The post-quantum confidential settlement layer for institutions.
A blockchain whose security is built to outlast quantum computers: every layer is post-quantum, so what settles here stays protected the day quantum can forge the signatures that guard ordinary chains. The post-quantum settlement chain is live on a public testnet today; confidential settlement, with amounts hidden and selective disclosure for regulators, is in build.
The deadlines aren't ours. They're already set.
The move to post-quantum security is when, not if. Standards bodies have set the dates, and anything signed today still has to verify decades from now. Waiting until quantum arrives is too late: data recorded now can be decrypted later.
Built for assets that outlive their cryptography.
A neutral rail that custodians, central banks, and tokenization platforms run behind their existing systems. Permissioned where it needs to be, with public-chain anchoring on the roadmap.
Tokenized assets and RWAs
Treasury tokens, private-credit notes, tokenized funds. Title to the asset has to outlive the cryptography that signed it.
Central-bank pilots and CBDCs
Inter-bank and wholesale settlement that needs permissioned validators. The testnet runs multi-validator consensus today; anchoring to a public chain is on the roadmap.
Regulated stablecoins and post-trade
Issuers and clearing infrastructure inside the scope of the same post-quantum mandates.
Long-duration records
Bonds, insurance reserves, title and identity records. Anything signed today that must still verify in 2050.
Post-quantum at every layer. No classical fallback.
Most chains can be broken by a future quantum computer. Nixeon is built so they can't: signatures, state, proofs, and hashing all use post-quantum cryptography, with nothing classical left to break.
Quantum-resistant end to end
Every cryptographic layer is post-quantum, almost all of it lattice-based. Not a signature swapped onto a classical chain: the whole stack.
One proof per block
Each block folds into a single proof your auditor can check, no matter how many transactions it holds. One artifact to verify, not one per transaction.
Transparency you can verify
Every block, balance, and parameter is visible in the explorer. You check the chain, you don't just trust it. On-chain data and published parameters; source opens as the project matures.
The everyday things, built to outlast quantum.
Hold, send, settle, and verify like you would anywhere, on a chain whose security does not break the day quantum arrives. Live on the public testnet today.
Protection that doesn't expire
LiveEvery layer is post-quantum, so what settles here is quantum-resistant from day one. No migration, no wallet swap, no waiting for a patch later.
Harvest-now-decrypt-later, handled
LiveAn attacker can record transactions today and break them once quantum matures. On a post-quantum chain that recorded data stays protected. What settles now is still safe later.
Quick settlement
LiveSub-second blocks with deterministic finality and real sustained throughput. You do not trade speed for the future-proofing; it is quick and quantum-resistant.
Transparency you can verify
LiveEvery block, balance, and parameter is visible in the explorer, with published parameters and benchmarks. You check the chain rather than take a number on faith.
Self-custody
LiveKeys are held by the holder, not a bank and not us. No custodian can freeze, seize, or move funds. The protection is yours to keep.
A wallet that works
Live on testnetA browser wallet with a recovery phrase, send and receive, and a full block explorer. The cryptography is invisible; it feels like a normal wallet.
An order of operations, not a calendar.
Each step builds on the last. The cryptography ships when the analysis is solid, not when a quarter ends.
Privacy-ready state (UTXO)
UTXO state with lattice commitments, live on this testnet. The foundation for sub-transaction privacy: counterparties see what they need, outsiders see only that a valid transition happened. Disclosure controls arrive in Step 3.
Proof soundness
Chain soundness is estimated at the 128-bit level, set by the HAWK-512 (NIST Level I) signature layer. The folding scheme is built to clear that same bar, with the margin checked by a standing test on every build.
Auditable confidentiality (viewing keys)
Selective-disclosure viewing keys for counterparties, regulators, and auditors. Lattice commitments hide amounts; viewing-key holders verify and disclose.
Multi-validator consensus
The consensus this testnet runs today. Header aggregation for fast light-client verification is the next addition.
Spec-grade prover
A spec-faithful, reference-parity prover for external audit. The soundness floor is already met; this is the hardening and audit gate before any production deployment.
Recursive folding
Folding a fold, for compact light-client proofs at high throughput. Ships when the soundness work is solid.
Four steps. Testnet alpha.
Send a post-quantum signed transaction in under a minute.
Create a wallet
Your wallet and keys are created right in your browser. The private key never leaves your device.
Open wallet →Claim test tokens
Grab free testnet tokens to try it. Rate-limited per IP. They have no monetary value.
Visit faucet →Send a transaction
Hit Send to submit a post-quantum signed transfer and watch it land on-chain.
Send a tx →Verify in the explorer
Browse recent blocks and confirm your transaction. Block proofs run automatically for blocks that touch state.
Open explorer →The questions your security team asks first.
What exactly is "post-quantum" here?
Every layer, not just the signature.
| Layer | Primitive | Hard problem | Status |
|---|---|---|---|
| Signatures | HAWK-512 | Lattice Isomorphism (LIP) | integrated |
| State commitment | Ajtai / Ring-SIS (PQE_Q ring) | Module-SIS | integrated |
| Block proof | LatticeFold-style folding | Module-SIS | integrated |
| Hashing | SHAKE-256 | SHA-3 preimage | integrated |
| Attestation aggregation | Chipmunk-PoA | Module-SIS | planned |
One ring, one parameter set, one folded proof per block. The cryptography is published research; the integration is ours.
How strong is the security?
We state it conservatively: chain soundness estimated at the 128-bit level, set by the signature layer (HAWK-512, NIST Level I). The lattice layers above it (state commitment and proofs) are independently estimated much higher, around 280-bit classical and 250-bit quantum, using the standard lattice estimator. Parameters are published, not asserted.
And the block proof itself?
Chain soundness is estimated at the 128-bit level, set by the HAWK-512 (NIST Level I) signature layer. The folding scheme is built to clear that same bar, with the margin checked by a standing test on every build. The current folded proof is around 2.3 MB; reducing that is ongoing work.
How fast is it?
About 437 transactions per second sustained on a single validator under a deliberately conservative block policy; the same machine measured about 2,441 with larger blocks, so the ceiling is policy, not the prover. Blocks tick well under a second with deterministic finality.
Can we run it permissioned?
Yes. Multi-validator consensus runs the testnet today. Header aggregation for fast light-client verification is on the roadmap.
How does this fit NIST and CNSA 2.0?
SHAKE-256 is FIPS 202. HAWK is in the NIST additional-signatures track, not currently CNSA 2.0-approved. A documented contingency confines a move to ML-DSA to the signature layer alone, so a stricter CNSA 2.0 posture stays in reach without re-architecting the chain.
What's the procurement surface?
Settlement only today. No untrusted smart-contract VM. Programmability comes after the cryptography reaches audit-grade.
Can we adopt incrementally?
Yes. Adopt HAWK on an existing chain, run Nixeon as a sidecar settlement layer, or integrate the full stack.
What about privacy?
Auditable confidentiality, not anonymity. The roadmap adds viewing-key-gated selective disclosure for counterparties, regulators, and auditors. It's a roadmap item; amounts are public today.
Is it audited? Ready for real funds?
Not yet, and we say so plainly. This is a public testnet alpha. An external post-quantum security audit is the gate before production use with real funds.
Evaluating post-quantum settlement? Tell us what you're building.
Custodians, issuers, and builders weighing the migration: send a note and we'll pick it up. Tell us your use case and where you are in planning.