Platform · Post-Quantum

Post-quantum readiness.

TrueSign is designed for staged migration to post-quantum signatures. Customers procuring under federal evaluation can specify hybrid signing today.

The protocol carries an explicit cryptographic suite identifier in canonical intent, allowing a controlled shift from classical signatures (Ed25519, ECDSA P-256) to post-quantum signatures (ML-DSA, FIPS 204) without breaking receipt verification.

Hybrid signing, the simultaneous production of a classical and a post-quantum signature over the same canonical intent, is available for institutions whose procurement standards reference NSA CNSA 2.0 or the equivalent national directives.

Migration is a property of the deployment, not the protocol. Customer-operated deployments can pin a fixed suite for the duration of an approved evaluation, while sovereign-cloud deployments roll suites under explicit change control.

ClassicalEd25519, ECDSA P-256

Post-quantumML-DSA (FIPS 204)

HybridClassical + ML-DSA, opt-in

ReferenceNSA CNSA 2.0 alignment

Receipt forward-compatSuite identifier in canonical intent