Scoring Methodology
QuantumSafe’s wallet scanner produces two scores: an Address Risk Score (W1-W4) and a Chain Readiness Grade (A-F).
Address Risk Score (W1-W4)
The risk score is a weighted composite of five factors, producing a numeric score from 0-100 that maps to a category:
Grade Boundaries
| Score | Range | Label | Action |
|---|
| W1 | 0-25 | Low | Monitor periodically |
| W2 | 26-50 | Medium | Consider PQC key generation |
| W3 | 51-75 | High | Generate PQC keys and create attestations |
| W4 | 76-100 | Critical | Immediate PQC migration recommended |
Weight Table
| Factor | Weight | Description | Scoring |
|---|
| Public key exposure | 0.35 | Has the public key been revealed on-chain? | 0 = never exposed, 100 = exposed in many txs |
| Balance at risk | 0.25 | Value held in the address | 0 = empty, scaled logarithmically by USD value |
| Transaction frequency | 0.15 | How often the address transacts | 0 = dormant, 100 = daily transactions |
| Address type | 0.15 | Hash protection of the address format | 0 = hash-protected (P2SH), 100 = raw pubkey (P2PK) |
| Address reuse | 0.10 | Whether the address is reused across transactions | 0 = single use, 100 = heavily reused |
Chain-Specific W1 Differences
The W1 (public key exposure) factor is scored differently depending on the chain:
| Chain | W1 Behavior | Reason |
|---|
| EVM chains | 0 if never sent tx, 80+ if sent | Public key recoverable from ECDSA signature |
| Solana | Always 40 minimum | Address = public key (Ed25519). Exposure is inherent. |
| Bitcoin | 0 for unspent UTXOs, 80+ for spent | UTXO model: unused addresses are hash-protected |
| Cosmos | 0 if never sent tx, 80+ if sent | Similar to EVM — pubkey revealed on first tx |
| Tron | 0 if never sent tx, 80+ if sent | Similar to EVM — ECDSA signature reveals pubkey |
Solana special case: Because the Solana address is literally the Ed25519 public key, the minimum W1 score for any Solana address is 40. This means even a brand-new Solana wallet with no transactions has some baseline quantum exposure.
Bitcoin special case: The UTXO model means that addresses with only received (unspent) UTXOs have their public key fully hash-protected. Once a UTXO is spent, the public key is revealed for that specific output. If funds were moved to a fresh address, the new address is safe.
Composite Calculation
risk_value = (pubkey_exposure × 0.35) +
(balance_risk × 0.25) +
(tx_frequency × 0.15) +
(address_type × 0.15) +
(address_reuse × 0.10)
Factor Details
Public Key Exposure
Balance at Risk
Transaction Frequency
Address Type
Address Reuse
The most heavily weighted factor. A public key is considered “exposed” when:
- The address has sent at least one transaction (public key recoverable from signature)
- The address uses a non-hashed format (e.g., P2PK in Bitcoin)
- The public key appears in contract events or calldata
- Solana: The address itself is the public key (always partially exposed)
Scoring: Binary for basic exposure (0 or 80), scaled up to 100 based on number of exposing transactions. Solana baseline is 40. Measures the value that could be stolen if the private key were compromised:
- Native token balance
- Major ERC-20/SPL token balances (top 100 by market cap)
- NFT floor values (estimated)
Scoring: Logarithmic scale. 0=0,1K = 30, 10K=50,100K = 70, 1M=85,10M+ = 100. Higher transaction frequency means more public key exposure events:Scoring: 0 txs = 0, 1-10 txs = 20, 11-50 txs = 40, 51-200 txs = 60, 201-1000 txs = 80, 1000+ txs = 100.
Different address formats provide different levels of hash protection:| Format | Chain | Score | Reason |
|---|
| P2PKH (legacy) | Bitcoin | 40 | Hash-protected until first spend |
| P2SH | Bitcoin | 30 | Script hash protection |
| P2WPKH (bech32) | Bitcoin | 35 | Witness hash protection |
| P2TR (taproot) | Bitcoin | 25 | Tweaked key hash protection |
| EOA | EVM chains | 50 | Keccak hash of pubkey, exposed on first tx |
| Contract | EVM chains | 10 | No direct private key exposure |
| Base58 address | Solana | 70 | Address = public key, always exposed |
| Bech32 | Cosmos | 45 | Hash-protected until first tx |
| Base58Check | Tron | 50 | Similar to EVM EOA |
Address reuse amplifies exposure:
- Single transaction: 10
- 2-5 transactions: 30
- 6-20 transactions: 60
- 20+ transactions from same address: 85-100
Chain Readiness Grade (A-F)
The chain-level grade reflects the blockchain protocol’s preparedness for PQC migration:
| Grade | Criteria |
|---|
| A | Active PQC migration plan. Testnet implementations or approved proposals. |
| B | PQC research acknowledged. Formal proposals or EIPs in progress. |
| C | No official PQC plan. Community discussion exists. |
| D | No PQC activity. Vulnerable signature scheme with no migration path. |
| F | Public key inherently exposed by address format. No PQC plan. Worst case. |
All 19 Chains — Readiness Grades
| Chain | Grade | Rationale |
|---|
| Ethereum | D | No official PQC plan; EIP discussions on account abstraction |
| Bitcoin | D | No official PQC plan; BIP discussions exist |
| Solana | F | Address = public key. No hash protection. No PQC plan. |
| Base | D | Inherits Ethereum’s lack of PQC plan |
| Arbitrum | D | Inherits Ethereum’s lack of PQC plan |
| Optimism | D | Inherits Ethereum’s lack of PQC plan |
| Polygon | D | No PQC-specific proposals |
| zkSync | C | ZK-proof research overlaps with PQC; community activity |
| Linea | D | No PQC plan |
| Scroll | D | No PQC plan |
| Gnosis | D | No PQC plan |
| Celo | D | No PQC plan |
| Mantle | D | No PQC plan |
| Blast | D | No PQC plan |
| Sonic | D | No PQC plan |
| BSC | D | No PQC plan |
| Avalanche | D | No PQC plan |
| Cosmos | D | No PQC plan |
| Tron | D | No PQC plan |
Chain Factors Evaluated
- PQC migration plan: Does the chain have an official roadmap?
- Signature scheme: What algorithm does the chain use? (ECDSA, EdDSA, etc.)
- Community activity: Are there active proposals, EIPs, BIPs, or research groups?
- Governance speed: How quickly can the chain adopt protocol changes?
- Address format exposure: Does the address format inherently expose the public key?
Chain grades are updated monthly. The QuantumSafe team monitors protocol governance forums, research publications, and testnet activity across all supported chains.
False Positive Expectations
The scanner is designed to be conservative (err toward higher risk):
| Scenario | Expected Behavior |
|---|
| Address has sent 1 transaction | W2 minimum (public key exposed) |
| High-value cold storage, never transacted | W1 (no exposure) |
| Active DeFi wallet | W3-W4 (frequent exposure + value) |
| Contract address | W1 (no private key exposure) |
| Solana address, no transactions | W2 (address = pubkey, baseline exposure) |
| Bitcoin UTXO, never spent | W1 (hash-protected) |
A W3 or W4 score does not mean your funds are in immediate danger. It means the address has characteristics that increase future quantum risk. The urgency depends on your risk tolerance and the quantum computing timeline.
