post-quantum-packages
Production-grade post-quantum cryptography for TypeScript and Rust.
No legacy algorithms. NIST-standardized. Production-ready.
A unified monorepo implementing NIST-standardized post-quantum cryptography (FIPS 203, 204, 205) packages across two languages. Every package ships to npm and crates.io with identical APIs and shared test vectors.
Python support is planned. Current priority is TypeScript and Rust. Python implementations will follow once the core APIs stabilize. The package structure, CI pipeline, and publish workflows for Python are already in place — contributions are welcome. Track progress in issues.
All implementations target NIST security categories I, III, and V. All parameter choices follow the normative requirements of their respective FIPS standards. Rust crates are no_std capable where applicable. Packages are designed with PQ payload sizes as a first-class constraint — because in real protocols, bytes-on-wire matter.
Built by MultiVM Labs — the R&D lab behind Quantum, the EVM-compatible Layer 1 blockchain where post-quantum authorization is the default, not a plugin.
Most blockchains and web infrastructure rely on classical signatures (ECDSA, EdDSA, RSA) that are vulnerable to quantum computers via Shor's algorithm. NIST finalized the replacements in August 2024 — FIPS 203/204/205 standardize ML-KEM, ML-DSA, and SLH-DSA — and Falcon (FN-DSA) is selected for a future standard (FIPS 206). The "which algorithms?" question is converging. It's time to do systems engineering, not wait.
But adopting PQC means touching every layer of your stack: key encoding, signatures, certificates, JWTs, TLS, SSH, wallet tooling, blockchain transactions. PQ signatures are also significantly larger than classical ones (2.4 KB for ML-DSA-44 vs 64 bytes for Ed25519), which cascades into bandwidth, storage, and consensus scaling — what we call the PQ scaling cliff.
Existing options only support a single language or lack the higher-level tooling (key encoding, JWK, certificates, JWS) needed for real applications. This repository provides that tooling across both TypeScript and Rust with consistent APIs. Every package is built with PQ payload sizes treated as a first-class design constraint.
| post-quantum-packages | liboqs bindings | pqcrypto crate | |
|---|---|---|---|
| TypeScript + Rust tooling | Yes | No | No |
| TypeScript + Rust | Yes | Partial | Rust only |
| FIPS 203 / 204 / 205 | Yes (target) | Yes | Partial |
no_std (Rust) |
Yes | No | Partial |
Individual package readiness varies — see the version guide below. Packages at
v0.0.1are scaffolded and open for contribution.
| Runtime | Version |
|---|---|
| Bun | 1.0+ |
| Node.js | 18+ |
| Rust | 1.78+ |
Every package is implemented in TypeScript and Rust with consistent APIs.
Version guide: Packages at
v0.0.1are scaffolded but not yet implemented. Versions≥ 1.0.0are production-ready.Audit status: Packages with a pending audit are marked accordingly. Remaining packages will be scheduled as implementations mature.
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-oid |
OID constants for ML-KEM, ML-DSA, SLH-DSA |  |
 |
Pending |
pq-algorithm-id |
Algorithm identifier mappings (JOSE, COSE, X.509) |  |
 |
— |
pq-key-encoder |
Key encoding (DER, PEM, JWK, SPKI, PKCS#8) |  |
 |
Pending |
pq-test-vectors |
NIST test vectors as importable fixtures |  |
 |
— |
pq-key-strength |
Classical vs PQ security level comparison |  |
 |
— |
pq-size-calculator |
Signature/ciphertext/key size calculator |  |
 |
— |
pq-key-fingerprint |
Public key fingerprint generation |  |
 |
— |
pq-rng |
Deterministic RNG for testing |  |
 |
— |
pq-side-channel |
Side-channel resistant helpers |  |
 |
— |
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-spki |
SubjectPublicKeyInfo encoding |  |
 |
— |
pq-pkcs8 |
PKCS#8 private key encoding |  |
 |
— |
pq-csr |
Certificate Signing Requests |  |
 |
— |
pq-cert-parse |
X.509 certificate parsing (read-only) |  |
 |
— |
pq-cert-verify |
X.509 certificate chain verification |  |
 |
— |
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-jws |
JSON Web Signature with ML-DSA |  |
 |
— |
pq-jwe |
JSON Web Encryption with ML-KEM |  |
 |
— |
pq-jwk |
JSON Web Key serialization |  |
 |
— |
pq-jwt-verify |
Verify-only JWT (smaller bundle) |  |
 |
— |
pq-cose |
CBOR Object Signing and Encryption |  |
 |
— |
pq-cms |
Cryptographic Message Syntax |  |
 |
— |
pq-pkcs7 |
PKCS#7 signatures |  |
 |
— |
pq-xmldsig |
XML Digital Signatures with ML-DSA |  |
 |
— |
pq-dkim |
DKIM email signing |  |
 |
— |
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-ecies |
ECIES-style encryption with ML-KEM |  |
 |
— |
pq-hpke |
Hybrid Public Key Encryption |  |
 |
— |
pq-kem-combiner |
Secure multi-KEM combiner |  |
 |
— |
pq-noise |
Noise protocol patterns with PQ |  |
 |
— |
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-fido2 |
FIDO2/CTAP2 with PQ |  |
 |
— |
pq-webauthn |
Server-side WebAuthn with ML-DSA |  |
 |
— |
pq-ssh-agent |
SSH agent protocol with PQ keys |  |
 |
— |
pq-kerberos |
Kerberos ticket handling with PQ |  |
 |
— |
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-tls-client |
TLS 1.3 client with PQ key exchange |  |
 |
— |
pq-dtls |
DTLS with PQ for UDP |  |
 |
— |
pq-quic-crypto |
QUIC crypto layer with PQ |  |
 |
— |
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-eth-signer |
Ethereum transaction signing with PQ |  |
 |
— |
pq-solana-signer |
Solana transaction signing with PQ |  |
 |
— |
pq-bitcoin-taproot |
Taproot-compatible PQ signatures |  |
 |
— |
| Package | Description | npm | crates.io | Audit |
|---|---|---|---|---|
pq-wasm |
Browser-ready WASM build |  |
 |
— |
pq-worker |
Web Worker wrapper for non-blocking PQ |  |
 |
— |
The examples below use
pq-oidandpq-key-encoder, which are among the first implemented packages. Check each package's version before installing —v0.0.1means scaffolded only.
npm install pq-oid pq-key-encoderimport { OID, Algorithm } from 'pq-oid';
import { fromDER, toPEM, type KeyData } from 'pq-key-encoder';
// Look up algorithm metadata
const info = Algorithm.get('ML-DSA-65');
// { name: 'ML-DSA-65', oid: '2.16.840.1.101.3.4.3.18', publicKeySize: 1952, ... }
// Decode a DER-encoded public key (auto-detects SPKI)
const key = fromDER(derBytes);
// { alg: 'ML-DSA-65', type: 'public', bytes: Uint8Array }
// Convert to PEM
const pem = toPEM(key);
// -----BEGIN PUBLIC KEY-----
// MIIHsjALBgkr...
// -----END PUBLIC KEY-----[dependencies]
pq-oid = "1.0"
pq-key-encoder = "1.0"use pq_oid::{MlDsa, Algorithm};
use pq_key_encoder::{PublicKey, PrivateKey};
// Algorithm metadata
let dsa: MlDsa = "ML-DSA-65".parse().unwrap();
assert_eq!(dsa.oid(), "2.16.840.1.101.3.4.3.18");
// Decode a DER-encoded public key
let key = PublicKey::from_spki(&der_bytes)?;
assert_eq!(key.algorithm(), Algorithm::MlDsa(MlDsa::Dsa65));
// Encode to PEM
let pem = key.to_pem();All packages implement the NIST post-quantum standards:
| Standard | Algorithms | Type | Security Categories | Status |
|---|---|---|---|---|
| FIPS 203 (ML-KEM) | ML-KEM-512, ML-KEM-768, ML-KEM-1024 | Key Encapsulation | I, III, V | Final (Aug 2024) |
| FIPS 204 (ML-DSA) | ML-DSA-44, ML-DSA-65, ML-DSA-87 | Digital Signatures | II, III, V | Final (Aug 2024) |
| FIPS 205 (SLH-DSA) | SLH-DSA-SHA2/SHAKE-128s/128f/192s/192f/256s/256f | Hash-Based Signatures | I, III, V | Final (Aug 2024) |
PQ signatures are larger than classical ones. This is the fundamental engineering constraint these packages are designed around:
| Scheme | Signature Size | Notes |
|---|---|---|
| Ed25519 (classical) | 64 B | Vulnerable to quantum attack |
| ML-DSA-44 | 2,420 B | FIPS 204, lattice-based |
| ML-DSA-65 | 3,309 B | FIPS 204, lattice-based |
| SLH-DSA-SHA2-128s | 7,856 B | FIPS 205, hash-based (conservative hedge) |
packages/
├── pq-oid/
│ ├── ts/ # TypeScript → npm
│ ├── rust/ # Rust → crates.io
│ └── python/ # Python → PyPI (planned)
├── pq-key-encoder/
│ ├── ts/
│ ├── rust/
│ └── python/
└── ... # same structure for all packages
Each language implementation has its own README with detailed API docs, installation instructions, and usage examples.
# TypeScript — all packages
bun install && npm test
# Rust — all packages
cargo testCI runs smart change detection — only affected packages are tested on each push.
We welcome contributions. See CONTRIBUTING.md for development setup, coding standards, and the PR process.
Looking for a place to start? Check out issues labeled good first issue.
Note: For non-trivial changes, please open an issue or discussion first before writing code. This prevents wasted effort and helps us align on the approach.
This is a cryptography library. Security reports are taken seriously.
For vulnerabilities, see SECURITY.md. Do not open public issues for security concerns.
- Quantum — EVM-compatible Layer 1 blockchain where PQ authorization is the default. Uses these packages for PQ transaction signing, key encoding, verifier contract tooling, and the PQ Wallet Layer that brings PQ-secured smart wallets to existing EVM chains. See the Quantum Litepaper for the full protocol design.
Using these packages? Open a PR to add your project here.
If you use these packages in academic work, please cite:
@software{pq_packages,
title = {post-quantum-packages: Production PQC for TypeScript and Rust},
author = {{MultiVM Labs}},
url = {https://github.com/multivmlabs/post-quantum-packages},
year = {2026}
}MIT — use freely in commercial and open source projects.
Built by MultiVM Labs · Quantum · Twitter · GitHub