Ten questions produce two independent quantum risk scores for your blockchain deployment. The assessment distinguishes between the signing key exposure threat : where Shor's algorithm on a cryptographically relevant quantum computer could derive private keys from permanently recorded public keys : and the encrypted data threat, where harvest-now-decrypt-later collection targets on-chain ciphertext. The two threats apply to different chain types and require different mitigations. This tool assesses each separately. No account required. Browser-only. No email or company details are transmitted or stored. Results data is anonymised.
Blockchain systems face two structurally distinct quantum computing threats. Most existing blockchain risk assessments conflate them under a single score. This tool separates them, because the technical basis, the chain types affected, and the appropriate mitigations are different in each case.
If your deployment uses a public chain without encrypted data, the HNDL score will return N/A with a brief explanation. Both scores are delivered at the end of the same session.
Why this tool separates the two vectors
A Bitcoin wallet operator assessing quantum risk needs to know whether unspent P2PK outputs are exposed to Shor-based key recovery. They do not have an encrypted data HNDL problem: there is no ciphertext. Conversely, a Hyperledger Fabric operator encrypting supply chain data on a private channel has an HNDL problem, but not a signing key exposure problem in the same sense. Conflating these vectors produces a single score that is misleading for both operator types.
This tool calculates two independent risk scores from ten weighted questions. Each score maps to a five-tier risk level: Negligible, Low, Moderate, High, Critical. The weightings reflect the Mosca inequality framework, NIST FIPS 203/204/205, and NSA CNSA 2.0 migration guidance.
No email or company details are transmitted or stored. Anonymised country, industry, and results data are recorded for sector-level benchmarking. No account is required.
Your quantum risk scores are calculated from your assessment answers. No personal identifiers, company name, or IP address are associated with the anonymised data recorded.
If you choose to download your results as a PDF, that file is generated on your device. No email or company details are transmitted or stored by Quantum Security Defence.
For questions about how Quantum Security Defence handles personal data in other contexts, see our privacy policy.
Country is recorded anonymously for industry-level reporting only. No email, name, or company details are transmitted or stored.
The Industry selection is required and recorded anonymously. Your industry may impact your score. Be sure to choose your nearest industry category.
Not recorded. Only used to personalise your PDF report cover page in this browser session.
Not recorded. Only used to personalise your PDF report cover page in this browser session.
Name and company are used only within your browser session to personalise the PDF cover page. They are not stored or transmitted.
Shor's algorithm : Peter Shor (1994) established the polynomial-time algorithm for the discrete logarithm problem. Applied to elliptic curve groups, Shor's algorithm enables private key recovery from any exposed public key on ECDSA secp256k1, Ed25519, BLS12-381, or equivalent schemes.
Quantum resource estimates : Banegas et al. (2021, IACR TCHES, Tier 1) and Webber et al. (2022, npj Quantum Information, Tier 1) provide resource estimates for breaking 256-bit elliptic curve keys. Webber et al. estimated approximately 317 × 10&sup6; physical qubits for a one-hour attack on secp256k1.
Mosca inequality : Michele Mosca (2018, IEEE Security and Privacy, Tier 1) provides the formal framework: HNDL risk is material when t_m + t_s > t_q. This tool uses qualitative scoring as a proxy because t_q carries significant uncertainty.
NSA CNSA 2.0 : ML-KEM-1024 for key establishment (2030 target), ML-DSA-87 for digital signatures (2033 target). CNSA 2.0, not vendor-published timelines, is the authoritative migration deadline reference used in this tool.
NIST standards : NIST FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA), finalised August 2024, are the post-quantum algorithm standards. All algorithm names use the NIST-assigned designations.
This tool provides a directional score. A formal assessment covers your full key exposure inventory, migration architecture, and regulatory obligations under DORA, NIS2, and CNSA 2.0.
