npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

qnsqy

v7.2.19

Published

Post-quantum cryptography tool. NIST FIPS 203 / 204 / 205 algorithms hybridized with classical X25519, Ed25519, AES-256-GCM. Local-only execution. 84 MCP tools for AI agents.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

quantumsequrityquantumsequrity

Keywords

post-quantumcryptographyencryptionml-kemml-dsaslh-dsafips-203fips-204fips-205hybridpqcquantum-safequantum-resistantharvest-now-decrypt-laterhndlmcpmodel-context-protocol

Readme

QNSQY

Post-quantum cryptography tool, NIST FIPS 203 / 204 / 205.

QNSQY ships ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) hybridized with X25519, Ed25519, and AES-256-GCM. The single binary covers encrypt, decrypt, sign, verify, hash, keygen, threshold, and escrow operations. File content, passwords, and private keys never leave the machine. Network access is restricted to billing metadata only, enforced by seccomp-bpf on Linux. 84 MCP tools are exposed for AI agents over JSON-RPC 2.0 stdio.

Install

Install globally:

npm install -g qnsqy

Run once without installing:

npx qnsqy --help

On install, this package downloads the QNSQY 7.2.19 binary for your platform from cdn.quantumsequrity.com, verifies its SHA-256 hash against the value pinned in lib/manifest.json, and places it under node_modules/.bin/qnsqy. No binary is bundled in the npm tarball.

Quick start

# Encrypt a file. The default algorithm is ML-KEM-512 + X25519 hybrid.
# The output is secret.pdf.qs.
qnsqy encrypt -i secret.pdf

# Decrypt.
qnsqy decrypt -i secret.pdf.qs

# Generate a hybrid signing keypair (ML-DSA-44 + Ed25519).
qnsqy keygen-sign -o mykey -n "My Signing Key"

# Sign a file.
qnsqy sign -i report.txt -k mykey

# Verify a signature.
qnsqy verify -i report.txt -k mykey.pub

# BLAKE3 hash a file.
qnsqy hash -i secret.pdf

# Show version and tier.
qnsqy version

For the full command list, run qnsqy --help or see https://quantumsequrity.com/docs.html.

Platforms

| Platform | Status | |-----------------|----------------------------------------------------------------------------------| | Linux x86_64 | Supported. Requires glibc 2.35+ (Ubuntu 22.04+, Debian 12+, Fedora 40+, AlmaLinux 10). | | Windows x86_64 | Supported. Windows 10 1809+ and Windows 11. | | macOS | Not shipping yet. Target Q3 2026. npm install exits 1 on darwin with a friendly message. | | ARM (any OS) | Not shipping yet. npm install exits 1 with a friendly message. |

If npm install refuses to install on your platform with an EBADPLATFORM error, that is the npm os / cpu field acting as a guard rail. It is not a bug in your toolchain.

How this package works

The npm package is a thin wrapper. The actual QNSQY binary is not bundled.

  1. npm install -g qnsqy triggers postinstall.js.
  2. postinstall.js selects the right artifact for your platform from lib/manifest.json.
  3. The artifact is downloaded from cdn.quantumsequrity.com over HTTPS, using Node 18+ built-in fetch. HTTPS_PROXY and HTTP_PROXY env vars are honoured via the standard agent.
  4. The download is verified against the SHA-256 hash pinned in the manifest. On mismatch, install fails and both hashes are printed.
  5. On Linux the DEB is unpacked in-process (the wrapper parses the ar archive itself, no dpkg required) and usr/bin/qnsqy is extracted with the system tar.
  6. On Windows the standalone .exe is dropped directly into the package's bin/ directory.
  7. The binary is installed atomically (write to .tmp, fsync, rename) and chmod 755 on POSIX.
  8. node_modules/.bin/qnsqy is a Node shim (bin/qnsqy.js) that execs the platform binary with your arguments and propagates exit codes and signals.

The wrapper has zero npm dependencies. It uses Node 18+ stdlib only (fs, path, os, crypto, child_process, built-in fetch).

Air-gapped install

If your machine cannot reach cdn.quantumsequrity.com, pre-stage the QNSQY binary on disk and point the postinstall at it with the QNSQY_BINARY_PATH env var:

# 1. On a machine with network access, download the binary for the
#    target platform from https://quantumsequrity.com/download.
#    Verify its SHA-256 manually.
# 2. Copy the binary to the air-gapped machine (USB, internal mirror, etc.).
# 3. Install with scripts disabled so the wrapper does not try to fetch:

QNSQY_BINARY_PATH=/path/to/qnsqy \
  npm install -g --ignore-scripts qnsqy

# 4. Re-run the postinstall by hand so QNSQY_BINARY_PATH is honoured:

QNSQY_BINARY_PATH=/path/to/qnsqy \
  node $(npm root -g)/qnsqy/postinstall.js

The escape hatch copies the binary verbatim. No SHA-256 check is performed in that path: you are responsible for verifying the binary out-of-band before staging it.

Verification

You can verify the downloaded binary manually against the official checksums on the download page.

# Linux DEB
sha256sum qnsqy_7.2.19-1_amd64.deb
# Expected:
# 983bfed387a969ecf9983f65fa27ee3025ed6edb5c32a38b91acd78a04d561a9

# Windows standalone
certutil -hashfile qnsqy-7.2.19-x86_64.exe SHA256
# Expected:
# a6aaabdca0864dd843b8f238471a7c5d15517b05ffd6b322eac6ca37a570c090

The canonical hash list is published at https://quantumsequrity.com/download under "SHA-256 Checksums".

QNSQY releases are also signed with ML-DSA-87 (NIST FIPS 204) and logged to the Sigstore Rekor transparency log. See the download page for the post-quantum signature verification flow.

Tier model

QNSQY has four tiers: Free, Pro, Business, Enterprise. Tier is determined at runtime by the billing API on first run, not at install time. Installing via npm does not grant Pro, Business, or Enterprise access.

  • Free covers ML-KEM-512 + ML-DSA-44 with no file size limit and works without an account. Advanced algorithms have a 100 MB per-file limit.
  • Pro unlocks ML-KEM-768/1024, ML-DSA-65/87, SLH-DSA, 25 GB file limit, batch operations, the encrypted password vault, audit logging, and password rekey.
  • Business adds HQC, FN-DSA, LMS, pure KEM mode, M-of-N threshold encryption, Shamir secret sharing, time-lock, steganography, deniable encryption, polyglot files, PQ migration scanning, encryption policy management, recipient groups, and key escrow.
  • Enterprise adds air-gap license bundles, HSM integration, SLA, and a dedicated engineering channel.

See https://quantumsequrity.com/pricing.html for current pricing.

Disclaimers

QNSQY uses NIST-standardized algorithms (FIPS 203 ML-KEM, FIPS 204 ML-DSA, FIPS 205 SLH-DSA, FIPS 206 draft FN-DSA, SP 800-208 LMS, RFC 9106 Argon2id). The product itself holds no CMVP certificate (so is not a FIPS 140 module), no SOC 2 attestation, no U.S. federal cloud ATO under the standard government program, and no external HIPAA audit on file. The vendor does not sign HIPAA Business Associate Agreements.

The distinction matters: "uses NIST algorithms" is a property of the cryptographic primitives; "FIPS 140 validated" is a property of a CMVP-tested cryptographic module. QNSQY is the former, not the latter.

Compliance documentation packages (control mapping, algorithm usage, data flow) are available on request for Business tier customers as a starting point for your internal or third-party audit.

Links

  • Homepage: https://quantumsequrity.com
  • Documentation: https://quantumsequrity.com/docs.html
  • Pricing: https://quantumsequrity.com/pricing.html
  • Download page: https://quantumsequrity.com/download
  • Contact: https://quantumsequrity.com/contact
  • Security disclosure: [email protected]