curious about the FALCON-512 integration, are you using it for transaction signing only, or also for node identity/P2P authentication? the latter is where most "quantum-resistant" chains cut corners.
Great question — currently FALCON-512 is used for transaction signing only.
Node identity and P2P authentication use standard TCP connections without
post-quantum authentication at the transport layer, which you're right to
flag as a corner being cut.
The roadmap has P2P authentication as a Phase 2 item before public testnet.
The plan is to use FALCON-512 for node identity keys as well, so every
peer connection is authenticated with post-quantum signatures.
For the current Cori Testnet the threat model assumes honest nodes —
which is reasonable for a testnet but not acceptable for mainnet.
Full post-quantum P2P authentication is a hard requirement before mainnet launch.
Appreciate you asking the hard question rather than the easy ones.
haha that's the right call to make it a hard requirement before mainnet. the transport layer is often where production deployments get compromised even when the crypto primitives are sound. good luck with the testnet!;)
Update: just implemented it. Each node now generates a persistent
FALCON-512 keypair on first startup stored in node_identity.json.
Node ID is exposed at GET /identity and included in /status.
Block mining signatures now include the node's FALCON-512 signature.
P2P peer registration includes node_id exchange.
curious about the FALCON-512 integration, are you using it for transaction signing only, or also for node identity/P2P authentication? the latter is where most "quantum-resistant" chains cut corners.
Great question — currently FALCON-512 is used for transaction signing only. Node identity and P2P authentication use standard TCP connections without post-quantum authentication at the transport layer, which you're right to flag as a corner being cut.
The roadmap has P2P authentication as a Phase 2 item before public testnet. The plan is to use FALCON-512 for node identity keys as well, so every peer connection is authenticated with post-quantum signatures.
For the current Cori Testnet the threat model assumes honest nodes — which is reasonable for a testnet but not acceptable for mainnet. Full post-quantum P2P authentication is a hard requirement before mainnet launch.
Appreciate you asking the hard question rather than the easy ones.
haha that's the right call to make it a hard requirement before mainnet. the transport layer is often where production deployments get compromised even when the crypto primitives are sound. good luck with the testnet!;)
Update: just implemented it. Each node now generates a persistent FALCON-512 keypair on first startup stored in node_identity.json. Node ID is exposed at GET /identity and included in /status. Block mining signatures now include the node's FALCON-512 signature. P2P peer registration includes node_id exchange.
Full commit: github.com/Kstyle12/qubit-topcoin