DeFi protocol token
Uniswap UNI
Uniswap (UNI) is a standard ERC-20 governance token on Ethereum. Per QRI Token Inheritance rules (Section 7.2), UNI inherits Ethereum L1's quantum-readiness posture for base-layer token transfers — Ethereum has no production PQC protection as of 2026-06-06 and is rated QRI ~25/100 (Stage 2: Mitigation/Development) with a structured roadmap targeting ~2029 for core PQ infrastructure. Token-specific evaluation reveals critical quantum vulnerabilities: the Uniswap governance DAO and treasury multisigs (~$3B+ in protocol-controlled assets) rely exclusively on ECDSA keys, exposing them to quantum key-recovery attacks. The Unichain L2 Validation Network adds further quantum-vulnerable dependencies through Ethereum-based UNI staking. On the positive side, Uniswap V3 Core contracts are immutable (limiting what a compromised governance can modify), and ERC-1271 support allows users with PQ smart-contract wallets to interact with the protocol. However, Uniswap itself has published no quantum risk assessment, no cryptographic inventory, no PQC migration roadmap, and no quantum-specific incident response process. The overall QRI Score of 7 reflects near-total absence of quantum readiness, with third-party evidence of quantum risk being the only credit earned.
Roadmap OnlyPartial ProtectionToken Inheritance: Ethereum L1
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
3 / 20
Migration Mechanism, Governance & Ecosystem Coordination
1.25 / 15
Migration Status & Value-at-Risk
1 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
1.25 / 5
Critical Quantum Blockers
- Uniswap governance and treasury multisigs are secured exclusively by ECDSA keys on Ethereum, exposing approximately $3B+ in protocol-controlled assets to quantum key-recovery attacks.
- All UNI token transfers rely on Ethereum's ECDSA (secp256k1) spend authorization, which is vulnerable to Shor's algorithm. This is an inherited vulnerability from Ethereum L1, which has no production PQC protection as of 2026-06-06.
Key Risks
- Governance treasury theft: A quantum attacker recovering ECDSA private keys of Uniswap governance multisig signers could drain ~$3B+ in protocol-controlled assets from the treasury.
- Protocol parameter manipulation: Compromised governance could modify fee switches, Unichain parameters, and V4 hook configurations to extract value or disrupt protocol operations.
- Harvest-now-decrypt-later: All historical Uniswap governance transactions have exposed signer public keys on-chain. These are permanently recorded and can be harvested today for future quantum decryption.
- Cross-chain contagion: Bridged UNI on Arbitrum, Optimism, Base, and other chains inherits both the bridge operator's quantum risk and the destination chain's quantum risk.
- No migration path: There is no public plan, timeline, or mechanism for migrating Uniswap governance, treasury, or staking to post-quantum signature schemes.
- Dependency on Ethereum timeline: Even if Uniswap governance were to migrate to PQ signatures tomorrow, all UNI token transfers would remain quantum-vulnerable until Ethereum L1 deploys production PQC protection (currently targeted ~2029 at earliest).
Assurance Notes
- No quantum-specific audit exists for Uniswap governance contracts, treasury multisigs, or Unichain staking contracts. All quantum-critical findings are derived from third-party assessments (PQbeat/ZKNOX, StablePQC, Google Quantum AI) rather than project-commissioned review.
- Uniswap V3 Core contracts are non-upgradeable (immutable), which prevents a quantum attacker from modifying core AMM logic even if governance is compromised. However, governance still controls the treasury (~$3B+), fee switches, and V4 hook parameters.
- ERC-1271 support in Uniswap contracts allows users who have adopted PQ smart-contract wallets (via ERC-4337/EIP-7702) to interact with the protocol. This is an Ethereum-ecosystem feature enabled by Uniswap's permissionless design and does not represent Uniswap-specific quantum mitigation.
- Bridged UNI tokens on non-Ethereum chains (Arbitrum, Optimism, Base, etc.) introduce additional bridge signer-set and wrapper-contract quantum exposure that is not fully assessed here.
- Unichain Validation Network (launched Feb 2025) uses UNI staked on Ethereum mainnet. The staking contracts and sequencer key management inherit Ethereum's ECDSA vulnerabilities.
- Ethereum L1 itself is rated QRI ~25/100 (Stage 2: Mitigation/Development) by LayerQu as of 2026. Ethereum Foundation targets ~2029 for core PQ infrastructure. No production PQC protection exists on Ethereum mainnet today. UNI inherits this base-layer vulnerability.
Non-Scoring Caveats
- Uniswap V3 Core contracts are immutable (no admin keys, no upgrade mechanism), limiting the blast radius of a governance key compromise to treasury assets, fee switches, and newer V4 hook deployments.
- ERC-1271 support enables users with PQ smart-contract wallets (ERC-4337/EIP-7702) to interact with Uniswap permissionlessly. This is a positive ecosystem feature but provides no protection for Uniswap's own governance or treasury.
- Bridged UNI representations on Arbitrum, Optimism, Base, and other chains introduce cross-chain quantum exposure through bridge signer sets and wrapper contracts that are not under Uniswap governance control.
- Exchange-listed UNI and custodied UNI may rely on exchange-specific key management that is independent of Uniswap protocol security. Exchange/custodian quantum readiness is outside this evaluation scope.
Evidence record
Claims and Caveats
Security Assessment & Evidence Preparedness
Public cryptographic inventory of critical public-key mechanisms and public quantum threat model
Claim: No Uniswap-published cryptographic inventory or quantum threat model exists. Third-party assessments (PQbeat/ZKNOX, StablePQC, Google Quantum AI) have independently identified Uniswap's quantum-vulnerable cryptography.
Coverage basis: Third-party research identifying ECDSA governance multisigs, ECDSA token transfers, and Unichain staking as quantum-vulnerable.
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: Uniswap has published no public cryptographic inventory. Third-party inventories exist but do not substitute for project-acknowledged risk assessment.
Assurance: PQbeat provides a structured inventory of Uniswap's quantum-vulnerable surfaces (governance ECDSA multisigs, ERC-1271 compatibility status, treasury exposure). StablePQC and Google Quantum AI corroborate. However, none of these are commissioned or acknowledged by Uniswap.
Implementation Score of 0.25 reflects 'Public design, draft specification, roadmap, proposal, or research plan' level — the third-party evidence serves as a form of public proposal/research, though not from the project itself.
Production Cryptographic Protection
Spend authorization / transaction signatures are PQC or hybrid-PQC on mainnet
Claim: All UNI token transfers rely on Ethereum's ECDSA (secp256k1) for spend authorization. No PQC or hybrid-PQC signature schemes are available for UNI transfers.
Coverage basis: Inherited from Ethereum L1, which uses ECDSA secp256k1 for all transaction signatures.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: All UNI spend authorization relies on Ethereum ECDSA, which is vulnerable to Shor's algorithm. Ethereum has no production PQC protection as of 2026-06-06.
Assurance: Ethereum's reliance on ECDSA is well-documented in Ethereum Foundation materials. No PQC transaction signatures exist on Ethereum mainnet. Confidence is High.
Per QRI Token Inheritance (Section 7.2), UNI inherits Ethereum L1's QRI score for standard token transfers. Ethereum L1 is rated QRI ~25/100 by LayerQu with no production PQC.
Production Cryptographic Protection
Account, address, public-key exposure, and key-derivation design prevents long-exposure quantum-vulnerable ownership paths
Claim: Ethereum accounts expose their ECDSA public key on first transaction. Governance multisig signers and treasury addresses have all transacted, exposing their public keys permanently.
Coverage basis: Inherited from Ethereum's account model. Governance multisig signers and treasury addresses have all transacted, exposing their public keys.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Ethereum's account model permanently exposes public keys after first spend, creating a long-exposure attack surface for harvest-now-decrypt-later. UNI governance signers and treasury addresses have exposed public keys.
Assurance: The Ethereum Foundation acknowledges this vulnerability explicitly in their quantum-resistance documentation.
Inherited from Ethereum. No address-rotation or key-derivation mitigation exists at the Ethereum protocol level.
Production Cryptographic Protection
Consensus-critical authentication is PQC or hybrid-PQC where applicable
Claim: Uniswap does not operate its own blockchain consensus mechanism. Governance voting uses ECDSA signatures but this is not blockchain consensus.
Coverage basis: N/A — Uniswap is a DeFi protocol and ERC-20 token, not a blockchain with validator consensus.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Governance voting security is evaluated under wallet/custody and migration subfactors, not as consensus-critical authentication.
Production Cryptographic Protection
State-integrity and data-availability mechanisms are quantum-safe where applicable
Claim: Uniswap does not operate its own state-integrity or data-availability mechanisms. Core contract state integrity is secured by Ethereum's base layer.
Coverage basis: N/A — Uniswap inherits Ethereum's state integrity.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
Privacy and proof layers are quantum-safe where applicable
Claim: Uniswap does not have privacy layers, ZK proof systems, note encryption, viewing keys, stealth addresses, or shielded state.
Coverage basis: N/A — Uniswap is a transparent DeFi protocol with no privacy features.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
P2P transport, node identity, and peer authentication are PQC, hybrid-PQC, or satisfied by design
Claim: Uniswap does not operate its own P2P network or node identity system.
Coverage basis: N/A — Uniswap is a DeFi protocol, not a blockchain with P2P networking.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
Critical wallet, custody, HSM, signer, and hardware-wallet workflows support the production PQ/hybrid path
Claim: Uniswap governance multisig signers, treasury custodians, and Unichain validators all use ECDSA-based wallets with no PQ or hybrid-PQ support.
Coverage basis: Governance multisig uses standard Ethereum ECDSA wallets. Unichain validators sign attestations with ECDSA keys. No PQ wallet support identified.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Uniswap governance multisigs, treasury signers, and Unichain validators rely exclusively on ECDSA with no PQ wallet/custody path.
Assurance: PQbeat rates Safe multisig at Stage 0 (ECDSA signers only). No hardware wallet (Ledger, Trezor) supports PQ signatures as of 2026.
Uniswap governance uses Safe multisigs with ECDSA signers. The UAC (Uniswap Accountability Committee) operates 3-of-5 multisigs for operational capital management.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected from quantum key-recovery attacks
Claim: Approximately 0% of Uniswap-related value-at-risk is quantum-protected. ~$3B+ in governance treasury is controlled by ECDSA multisigs. All circulating UNI depends on Ethereum ECDSA.
Coverage basis: PQbeat estimates ~$3B+ in Uniswap governance treasury exposure. StablePQC lists Uniswap V3 governance at ~$5B TVL exposure.
Implementation score: 0.05 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Material long-exposure quantum-vulnerable value (~$3B+ governance treasury, all circulating UNI) exists with no migration, freeze, deprecation, burn, recovery, or policy path.
Assurance: Value-at-risk estimates vary across sources: PQbeat (~$3B+), StablePQC (~$5B TVL). Exact figure depends on UNI price and governance-controlled asset composition.
Per Section 9.3.1, <25% coverage maps to score of 1 out of 20 → Implementation Score 0.05. ERC-1271 compatibility for end-users does not protect protocol-controlled assets.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native
Claim: No Uniswap-critical wallets (governance multisig signers, treasury custodians, foundation wallets, Unichain validator operators) have migrated to PQ or hybrid-PQ signature schemes.
Coverage basis: PQbeat rates Uniswap Governance at Stage 1 (accepts smart accounts but governance is ECDSA DAO). No evidence of any PQ migration among governance signers.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No Uniswap-critical wallets have migrated to PQ signatures. Governance treasury (~$3B+) remains entirely ECDSA-controlled across 25+ chains.
Assurance: Treasury addresses are publicly documented by Uniswap Foundation across Ethereum, Arbitrum, Avalanche, Base, and 20+ other chains. All controlled by Safe multisigs / Timelock contracts using ECDSA.
The Safe multisig platform does not currently support PQ signers. Even if individual signers used PQ wallets, the Safe contract's own signature verification remains ECDSA-based.
Migration Status & Value-at-Risk
Legacy vulnerable pools/accounts/UTXOs/contracts identified, measurable, deprecated, migrated, frozen, or proven not to exist by design
Claim: No identification, measurement, deprecation, or migration mechanism exists for quantum-vulnerable Uniswap governance accounts or treasury addresses.
Coverage basis: No public initiative from Uniswap to identify or address legacy vulnerable accounts.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No mechanism exists to identify, measure, deprecate, or migrate quantum-vulnerable Uniswap-critical accounts.
This subfactor is primarily an Ethereum ecosystem concern but Uniswap could independently address governance-specific legacy accounts through multisig signer rotation.
Migration Mechanism, Governance & Ecosystem Coordination
Public migration or protection roadmap with sequencing, activation criteria, and dependencies
Claim: No quantum migration roadmap exists from Uniswap. The project has not published any PQC migration plan, timeline, or activation criteria.
Coverage basis: No public Uniswap documentation, governance proposal, or announcement addresses quantum migration.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: Searches of Uniswap docs, governance forum, and blog for quantum-related terms yielded no Uniswap-specific results.
Uniswap could theoretically inherit Ethereum's PQ migration timeline for token transfers, but governance-specific migration requires independent planning.
Migration Mechanism, Governance & Ecosystem Coordination
Migration accessibility and defaults: PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, and migration prompts
Claim: No Uniswap-specific PQ migration tooling, wallet support, user education, or migration prompts exist. ERC-1271 support allows PQ smart-contract wallets to interact with Uniswap but this is an Ethereum ecosystem feature.
Coverage basis: ERC-1271 is supported by Uniswap contracts (per PQbeat). No Uniswap-specific migration tooling exists.
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: ERC-1271 compatibility is a positive feature but is standard across most modern DeFi protocols. It does not represent Uniswap-specific quantum migration effort.
ERC-1271 support means end-users CAN use PQ wallets to interact with Uniswap. Implementation score of 0.25 reflects 'public design/proposal' level of PQ compatibility.
Migration Mechanism, Governance & Ecosystem Coordination
Migration enforcement and coordination: enforcement mechanisms, deprecation, freeze, disabled legacy signing, restricted withdrawals, unsafe-path blocking, exchange/custody coordination
Claim: No migration enforcement mechanisms exist. No deprecated legacy signing paths, no freeze capability for vulnerable governance accounts, no exchange or custody coordination for quantum migration.
Coverage basis: No evidence of any enforcement mechanisms in Uniswap governance or protocol design.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No enforcement or coordination mechanism exists to prevent unsafe fallback into quantum-vulnerable governance signing paths.
The immutable nature of V3 Core contracts means some enforcement is impossible. However, governance could still coordinate signer migration and treasury protection independently.
Migration Mechanism, Governance & Ecosystem Coordination
Emergency disclosure, incident-response, or governance process for quantum-related vulnerabilities
Claim: No quantum-specific emergency disclosure process, incident-response plan, or governance procedure exists at Uniswap.
Coverage basis: No public documentation, governance proposal, or security policy addresses quantum-specific incident response.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Per Section 8.2, lack of a formal quantum-specific incident-response playbook does not by itself create a Readiness & Risk Cap.
Uniswap has a general governance process for proposals but no quantum-specific emergency procedures.
Algorithm & Implementation Assurance
Uses NIST-standardized, standards-track, or broadly reviewed PQC/hybrid-PQC algorithms appropriate to the use case
Claim: Uniswap has no PQC implementation of any kind. No NIST-standardized or broadly reviewed PQC algorithms are used.
Coverage basis: Uniswap is a standard ERC-20 and DeFi protocol with no custom cryptographic primitives beyond Ethereum defaults.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: score-reducing
Assurance: The UNI token contract is a standard ERC-20 with no custom cryptography. Verified on Etherscan and GitHub.
Per Section 9.5: 'A subfactor may not be marked N/A merely because the project has not secured, implemented, documented, measured, audited, or migrated it.'
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit exists for the quantum-critical scope
Claim: No quantum-specific cryptographic audit exists for Uniswap governance, treasury, or Unichain contracts. General security audits exist but do not cover quantum threat models.
Coverage basis: No quantum-specific audit identified. OpenZeppelin audited Calibur (Uniswap Wallet smart contract core) but this is wallet infrastructure, not governance.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: General security audits exist (e.g., V3 core contracts, Calibur wallet) but none address quantum threat models. Per Section 8.2, absence of quantum-specific audit does not independently create a Readiness & Risk Cap for an otherwise verifiable system.
Since Uniswap has no PQC implementation, a quantum-specific audit would be premature.
Algorithm & Implementation Assurance
Open-source, reproducible implementation
Claim: The UNI token contract and governance contracts are open source and verified on Etherscan.
Coverage basis: UNI contract verified at 0x1f9840a85d5aF5bf1D1762F925BDADdC4201F984 on Etherscan. Source available on GitHub.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: The UNI contract is verifiably open source and reproducible. However, there is no quantum-critical implementation to audit.
Open source allows for independent verification of contract logic, though it does not mitigate the underlying ECDSA dependency.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path are documented
Claim: No PQC parameter agility or upgrade path is documented for Uniswap.
Coverage basis: No documentation of cryptographic agility or upgrade paths for quantum migration.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: V3 Core contracts are immutable, meaning they cannot be upgraded to support new cryptographic parameters.
The immutability of core contracts prevents cryptographic agility. Governance and Unichain contracts may have more flexibility but it is undocumented.
Algorithm & Implementation Assurance
Stateful-signature safety, side-channel, fault-injection, state-management, hardware-wallet, HSM, or custody implementation risks considered
Claim: No PQC stateful-signature safety analysis or custody implementation risk assessment exists because no PQC implementation exists.
Coverage basis: No PQC implementation to analyze.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: score-reducing
Assurance: Not applicable until PQC is implemented.
Algorithm & Implementation Assurance
Performance and resource-impact analysis exists where PQ signature/verification costs could affect safe deployment
Claim: No performance or resource-impact analysis for PQC deployment exists at Uniswap.
Coverage basis: No Uniswap-specific performance analysis for PQC deployment.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Ethereum ecosystem analysis (PQbeat) notes that PQ signature verification via smart contract costs ~5M gas vs ~50k gas with precompiles. Per Section 8.2, missing formal performance benchmark does not independently create a Readiness & Risk Cap.
Performance analysis would become relevant if Uniswap were to deploy PQ signature verification for governance.
Report metadata