Buszok

Is there any retirement play this cycle and why is it $QST? 🧵 1) What is @qu_stream ?👇 QuStream invented top1 secure quantum encryption algorithm without flaws of their existing competitors which allows to be used by all blockchains, medical data, banks, enterprises etc.

@Andercot Race is canceled . @qu_stream is here with solution :) soon enough in mainstream

Six years ago it we thought it'd take 10 million qubits to break any Bitcoin public key. Four years ago it was 2 million qubits. 16 hours ago Google published a paper showing it can be done with 500,000 qubits in 20 minutes. Race is on. Top prize? $76 billion: Satoshi wallet

@MCGlive @qu_stream They are waaaaay further now :)

Back in October last year we featured $QST @qu_stream who was working on Quantum resistant Bitcoin security.

A funny sounding comment, a dangerous exposure via coffee machine, but this highlights the truly daunting task of remediation that lies ahead. Every device, IoT proliferation throughout our lives, all mitigated individually for the quantum threat? It could take years and still miss vital in-roads to your environment. Or...total mitigation via drop in use of a quantum-secure network. @qu_stream will be able to completely erase the migration effort in one swoop. The value of perfect secrecy along with easy implementation is not even close to priced in yet. Soon, though. $QST

@corcoranwill Start research here brother. Solution is there already :)

Today I had the opportunity to present Ethereum's post-quantum security strategy at the Institutional Ethereum Forum in NYC. 15 minutes to explain why every proof-of-stake blockchain faces the same signature aggregation problem — and what the EF is doing about it. We also launched pq.ethereum.org — a dedicated resource that brings together everything the PQ/Crypto teams have been working on: → How PQ impacts each protocol layer → The full PQ roadmap → Open resources — repos, specs, papers → FAQ — 14 questions we keep getting from institutions, now open-sourced → Interest form for the 2nd Annual PQ Research Retreat (Cambridge, Oct 2026) Huge thanks to @drakefjustin @tcoratger @asanso and the entire PQ team, the @leanEthereum client teams shipping devnets every week. Next week: Fort Mode in Cannes. pq.ethereum.org

Some of the most important work in quantum-proof security isn’t public yet. Our CEO, Adrian Neal, presenting at Nokia’s Swiss Innovation Day today. The pieces are coming together.

Most encryption will not be broken in the future. It will be collected today and decrypted later. This is the real risk behind quantum computing. And it is already happening. 🧵

@EliBenSasson Indeed . Proper solution is already here . World’s first Quantum ITS . Soon in mainstream @qu_stream

The threat that quantum computers pose to Bitcoin is not binary: it's not the case that Bitcoin is only at risk if a quantum computer exists, and it's safe as long as a QC hasn't appeared yet. No. Disregarding the possibility that quantum computers will become a reality threatens the confidence people have in Bitcoin. We can stop this threat. The first step is to acknowledge it. The second step is to look for solutions (which exist).

@SlikkSmith @AiEmpaths @VitalikButerin @qu_stream He will understand what I’m talking about soon enough :)

Having your quantum secure algorithm implemented into a hardware provider's network layer is a far cry from "flexing quantum hardware" as you put it. If all you can do is highly doubt without a cursory glance to understand what it is that's being discussed, I don't know if you're using the tools at your disposal effectively.

Now, the quantum resistance roadmap. Today, four things in Ethereum are quantum-vulnerable: * consensus-layer BLS signatures * data availability (KZG commitments+proofs) * EOA signatures (ECDSA) * Application-layer ZK proofs (KZG or groth16) We can tackle these step by step: ## Consensus-layer signatures Lean consensus includes fully replacing BLS signatures with hash-based signatures (some variant of Winternitz), and using STARKs to do aggregation. Before lean finality, we stand a good chance of getting the Lean available chain. This also involves hash-based signatures, but there are much fewer signatures (eg. 256-1024 per slot), so we do not need STARKs for aggregation. One important thing upstream of this is choosing the hash function. This may be "Ethereum's last hash function", so it's important to choose wisely. Conventional hashes are too slow, and the most aggressive forms of Poseidon have taken hits on their security analysis recently. Likely options are: * Poseidon2 plus extra rounds, potentially non-arithmetic layers (eg. Monolith) mixed in * Poseidon1 (the older version of Poseidon, not vulnerable to any of the recent attacks on Poseidon2, but 2x slower) * BLAKE3 or similar (take the most efficient conventional hash we know) ## Data availability Today, we rely pretty heavily on KZG for erasure coding. We could move to STARKs, but this has two problems: 1. If we want to do 2D DAS, then our current setup for this relies on the "linearity" property of KZG commitments; with STARKs we don't have that. However, our current thinking is that it should be sufficient given our scale targets to just max out 1D DAS (ie. PeerDAS). Ethereum is taking a more conservative posture, it's not trying to be a high-scale data layer for the world. 2. We need proofs that erasure coded blobs are correctly constructed. KZG does this "for free". STARKs can substitute, but a STARK is ... bigger than a blob. So you need recursive starks (though there's also alternative techniques, that have their own tradeoffs). This is okay, but the logistics of this get harder if you want to support distributed blob selection. Summary: it's manageable, but there's a lot of engineering work to do. ## EOA signatures Here, the answer is clear: we add native AA (see eips.ethereum.org/EIPS/eip-8141 ), so that we get first-class accounts that can use any signature algorithm. However, to make this work, we also need quantum-resistant signature algorithms to actually be viable. ECDSA signature verification costs 3000 gas. Quantum-resistant signatures are ... much much larger and heavier to verify. We know of quantum-resistant hash-based signatures that are in the ~200k gas range to verify. We also know of lattice-based quantum-resistant signatures. Today, these are extremely inefficient to verify. However, there is work on vectorized math precompiles, that let you perform operations (+, *, %, dot product, also NTT / butterfly permutations) that are at the core of lattice math, and also STARKs. This could greatly reduce the gas cost of lattice-based signatures to a similar range, and potentially go even lower. The long-term fix is protocol-layer recursive signature and proof aggregation, which could reduce these gas overheads to near-zero. ## Proofs Today, a ZK-SNARK costs ~300-500k gas. A quantum-resistant STARK is more like 10m gas. The latter is unacceptable for privacy protocols, L2s, and other users of proofs. The solution again is protocol-layer recursive signature and proof aggregation. So let's talk about what this is. In EIP-8141, transactions have the ability to include a "validation frame", during which signature verifications and similar operations are supposed to happen. Validation frames cannot access the outside world, they can only look at their calldata and return a value, and nothing else can look at their calldata. This is designed so that it's possible to replace any validation frame (and its calldata) with a STARK that verifies it (potentially a single STARK for all the validation frames in a block). This way, a block could "contain" a thousand validation frames, each of which contains either a 3 kB signature or even a 256 kB proof, but that 3-256 MB (and the computation needed to verify it) would never come onchain. Instead, it would all get replaced by a proof verifying that the computation is correct. Potentially, this proving does not even need to be done by the block builder. Instead, I envision that it happens at mempool layer: every 500ms, each node could pass along the new valid transactions that it has seen, along with a proof verifying that they are all valid (including having validation frames that match their stated effects). The overhead is static: only one proof per 500ms. Here's a post where I talk about this: ethresear.ch/t/recursive-st… firefly.social/post/farcaster…

@AiEmpaths @VitalikButerin @qu_stream Keep doubting. Soon in Europe used by big and known hardware supplier for their Quantum-Secure Networks :)

@buszok @VitalikButerin @qu_stream i fucking highly doubt that ..... you got persistent topology/ quantum kernel that can map geometric intelligence protecting Ethereum in real-time??????????????

@misconfig_exe Proper solution to this threat is already here. @qu_stream . Soon in mainstream :)

Quantum is basically Y2K20s. The problem will be resolved. HOWEVER: Fear will produce losses in market value (buying opportunities). This will then produce incentives to implement solutions. That will produce massive investment. Once resolved, crypto-assets will pump. See Y2K

@jtrader @grok check @qu_stream :)

@grok give me a list of those projects @grok

Hey @grok What’s the modern equivalent of buying Bitcoin in 2010 that nobody takes seriously yet?

Paris. March 24. @QSECDEF 2026. ⚛️ QuStream is presenting a new standard for data sovereignty. We help nations and enterprises move beyond temporary patches to permanent, quantum-proof infrastructure. Follow our mission to secure the global digital economy. 🛡️

When qustream CEO answers on ur fud😁

The great Bitcoin dump of February 2026. Compilation of real time anime clips put together.

Stop looking at the surface. Most security only fixes small problems. QuStream builds a deep foundation that cannot be broken. We move beyond temporary updates to permanent protection. See how deep our technology goes. 🛡️

@qu_stream @nokia @AdrianGNeal Let them cook… 🍖

QuStream is heading to Swiss Innovation Day 2026 for @Nokia's Quantum Safe Networking summit. ⚛️🇨🇭 @AdrianGNeal is joining the front lines to discuss the future of critical infrastructure & long-term security. Relevant news coming soon.