QuantumScan — Post-Quantum Cryptography Scanner for Substrate/Polkadot

[gaiabio12-design]

TL;DR

QuantumScan is a live, open-source PQC scanner (MIT) that detects quantum-vulnerable cryptographic patterns across 15+ languages. We're requesting Level 2 funding to build Substrate/Polkadot-specific deep detection and migration tooling.

Live product: https://quantumscan.io
Scanner CLI: https://github.com/quantumscan-io/scanner-core
223 scans completed since January 2026, zero external funding.

Key facts

• Detects sr25519, ed25519-dalek, x25519-dalek, sp-core patterns (already implemented)
• Privacy-first: code never leaves developer environment, only findings reach backend
• No existing open-source tool audits Substrate codebases at code level for quantum exposure
• Commercial alternatives cost $50,000+/year

Deliverables summary

Milestone 1 (2 months, $15k): Substrate deep pattern expansion — BABE/GRANDPA key detection, pallet scanner, XCM signing audit, ink! smart contract scanner, cargo quantumscan plugin

Milestone 2 (2 months, $15k): PQC migration tooling — per-finding migration guides (sr25519 → ML-DSA-65), CBOM per pallet, Substrate GitHub Action template, public Polkadot ecosystem dashboard at quantumscan.io/polkadot

[gaiabio12-design]

I have read the CLA Document and I hereby sign the CLA.

[gaiabio12-design]

I have read and hereby sign the Contributor License Agreement.

[gaiabio12-design]

Closing this Level 2 application in favor of a more focused Level 1 submission. After reviewing the W3F grant guidelines and ecosystem feedback, we believe a Level 1 proposal better matches our current stage — solo founder, first W3F grant, existing product already proving the concept. A Level 1 PR will follow shortly with a tighter scope and the same technical rigor. Thank you for your patience.