Eight Years of Building the Quantum-Safe Future

When the QRL mainnet launched in June 2018, quantum computing was still largely theoretical to most of the blockchain world. The idea that the cryptographic bedrock of Bitcoin and Ethereum could one day be broken by a quantum computer was treated by most as a distant, abstract concern. FUD, even.

We built for that future from day one with QRL 1.x, and today, we are in the home stretch of delivering QRL 2.0.

As we celebrate eight years of continuous, secure mainnet operation, our focus is entirely on the finish line. We are currently in the final phases of security audits to prepare QRL 2.0 (Project Zond) for release. To date, 50% of these rigorous audits are fully complete and remediated.

Below, we look back at the eight-year foundation that made this possible, take a deep dive into the next-generation architecture of QRL 2.0, and map out the road to mainnet.

Table of Contents

2018: Built Quantum-Resistant from Genesis

While most blockchains launched and operated with no plans to address the quantum threat, the QRL mainnet went live with the Extended Merkle Signature Scheme (XMSS) as its core post-quantum secure signature algorithm to sign transactions rather than the commonly used post-quantum vulnerable Elliptic Curve Cryptography (ECC).

That foundational commitment was validated early on. QRL 1.x underwent independent security audits by Red4Sec and X41 D-Sec, making QRL among the earliest public blockchain networks to undergo a formal third-party security review at launch.

2018–2026: Eight Years of Continuous Operation

Since the June 2018 mainnet launch, QRL 1.x has delivered continuous, exception-free operation. Just a network doing exactly what it was designed to do, block after block, year after year.

That consistency is itself a security statement. A blockchain that has operated without interruption for eight years, built on a post-quantum cryptographic foundation, with multiple independent audits on record, is a network that has been tested by time, not just by code review.

Ecosystem Expansion and Prevailing Research

QRL’s ecosystem began with a comparatively complete 2018 launch stack: desktop wallets, a web wallet, block explorer, API/documentation, Quantum Resistant Tokens, third-party audits, and a flexible address format.

Over the following years, that base expanded into mobile wallets, Ledger hardware wallet support, offline wallet generation, qrl-cli tooling, notarisation, Keybase integration, and multisignature capabilities.

By 2022–2023, QRL’s research emphasis had moved deeper into post-quantum cryptographic infrastructure. In partnership with Geometry Labs, lattice-algebra was released, an open-source Python library for lattice-based post-quantum cryptography, along with a multipart “efficient post-quantum finance” series covering lattice signatures, signature aggregation, adaptor signatures, payment channels, atomic swaps, and blockchain storage-reduction approaches (Secure fountation Architecture).

Later-period research included Fusion signatures, developed by Geometry Labs with QRL Foundation grant funding, which is a highly aggregatable, lattice-based, post-quantum one-time signature scheme with potential applications in large-scale authentication, multisignature wallets, and governance.

Signing off on Signature Algorithms

The XMSS-based architecture that made the QRL address space post-quantum safe was never the flashiest design choice. Hash-based signatures carry trade-offs: larger signature sizes, stateful key management, and constraints that make certain optimizations harder.

We accepted those trade-offs deliberately, because the alternative - building on cryptography that a quantum computer could eventually unravel - was not a trade-off we were willing to make. This has paid off by allowing QRL 1.x to operate as a blockchain with zero value-at-risk to a sufficiently powerful enough quantum computer, something unique in the industry, and will follow us into the release of QRL 2.0.

In XMSS’s favour is it’s well understood and provably secure. As of our 2018 mainnet release, XMSS was in the final stages of being specified by the IETF (May 2018, RFC-8391). Shortly after that, the National Institute of Standards and Technology (NIST) shortlisted XMSS/LMS for approval, which later became NIST SP-800-208. It was, and remains, part of what makes QRL truly visionary, but not reckless in the process.

Another trade-off at the time is there weren’t any signatures suitable to release a Proof-of-Stake network, something we wanted and had tried to make work with a network of in 2017, but ultimately conceded to Proof-of-Work, which provided a higher degree of confidence. The signature algorithm we know today used in the QRL 2.0 Proof-of-Stake consensus layer, ML-DSA, was still known as Dilithium and needed time to prove themselves through a lengthy multi-year peer-review process lead by NIST. In 2017, that process was started, NIST put out a call to action, and of the 82 algorithms were submitted to NIST, 69 met the minimum specifications. It wasn’t until six years after the release of QRL 1.x mainnet (in 2022), that we started having a good idea of the handful of algorithms which would be later standardized in 2024.

2022–2026: Building for the Next Era

By 2022, the QRL team had begun serious work on what would become QRL 2.0 (Codenamed Project Zond), with a public devnet pre-release that year. The vision: a Proof-of-Stake Layer 1 blockchain that preserved the quantum-resistant foundations of QRL 1.x while meeting developers where they already are, inside the Ethereum ecosystem.

The development arc that followed was deliberate and public:

• 2022: Public devnet pre-release
• 2024: Beta testnet
• Q1, 2025: Testnet V1
• Q1, 2026: Testnet V2

QRL 2.0 represents the most significant milestone in QRL’s history since the original mainnet. It introduces two core components that define the QRL 2.0 developer experience:

• Hyperion is QRL’s post-quantum smart contract language, derived from Solidity. Because most valid Solidity code is also valid Hyperion, the barrier to entry for Ethereum developers is intentionally low. Hyperion adds post-quantum cryptographic primitives on top of a familiar foundation rather than asking developers to learn an entirely new paradigm.
• The Quantum Resistant Virtual Machine (QRVM) is QRL’s EVM-friendly execution environment, forked from the Ethereum Virtual Machine. It runs Hyperion contracts and is designed so that existing Ethereum tooling requires only minimal modification to work within the QRL 2.0 ecosystem.

The consensus layer has been modernized as well. QRL 2.0 operates on Proof-of-Stake, moving beyond the Proof-of-Work model of QRL 1.x while maintaining the post-quantum signature infrastructure that defines the network’s security. The signature scheme at the heart of QRL 2.0 is ML-DSA-87 (formerly Dilithium 5), a NIST-standardized post-quantum algorithm, integrated across the full stack, including go-qrllib, go-zond, Qrysm, and the deposit contracts.

The Urgency: The Quantum Threat Is No Longer Theoretical

The reason QRL 2.0’s development has accelerated in urgency is not internal ambition.

A few data points that tell the story:

• Google’s Willow processor, announced in December 2024, demonstrated below-threshold quantum error correction, a critical engineering milestone on the path toward a cryptographically relevant quantum computer.
• IonQ’s published roadmap projects a CRQC as early as 2028.
• A Google research paper published March 30, 2026 warned explicitly that cryptographic migrations need to begin without delay, and specifically highlighted QRL as a presently post-quantum secure blockchain.
• Asset managers including BlackRock have flagged quantum computing as a material security risk to Bitcoin and, by extension, to the broader digital asset ecosystem.
• NIST completed its post-quantum cryptography standardization process, formalizing ML-DSA (Dilithium), SLH-DSA (SPHINCS+), and related schemes as the new baseline for cryptographic security. QRL 2.0 is built on these standards.

Right now, there’s a broad quantum-security total addressable market (TAM) of more than $2 trillion in digital assets; a direct Ethereum/EVM smart-contract opportunity of roughly $300 billion-plus, based on Ethereum’s base asset market value and Ethereum-resident stablecoin supply; and high-value application segments including more than $300 billion in stablecoins, over $50 billion in major EVM DeFi TVL, and a tokenized real-world asset market already measured in the tens of billions.

This represents both an unprecedented vulnerability and a massive opportunity. QRL 2.0 is uniquely positioned to capture this value safely, avoiding the existential value-at-risk faced by legacy chains attempting upgrades.

What’s Next: Audits, QRL 2.0 launch, and Ecosystem Onboarding

Early this year in Q1 2026, the QRL 2.0 testnet was launched, and formal, comprehensive third-party audits began with industry leaders.

We are entering the home stretch of this rigorous audit process with 50% of the audits fully completed, including all necessary remediation.

Though urgent, the QRL 2.0 launch remains contingent on the successful completion of the full audit process. Eight years of this project have been defined by a refusal to ship security shortcuts, and that standard isn’t changing at the finish line.

Note: Progress percentages are estimates based on our current audit pipeline. Because security takes precedence over strict timelines, these figures may adjust dynamically as we complete final reviews and remediation.

Eight Years

In 2018, building a quantum-resistant blockchain from genesis was a bet on a future most people weren’t ready to think about seriously.

In 2026, with NIST standards finalized, Google research papers citing QRL by name, and the quantum computing timeline measured in years rather than decades, that bet is paying off, not because we were lucky, but because the threat was always real, and we always treated it that way.

The anniversary isn’t really about looking back. It’s about being in the right position, at the right moment, with eight years of proven infrastructure behind us and a fully post-quantum, EVM-friendly release in front of us.

We’ll see you at the finish line.