Security Documentation

Security Architecture

Five-layer security model protecting QuantumDEX — from quantum-safe cryptography to AI agent prompt injection defence.

Audit Score 96.2 / 100Tests 1,827+ passingCrypto ML-DSA-65 FIPS 204

Security Overview

96.2/100 Self-Audit Score

Internal self-audit engine (running air-gapped on localhost) validates code quality, test coverage, dharmic compliance, and architecture integrity.

1,827+ Passing Tests

Hardhat Solidity tests + Vitest TypeScript tests. Zero failures across all LAYER_3_DEFI_SUITE components as of April 2026.

External Audit Planned

Third-party security audit targeting bridge contracts (highest risk surface). Scheduled post-testnet launch, Q3 2026.

Layer 1 — Reentrancy Protection

All state-changing entry points are protected against reentrancy attacks:

  • QuantumRouter: 8× nonReentrant modifier on all swap/liquidity entry points
  • QuantumPair.swap(): Custom lock modifier preventing flash loan reentrancy
  • QuantumFlashLoan: ReentrancyGuard + _flashLoanInProgress state flag
  • FlashLoanArbitrage: nonReentrant on executeArbitrage()
DEX-03 Fixed: All QuantumRouter entry points confirmed protected in the April 2026 security sprint.

Layer 2 — Oracle Security

QuantumDEX uses TWAP (Time-Weighted Average Price) oracles rather than spot price feeds to prevent manipulation:

  • QuantumPerps mark price sourced from IQuantumTWAPOracle.getMarkPrice() — TWAP, not spot
  • QuantumPair._update() accumulates cumulative prices for on-chain TWAP calculation
  • KarmaOracle calls wrapped in try/catch — precompile failure degrades gracefully rather than blocking swaps

Layer 3 — Post-Quantum Cryptography

QuantumDEX is the only DEX built on a chain with quantum-safe signatures from genesis:

ComponentAlgorithmKey SizeStandard
ThiChain L1 transactionsML-DSA-65 (Dilithium3)SK: 4,032 bytes / Sig: 3,309 bytesNIST FIPS 204
Bridge cross-chain proofsML-DSA-65 via @noble/post-quantum3,309-byte signaturesNIST FIPS 204
ECDSA comparisonsecp256k1 (legacy)65-byte signaturesVulnerable to quantum Shor's algorithm
Signature Overhead: ML-DSA-65 signatures are ~50× larger than ECDSA. This is accounted for in ThiChain's block size (MAX_BLOCK_SIZE: 4MB, MAX_TRANSACTIONS_PER_BLOCK: 500).

Layer 4 — Dharmic Validation Gates

The Dharmic Validator precompile (0x0423) enforces ethical constraints at the contract level:

  • Ahimsa gate: MAX_LIQUIDATION_BPS = 5000 — liquidations capped at 50% to prevent total destruction of counterparty position
  • Satya gate: Flash loan fees enforce MIN_FEE_BPS floor — preventing zero-cost predatory loops
  • Asteya gate: Commit-reveal arbitrage uses 2-block REVEAL_DELAY preventing front-running by the protocol itself
  • Aparigraha gate: Governor proposals require 48h timelock before execution

Layer 5 — AI Agent Security

The QAL Fundraising Agent and AI sales systems include additional defences against LLM-specific attacks:

  • detectPromptInjection() — scans for Thai and English injection patterns
  • containsSensitiveOutput() — blocks accidental key/secret leakage in AI responses
  • 2,000-character input limit on all AI-processed user inputs
  • Immutable audit log: every AI decision is TX-logged on ThiChain with Satya score

Responsible Disclosure

If you discover a security vulnerability in QuantumDEX smart contracts, ThiChain RPC endpoints, or related infrastructure, please do not disclose it publicly before contacting us.

Disclosure Process
  1. Email security@qubismic.io with a detailed description
  2. We will acknowledge receipt within 48 hours
  3. We will provide a remediation timeline within 7 days
  4. Eligible disclosures are rewarded via our Bug Bounty programme