qshield-sdk

Quantum security SDK for Solana. Analyze key exposure, score risk, intercept vulnerable transactions, and migrate assets — before quantum computers catch up.

Install

npm install qshield-sdk @solana/web3.js

Quick Start

import { QuantumShield } from 'qshield-sdk'
import { Connection } from '@solana/web3.js'

const qs = new QuantumShield({
  connection: new Connection('https://api.mainnet-beta.solana.com'),
  mode: 'monitor'
})

// Analyze a key's quantum exposure
const analysis = await qs.analyze('YOUR_PUBLIC_KEY')

console.log(analysis.riskScore)      // 0–1
console.log(analysis.exposureLevel)  // 'fresh' | 'low' | 'moderate' | 'high' | 'critical'
console.log(analysis.recommendation) // actionable next step

Features

Key Analysis

Every Solana key using Ed25519 is theoretically vulnerable to quantum attack via Shor's algorithm. qs.analyze() queries real on-chain data to quantify how exposed a specific key is.

const analysis = await qs.analyze('7xKX...')

// analysis.totalTransactions   → real on-chain tx count
// analysis.balanceSOL          → SOL at risk
// analysis.exposureLevel       → risk classification
// analysis.programsInteracted  → Token Program, Jupiter, etc.
// analysis.ageDays             → how long the key has been exposed

Transaction Scanning

Scan transactions before broadcast. Every signer's on-chain history is analyzed and an aggregate risk score is produced.

const result = await qs.scan(transaction)

// result.safe       → boolean
// result.action     → 'allow' | 'warn' | 'block'
// result.riskScore  → aggregate risk
// result.signers    → per-signer breakdown

In enforce mode, high-risk transactions are blocked automatically.

Key Migration

Move all assets from a high-exposure key to a fresh one with zero downtime.

const plan = await qs.planMigration('source-key')
const result = await qs.migrate(sourceKeypair, freshKey.publicKey)

Continuous Monitoring

Poll keys on an interval and fire alerts when risk scores cross your threshold.

const monitor = qs.createMonitor(
  ['key1...', 'key2...'],
  (alert) => console.log(`Risk alert: ${alert.publicKey} → ${alert.riskScore}`),
  60_000
)

monitor.start()
monitor.addKey('new-key...')
monitor.stop()

Post-Quantum Attestation

Cryptographic proof binding a Solana key to a quantum-resistant ML-DSA key (NIST FIPS 204). When Solana adds PQ signature support, migration will be seamless.

import { generatePQKeypair, createAttestation, verifyAttestation } from 'qshield-sdk'

const pqKeys = await generatePQKeypair()
const attestation = await createAttestation('solana-key', pqKeys.secretKey, pqKeys.publicKey)
const valid = await verifyAttestation(attestation)

Risk Scoring

Risk scores are based on real on-chain data across four weighted factors:

| Factor | Weight | Description | |--------|--------|-------------| | Transaction exposure | 35% | More signatures = more public key material on-chain | | Value at risk | 30% | Higher SOL balance = higher priority target | | Recent activity | 20% | Active keys are higher priority | | Key age | 15% | Older keys have been exposed longer |

Exposure Levels

| Level | Transactions | |-------|-------------| | fresh | 0 | | low | 1–10 | | moderate | 11–100 | | high | 101–1,000 | | critical | 1,000+ |

Configuration

const qs = new QuantumShield({
  connection,              // Solana RPC connection
  mode: 'enforce',         // 'monitor' (warn) or 'enforce' (block)
  policy: {
    maxRiskScore: 0.5,     // block/warn threshold
    maxKeyExposureTx: 500, // alert after N transactions
    blockHighRisk: true,   // auto-block high risk tx
    alertThreshold: 0.6,   // monitor alert threshold
    onBlock: (result) => { /* handle blocked tx */ },
    onWarn: (result) => { /* handle warnings */ },
  }
})

Links

• Documentation
• GitHub
• X / Twitter

License

MIT