Wallet Scanning
The QuantumSafe wallet scanner analyzes any blockchain address across 19 supported chains and produces two scores: an Address Risk Score and a Chain Readiness Grade.
QuantumSafe is built on current NIST-standardized algorithms and does not guarantee absolute security. This is a quantum-readiness tool, not a quantum-proof solution.
Supported Chains
| Category | Chain | Chain ID | Signature Scheme | Readiness Grade |
|---|
| Major | Ethereum | ethereum | ECDSA (secp256k1) | D |
| Major | Bitcoin | bitcoin | ECDSA (secp256k1) | D |
| Major | Solana | solana | EdDSA (Ed25519) | F |
| EVM L1 | BSC | bsc | ECDSA (secp256k1) | D |
| EVM L1 | Avalanche | avalanche | ECDSA (secp256k1) | D |
| EVM L1 | Gnosis | gnosis | ECDSA (secp256k1) | D |
| EVM L1 | Celo | celo | ECDSA (secp256k1) | D |
| EVM L2 | Base | base | ECDSA (secp256k1) | D |
| EVM L2 | Arbitrum | arbitrum | ECDSA (secp256k1) | D |
| EVM L2 | Optimism | optimism | ECDSA (secp256k1) | D |
| EVM L2 | Mantle | mantle | ECDSA (secp256k1) | D |
| EVM L2 | Blast | blast | ECDSA (secp256k1) | D |
| EVM L2 | Sonic | sonic | ECDSA (secp256k1) | D |
| EVM L2 | Linea | linea | ECDSA (secp256k1) | D |
| EVM L2 | Scroll | scroll | ECDSA (secp256k1) | D |
| EVM L2 ZK | Polygon | polygon | ECDSA (secp256k1) | D |
| EVM L2 ZK | zkSync | zksync | ECDSA (secp256k1) | C |
| Non-EVM | Cosmos | cosmos | Secp256k1 / Ed25519 | D |
| Non-EVM | Tron | tron | ECDSA (secp256k1) | D |
Sonic was previously known as Fantom. The chain rebranded in late 2024. Use sonic as the chain identifier.
0x-prefixed EVM addresses:
| Chain | Format | Example | Validation |
|---|
| Solana | Base58 (32-44 chars) | 9WzDXwBbmkg8ZTbNMqUxvQRAyrZzDsGYdLVL9zYtAWWM | Base58 alphabet, 32-44 characters |
| Bitcoin | Legacy (1), P2SH (3), Bech32 (bc1) | bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh | Prefix + checksum validation |
| Cosmos | Bech32 (cosmos1) | cosmos1xy2kgdygjrsqtzq2n0yrf2493p83kkfj6mvnqd | cosmos1 prefix + bech32 checksum |
| Tron | Base58Check (T prefix) | TJCnKsPa7y5okkXvQAidZBzqx3QyQ6sxMW | T prefix + base58check |
How It Works
When you scan a wallet address, QuantumSafe:
- Resolves the chain and address type
- Checks public key exposure (has the address sent transactions?)
- Evaluates the balance and transaction patterns
- Assesses the chain’s PQC migration readiness
- Returns a composite risk score
// EVM chain scan
const scan = await qs.scan.wallet({
address: "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18",
chain: "ethereum",
});
console.log("Risk Score:", scan.riskScore); // "W3"
console.log("Risk Label:", scan.riskLabel); // "High"
console.log("Chain Grade:", scan.chainGrade); // "D"
// Solana scan
const solScan = await qs.scan.wallet({
address: "9WzDXwBbmkg8ZTbNMqUxvQRAyrZzDsGYdLVL9zYtAWWM",
chain: "solana",
});
// Bitcoin scan
const btcScan = await qs.scan.wallet({
address: "bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh",
chain: "bitcoin",
});
Address Risk Score (W1-W4)
The risk score reflects how vulnerable the specific address is to quantum attack:
| Score | Label | Description |
|---|
| W1 | Low | No public key exposure. Funds in hash-protected addresses. |
| W2 | Medium | Limited public key exposure. Low balance or recent activity. |
| W3 | High | Public key exposed via transactions. Significant balance at risk. |
| W4 | Critical | Public key fully exposed. High-value address. Immediate action recommended. |
Risk Factors
The scanner evaluates these factors:
- Public key exposure — Has the address broadcast transactions that reveal its public key?
- Balance at risk — How much value is held by the address?
- Transaction frequency — Higher activity = more exposure points
- Address type — Some address formats (P2PKH, P2TR) offer better hash protection
- Re-use patterns — Address reuse increases exposure
Solana Special Case
On Solana, the wallet address is the public key (base58-encoded Ed25519 public key). This means:
- W1 is always scored as 40 (public key is inherently exposed by design)
- Every Solana address has its public key exposed by default
- The risk score is primarily driven by balance and transaction activity
Solana addresses are always more exposed than EVM addresses that have never sent a transaction, because the Solana address format directly encodes the public key.
Bitcoin Special Case
Bitcoin uses the UTXO (Unspent Transaction Output) model, which affects scanning:
- Unused addresses (no outbound transactions) are safe — public key is hash-protected
- Spent UTXOs expose the public key, but if funds were moved to a new address, they are safe
- P2TR (Taproot) addresses provide the best hash protection among Bitcoin address types
- The scanner evaluates each UTXO individually for exposure
Chain Readiness Grade
The chain-level grade reflects how prepared the blockchain itself is for PQC migration:
| Grade | Description |
|---|
| A | Active PQC migration plan. Testnet implementations exist. |
| B | PQC research acknowledged. Proposals or EIPs in progress. |
| C | No official PQC plan. Community discussion only. |
| D | No PQC activity. Vulnerable signature scheme with no migration path. |
| F | Public key inherently exposed by address format. No PQC plan. |
Chain grades are updated monthly based on protocol development activity. See the Scoring Methodology for full details. Scanning with Publishable Keys
Wallet scanning is the only endpoint accessible with Publishable (qs_pub_) keys, making it safe to call from frontend applications:
// Frontend-safe
const qs = new QuantumSafe({
apiKey: "qs_pub_live_pk_abc123...",
});
const scan = await qs.scan.wallet({
address: "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18",
});
Next Steps
