stablecoin
Ethena USDe USDE
Ethena USDe is a standard ERC-20 stablecoin on Ethereum with no independent post-quantum cryptographic layer. All quantum-relevant properties inherit from Ethereum L1 for basic token transfers (per QRI Section 7.2 Token Inheritance), but token-specific admin and governance controls — including a 5/11 Gnosis Safe Dev Multisig with 608 on-chain transactions (public key permanently exposed), MINTER/REDEEMER/GATEKEEPER EOAs, Reserve Fund and Payout Fund multisigs, and off-chain institutional custodian MPC arrangements — are entirely ECDSA-dependent with no PQC, hybrid-PQC, or migration path. Ethena Labs has published no cryptographic inventory, no quantum threat model, no migration roadmap, and no quantum-specific audit. Third-party reports (StablePQC, EternaX) independently identify Ethena USDe admin keys as exposed and quantum-vulnerable. Approximately $3.96B in circulating supply is protected by quantum-vulnerable admin keys whose compromise would enable unlimited unbacked minting and peg collapse. The QRI Score is 1, capped by the absence of any public cryptographic inventory (Readiness & Risk Cap: 10) and a Factor Score of 1 across all five categories.
Roadmap OnlyToken: Inherits L1 Score [Ethereum]
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
0 / 20
Migration Mechanism, Governance & Ecosystem Coordination
0 / 15
Migration Status & Value-at-Risk
1 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
0 / 5
Critical Quantum Blockers
- No public cryptographic inventory or quantum threat model has been published by Ethena Labs (Readiness & Risk Cap: 10).
- All production spend authorization and admin-key controls rely exclusively on ECDSA secp256k1 (Ethereum EOAs and Gnosis Safe multisigs); no PQC or hybrid-PQC path exists (Readiness & Risk Cap: 40).
- Admin multisig public keys are permanently exposed on-chain (608+ transactions for Dev Multisig), creating a long-exposure quantum vulnerability with no migration, freeze, or deprecation path (Readiness & Risk Cap: 55).
- A quantum adversary who compromises the admin multisig could mint unlimited USDe, drain collateral, freeze/redistribute staked funds, and collapse the ~$3.96B peg, making this a plausible quantum-enabled path to theft and inflation (Readiness & Risk Cap: 60).
- Off-chain institutional custodians (Copper, Ceffu, Kraken, Anchorage) securing the backing assets rely on classical MPC/multisig setups; compromise of custodian keys would destroy the collateral backing and collapse USDe (Readiness & Risk Cap: 70).
Key Risks
- QUANTUM-CRITICAL: The 5/11 Dev Multisig (0x3B0AAf6e6fCd4a7cEEf8c92C32DFeA9E64dC1862) is the owner of all Ethena mainnet smart contracts. It has executed 608 on-chain transactions, permanently exposing its ECDSA public key. A quantum adversary who recovers the corresponding private key gains unlimited minting authority, can change all contract parameters, and can drain or freeze protocol assets.
- QUANTUM-CRITICAL: The Reserve Fund multisig (4/10, 0x2b5ab59163a6e93b4486f6055d33ca4a115dd4d5) and sUSDe Payout Fund multisig (3/11, 0x71e4f98e8f20c88112489de3dded4489802a3a87) are additional ECDSA-based long-exposure surfaces controlling $62.5M+ in protocol reserves and yield distribution.
- QUANTUM-CRITICAL: MINTER and REDEEMER roles are EOA addresses on Ethereum. While these are hot wallets with per-block limits ($100K mint, ~$200K redeem), the GATEKEEPER role (also EOAs) and DEFAULT_ADMIN_ROLE (multisig) that can re-enable or escalate privileges are also quantum-vulnerable.
- QUANTUM-CRITICAL: Off-chain backing assets (~$3.96B equivalent) are held by institutional custodians (Copper, Ceffu, Kraken, Anchorage) using classical MPC/multisig setups. Quantum compromise of custodian keys would result in theft of the entire collateral backing, instantly breaking the USDe peg.
- QUANTUM-CRITICAL: The EthenaMinting contract uses EIP-712 signatures (ECDSA) for mint/redeem order verification. Users who have submitted signed orders have exposed their public keys. Forgery of these signatures by a quantum adversary could enable unauthorized minting or redemption.
- STRUCTURAL: USDe is deployed on 20+ chains via bridge/wrapper contracts, each with its own multisig governance. These create additional quantum-vulnerable surfaces not exhaustively evaluated in this report.
- STRUCTURAL: Even if Ethereum L1 completes its PQC migration (~2029 target), Ethena's already-deployed multisigs, admin EOAs, and custodian arrangements would remain on quantum-vulnerable keys until independently migrated. There is no evidence Ethena has begun planning for this.
Assurance Notes
- Existing smart-contract audits (Code4rena 2023-10, Chaos Labs economic security review) are stale (2023-2025) and scope-mismatched: they cover classical access-control and economic risks but do not address post-quantum cryptography, quantum threat modelling, or migration readiness.
- No quantum-specific audit or cryptographic review of any kind has been performed on the USDe token contracts, admin multisigs, or off-chain custodian arrangements.
- The Dev Multisig (5/11 Gnosis Safe at 0x3B0AAf6e6fCd4a7cEEf8c92C32DFeA9E64dC1862) has executed 608 on-chain transactions as of the evaluation date, permanently exposing its ECDSA public key. This is a long-exposure (at-rest) quantum vulnerability.
- The Reserve Fund multisig (4/10 at 0x2b5ab59163a6e93b4486f6055d33ca4a115dd4d5) and sUSDe Payout Fund multisig (3/11 at 0x71e4f98e8f20c88112489de3dded4489802a3a87) are also standard Ethereum accounts whose public keys are exposed if they have transacted.
- Ethena Labs has not published a quantum risk assessment, cryptographic inventory, PQC migration roadmap, or any quantum-related preparedness documentation as of the evaluation date.
- Third-party reports (StablePQC, EternaX) independently corroborate that Ethena USDe admin keys are exposed and the protocol has no post-quantum readiness.
- USDe circulates on 20+ chains (Solana, BNB, Arbitrum, Base, etc.) via bridge/wrapper deployments; each chain's multisig and bridge dependency introduces additional quantum-vulnerable surfaces not exhaustively evaluated in this token-level scope.
Non-Scoring Caveats
- Code4rena audit (2023-10) and Chaos Labs economic security review (2025) are stale for quantum purposes but remain relevant for classical smart-contract security; their age does not independently reduce the QRI Score since the quantum-critical vulnerability is independently verifiable from on-chain data.
- No formal quantum-specific incident-response playbook exists; this is recorded as an assurance note because the absence does not independently create a quantum-vulnerable path beyond those already identified.
- No formal PQC performance/resource benchmark exists; note-only since no PQC implementation exists to benchmark.
- Multi-chain USDe deployments on 20+ chains (Solana, BNB, Arbitrum, etc.) introduce additional bridge and multisig quantum-vulnerable surfaces not fully evaluated in this Ethereum-mainnet token scope.
- USDe supply figures vary across sources ($3.96B CoinMarketCap, $4.45B CoinGecko, $6.07B Ethena governance update Feb 2026); the QRI Score uses the conservative lower bound but the quantum-critical assessment is unchanged at any of these figures.
- Future Ethereum L1 PQC upgrades (targeted ~2029 per EF roadmap) would not automatically rekey Ethena's already-deployed multisigs, admin EOAs, or off-chain custodian arrangements; each must be migrated independently.
Evidence record
Claims and Caveats
Security Assessment & Evidence Preparedness
Public cryptographic inventory and quantum threat model (weight 3)
Claim: No public cryptographic inventory or quantum threat model has been published by Ethena Labs.
Coverage basis: PQ/hybrid usage assessment
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No public cryptographic inventory (Readiness & Risk Cap: 10)
Assurance: Absence of any quantum-specific documentation is evidenced by comprehensive search of official docs, GitHub repos, audits page, and third-party reviews. StablePQC independently lists Ethena as having exposed admin keys with no PQC readiness.
Ethena documentation describes its smart-contract architecture (Gnosis Safe multisigs, EIP-712 signatures, role-based access control) but never in a quantum-threat context. No inventory of vulnerable cryptographic primitives, no attack-surface analysis, and no quantum timeline assessment exists.
Security Assessment & Evidence Preparedness
Public evidence record supporting the assessment (weight 2)
Claim: No quantum-specific evidence record (code references, specs, transaction examples, reproducible analytics) has been published by Ethena Labs.
Coverage basis: PQ/hybrid usage assessment
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: The on-chain evidence of quantum vulnerability (exposed multisig public keys, ECDSA-only contracts) is independently verifiable via Etherscan, but Ethena Labs has not assembled or published this evidence in a quantum-readiness context.
While third-party reports (StablePQC, EternaX) provide quantum-vulnerability evidence, the QRI subfactor evaluates the project's own published evidence record supporting a quantum assessment. Ethena has published none.
Production Cryptographic Protection
Spend authorization / transaction signatures are PQC or hybrid-PQC on mainnet (weight 9)
Claim: USDe token transfers use standard ERC-20 transfer/approve mechanics relying on Ethereum ECDSA secp256k1 for spend authorization. No PQC or hybrid-PQC signature path exists.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Active production spend authorization remains entirely ECDSA-only (Readiness & Risk Cap: 40)
Assurance: USDe contract extends OpenZeppelin ERC20Burnable and ERC20Permit. Both rely on Ethereum's native ECDSA for transfer/approve authorization and EIP-2612 permit signatures. Verified on Etherscan.
Per QRI Section 7.2 (Token Inheritance), USDe inherits Ethereum L1 cryptographic properties for standard token transfers. Token-holder spend authorization vulnerability is inherited from Ethereum, not independently scored here. However, token-specific admin authorization (evaluated separately) is also ECDSA-only.
Production Cryptographic Protection
Account, address, public-key exposure, and key-derivation design (weight 7)
Claim: All USDe token holders use standard Ethereum EOAs. Any address that has sent a transaction has permanently exposed its ECDSA public key on-chain. The Dev Multisig (608 transactions), Reserve Fund, and Payout Fund multisigs all have long-exposure public keys.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Material long-exposure quantum-vulnerable value exists with no migration, freeze, deprecation, burn, recovery, or policy path (Readiness & Risk Cap: 55)
Assurance: Dev Multisig has 608 total transactions as of 2026-06-02 per Etherscan, confirming public key exposure since contract creation (2023-09-28). Reserve Fund and Payout Fund multisigs are also standard Ethereum accounts.
Long-exposure attack window applies: these public keys can be attacked offline with no time constraint. No key-rotation mechanism, no PQ address scheme, and no deprecation path exists for any of these critical admin accounts.
Production Cryptographic Protection
Consensus-critical authentication (weight 6)
Claim: USDe is an ERC-20 token and does not operate a consensus layer. This subfactor is N/A for a token-level evaluation.
Coverage basis: N/A
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
State-integrity and data-availability mechanisms (weight 6)
Claim: USDe supply integrity depends on the minter address (EthenaMinting contract) which is controlled by the ECDSA-based Dev Multisig. A quantum compromise of the multisig would enable unlimited unbacked minting, destroying supply integrity. No quantum-safe supply-binding mechanism exists.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Quantum attack can plausibly break supply integrity in a critical layer (Readiness & Risk Cap: 60)
Assurance: USDe.sol grants exclusive minting authority to a single minter address. That minter is the EthenaMinting contract, whose DEFAULT_ADMIN_ROLE is the Dev Multisig (5/11 Gnosis Safe, ECDSA). The multisig can change the minter, add/remove supported assets, and modify custodian addresses. All controls trace back to ECDSA keys.
The per-block mint limit ($100K) provides some damage containment for hot-wallet MINTER compromise but does not protect against admin multisig compromise, which can remove all limits and roles. GATEKEEPER EOAs can disable minting but are themselves ECDSA-based and could be compromised by the same quantum adversary.
Production Cryptographic Protection
Privacy and proof layers (weight 3)
Claim: USDe has no privacy layer, shielded pool, ZK proof system, note encryption, or stealth address mechanism.
Coverage basis: N/A
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
P2P transport, node identity, and peer authentication (weight 2)
Claim: USDe is a token, not a network with P2P nodes.
Coverage basis: N/A
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
Critical wallet, custody, HSM, signer workflows support PQ/hybrid path (weight 2)
Claim: All critical wallet and custody workflows — Dev Multisig (Gnosis Safe 5/11), Reserve Fund (4/10), Payout Fund (3/11), MINTER/REDEEMER/GATEKEEPER EOAs, and off-chain institutional custodians (Copper, Ceffu, Kraken, Anchorage) — rely exclusively on ECDSA or classical MPC with no PQC or hybrid-PQC support.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Major custody path remains quantum-vulnerable with no migration path (Readiness & Risk Cap: 70)
Assurance: On-chain multisig configurations are verified via Etherscan and Safe Transaction Service API. Off-chain custodian MPC details are based on secondary reports (Substack independent researcher, 2024) and Ethena governance updates confirming Kraken, Anchorage, Copper, and Ceffu as custodians. Exact custodian MPC algorithms cannot be independently verified, but all known institutional custody solutions use classical cryptography.
Ethena's February 2026 governance update confirms Kraken joined as a custody partner alongside Anchorage Digital Bank, Copper, and Ceffu. None of these custodians have publicly announced PQC-ready custody infrastructure as of the evaluation date. The existence of multiple custodians diversifies operational risk but does not mitigate quantum risk if all use quantum-vulnerable cryptography.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected (weight 20)
Claim: 0% of the ~$3.96B USDe circulating supply is protected by quantum-resistant mechanisms. No PQC or hybrid-PQC controls exist at any layer of the protocol. The admin keys controlling the entire supply and its backing collateral are quantum-vulnerable.
Coverage basis: Migrated value
Implementation score: 0.05 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Material long-exposure quantum-vulnerable value exists with no migration path (Readiness & Risk Cap: 55)
Assurance: Market cap figures vary across sources: CoinMarketCap ~$3.96B, CoinGecko ~$4.45B, Kraken ~$3.97B (all as of early June 2026), Ethena governance update $6.07B (Feb 2026). The precise figure fluctuates but all values are in the multi-billion-dollar range with zero quantum protection. Coverage assessment is unambiguous at any of these figures.
Coverage is assessed as <25% because no PQC or hybrid-PQC protection exists at any layer. According to QRI coverage thresholds, <25% coverage yields earned points of 1 (out of 20), corresponding to implementation score 0.05.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native (weight 3)
Claim: None of the critical wallets — Dev Multisig (5/11), Reserve Fund (4/10), Payout Fund (3/11), 20+ chain-specific multisigs, MINTER/REDEEMER/GATEKEEPER EOAs, or off-chain custodian accounts — have been migrated to or protected by PQC or hybrid-PQC mechanisms.
Coverage basis: Migrated value
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: All critical wallet addresses are publicly documented on docs.ethena.fi and verifiable on Etherscan. All are standard Ethereum accounts or Gnosis Safe deployments using ECDSA secp256k1. No PQC migration has been initiated for any of them.
The 20+ chain-specific multisigs (Solana Squads, Aptos RimoSafe, Berachain Safe, etc.) represent additional critical wallets on non-Ethereum chains, each with their own quantum-vulnerable key material. This token-level evaluation focuses on Ethereum mainnet but notes the expanded attack surface.
Migration Status & Value-at-Risk
Legacy vulnerable pools/accounts/UTXOs/contracts identified, measurable, deprecated, migrated, frozen, or proven not to exist (weight 2)
Claim: No vulnerable admin keys, multisigs, or custodian arrangements have been identified as quantum-vulnerable by Ethena Labs, and no deprecation, migration, freeze, or burn policy exists for any quantum-vulnerable surface.
Coverage basis: Migrated value
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No identification or deprecation of vulnerable admin surfaces (supports Readiness & Risk Cap: 55)
Assurance: Comprehensive search of Ethena documentation, GitHub repos, governance forum, and audit reports reveals zero mention of quantum vulnerability identification, measurement, or deprecation planning for any protocol component.
Third-party reports (StablePQC, EternaX) have identified Ethena's admin keys as quantum-vulnerable, but Ethena Labs itself has not acknowledged, measured, or planned remediation for these vulnerabilities.
Migration Mechanism, Governance & Ecosystem Coordination
Public migration or protection roadmap (weight 3)
Claim: No public quantum-migration or PQC-protection roadmap exists for USDe or any Ethena protocol component.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: Ethena governance forum and documentation contain no quantum-related proposals, discussions, or roadmap entries. GitHub repositories contain no PQC-related branches, issues, or pull requests.
The absence of a roadmap is not merely an assurance gap — it means there is no documented path from the current fully-vulnerable state to any protected state, reinforcing the Readiness & Risk Caps applied elsewhere.
Migration Mechanism, Governance & Ecosystem Coordination
Migration accessibility and defaults (weight 5)
Claim: No PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, or migration prompts exist for USDe or its admin infrastructure.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: No evidence of any migration tooling, wallet support, or user communication regarding quantum risks was found in any Ethena-controlled channel.
For standard ERC-20 token holders, migration accessibility would depend on Ethereum L1 PQC support (targeted ~2029). For Ethena's admin keys and multisigs, no migration path exists at all.
Migration Mechanism, Governance & Ecosystem Coordination
Migration enforcement and coordination (weight 4)
Claim: No enforcement mechanisms exist for quantum migration. No deprecation of vulnerable signing paths, no restricted withdrawals, no unsafe-path blocking, no mandatory migration deadlines, and no exchange/custody/bridge coordination for quantum-safe migration.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: The Ethena governance model uses a hybrid approach (ENA token voting + Risk Committee + multisig execution). No quantum-migration enforcement mechanism has been proposed or discussed in any governance venue.
Ethena's multi-chain deployment across 20+ chains means migration coordination would need to span multiple ecosystems, custodians, exchanges, and bridge providers — a significantly more complex coordination challenge than a single-chain protocol.
Migration Mechanism, Governance & Ecosystem Coordination
Emergency disclosure, incident-response, or governance process for quantum-related vulnerabilities (weight 3)
Claim: No quantum-specific emergency disclosure process, incident-response plan, or governance procedure exists. The general security model (GATEKEEPER role for emergency pause) is itself ECDSA-dependent and quantum-vulnerable.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: The existing emergency mechanism (GATEKEEPER_ROLE) can disable minting/redeeming but relies on EOA keys that would be compromised by the same quantum attack. The DEFAULT_ADMIN_ROLE (multisig) that re-enables functions is also ECDSA-based. No quantum-specific response capability exists.
The per-block mint/redeem limits ($100K mint, ~$200K redeem) provide some containment for hot-wallet compromise but are irrelevant against admin multisig compromise, which can remove all limits. A quantum adversary with multisig control faces no mechanical barrier to unlimited minting.
Algorithm & Implementation Assurance
Uses NIST-standardized, standards-track, or broadly reviewed PQC/hybrid-PQC algorithms (weight 6)
Claim: No PQC or hybrid-PQC algorithms are used in any USDe protocol component. All cryptographic operations rely on ECDSA secp256k1 (Ethereum native) and Keccak-256 hashing.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: Verified on-chain: USDe token contract (0x4c9e...68b3) extends OpenZeppelin ERC20, ERC20Burnable, ERC20Permit, and Ownable2Step. None of these use or support PQC algorithms. EthenaMinting contract uses ecrecover for EIP-712 signature verification (ECDSA).
NIST published FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) in August 2024. As of June 2026, Ethena has adopted none of these standards for any protocol function.
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit for quantum-critical scope (weight 6)
Claim: No independent cryptographic audit or implementation review of any quantum-critical property exists. Existing audits (Code4rena 2023-10, Chaos Labs economic security) cover classical smart-contract risks only.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Existing audits are scope-mismatched for quantum purposes. The Code4rena audit (October 2023) focused on access control, minting logic, and economic security. The Chaos Labs review covered economic risk parameters. Neither addressed post-quantum cryptography, quantum threat models, or migration readiness. Per QRI Section 8.2, the absence of a quantum-specific audit does not independently create a Readiness & Risk Cap since the quantum vulnerability is verifiable from on-chain data. However, it limits confidence.
The Implementation Score is 0.00 because there is no PQC implementation to audit, not because existing audits are inadequate. If a PQC implementation were deployed, a new in-scope audit would be needed.
Algorithm & Implementation Assurance
Open-source, reproducible implementation (weight 3)
Claim: The classical (ECDSA-based) smart contracts are open-source and verified on Etherscan, but there is no PQC or hybrid-PQC implementation to evaluate for reproducibility.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: Source code for USDe.sol, EthenaMinting.sol, and StakedUSDeV2.sol is available on GitHub and verified on Etherscan. However, since no PQC implementation exists, this subfactor receives 0.00 for the quantum-critical scope.
If Ethena were to deploy PQC-enabled contracts, the existing open-source practices would support a higher score for this subfactor. Currently, there is nothing quantum-relevant to evaluate.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path (weight 2)
Claim: No documented parameter agility or cryptographic upgrade path exists for migrating from ECDSA to PQC. The protocol's upgrade mechanism (multisig-controlled contract ownership) could theoretically deploy new contracts but no PQC migration plan, specification, or timeline exists.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: The protocol's ownership model (multisig as contract owner) provides a technical upgrade path for deploying new contracts, but no PQC-specific parameter agility, algorithm selection criteria, or upgrade specification has been documented. The existence of a generic admin upgrade capability does not constitute a quantum-migration plan.
The USDe.sol contract allows the owner to change the minter address, which could point to a new PQC-enabled minting contract. However, the multisig owner itself would need to be migrated first — a circular dependency that has not been addressed.
Algorithm & Implementation Assurance
Stateful-signature safety, side-channel, fault-injection, state-management, HSM, and custody implementation risks (weight 2)
Claim: No PQC signature implementation exists, so stateful-signature safety (XMSS/LMS anti-reuse), side-channel, and fault-injection considerations are not applicable to the current production system. Classical custody risks are managed through institutional custodians but without quantum-specific threat modelling.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: Ethena documents that multisig keys are cold wallets with geographic distribution. Custodians (Copper, Ceffu, Kraken, Anchorage) are regulated institutional-grade providers. However, none of these operational security measures address quantum threats to the underlying ECDSA/MPC cryptography.
This subfactor primarily addresses risks specific to PQC implementations (e.g., stateful hash-based signature safety). Since no PQC implementation exists, the Implementation Score is 0.00. Classical custody security practices, while operationally sound, provide no quantum protection.
Algorithm & Implementation Assurance
Performance and resource-impact analysis for PQC deployment (weight 1)
Claim: No performance or resource-impact analysis exists for deploying PQC signatures or key encapsulation in the USDe protocol context.
Coverage basis: PQ/hybrid usage
Implementation score: 0 · Evidence confidence: High
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Per QRI Section 8.2, the absence of a formal performance benchmark does not independently create a Readiness & Risk Cap. However, if PQC were to be deployed, signature sizes (ML-DSA: ~2.4KB vs ECDSA: 64 bytes) could affect gas costs for multisig transactions and mint/redeem operations, making this analysis practically important for future migration planning.
The Ethereum Foundation's PQC research notes that ML-DSA signatures are approximately 37x larger than ECDSA signatures. For Ethena's Gnosis Safe multisig (which bundles multiple signatures in a single transaction), this size increase could significantly affect gas costs and block-space consumption.
Report metadata