Identity that outlives
the quantum computer.
One 32-byte seed becomes a complete post-quantum identity: keys, addresses, spends, login, recovery, and encryption. Pure JavaScript. Zero runtime dependencies. Byte-exact to the BTX chain, verified against a live node.
import { createIdentity, randomSeed } from 'qid';
const id = createIdentity(randomSeed());
id.btxAddress // btx1z… — receives value on-chain
id.identityRoot // stable root — survives key rotation
id.login // ML-DSA-44 — signs spends & logins
id.recovery // SLH-DSA-128s — cold, hash-based
id.attestation // root-signed, canonical bytes (v3)
Two layers. One seed.
qID pairs a hash-based cold root with a fast lattice hot key — the most conservative cryptographic assumption anchors the identity, the fast one carries the daily load. The money core is byte-exact to BTX; the identity layer works anywhere, with or without a chain.
The money core BTX-exact
Everything a self-custodial post-quantum wallet needs, reproducing the node's own bytes.
- ML-DSA-44 login key + SLH-DSA-128s recovery root, derived on BTX's m/87′ path
- P2MR (pay-to-Merkle-root) addresses — bech32m, witness v2, network-strict decoding
- Multi-input spend builder: coin selection, node-exact PQ fees, change, max-fee clamp
- Sighash commits to every input and output — a lying explorer can't redirect value
- Recovery-leaf rescue path, era-aware (legacy pre-C-002, FIPS-205 today)
The identity layer chain-agnostic
A cold root that vouches for hot keys — CA-style, self-custodial, no third party in the trust path.
- Login with qID: origin-bound, replay-proof challenge signing (WebAuthn-style)
- Key rotation with monotonic serials + root-signed revocation floors
- Hybrid encryption: ML-KEM-768 + X25519 — secure if either primitive holds
- Canonical signing preimages — no JSON in anything signed, ever
- Relying-party verifier with pluggable storage, safe on any backend
Built adversarial-first.
qID has been through repeated adversarial audit rounds, and the important properties aren't asserted — they're machine-checked on every commit.
Negative-space tests
Tests that break on backdoor classes: hedged signatures must differ, a one-satoshi mutation must change every sighash, and the bundle must contain zero Math.random.
Reproducible, pinned, provable
The shipped bundle rebuilds byte-identical from source in CI, and every release publishes its sha256 ↔ commit pair so vendors verify what they pin.
Total-contract verifiers
Attestation, revocation, and login verification never throw on attacker-shaped input — property-based fuzzing holds them to it.
Fail-closed everywhere
Wrong network? Throws. Truncated seed? Throws. Swapped keys that would mint an unspendable address? Throws. Silent wrong answers are treated as the worst bug class.
Zero runtime dependencies
Audited noble/scure cryptography, pinned exactly and bundled. The page you're reading follows the same rule: no third-party requests.
Responsible disclosure
A real security policy with response targets — report privately via GitHub security advisories.
Made to be reimplemented.
A protocol is only a standard when a second implementation agrees on every byte. qID ships the artifacts that make that checkable.
Canonical byte layouts
Everything signed off-chain — attestations, login challenges, revocations — signs an explicit, versioned byte layout. A Rust or Swift implementation produces identical signatures or fails loudly.
Language-neutral vectors
One JSON file: seed → keys → addresses → sighashes → signing preimages. Reproduce every value byte-for-byte, or the implementation is wrong. Point your CI at it.
The written convention
The full identity convention — derivation paths, attestation format, login protocol, revocation — as a versioned spec, developed in review with the BTX core team.
Three integrations, one frozen core.
Every consumer pins a byte-frozen, hash-verified snapshot and re-vendors deliberately. No CDN, no floating versions, no surprises.
Self-custodial desktop wallet. Sends real value on BTX mainnet through qID's spend core, pinned in CI by sha256.
The BTX miner. Sweeps mined coins to cold storage with qID's sweep builder.
Multi-chain mobile app. BTX wallet built on qID with hardware-accelerated key generation — a 4-minute operation brought to a quarter second, byte-identical.