stablecoin
USDS USDS
USDS is the flagship stablecoin of Sky Protocol (formerly MakerDAO), deployed as an ERC-20 token on Ethereum with cross-chain bridges to Solana, Base, and Avalanche via SkyLink (LayerZero V2). The project has conducted zero quantum-related work: no cryptographic inventory, no quantum risk assessment, no PQ migration roadmap, and no production or testnet PQ cryptography. All spend authorization relies on Ethereum L1's ECDSA (secp256k1), all governance actions use classical Ethereum signatures via Sky DAO, and the SkyLink/LayerZero bridge infrastructure is entirely classical. ChainSecurity and Cantina audits exist but are classical-only with no quantum scope. The project inherits Ethereum L1's quantum vulnerability for base transactions, while adding independent quantum-vulnerable attack surfaces through its upgradeable proxy governance and multi-chain bridge dependencies. The QRI Score of 4.89 reflects Stage 0 (Unassessed / No Evidence): the project has not acknowledged quantum risk, published any cryptographic inventory, or taken any steps toward quantum readiness. Ethereum L1's structured post-quantum program (targeting ~2029) is a future dependency, not current protection, and does not address USDS-specific governance, admin keys, or bridge infrastructure.
Not AssessedECC-OnlyInherits L1 Score (Ethereum)Bridge-DependentNo Quantum RoadmapClassical GovernanceUpgradeable Proxy
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
3.89 / 20
Migration Mechanism, Governance & Ecosystem Coordination
0 / 15
Migration Status & Value-at-Risk
1 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
0 / 5
Critical Quantum Blockers
- No public cryptographic inventory or quantum risk assessment exists for USDS or Sky Protocol — the project has not published any inventory of critical public-key mechanisms, attack assumptions, affected assets, or affected layers.
- All spend authorization is ECDSA-only — USDS inherits Ethereum L1's secp256k1 ECDSA for all transaction signatures. Any account that has sent a transaction has its public key exposed on-chain, making it vulnerable to Shor's algorithm.
- Governance/admin keys rely entirely on classical Ethereum signatures — the ERC1967Proxy admin, Sky DAO executive spells, PauseProxy, and all privileged roles use classical ECDSA with no PQ migration path.
- SkyLink/LayerZero bridge infrastructure uses classical cryptography — the bridge's DVN (Decentralized Verifier Network), Executor, governance relay, and OFT adapter all depend on classical cryptographic assumptions with no documented PQ migration plan.
- Two-way bridge allows unrestricted value flow between quantum-vulnerable systems — USDS flows between Ethereum, Solana, Base, and Avalanche via classical bridge infrastructure, creating multiple quantum-vulnerable attack surfaces.
Key Risks
- QUANTUM-CRITICAL: All USDS spend authorization is ECDSA-only. A quantum computer capable of running Shor's algorithm on secp256k1 could derive private keys from any exposed public key (i.e., any address that has ever sent a transaction), enabling theft of all USDS held by those addresses.
- QUANTUM-CRITICAL: The ERC1967Proxy admin key controls the USDS token implementation. Compromise of the proxy admin's ECDSA private key via quantum attack would allow an attacker to upgrade the contract to a malicious implementation, potentially draining all USDS or minting unlimited tokens.
- QUANTUM-CRITICAL: Sky DAO governance (executive votes, spell execution, PauseProxy) uses classical ECDSA. A quantum attacker compromising sufficient governance keys could pass malicious governance proposals, upgrade contracts, drain surplus buffers, or brick the protocol.
- QUANTUM-CRITICAL: The SkyLink/LayerZero bridge uses classical cryptography for its DVN (Decentralized Verifier Network), Executor, and governance relay. A quantum attacker could forge cross-chain messages to mint unbacked USDS on destination chains or steal escrowed collateral.
- QUANTUM-CRITICAL: Two-way bridge paths allow unrestricted value flow between quantum-vulnerable systems. An attacker compromising one chain's bridge verification could potentially drain USDS across multiple chains.
- QUANTUM-UNCERTAINTY: The exact signer set, threshold, and key management for SkyLink/LayerZero bridge components (DVN, Executor, governance relay) are not publicly documented, making independent quantum risk assessment of bridge infrastructure incomplete.
- LONG-EXPOSURE: All Ethereum EOAs that have sent USDS transactions have exposed their public keys on-chain. These represent 'harvest now, decrypt later' targets — an adversary can record exposed public keys today and derive private keys once a sufficiently powerful quantum computer exists.
- NO MIGRATION PATH: No freeze, deprecation, burn, or migration mechanism exists for quantum-vulnerable USDS balances. Dormant accounts, lost keys, and unresponsive holders have no policy path to protection.
Assurance Notes
- ChainSecurity audit (USDS Smart Contracts) confirms standard ERC-20 functionality and DAI-to-USDS converter mechanics, but is a classical smart-contract audit with zero quantum-security coverage. Scope: classical code correctness only.
- ChainSecurity audit (Sky OApp OFT Adapter) covers the LayerZero bridge adapter but explicitly excludes LayerZero itself from scope and contains no quantum-security review.
- Cantina audit portfolio includes Sky ecosystem contracts but no quantum-specific review has been performed on any Sky Protocol component.
- USDS contracts are open-source (AGPL-3.0), verified on Etherscan, and use standard ERC-20/ERC-4626/UUPS proxy patterns — this provides strong classical auditability but no quantum assurance.
- Sky Protocol has published extensive classical security documentation (oracle delays, governance security delays, surplus buffers, liquidation mechanisms) but no quantum threat model, cryptographic inventory, or incident-response playbook for quantum vulnerabilities.
- The upgradeable proxy pattern (ERC1967Proxy) provides a technical path for future upgrades, including potential PQ migration, but no quantum-specific upgrade path is documented, tested, or proposed.
- Ethereum L1 has a structured post-quantum program (EF Post-Quantum Security team since January 2026, leanXMSS, leanVM, EIP-8141, weekly interop devnets, Poseidon Prize, target ~2029 for core PQ infrastructure). USDS would inherit L1 protections once deployed, but USDS-specific governance, admin keys, and bridge infrastructure remain independently vulnerable and are not addressed by Ethereum's PQ roadmap.
Non-Scoring Caveats
- ChainSecurity and Cantina audits provide strong classical smart-contract assurance but are scope-mismatched for quantum security evaluation — this affects Confidence and Assurance notes, not the QRI Score.
- USDS uses ERC1967Proxy (UUPS upgradeable pattern), which provides a technical upgrade path. In principle, governance could upgrade the implementation to support PQ features once Ethereum supports them, but no such upgrade has been proposed, designed, or tested.
- Ethereum L1's structured post-quantum program (EF Post-Quantum Security team, leanXMSS, leanVM, EIP-8141 targeting ~2029) may eventually benefit USDS for base-layer transaction security, but this is a future dependency, not current protection.
- No formal quantum-specific incident-response playbook exists for Sky Protocol — this is an operational gap but does not independently reduce the QRI Score since the underlying cryptographic posture is already fully vulnerable.
- The migration from Wormhole to LayerZero bridge infrastructure (completed ~November 2025) was a classical-to-classical migration with no quantum-security improvement.
- sUSDS (Savings USDS) and stUSDS (Staked USDS) are yield-bearing derivatives of USDS with the same quantum-vulnerable cryptographic dependencies — they are not separately evaluated but share USDS's quantum posture.
- Exact governance/admin key exposure and bridge signer sets require further explorer/governance proposal review for complete value-at-risk assessment.
- Sky DAO has not published any emergency contingency plans for a sudden quantum break of Ethereum's ECDSA.
- No plans have been announced to migrate the Skylink bridge infrastructure to post-quantum secure messaging.
Evidence record
Claims and Caveats
Security Assessment & Evidence Preparedness
Public cryptographic inventory
Claim: No public cryptographic inventory of critical public-key mechanisms or quantum threat model exists for USDS or Sky Protocol.
Coverage basis: Absence of evidence confirmed by comprehensive search of official docs, GitHub, governance proposals, and security documentation
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No public cryptographic inventory or quantum risk assessment exists
Assurance: Extensive search of all Sky Protocol official documentation, developer docs, GitHub repositories, governance proposals, and security pages finds zero mention of quantum computing, post-quantum cryptography, or quantum risk. This is confirmed negative evidence.
Sky Protocol has published detailed classical security documentation (oracle delays, governance delays, surplus buffers, liquidation mechanisms) but has not published any inventory of cryptographic mechanisms from a quantum-threat perspective, nor any quantum threat model covering attack assumptions, affected assets, or affected layers.
Security Assessment & Evidence Preparedness
Public evidence record
Claim: No public evidence record supporting a quantum risk assessment exists for USDS or Sky Protocol.
Coverage basis: No quantum assessment exists to be supported by evidence
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No quantum risk assessment or evidence record exists
Assurance: Confirmed negative: no quantum risk assessment, code references, specs, audits, transaction examples, or reproducible analytics related to quantum security exist in any Sky Protocol public resource.
While Ethereum L1 has published extensive quantum risk assessment and PQ roadmap material (pq.ethereum.org, ethereum.org quantum pages), these are Ethereum Foundation resources and do not constitute a Sky Protocol assessment. USDS-specific governance, admin keys, and bridge risks are not addressed.
Production Cryptographic Protection
Spend authorization / transaction signatures
Claim: USDS spend authorization is entirely ECDSA-only, inherited from Ethereum L1's secp256k1 curve.
Coverage basis: USDS is a standard ERC-20 token on Ethereum; all transfer, approve, and permit functions require ECDSA-signed transactions
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: All spend authorization is ECDSA-only with no PQ or hybrid path
Assurance: Verified on Etherscan: USDS is a standard ERC-20 token (0xdC035D45d973E3EC169d2276DDab16f1e407384F) with no custom signature validation beyond EIP-1271 for smart contract signatures and standard ECDSA for EOA transactions. Official docs confirm ERC-20 compliance with permit functionality.
Per QRI Section 7.2 (Token Inheritance), USDS inherits Ethereum L1's score for base transaction security. Ethereum L1 has a structured PQ program (EF Post-Quantum Security team, leanXMSS, leanVM, EIP-8141) but PQ spend authorization is not yet in production. USDS has no independent PQ transaction path.
Production Cryptographic Protection
Account, address, public-key exposure
Claim: USDS uses standard Ethereum addresses (keccak256 of public key). All EOAs that have sent USDS transactions have exposed their public keys on-chain, creating long-exposure quantum-vulnerable ownership paths.
Coverage basis: Standard Ethereum address derivation and ECDSA signature scheme
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Long-exposure public keys on Ethereum with no PQ migration path
Assurance: Ethereum's address model exposes the public key on first spend. Per Ethereum Foundation's own assessment (ethereum.org): 'For any account that has sent a transaction, the public key is exposed onchain. A quantum computer could derive the private key from this exposed public key data.' USDS inherits this vulnerability fully.
Accounts that have only received USDS (never sent) have not exposed their public key, providing partial protection via address hashing. However, all active USDS users have exposed keys. No PQ key-derivation or address scheme is available.
Production Cryptographic Protection
Consensus-critical authentication
Claim: USDS has no independent consensus mechanism but depends on Ethereum L1 consensus (BLS validator signatures), which is quantum-vulnerable.
Coverage basis: USDS is a token on Ethereum; consensus security is inherited from the host chain
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Ethereum consensus BLS signatures remain quantum-vulnerable
Assurance: Ethereum L1's consensus layer uses BLS signatures for validator attestations. Per Ethereum Foundation, these are quantum-vulnerable and the Lean Ethereum roadmap targets PQ replacement (leanXMSS + leanVM) by ~2029. USDS inherits this vulnerability as a dependency.
Applicable as a host-chain dependency per QRI Section 7.2. USDS cannot independently address Ethereum consensus security.
Production Cryptographic Protection
State-integrity and data-availability mechanisms
Claim: USDS state integrity depends on Ethereum L1's data availability and state commitment mechanisms, which are quantum-vulnerable (KZG commitments for blobs).
Coverage basis: USDS token state and bridge escrow state are secured by Ethereum L1
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Ethereum KZG commitments and state-binding are quantum-vulnerable
Assurance: Ethereum's data availability layer uses KZG polynomial commitments, which rely on elliptic curve pairings vulnerable to quantum attack. The Ethereum Foundation acknowledges this and plans STARK-based or lattice-based replacement.
Applicable as a host-chain dependency. USDS token balances, allowances, and the bridge escrow on Ethereum all depend on L1 state integrity. Solana and other chain dependencies add additional quantum-vulnerable state-integrity surfaces.
Production Cryptographic Protection
Privacy and proof layers
Claim: USDS has no privacy or proof layer; it is a transparent ERC-20 stablecoin.
Coverage basis: N/A — USDS has no shielded transactions, ZK proofs, viewing keys, stealth addresses, or privacy layer
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Confirmed by official token documentation and source code: USDS implements standard ERC-20 with permit (EIP-2612) and EIP-1271 support. No privacy features exist.
Production Cryptographic Protection
P2P transport, node identity, peer authentication
Claim: USDS has no independent P2P network; it is a token that relies on host-chain P2P infrastructure.
Coverage basis: N/A — USDS is a smart-contract token without its own P2P network layer
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Token architecture confirmed by official documentation. No independent networking layer exists.
Production Cryptographic Protection
Critical wallet, custody, HSM, and hardware-wallet workflows
Claim: No PQ wallet, custody, HSM, or hardware-wallet workflows exist for USDS. All critical custody paths use classical ECDSA.
Coverage basis: All USDS custody (exchanges, treasuries, protocol-controlled assets, bridges) relies on Ethereum ECDSA
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Critical custody paths are ECDSA-only with no PQ or hybrid protection
Assurance: Major exchanges (Coinbase, Binance, etc.) hold USDS in standard Ethereum EOAs or multisigs. Sky Protocol's own treasury, surplus buffer, and SubProxy contracts are controlled via ECDSA-based governance. No PQ custody path exists at any level.
Sky DAO governance treasury, Spark SubProxy, Grove SubProxy, and bridge escrow contracts are all controlled by classical Ethereum signatures. The ERC1967Proxy admin is a critical custody risk.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected
Claim: 0% of USDS value-at-risk is protected from quantum key-recovery attacks. All ~$5B+ USDS circulating supply is held in quantum-vulnerable accounts or contracts.
Coverage basis: 100% of USDS supply exists on quantum-vulnerable chains with ECDSA spend authorization
Implementation score: 0.05 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: 0% value-at-risk coverage; all USDS is quantum-vulnerable
Assurance: Coverage <25% per QRI Section 9.3.1 → score of 1 (out of 20 subfactor weight). USDS supply exceeds $5B across Ethereum, Solana, Base, and Avalanche. Every single USDS token is held in accounts or contracts whose control depends on classical ECDSA or equivalent classical cryptography.
Includes: (a) all USDS in user EOAs with exposed public keys, (b) all USDS in smart contracts controlled by classical governance keys, (c) USDS locked in SkyLink/LayerZero bridge escrow, (d) USDS in Sky Protocol surplus buffer and SubProxy contracts, (e) sUSDS and stUSDS derivatives.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native
Claim: No critical wallets (treasuries, exchanges, custodians, bridges, foundations, major protocols) are PQ-protected. All critical custody paths are classical.
Coverage basis: All Sky Protocol treasuries, bridge escrows, SubProxy contracts, and exchange-held USDS use classical signatures
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No critical wallets are PQ-migrated or protected
Assurance: Sky Protocol's critical contracts (PauseProxy, ds-chief, Surplus Buffer, Spark/Grove/Keel/Obex SubProxies, SkyLink bridge escrow) are all governed by classical ECDSA-based multisig/DAO voting. Exchange-held USDS (Coinbase, Binance, etc.) uses standard Ethereum custody with no PQ path.
The ERC1967Proxy admin for USDS is the single most critical wallet — compromise via quantum attack would allow full token takeover. The admin's key configuration is not publicly documented in quantum-relevant detail.
Migration Status & Value-at-Risk
Legacy vulnerable pools identified, measurable, deprecated, migrated, frozen, or proven not to exist
Claim: No identification, measurement, deprecation, or migration of quantum-vulnerable USDS pools has been performed.
Coverage basis: No legacy migration work of any kind exists for USDS
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No legacy vulnerable pool identification or deprecation exists
Assurance: Confirmed negative: no Sky Protocol documentation, governance proposal, or code references any quantum-vulnerable pool identification, measurement, deprecation, freeze, or migration mechanism. Dormant USDS accounts and lost keys have no policy path to protection.
USDS has no mechanism to freeze, deprecate, or migrate quantum-vulnerable balances. Unlike some L1s that could implement salvage/freeze policies for unmigratable UTXOs, USDS's token contract provides no such capability, and Sky DAO has not proposed any.
Migration Mechanism, Governance & Ecosystem Coordination
Public migration or protection roadmap
Claim: No quantum migration or protection roadmap exists for USDS or Sky Protocol.
Coverage basis: Absence of any quantum roadmap confirmed by comprehensive documentation and governance review
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No quantum migration roadmap exists
Assurance: Sky Protocol governance proposals cover bridge migrations (Wormhole→LayerZero), token upgrades (MKR→SKY), parameter changes, and monthly settlement cycles, but none address quantum security or PQ migration. Ethereum L1's PQ roadmap (~2029) is a separate effort by the Ethereum Foundation and does not constitute a Sky Protocol roadmap.
Migration Mechanism, Governance & Ecosystem Coordination
Migration accessibility and defaults
Claim: No PQ account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, or migration prompts exist for USDS.
Coverage basis: No PQ migration tooling of any kind exists
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No PQ migration tooling, wallet support, or user education exists
Assurance: The Sky.money interface provides USDS minting, saving (SSR/sUSDS), and SKY token rewards functionality, but contains no quantum-related warnings, migration prompts, or PQ account options. Wallet integrations (MetaMask, MEW, etc.) use standard Ethereum ECDSA.
Users can still create new quantum-vulnerable accounts by default with no warning or alternative.
Migration Mechanism, Governance & Ecosystem Coordination
Migration enforcement and coordination
Claim: No enforcement mechanisms exist for quantum migration. No deprecation, freeze, disabled legacy signing, restricted withdrawals, or mandatory migration deadlines are in place.
Coverage basis: No enforcement mechanisms of any kind exist
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No quantum migration enforcement mechanisms exist
Assurance: Sky Protocol has classical security mechanisms (GSM Pause Delay, oracle price freeze, debt ceiling AutoLine, Protego cancellation) but none address quantum migration enforcement. Two-way bridge paths allow unrestricted value flow between quantum-vulnerable systems.
The upgradeable proxy pattern could theoretically be used to enforce migration, but no such mechanism has been designed, proposed, or tested.
Migration Mechanism, Governance & Ecosystem Coordination
Emergency disclosure, incident-response, or governance process for quantum vulnerabilities
Claim: No quantum-specific emergency disclosure, incident-response, or governance process exists for Sky Protocol.
Coverage basis: Sky Protocol has classical incident-response mechanisms (GSM Pause Delay, Protego, emergency spells) but none address quantum-specific scenarios
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No quantum-specific emergency or incident-response process exists
Assurance: Sky Protocol has classical security mechanisms (GSM Pause Delay currently 48 hours, Protego for cancelling queued actions, emergency spells via PauseProxy, office-hours modifier). These provide a governance framework that could theoretically respond to a quantum emergency, but no quantum-specific playbook, disclosure process, or contingency plan is documented.
The GSM Pause Delay (48 hours) provides a window for governance to react to malicious proposals, but: (a) quantum attacks on individual private keys have no delay, (b) the governance process itself relies on quantum-vulnerable signatures, and (c) no quantum-specific response protocol exists.
Algorithm & Implementation Assurance
Uses NIST-standardized or broadly reviewed PQC/hybrid-PQC algorithms
Claim: USDS uses no PQC or hybrid-PQC algorithms. All cryptography is classical (ECDSA secp256k1 for transactions, keccak256 for addresses).
Coverage basis: No PQ algorithms deployed or planned in any USDS or Sky Protocol component
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No NIST-standardized or reviewed PQ algorithms in use
Assurance: Verified by source code review of sky-ecosystem repositories and Etherscan contract verification. All contracts use standard Solidity patterns with no custom cryptographic primitives beyond Ethereum's native ECDSA and keccak256.
NIST finalized three PQ standards in August 2024 (FIPS 203 ML-KEM, FIPS 204 ML-DSA, FIPS 205 SLH-DSA). None are used or referenced in any Sky Protocol component.
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit for quantum-critical scope
Claim: No independent cryptographic audit covering quantum security exists for USDS or Sky Protocol. Existing audits (ChainSecurity, Cantina) are classical-only.
Coverage basis: All existing audits are scope-mismatched for quantum security evaluation
Implementation score: 0 · Evidence confidence: High
Issue classification: assurance-only caveat · Score treatment: score-reducing
Quantum blocker: No quantum-specific cryptographic audit exists
Assurance: ChainSecurity's USDS audit confirms ERC-20 compliance and converter mechanics. ChainSecurity's Sky OApp OFT audit covers the LayerZero bridge adapter but explicitly excludes LayerZero itself and contains no quantum review. Cantina's portfolio includes Sky contracts with classical-only scope. These audits provide strong classical assurance but zero quantum assurance.
This is classified as an assurance-only caveat for the audit scope gap, but score-reducing because: (a) no quantum-critical implementation exists to audit, and (b) the absence of any quantum audit reflects the project's complete lack of quantum readiness. If PQ features were deployed, a scope-mismatched audit would be confidence-only.
Algorithm & Implementation Assurance
Open-source, reproducible implementation
Claim: USDS contracts are open-source (AGPL-3.0), verified on Etherscan, and publicly available on GitHub. Implementation is reproducible.
Coverage basis: All core USDS contracts are open-source and verified
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: USDS token contract is verified on Etherscan with full Solidity source code. Sky Ecosystem GitHub organization provides source for USDS, sUSDS, stUSDS, and related contracts under AGPL-3.0. Build and test instructions are available. This is a strength for classical auditability and future PQ migration verification.
Full marks for open-source reproducibility. This is the only subfactor where USDS scores maximum points.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path documented
Claim: USDS uses ERC1967Proxy (UUPS upgradeable pattern), providing technical upgrade capability. However, no quantum-specific upgrade path is documented, designed, or tested.
Coverage basis: Upgrade mechanism exists but no quantum-specific agility documentation
Implementation score: 0.25 · Evidence confidence: High
Issue classification: operational/product caveat · Score treatment: score-reducing
Assurance: The ERC1967Proxy pattern provides a well-understood upgrade mechanism. Sky Protocol has demonstrated upgrade capability through multiple governance-executed upgrades (Wormhole→LayerZero bridge migration, MKR→SKY token upgrade, stUSDS onboarding). However, no quantum-specific upgrade path, PQ signature scheme selection, or migration sequencing has been documented. Scored at 0.25 (proposal/roadmap level) because the mechanism exists but quantum-specific design is absent.
The upgradeable proxy is a double-edged sword: it enables future PQ upgrades but also means the proxy admin key is a critical single point of quantum vulnerability.
Algorithm & Implementation Assurance
Stateful-signature safety
Claim: USDS does not use stateful hash-based signatures (XMSS/LMS). No state-management or anti-reuse risks apply.
Coverage basis: N/A — USDS uses only stateless ECDSA signatures
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: If USDS were to adopt XMSS/LMS-style stateful PQ signatures in the future, this subfactor would become applicable and would require evaluation of state-management controls, anti-reuse mechanisms, and hardware-wallet compatibility.
Algorithm & Implementation Assurance
Performance and resource-impact analysis
Claim: No PQ performance or resource-impact analysis exists for USDS or Sky Protocol.
Coverage basis: No PQ deployment exists to analyze, and no analysis has been published
Implementation score: 0 · Evidence confidence: High
Issue classification: operational/product caveat · Score treatment: note-only
Assurance: No PQ deployment or performance analysis exists. This is expected given the complete absence of PQ work, but it is recorded for completeness. When/if Sky Protocol considers PQ migration, gas cost analysis of PQ signature verification, storage impact of larger PQ keys, and bridge message overhead will be relevant.
Classified as note-only (operational/product caveat) because the absence of performance analysis does not independently create or preserve a quantum-attack path — the underlying ECDSA-only posture is the primary vulnerability.
Report metadata