meme token
Siren SIREN
Siren (SIREN) is a standard BEP-20 meme token on BNB Chain with renounced ownership. Under QRI Section 7.2 (Token Inheritance), it inherently shares BNB Chain's QRI score of 19/100 (Stage 1: Quantum Risk Assessed) per external reference (LayerQu). BNB Chain has acknowledged quantum risk and published a detailed PQC migration research report in May 2026 testing ML-DSA-44 and pqSTARK, but no PQC protection is deployed on mainnet. All production spend authorization remains ECDSA-only and consensus remains BLS-only — both quantum-vulnerable. The token's renounced ownership eliminates token-specific admin-key quantum risk, but all token value (~$344M market cap) is exposed through the L1's quantum-vulnerable transaction path. The score reflects early-stage research preparedness without any meaningful production quantum protection.
Inherits L1 Score [BNB Chain]Roadmap OnlyMeme TokenBEP-20
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
4.44 / 20
Migration Mechanism, Governance & Ecosystem Coordination
1.02 / 15
Migration Status & Value-at-Risk
1 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
1.25 / 5
Critical Quantum Blockers
- BNB Chain mainnet spend authorization remains entirely ECDSA (secp256k1) — quantum-vulnerable. All SIREN token transfers inherit this vulnerability.
- BNB Chain consensus (BLS12-381 validator signatures) remains quantum-vulnerable with no mainnet PQC deployment.
- No token-level or L1-level mainnet PQC protection exists as of evaluation date.
Key Risks
- All SIREN token transfers rely on BNB Chain's ECDSA (secp256k1) transaction signatures, which are vulnerable to Shor's algorithm on a sufficiently powerful quantum computer.
- BNB Chain's BLS12-381 validator consensus signatures are quantum-vulnerable; a compromise could affect chain finality and all dependent tokens including SIREN.
- No mainnet PQC deployment timeline exists for BNB Chain. The May 2026 migration report is research-only with no committed activation date.
- SIREN has no independent quantum risk assessment, cryptographic inventory, or migration plan — it is entirely dependent on BNB Chain's quantum readiness trajectory.
- Value-at-risk is substantial (~$344M market cap) with zero quantum protection for any holder.
Assurance Notes
- SIREN is a standard BEP-20 token on BNB Chain and inherits the host chain's QRI score under QRI Section 7.2 (Token Inheritance). External reference (LayerQu) scores BNB Chain at QRI 19/100, Stage 1 (Acknowledged).
- BNB Chain published a comprehensive Post-Quantum Cryptography Migration Report (May 2026) testing ML-DSA-44 and pqSTARK, but this is research/prototype only — no PQC is deployed on BSC mainnet.
- SIREN token contract ownership is renounced (owner = 0x0000...00000000 per CertiK Skynet), eliminating token-specific admin-key quantum risk.
- The token contract (0x997a58129890bbda032231a52ed1ddc845fc18e1) is open-source and verified on BscScan but has no independent cryptographic audit.
- No token-specific quantum migration plan, tools, or coordination exists. All quantum risk is inherited from BNB Chain's ECDSA/BLS-only mainnet.
- BNB Chain's PQC research report explicitly states the work is 'research and evaluation, rather than a response to any immediate security threat.' No mainnet deployment date has been announced.
Non-Scoring Caveats
- SIREN token has no independent cryptographic audit; the contract is verified on BscScan but unscored by CertiK audit services. This is an assurance-only caveat for a standard BEP-20 token with no custom cryptography.
- Token supply concentration concerns (~50% held by a single cluster per Bubblemaps) are operational/market risks, not quantum-security issues, and do not affect the QRI score.
- BNB Chain's PQC test showed 40% throughput reduction; performance optimization is needed before production deployment. This is a roadmap/operational note.
- The token contract includes transfer mode controls (setMode) but these are inaccessible due to renounced ownership, so they pose no quantum-admin risk.
Evidence record
Claims and Caveats
Token Inheritance
Token Inheritance (QRI §7.2)
Claim: SIREN is a standard BEP-20 token on BNB Chain and inherently shares the base-layer QRI score.
Coverage basis: Token inherits L1 cryptographic security model; no custom crypto or cross-chain dependencies.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Multiple independent sources (BscScan, CoinGecko, CoinMarketCap) confirm the token is a standard BEP-20 on BNB Chain with no custom cryptographic primitives.
Token inheritance rule applies. SIREN QRI = BNB Chain QRI, adjusted only for token-specific admin/governance keys.
Admin Keys / Governance
Token-specific admin and governance keys
Claim: Token contract ownership is renounced; the owner address is the zero address.
Coverage basis: Renounced ownership eliminates token-specific quantum-vulnerable admin attack surface.
Implementation score: 1 · Evidence confidence: Medium
Issue classification: none · Score treatment: not applicable
Assurance: Confidence is Medium because no independent formal audit confirms the renounced ownership and absence of hidden admin paths. CertiK Skynet is an automated scan, not a full manual audit. The contract source code is verified on BscScan and shows standard OpenZeppelin Ownable with renounced ownership.
The contract includes setMode() for transfer restrictions, but this function is onlyOwner and ownership is renounced, rendering it inert. No upgradeability proxy detected.
Production Cryptographic Protection
Spend authorization / transaction signatures
Claim: All SIREN token transfers are authorized via BNB Chain's ECDSA (secp256k1) transaction signatures — quantum-vulnerable.
Coverage basis: Inherited from BNB Chain L1; no token-level signature scheme exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: BNB Chain mainnet production spend authorization is ECDSA-only. No PQC or hybrid-PQC signatures are available on mainnet.
Assurance: BNB Chain's own May 2026 migration report confirms current production signatures are ECDSA (secp256k1). The PQC test using ML-DSA-44 is research-only, not deployed on mainnet.
This is the primary quantum-critical vulnerability for SIREN holders. All token transfers, approvals, and interactions require ECDSA signatures that Shor's algorithm can break.
Production Cryptographic Protection
Account, address, public-key exposure, and key-derivation design
Claim: BNB Chain addresses and key derivation follow Ethereum-compatible ECC design; public keys are exposed on-spend and at-rest for transacted EOAs.
Coverage basis: Inherited from BNB Chain L1; BNB Chain uses keccak-256-hashed public keys in Ethereum-style addresses.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: BNB Chain account model exposes public keys for all transacted addresses, creating long-exposure attack surfaces.
SIREN token holders use standard BNB Chain addresses. Any address that has sent a transaction has an exposed public key vulnerable to offline quantum attack.
Production Cryptographic Protection
Consensus-critical authentication
Claim: BNB Chain consensus uses BLS12-381 validator vote signatures — quantum-vulnerable.
Coverage basis: N/A at token level; token has no independent consensus mechanism.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
While N/A for direct token scoring, BNB Chain consensus vulnerability indirectly threatens all tokens including SIREN if finality or chain integrity is compromised.
Production Cryptographic Protection
State-integrity and data-availability mechanisms
Claim: Token-level state integrity is managed by the BEP-20 contract on BNB Chain; no independent state-integrity mechanisms exist at the token layer.
Coverage basis: N/A at token level.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
Privacy and proof layers
Claim: SIREN has no privacy or ZK proof layer.
Coverage basis: N/A — token has no privacy features.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
P2P transport, node identity, and peer authentication
Claim: P2P networking is an L1 concern; token has no P2P layer.
Coverage basis: N/A at token level.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
Critical wallet, custody, HSM, and hardware-wallet workflows
Claim: No PQC or hybrid-PQC wallet/custody workflows exist for BNB Chain or SIREN.
Coverage basis: Inherited from BNB Chain L1; ECC-only wallet infrastructure.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No production PQC wallet, custody, or HSM support exists for BNB Chain tokens.
All SIREN holdings, including exchange-held and custody-held tokens, are protected only by ECDSA keys. No hardware wallet supports PQC for BNB Chain transactions.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected
Claim: 0% of SIREN value is quantum-protected. All ~$344M market cap is on quantum-vulnerable BNB Chain with ECDSA-only spend authorization.
Coverage basis: <25% coverage — no migration or protection exists.
Implementation score: 0.05 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: 100% of SIREN value-at-risk is quantum-vulnerable with no migration path.
Assurance: Market cap figure (~$344M) from CertiK Skynet as of evaluation date. All value is on BNB Chain mainnet with zero PQC protection.
Coverage threshold <25% maps to score of 1 out of 20 under QRI §9.3.1.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native
Claim: No SIREN-critical wallets (treasuries, exchanges, custodians, bridges, foundations) are quantum-protected. Token ownership is renounced so there is no admin treasury.
Coverage basis: No critical wallets migrated or protected.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: CertiK data shows top holder concentration (~32% major holding ratio) but these are standard EOA/contract addresses with no PQC protection.
While token ownership is renounced (no admin treasury to protect), exchange-held and large-holder SIREN balances remain fully quantum-vulnerable.
Migration Status & Value-at-Risk
Legacy vulnerable pools/accounts/UTXOs/contracts identified and addressed
Claim: No legacy vulnerable pool identification or deprecation exists at the token or L1 level.
Coverage basis: No identification or mitigation of vulnerable pools.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
All SIREN balances are in standard BNB Chain accounts vulnerable to quantum attack. No freeze, burn, deprecation, or migration mechanism exists for dormant or unmigratable vulnerable holdings.
Migration Mechanism, Governance & Ecosystem Coordination
Public migration or protection roadmap
Claim: BNB Chain has published a PQC migration research report (May 2026). SIREN has no independent roadmap.
Coverage basis: Inherited from BNB Chain; research report exists but is a proposal, not a committed deployment plan.
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: BNB Chain's report is explicitly labeled as research/evaluation, not a committed deployment plan. No mainnet activation date, governance proposal, or hard fork schedule exists.
Score 0.25 reflects public design/research plan status. The report identifies ECDSA and BLS vulnerabilities and proposes ML-DSA-44/pqSTARK but does not commit to deployment.
Migration Mechanism, Governance & Ecosystem Coordination
Migration accessibility and defaults
Claim: No PQC account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, or migration prompts exist for BNB Chain or SIREN.
Coverage basis: No migration tooling or accessibility exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No PQC account creation or transaction path exists for BNB Chain users.
BNB Chain's PQC research report notes wallet address format compatibility is preserved in the proposed design, but no wallet, SDK, or RPC infrastructure supports PQC transactions today.
Migration Mechanism, Governance & Ecosystem Coordination
Migration enforcement and coordination
Claim: No enforcement mechanisms exist. Token ownership is renounced, precluding token-level enforcement.
Coverage basis: N/A at token level — renounced ownership prevents token-level enforcement.
Implementation score: 1 · Evidence confidence: Medium
Issue classification: none · Score treatment: not applicable
The token's setMode() function (controlling transfer restrictions) is onlyOwner and permanently inaccessible due to renounced ownership. This is actually beneficial for quantum security as no admin can unexpectedly alter transfer rules.
Migration Mechanism, Governance & Ecosystem Coordination
Emergency disclosure, incident-response, or governance process for quantum vulnerabilities
Claim: No quantum-specific emergency disclosure or incident-response process exists for SIREN or BNB Chain.
Coverage basis: No quantum-specific incident-response process identified.
Implementation score: 0 · Evidence confidence: Low
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: This is an assurance-only caveat. The absence of a formal quantum-specific incident-response playbook does not itself create a current quantum-vulnerable path. It is noted for operational completeness.
No bug bounty program exists (CertiK Skynet confirms no CertiK or 3rd party bug bounty). No quantum-specific security contact or disclosure process identified.
Algorithm & Implementation Assurance
Uses NIST-standardized, standards-track, or broadly reviewed PQC/hybrid-PQC algorithms
Claim: BNB Chain's PQC research proposes ML-DSA-44 (NIST FIPS 204 standardized), but this is not deployed on mainnet.
Coverage basis: Inherited from BNB Chain research; algorithm selection exists but is not in production.
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: ML-DSA-44 is NIST FIPS 204 standardized (August 2024). BNB Chain selected NIST Level 2 (AES-128 equivalent) for efficiency. This is a sound algorithm choice but remains unimplemented in production.
Score 0.25 reflects that the algorithm has been selected and specified in a public research report but is not implemented on mainnet.
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit
Claim: No independent cryptographic audit exists for BNB Chain's PQC implementation or SIREN's token contract.
Coverage basis: No audit of quantum-critical scope exists.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: confidence-only
Assurance: CertiK Skynet confirms SIREN is 'Not Audited By CertiK' and has no 3rd party audit. BNB Chain's PQC research report has not undergone independent cryptographic review. This is treated as confidence-only because the mainnet system is ECC-only (already known vulnerable) and the PQC implementation is not yet in production.
Audit absence does not reduce the QRI score further because the quantum-critical vulnerability (ECC-only mainnet) is already established and scored.
Algorithm & Implementation Assurance
Open-source, reproducible implementation
Claim: SIREN token contract is open-source and verified on BscScan. BNB Chain's PQC research report describes the implementation approach but production code is not deployed.
Coverage basis: Token contract is open-source; PQC implementation is described but not in production.
Implementation score: 0.5 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Token contract source code is fully available and verified on BscScan (Solidity 0.8.20, OpenZeppelin-style ERC20 + Ownable). BNB Chain's PQC test code artifacts are described in the migration report but the report itself is public.
Score 0.50 reflects that the token contract is open-source and verified, but the PQC implementation is only at research/prototype stage.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path
Claim: BNB Chain's PQC research discusses parameter selection (ML-DSA-44 vs ML-DSA-65/87 tradeoffs) but no production upgrade path is defined.
Coverage basis: Inherited from BNB Chain research; parameter agility discussed but not implemented.
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: BNB Chain's report discusses why ML-DSA-44 was chosen over higher-security variants based on signature size tradeoffs. This demonstrates parameter awareness but not production agility.
Score 0.25 reflects research-level discussion. No production parameter agility mechanism exists.
Algorithm & Implementation Assurance
Stateful-signature safety (XMSS/LMS-style concerns)
Claim: ML-DSA-44 is a stateless signature scheme; stateful-signature safety concerns are not applicable.
Coverage basis: Satisfied by design — the selected PQC algorithm (ML-DSA-44/Dilithium) is stateless.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: This applies to the research/proposed design, not current production (which is ECDSA). The satisfied-by-design designation is for the proposed PQC algorithm selection, not the current production system.
Even though the proposed design avoids stateful signatures, this does not mitigate the current production ECDSA vulnerability.
Algorithm & Implementation Assurance
Performance and resource-impact analysis
Claim: BNB Chain's PQC research report includes detailed performance benchmarking showing ~40% throughput reduction.
Coverage basis: Performance analysis exists at research/prototype level.
Implementation score: 0.5 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Multiple independent news sources corroborate the performance findings. The report provides specific metrics: TPS drop from 4,973 to 2,997, block size increase from ~130KB to ~2MB, signature size increase from 65B to 2,420B.
Score 0.50 reflects prototype-level benchmarking. Performance analysis exists but the 40% throughput penalty is an unresolved blocker for production deployment.
Report metadata