cryptoasset
United Stables U
United Stables ($U) is a USD-pegged stablecoin deployed as a standard ERC-20/BEP-20 token on BNB Chain and Ethereum, backed 1:1 by fiat and stablecoin reserves. As of the evaluation date (2026-06-06), the project has performed zero identifiable quantum readiness work: no public cryptographic inventory, no quantum threat model, no PQC or hybrid-PQC implementation, no migration roadmap, and no quantum-specific governance or incident-response processes. All cryptographic operations — including standard transaction signing, EIP-3009 gasless transfers, admin/mint key authorization, and proxy upgrade authority — rely exclusively on classical ECDSA (secp256k1). The token inherits the classical quantum vulnerabilities of both host chains (BNB Chain and Ethereum). With ~$1.07B in circulating market cap and ~$1.01B fully diluted valuation, the quantum-exposed value-at-risk is material. The QRI Score of 0 reflects zero earned points across all five scoring categories, bound by a Readiness & Risk Cap of 10 (no public cryptographic inventory). The project is classified at Stage 1 (Quantum Risk Assessed) because the quantum vulnerability is readily assessable from public mainnet evidence, even though the project itself has published no quantum assessment.
Not AssessedClassical-OnlyInherits L1 RiskEIP-3009 ECDSA
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
0 / 20
Migration Mechanism, Governance & Ecosystem Coordination
0 / 15
Migration Status & Value-at-Risk
0 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
0 / 5
Critical Quantum Blockers
- No public cryptographic inventory: the project has not published any quantum threat model, cryptographic inventory, or quantum risk assessment (Readiness & Risk Cap: 10).
- Active production spend authorization remains entirely ECDSA-only via host-chain transaction signatures and token-specific EIP-3009 gasless transfer signatures (Readiness & Risk Cap: 40).
- Token supply integrity depends on admin/mint keys secured by classical ECDSA EOAs; a quantum attacker could plausibly forge minting transactions and inflate supply (Readiness & Risk Cap: 60).
- Users can only create new quantum-vulnerable accounts by default; no PQ/hybrid account creation path exists (Readiness & Risk Cap: 60).
- No public migration roadmap, prototype, testnet, or mainnet PQC support of any kind (Readiness & Risk Cap: 25).
Key Risks
- SUPPLY INFLATION RISK: Admin/mint keys and proxy upgrade authority are secured by classical ECDSA EOAs. A quantum adversary capable of recovering private keys from exposed public keys could forge minting transactions, inflate the token supply arbitrarily, and destroy the 1:1 backing guarantee. The exact cryptographic control structure (multisig type, threshold, key custody) is not publicly documented, making this a quantum-critical uncertainty.
- SPEND AUTHORIZATION RISK: All token transfers — including EIP-3009 gasless, signature-based transfers — rely on secp256k1 ECDSA. A quantum attacker could recover private keys from any address that has ever sent a transaction (long-exposure attack window) and drain those holdings.
- HOST CHAIN DEPENDENCY: The token inherits the quantum vulnerabilities of both BNB Chain and Ethereum L1s. Neither host chain has production PQC protection as of the evaluation date. Any quantum compromise of either host chain's consensus, finality, or state integrity would directly threaten all $U token balances on that chain.
- NO MIGRATION PATH: There is zero evidence of any quantum migration design, prototype, testnet, or roadmap. Users, exchanges, and custodians have no mechanism to protect their holdings from quantum attack. The freeze capability in the contract could theoretically support future migration enforcement, but no such plan exists.
- VALUE-AT-RISK: Approximately $1.07B in circulating market cap (as of June 2026) is entirely quantum-vulnerable with no protection, migration path, or recovery mechanism. All ~1.01B tokens in total supply are exposed.
- GOVERNANCE CAPTURE RISK: The board of directors currently controls parameter adjustments. If governance keys are classical EOAs (as appears from on-chain evidence), a quantum attacker could capture governance, change contract parameters, and potentially drain or freeze assets arbitrarily.
Assurance Notes
- PeckShield audit (September 2025) referenced in Venus governance proposal and HTX report but not publicly linked or independently verifiable; even if available, it does not cover quantum resistance and is therefore scope-mismatched for QRI purposes.
- No public source code repository identified. The BSC contract at 0xcE24439F2D9C6a2289F741120FE202248B666666 is verified on BscScan as a TransparentUpgradeableProxy (OpenZeppelin v0.8.28) with implementation at 0xbef21313...a32473DFC, but the implementation source is not independently hosted in a public repository.
- No independent reserve attestation program identified per StableRegistry; collateral verification relies on issuer-maintained dashboards. This is a financial assurance gap, not a quantum-readiness gap.
- No formal quantum-specific incident-response playbook, security contact, or disclosure process exists. This is expected for a project with no quantum readiness work.
- The contract uses a TransparentUpgradeableProxy pattern, meaning the admin can upgrade the implementation. The proxy admin is a standard EOA, making the upgrade authority itself quantum-vulnerable.
- Project roadmap (Q1-Q4 2026 per HTX report) covers multi-chain expansion, enterprise privacy, Visa partnership, and DAO governance transition — zero mention of post-quantum cryptography or quantum migration.
Non-Scoring Caveats
- The PeckShield audit (September 2025) is scope-mismatched for quantum readiness and stale (9+ months old). It provides classical smart-contract assurance only and does not affect the QRI Score per the note-only caveat rule.
- No formal performance/resource benchmark for PQ operations exists, but this is expected given zero PQ implementation; treated as note-only.
- The project's Q3 2026 roadmap mention of 'enterprise privacy balances' testnet and planned zero-knowledge balance interfaces is a future product feature, not a quantum-readiness commitment, and does not affect current scoring.
- StableRegistry reports 'No independent audit or attestation program' and 'No direct issuer redemption available' — these are financial/regulatory risk signals, not quantum-readiness issues, and do not affect the QRI Score.
- Token operates on two classical EVM chains (BNB Chain and Ethereum); any two-way bridge flow between them inherits classical L1 vulnerabilities on both sides but this is covered by host-chain inheritance per Section 7.2.
- The project's planned Q4 2026 transition to hybrid DAO governance does not address quantum security of the governance keys themselves.
Evidence record
Claims and Caveats
Security Assessment
Public cryptographic inventory and quantum threat model
Claim: No public cryptographic inventory or quantum threat model exists for United Stables.
Coverage basis: Absence of any quantum-specific documentation, inventory, or assessment across all reviewed primary and secondary sources.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No public cryptographic inventory (Readiness & Risk Cap: 10)
Assurance: Confidence is High for the absence claim because all available primary and secondary sources were exhaustively searched and no quantum content was found. The project's own website, BNB Chain announcements, HTX research report, Venus governance proposal, and StableRegistry profile collectively confirm zero quantum-related activity.
The project has not published any quantum threat model, cryptographic inventory, or risk assessment. This is not merely an assurance gap — it means the quantum attack surface has never been systematically identified by the project.
- https://u.tech/ (official site — no quantum content)
- https://www.bnbchain.org/en/blog/united-stables-launches-u-as-a-native-stablecoin-on-bnb-chain (BNB Chain announcement — no quantum content)
- https://www.htx.com/news/united-stables-u-project-report-X3ZNbE4m (HTX project report — roadmap covers Q1-Q4 2026 with zero quantum references)
Security Assessment
Public evidence record supporting quantum assessment
Claim: No public evidence record supporting any quantum assessment exists.
Coverage basis: Absence of code references, specifications, audit reports, transaction examples, or reproducible analytics addressing quantum security.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No public evidence record for quantum assessment
Assurance: Confidence is High for the absence claim. No quantum-related evidence record exists anywhere in the public domain for this project.
The PeckShield audit (September 2025) referenced in the Venus governance proposal is a classical smart-contract security audit only and does not constitute a quantum evidence record.
Production Cryptographic Protection
Spend authorization / transaction signatures
Claim: All spend authorization uses classical ECDSA (secp256k1) only — both standard host-chain transactions and token-specific EIP-3009 gasless transfers.
Coverage basis: Host-chain ECDSA for standard transfers; EIP-3009 secp256k1 signatures for gasless transfers. No PQC or hybrid-PQC path exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Active production spend authorization remains entirely ECDSA-only (Readiness & Risk Cap: 40)
Assurance: Confidence is High. EIP-3009 is a well-known standard that uses ECDSA secp256k1 signatures. The contract is verified on BscScan as a standard OpenZeppelin TransparentUpgradeableProxy with no custom cryptographic logic visible in the proxy bytecode.
EIP-3009 creates an additional quantum-vulnerable spend path beyond standard host-chain transaction signing. Any address that has authorized a gasless transfer has exposed a secp256k1 signature, creating a long-exposure quantum attack surface.
- https://bscscan.com/address/0xcE24439F2D9C6a2289F741120FE202248B666666 (BSC contract — standard TransparentUpgradeableProxy)
- https://www.bnbchain.org/en/blog/united-stables-launches-u-as-a-native-stablecoin-on-bnb-chain (BNB Chain announcement confirming EIP-3009 support)
- https://www.htx.com/news/united-stables-u-project-report-X3ZNbE4m (HTX report confirming EIP-3009 gasless transfers)
Production Cryptographic Protection
Account, address, public-key exposure, and key-derivation design
Claim: Standard Ethereum/BSC account model with ECDSA key derivation. Public keys are exposed on first transaction, creating long-exposure attack surfaces.
Coverage basis: Token uses standard EVM account model inherited from host chains. No PQ/hybrid account creation or address format exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Users can only create new quantum-vulnerable accounts by default (Readiness & Risk Cap: 60)
Assurance: Confidence is High. The address format and key derivation follow standard EVM conventions visible on BscScan and Etherscan.
All addresses that have executed transactions (including EIP-3009 authorizations) have exposed public keys. This creates a long-exposure (at-rest) attack surface per QRI Section 7.3.
Production Cryptographic Protection
Consensus-critical authentication
Claim: Token has no independent consensus mechanism. Consensus security is inherited from BNB Chain and Ethereum L1s, both of which use classical cryptography.
Coverage basis: Inherited from host chains (BNB Chain PoSA consensus with classical BLS/ECDSA; Ethereum PoS with classical BLS).
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Host-chain consensus remains quantum-vulnerable
Assurance: Confidence is High. Both BNB Chain and Ethereum consensus mechanisms are well-documented as using classical cryptography (BLS on Ethereum; BLS/ECDSA on BNB Chain). The token has no independent consensus.
Per QRI Section 7.2, the token inherits host-chain consensus risk. Any quantum compromise of BNB Chain or Ethereum finality would directly affect all $U token state on that chain.
Production Cryptographic Protection
State-integrity and data-availability mechanisms
Claim: Token supply integrity depends on admin/mint keys and proxy upgrade authority, both secured by classical ECDSA EOAs. No quantum-safe supply-binding mechanism exists.
Coverage basis: TransparentUpgradeableProxy with admin EOA; Mint User whitelist controlled by off-chain governance (board of directors) with on-chain enforcement via classical EOAs.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: cap-applying
Quantum blocker: Quantum attack can plausibly break supply integrity via admin/mint key compromise (Readiness & Risk Cap: 60)
Assurance: Confidence is Medium because the exact cryptographic control structure of admin and mint keys is not publicly documented. The proxy admin is visible on-chain as a standard EOA, but whether a multisig, MPC, or other construction sits behind it is unknown. The Terms describe an off-chain KYB/KYC process for Mint Users but do not specify the on-chain cryptographic mechanism for mint authorization.
This is a quantum-critical uncertainty per QRI Section 6.5. If admin/mint keys are classical ECDSA EOAs (as the on-chain evidence suggests), a quantum attacker could forge minting transactions and inflate supply. The freeze capability (Section 7.4 of Terms) could theoretically mitigate post-attack damage but does not prevent the attack.
- https://bscscan.com/address/0xcE24439F2D9C6a2289F741120FE202248B666666 (BscScan — proxy admin is an EOA)
- https://u.tech/terms/ (Terms — Section 4.2, 6.1, 6.2 describe Mint User onboarding and minting process)
- https://www.htx.com/news/united-stables-u-project-report-X3ZNbE4m (HTX report — governance via board of directors, planned DAO transition Q4 2026)
Production Cryptographic Protection
Privacy and proof layers
Claim: No privacy or ZK proof layers exist in the current production token.
Coverage basis: Standard transparent ERC-20/BEP-20 token with no shielded pools, ZK proofs, or privacy features in production.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: The 'confidential balance functionality' and 'zero-knowledge balance interfaces' mentioned on the website and in the HTX report are roadmap claims (Q3 2026 testnet target). They are not production features and do not affect current scoring.
Marked N/A per QRI Section 7 applicability rules. The project genuinely lacks privacy layers in production. Future ZK features are roadmap items only.
Production Cryptographic Protection
P2P transport, node identity, and peer authentication
Claim: Token has no independent P2P network. P2P security is inherited from host chains.
Coverage basis: As a smart-contract token, United Stables has no independent P2P network, node discovery, or peer authentication layer.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Production Cryptographic Protection
Critical wallet, custody, HSM, signer, and hardware-wallet workflows
Claim: Admin/mint keys and proxy upgrade authority are classical ECDSA EOAs with no PQ/hybrid wallet support. No documented HSM or custody workflow for quantum-safe key management.
Coverage basis: On-chain evidence shows proxy admin as standard EOA. No PQ wallet, HSM, or custody documentation exists.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: Critical wallet/custody keys are quantum-vulnerable classical EOAs
Assurance: Confidence is Medium. On-chain evidence confirms the proxy admin and deployer are standard EOAs. However, the project may use off-chain multisig, MPC, or institutional custody (e.g., Ceffu custody attestation referenced in HTX report) that is not visible on-chain. The cryptographic details of these custody arrangements are not publicly documented.
Even if institutional-grade custody (e.g., Ceffu) secures the admin keys, the underlying cryptographic primitives remain classical ECDSA. No evidence of PQC-aware custody, HSM, or MPC exists.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected
Claim: 0% of value-at-risk is protected from quantum key-recovery attacks. All ~$1.07B circulating market cap (~1.01B total supply) is entirely quantum-vulnerable.
Coverage basis: All token value exists on classical EVM chains with ECDSA-only spend authorization and admin controls. No migration, protection, or PQ-native design exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Material long-exposure quantum-vulnerable value with no migration, freeze, deprecation, burn, recovery, or policy path (Readiness & Risk Cap: 55)
Assurance: Confidence is High for the vulnerability assessment. Market cap and supply data are corroborated across multiple independent sources (CoinGecko, CoinCarp, CoinMarketCap, DexPaprika). The absence of any protection or migration mechanism is confirmed by exhaustive search of all available sources.
Coverage is <25% (effectively 0%), corresponding to Score 1 of 20 per QRI Section 9.3.1, but with Implementation Score 0.00 the earned subfactor points are 0. The freeze capability in the contract (Terms Section 7.4) could theoretically be used for future migration enforcement but has never been invoked for quantum purposes and no migration policy exists.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native
Claim: No critical wallets (admin, mint, treasury, deployer) are migrated, protected, or PQ-native. All are classical ECDSA EOAs.
Coverage basis: On-chain evidence shows deployer and proxy admin as standard EOAs. No migration, protection, or PQ-native design for any critical wallet.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: Critical wallets remain quantum-vulnerable classical EOAs with no migration path
Assurance: Confidence is Medium because while on-chain admin and deployer addresses are visible, the full set of critical wallets (treasury multisig, mint authorization keys, operational keys) is not publicly documented. The project may use institutional custody (Ceffu) for some keys, but the underlying cryptography remains classical ECDSA.
Even if the project uses institutional-grade custody, the cryptographic primitives remain vulnerable to quantum attack. No evidence of PQC-aware key management exists.
Migration Status & Value-at-Risk
Legacy vulnerable pools/accounts/UTXOs/contracts are identified, measurable, deprecated, migrated, frozen, or proven not to exist by design
Claim: No vulnerable pools, accounts, UTXOs, or contracts have been identified, measured, deprecated, migrated, or frozen for quantum purposes.
Coverage basis: Complete absence of any quantum-related pool identification, measurement, deprecation, or migration activity.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No identification, measurement, or deprecation of vulnerable value pools
Assurance: Confidence is High for the absence claim. Exhaustive search of all available sources found zero quantum-related pool identification or migration activity.
The contract's freeze capability (Terms Section 7.4) provides a technical mechanism that could be used for future migration enforcement, but no quantum-specific freeze, deprecation, or migration policy exists. The freeze function has been used only for compliance/sanctions purposes to date.
Migration Mechanism
Public migration or protection roadmap with sequencing, activation criteria, and dependencies
Claim: No quantum migration or protection roadmap exists. The project's published roadmap (Q1-Q4 2026) contains zero quantum-related items.
Coverage basis: Absence of any quantum migration content in all public project materials, including the official website, HTX research report roadmap, and all announcements.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No public migration roadmap (Readiness & Risk Cap: 25)
Assurance: Confidence is High. The project's published Q1-Q4 2026 roadmap has been reviewed in detail and contains no quantum-related items. The roadmap covers multi-chain expansion, enterprise privacy features, Visa partnership, and DAO governance transition.
Roadmaps are not production protection per QRI Section 5.1. Even if a quantum roadmap existed, it would not earn production protection credit — but its complete absence is a score-reducing quantum-critical vulnerability.
Migration Mechanism
Migration accessibility and defaults: PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, and migration prompts are available, default, strongly preferred, mandatory, or complete by design
Claim: No PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, or migration prompts exist.
Coverage basis: Complete absence of any PQ-accessible user paths. All account creation, wallet interaction, and transaction paths are classical-only by default.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No PQ migration accessibility or defaults; users can only create vulnerable accounts
Assurance: Confidence is High. The token interacts with standard EVM wallets (MetaMask, Trust Wallet, TokenPocket) with no PQ-specific tooling or guidance.
The project mentions 'mobile SDK' and 'one-click integration of gasless transfers for wallets' in the Q1 2026 roadmap, but this is for classical EIP-3009 integration, not quantum migration. No PQ wallet support exists.
Migration Mechanism
Migration enforcement and coordination: enforcement mechanisms exist (such as deprecation, freeze, disabled legacy signing, restricted withdrawals, unsafe-path blocking, or mandatory migration after a deadline) and exchange, custody, bridge, wallet, and infrastructure coordination prevents unsafe fallback into vulnerable systems
Claim: No migration enforcement mechanisms, deprecation policies, disabled legacy signing, restricted withdrawals, or exchange/custody/bridge coordination for quantum migration exists.
Coverage basis: Complete absence of quantum-specific enforcement or coordination. The freeze capability exists but has never been used for quantum purposes.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No quantum migration enforcement or coordination mechanisms
Assurance: Confidence is High. The freeze capability is documented in the Terms but has no quantum-related invocation history. No exchange, custody, or bridge coordination for quantum migration has been announced.
The freeze capability represents latent infrastructure that could support future quantum migration enforcement, but it is not scored because no quantum-specific policy, timeline, or activation criteria exist.
Migration Mechanism
Emergency disclosure, incident-response, or governance process for quantum-related vulnerabilities
Claim: No quantum-specific emergency disclosure, incident-response, or governance process exists.
Coverage basis: Absence of any quantum-specific incident response documentation, security contact, or governance process.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No quantum-specific incident response or governance process
Assurance: Confidence is High for the absence claim. No quantum-specific incident response documentation exists. The project has general governance (board of directors) and operational processes but none address quantum threats.
Per QRI Section 7.4 (Note-Only Caveat Rule), lack of a formal quantum-specific incident-response playbook is typically a note-only caveat. However, in this case the complete absence of any quantum awareness or preparation makes it score-reducing because there is no mechanism to respond to a quantum emergency affecting the ~$1.07B in exposed value.
Algorithm & Implementation Assurance
Uses NIST-standardized, standards-track, or broadly reviewed PQC/hybrid-PQC algorithms appropriate to the use case
Claim: No PQC or hybrid-PQC algorithms are used anywhere in the United Stables system.
Coverage basis: All cryptographic operations use classical ECDSA (secp256k1) only. No NIST PQC standards (FIPS 203, 204, 205) or any other PQC algorithms are implemented.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No PQC algorithms in use; all cryptography is classical ECDSA
Assurance: Confidence is High. The verified contract source on BscScan shows standard OpenZeppelin proxy code with no custom cryptographic logic. No PQC references exist in any project documentation.
This subfactor evaluates whether the project uses appropriate PQC algorithms. It does not penalize the choice of classical algorithms per se but scores the absence of any PQC implementation.
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit exists for the quantum-critical scope; audit freshness and scope fit are reflected in Confidence
Claim: PeckShield audit (September 2025) exists but does not cover quantum resistance or PQC algorithms. No quantum-specific audit exists.
Coverage basis: The PeckShield audit is a classical smart-contract security audit. It does not evaluate quantum resistance, PQC implementation, or cryptographic algorithm security against quantum adversaries.
Implementation score: 0 · Evidence confidence: Low
Issue classification: assurance-only caveat · Score treatment: confidence-only
Assurance: The PeckShield audit is scope-mismatched for quantum readiness. It provides classical smart-contract assurance (reentrancy, access control, etc.) but does not evaluate quantum resistance. The audit report is not publicly linked; its existence is attested only through secondary sources (Venus governance proposal, HTX report). Per QRI Section 6.4, a scope-mismatched audit supports only the audited component and limits confidence for the unaudited (quantum) scope. This is treated as confidence-only per the note-only caveat rule.
Implementation Score is 0.00 for the quantum-critical scope because no quantum-specific audit exists. The PeckShield audit's existence is noted for completeness but does not earn points in this subfactor.
Algorithm & Implementation Assurance
Open-source, reproducible implementation
Claim: No dedicated public source code repository exists. The contract is verified on BscScan as a TransparentUpgradeableProxy but the implementation source is not independently hosted.
Coverage basis: The proxy contract at 0xcE24439F2D9C6a2289F741120FE202248B666666 is verified on BscScan. No public GitHub repository or other source hosting has been identified for the United Stables smart contracts.
Implementation score: 0 · Evidence confidence: Low
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: No open-source repository for independent verification of implementation
Assurance: Confidence is Low because while the proxy bytecode is verified on BscScan, the implementation contract source (at 0xbef21313...a32473DFC) is not independently hosted in a public repository. This makes independent reproducibility difficult. For a quantum-critical claim this would be a significant evidence gap; for this evaluation it confirms the absence of any PQC code.
The BscScan verification provides bytecode-level assurance that the proxy is a standard OpenZeppelin TransparentUpgradeableProxy. However, the implementation logic (StablecoinV2 at the implementation address) is not independently hosted, making full implementation review dependent on BscScan's verification infrastructure.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path are documented
Claim: No documented parameter agility or future upgrade path for quantum migration exists. The TransparentUpgradeableProxy pattern provides technical upgrade capability but no quantum-specific upgrade plan.
Coverage basis: The proxy architecture technically enables contract upgrades, but no quantum-specific parameter agility, algorithm substitution plan, or migration upgrade path is documented.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: No documented parameter agility or quantum upgrade path
Assurance: Confidence is Medium. The TransparentUpgradeableProxy pattern provides a technical mechanism for future upgrades, which could theoretically support PQC migration. However, no quantum-specific upgrade plan, parameter agility design, or algorithm substitution strategy exists. The upgrade authority itself is a quantum-vulnerable EOA.
The existence of upgradeable proxy infrastructure is a necessary but not sufficient condition for quantum migration. Without a documented plan, parameter agility specification, and quantum-safe upgrade authority, this subfactor scores 0.
Algorithm & Implementation Assurance
Stateful-signature safety, side-channel, fault-injection, state-management, hardware-wallet, HSM, or custody implementation risks are considered, including anti-reuse controls and signing-state discipline for XMSS/LMS-style schemes
Claim: No PQC signatures are in use, so stateful-signature safety considerations are not applicable. No analysis of quantum-specific side-channel or custody risks exists.
Coverage basis: Complete absence of PQC implementation means stateful-signature risks (XMSS/LMS state management) are not yet relevant. No quantum-specific side-channel or custody risk analysis exists.
Implementation score: 0 · Evidence confidence: None
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No consideration of PQC implementation risks
Assurance: Confidence is None because zero PQC implementation work has been done, so there is nothing to evaluate for stateful-signature safety, side-channel resistance, or HSM compatibility.
This subfactor is applicable because the project should have considered these risks as part of a quantum readiness assessment, even if PQC is not yet implemented. The complete absence of any such consideration is score-reducing.
Algorithm & Implementation Assurance
Performance and resource-impact analysis exists where PQ signature/verification costs could affect safe deployment, block validation, gas/fee markets, mempool policy, archival growth, or validator/node hardware requirements
Claim: No performance or resource-impact analysis exists for PQ signature/verification costs, block validation impact, gas/fee market effects, or node hardware requirements.
Coverage basis: Complete absence of any PQ performance analysis.
Implementation score: 0 · Evidence confidence: None
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Confidence is None. No PQ performance analysis exists. Per QRI Section 7.4, lack of a formal performance benchmark is a note-only caveat when no PQC is in use, because resource constraints do not currently prevent safe use of a PQ path (no PQ path exists to constrain).
Treated as note-only per the Note-Only Caveat Rule. Performance analysis would become relevant if/when the project begins PQC implementation. For the current classical-only production system, the absence of PQ performance analysis does not independently affect quantum-attack readiness.
Report metadata