, no cryptographic tripwire, no Hourglass-equivalent mechanism, no community honeypot.
X + Y vs Z, when does the math turn against you?
v3.1 demotes the X+Y vs Z timing test to a secondary signal, the headline output is Migration Stage. The timing test still answers the question: can this chain finish migrating before the threat lands?
Verdict
X+Y reaches 2034–2041, Crisis Zone (vs Z10 2030); partial Outside risk window (vs Z25 2035)
Z-compliance
Outside compliance window, secp256k1 non-compliant under NIST 2030 deprecation / 2035 disallowance; EU NIS2 derivative pressure on enterprise customer base
Source-disagreement disclosure
v3.1 requires every chain card to publish material divergences among authoritative sources, plus the delta-QRI under alternative weighting.
Some enterprise-blockchain coverage frames PoA / PoA 2.0 as inherently more migration-ready on the argument that Foundation-coordinated AMs can hard-fork uniformly. LayerQu's reading: coordination capacity is real (Galactica + Hayabusa demonstrate it), but coordination alone does not constitute PQ readiness, primitive replacement requires spec, testnet, cryptographic library work, HW/wallet supply-chain alignment, none of which VeChain has published.
Delta-QRI under alternative weighting
Under alternative weighting that gives extra credit for Foundation-coordination capacity in 4c and 7b, VeChain QRI rises ~+2-3 to 26-27.
Announcement-to-shipped ratio
Announced: 0. Shipped: 0. Ratio: 0.
Tag: none, no announcement to falsify; honest by silence
Peers in the L1 profile
9 chains closest to VeChain by Stage then QRI.