Pure PoS smart-contract platform
Algorand ALGO
Algorand scores 33/100 (Stage 3 – Migration Live). The project has demonstrated genuine leadership in blockchain post-quantum security with two major deployed achievements: (1) Falcon-signed State Proofs protecting chain history since 2022, and (2) optional Falcon-based spend authorization via LogicSig on mainnet since November 2025. However, three quantum-critical blockers cap the score at 60: the consensus layer (Ed25519 block proposals, ECVRF sortition) is entirely quantum-vulnerable with no deployed replacement; default spend authorization remains Ed25519 for >99% of circulating value; and no enforcement, deprecation, or mandatory migration mechanism exists. The project has a clear public roadmap and strong cryptographic talent (Chris Peikert as CSO, co-author of the GPV framework underlying Falcon), but the gap between what is technically possible (Falcon accounts via CLI) and what is practically protected (nearly all value still in Ed25519) is vast. The score reflects meaningful production protection in the state-integrity layer, optional spend-authorization capability, and strong algorithm selection, offset by critical consensus vulnerability and negligible migration coverage.
Partial Protection
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
9 / 20
Migration Mechanism, Governance & Ecosystem Coordination
4 / 15
Migration Status & Value-at-Risk
2 / 25
Production Cryptographic Protection
13 / 35
Security Assessment & Evidence Preparedness
5 / 5
Critical Quantum Blockers
- Consensus-critical authentication (block proposals, committee voting, and VRF-based sortition) relies entirely on classical Ed25519 signatures and ECVRF, both vulnerable to Shor's algorithm. A quantum-capable adversary could predict committee membership, forge block proposals, and disrupt or manipulate consensus. This triggers the QRI Readiness & Risk Cap of 70.
- Default spend authorization remains Ed25519-only. The Falcon PQ path is opt-in via LogicSig and not enforced, mandatory, or default for any user class. Users can still create new quantum-vulnerable high-value accounts by default. This triggers the QRI Readiness & Risk Cap of 60.
- Over 99% of circulating ALGO (~8.9B) is held in Ed25519 accounts. No protocol-level deprecation, freeze, burn, or mandatory migration mechanism exists for legacy vulnerable accounts. No enforcement timeline has been published.
Key Risks
- Consensus compromise: A quantum adversary capable of breaking Ed25519 and ECVRF could predict Algorand's sortition-based committee selection, enabling targeted attacks on block proposers and voters, potentially halting or manipulating consensus. The Falcon-signed State Proofs would detect but not prevent such manipulation.
- Massive long-exposure value-at-risk: ~8.9B ALGO circulating supply (plus all staked ALGO, TVL in DeFi, and stablecoin collateral) is held in Ed25519 accounts with public keys exposed on-chain. These keys could be harvested now and broken later ('harvest now, decrypt later'), with no protocol-level mechanism to force migration.
- Dormant and unmigratable accounts: Algorand has no published policy for handling lost, abandoned, or unresponsive Ed25519 accounts. These represent permanent quantum-vulnerable value that cannot be protected without a protocol-level freeze, burn, or deprecation mechanism.
- Migration path fragility: The Falcon account abstraction requires a 4-transaction group, CLI expertise, and lacks feature parity with native Ed25519 accounts (no multisig, no delegated LSig). This dramatically limits practical migration until native Falcon accounts or protocol upgrades reduce friction.
- No independent audit of Falcon integration: While Falcon is NIST-standardized and the reference implementation is well-regarded, the Algorand-specific integration (falcon_verify opcode, LogicSig account derivation, off-curve address construction) has no publicly documented third-party cryptographic audit.
- PQ-VRF research gap: Replacing ECVRF with a post-quantum VRF is acknowledged as 'active research' with no committed algorithm, testnet, or timeline. The 2021 LB-VRF proposal is few-time with significant communication overhead. Newer proposals (iVRF, X-VRF, hash-based VRF) remain academic and unadopted.
- Ecosystem coordination gap: No major exchange, custody provider, or wallet (beyond experimental Lute Wallet) supports Falcon accounts. The primary wallet (Pera) has no Falcon support. This means even technically capable users cannot practically secure their assets through the existing PQ path within standard operational workflows.
Assurance Notes
- No independent cryptographic audit of the Falcon integration (falcon_verify opcode, LogicSig PQ path, State Proofs implementation) has been identified. The Falcon algorithm itself has undergone NIST standardization review, and the reference implementation credits respected cryptographers (Thomas Pornin for core C code, Chris Peikert and David Lazar for deterministic mode), but the protocol-specific integration lacks a publicly documented third-party audit.
- Falcon's formal security proof was recently established (Eurocrypt 2026, IBM Research). Ongoing cryptanalytic work (ePrint 2026/096) continues to refine concrete security bounds. While Falcon is NIST-standardized, its security analysis is less mature than Ed25519's decades-long track record.
- Falcon account adoption rate and value-at-risk migration coverage are not publicly reported by Algorand Foundation. The Q1 2026 Transparency Report mentions Falcon React Native package development but provides no adoption metrics.
- Consensus-layer PQ-VRF replacement remains in the research phase with no finalized algorithm choice or public timeline as of the evaluation date.
- No major exchange, custody provider, or wallet (beyond experimental Lute Wallet) has announced production Falcon account support. Pera Wallet, the primary Algorand wallet, does not support Falcon accounts.
Non-Scoring Caveats
- The Falcon implementation credits respected cryptographers and uses deterministic signing with constant-time practices, but no independent audit of the protocol-specific integration has been published. This affects Confidence, not the QRI Score, because the quantum-critical properties are verifiable from open-source code and mainnet State Proof evidence.
- The Algorand Foundation's May 2026 'Algorand Post-Quantum Ledger' article carries a disclaimer that features described 'may be conceptual, under evaluation, unimplemented, or subject to further research' and that 'no assurance is given that any particular approach, feature, or migration path will be adopted, available, or effective in all circumstances.'
- Long-dormant Ed25519 accounts with historically exposed public keys represent permanent quantum-vulnerable value. No salvage, freeze, deprecation, or burn policy has been published.
- Future PQ-to-PQ upgrade uncertainty (e.g., eventual migration from Falcon-LSig account abstraction to native Falcon accounts) is a roadmap item, not a current quantum-readiness deduction.
- Missing exchange and custody migration attestations are noted as an ecosystem coordination gap rather than a protocol-level quantum-critical vulnerability, because the native protocol makes Falcon-based custody technically possible.
- Falcon account UX friction (4-transaction group requirement, no feature parity with native Ed25519) is an operational/product caveat that limits adoption but does not create a new quantum-vulnerable path.
- Performance and throughput impact of a future PQ-VRF consensus upgrade is estimated at 1.14x-3.4x reduction per 2021 academic research, but this is a future roadmap concern, not a current production vulnerability.
- No formal quantum-specific incident-response playbook has been published, though general governance and security contact processes exist.
Evidence record
Claims and Caveats
Security Assessment & Evidence Preparedness
Public cryptographic inventory of critical public-key mechanisms and public quantum threat model
Claim: Algorand has published a comprehensive cryptographic inventory identifying Ed25519 signatures, ECVRF, and their exposure across spend authorization, consensus, and state layers. The three-part roadmap (secure the past, present, future) explicitly acknowledges quantum vulnerability of consensus and default accounts.
Coverage basis: Public documentation and official blog posts
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Algorand's cryptographic inventory is unusually thorough for the blockchain space. Google Quantum AI's March 2026 whitepaper cited Algorand 32 times as a leading example of PQC deployment. The Foundation's public communications are transparent about what is and is not protected.
Security Assessment & Evidence Preparedness
Public evidence record supporting the assessment
Claim: Algorand provides source code (go-algorand, falcon-signatures CLI), mainnet transaction proof (first Falcon tx Nov 3, 2025), State Proof transaction counts (140K+), developer documentation, and reproducible tooling.
Coverage basis: Open-source code, mainnet transactions, developer portal
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
The falcon-signatures CLI (AGPL-3.0, 5 releases, latest v1.1.2) provides a reproducible end-to-end workflow. State Proof activity is publicly measurable (140K+ transactions over 3.5 years). Mainnet transaction proof for Falcon spend authorization is verifiable on-chain.
Production Cryptographic Protection
Spend authorization / transaction signatures are PQC or hybrid-PQC on mainnet
Claim: Optional mainnet Falcon-1024 spend authorization exists via LogicSig account abstraction and the falcon_verify AVM opcode (deployed September 2024 in v4.3.0 consensus upgrade). Default spend authorization remains Ed25519. Users can create new Falcon-controlled accounts or rekey existing Ed25519 accounts to a Falcon authorizer.
Coverage basis: Optional mainnet PQ path; default remains Ed25519
Implementation score: 0.75 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Default spend authorization remains Ed25519-only. Over 99% of ALGO value-at-risk is held in Ed25519 accounts with exposed public keys. New accounts default to Ed25519 with no warning or migration prompt.
Assurance: No independent audit of the falcon_verify opcode or LogicSig-based Falcon account abstraction.
The Falcon spend authorization path is technically operational but practically limited: requires CLI expertise, 4-transaction groups, and lacks feature parity with native Ed25519 (no multisig, no delegated LSig). The Algorand Foundation describes this as 'experimental' and 'not meant to be the ultimate solution.'
Production Cryptographic Protection
Account, address, public-key exposure, and key-derivation design prevents long-exposure quantum-vulnerable ownership paths or supports PQ/hybrid controls
Claim: Falcon LSig addresses are derived off-curve to prevent accidental Ed25519 control paths. Rekeying enables migration from Ed25519 to Falcon authorizer while preserving the original account address. However, default Ed25519 accounts expose public keys on first transaction with no automatic protection.
Coverage basis: PQ controls exist but not default; long-exposure paths remain dominant
Implementation score: 0.5 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Default Ed25519 accounts expose public keys on-chain, creating long-exposure quantum-vulnerable ownership paths for the vast majority of value.
Assurance: Off-curve derivation design appears sound but has not been independently audited.
The off-curve address derivation for Falcon LSig accounts is a well-designed mitigation against accidental Ed25519 control. The rekeying mechanism is a genuine innovation for migration. However, the design does not prevent users from creating new Ed25519 accounts by default.
Production Cryptographic Protection
Consensus-critical authentication is PQC or hybrid-PQC where applicable, including validator signatures, VRFs, randomness beacons, threshold signatures, or block certificates
Claim: Algorand consensus relies on Ed25519 signatures for block proposals and committee voting, and ECVRF for cryptographic sortition. Both are vulnerable to Shor's algorithm. The project acknowledges this as the 'hardest step' and states that PQ-VRF is 'active research.' No PQ consensus mechanism is deployed or in testnet.
Coverage basis: No PQ protection for consensus
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: cap-applying
Quantum blocker: Consensus authentication (Ed25519 block proposals/votes + ECVRF sortition) is entirely quantum-vulnerable with no deployed replacement. A quantum adversary could predict committee membership, forge proposals, and disrupt or manipulate consensus. This directly triggers the QRI Readiness & Risk Cap of 70.
Assurance: Multiple academic proposals for PQ-VRF exist (LB-VRF 2021, iVRF 2023, X-VRF, hash-based VRF 2026), but none have been adopted by Algorand.
The Algorand Foundation now employs Chris Peikert (co-author of GPV framework) as Chief Scientific Officer, which may accelerate PQ-VRF research. The iVRF proposal (2023) from ACM CCS shows particular promise with 32-byte overhead and faster-than-ECVRF evaluation, but remains academic.
Production Cryptographic Protection
State-integrity and data-availability mechanisms are quantum-safe where applicable
Claim: State Proofs use Falcon-1024 signatures from stake-weighted participants every 256 rounds to create compact, PQ-secure attestations of chain state since 2022. 140K+ state proof transactions generated over 3.5 years.
Coverage basis: Mainnet PQ for history attestation; active state production depends on vulnerable consensus
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: No independent audit of the State Proof Falcon implementation identified. The SumHash512 hash function used in State Proofs is a bespoke construction (subset-sum family) with a narrower review base than SHA-2/SHA-3.
State Proofs represent genuine production PQ protection for chain history. This is a significant achievement: even if consensus is compromised by a quantum adversary, the historical ledger cannot be silently rewritten without detection. Scored at 1.0 because State Proofs are mandatory, default, and have been in production since 2022.
Production Cryptographic Protection
Privacy and proof layers are quantum-safe where applicable
Claim: Algorand does not have a native shielded transaction pool, confidential asset layer, or ZK privacy protocol.
Coverage basis: N/A - no native privacy layer
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
The absence of native privacy features is an architectural characteristic, not a security gap.
Production Cryptographic Protection
P2P transport, node identity, and peer authentication are PQC, hybrid-PQC, or satisfied by design
Claim: No evidence found regarding PQ protection for P2P transport or node identity in the evidence dossier.
Coverage basis: Unknown; likely classical
Implementation score: 0 · Evidence confidence: Low
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: P2P layer PQ status is not documented in the evidence dossier. Node identity is not consensus-critical for spend or finality on Algorand, so this may be satisfiable by design, but evidence is lacking.
P2P node identity is not consensus-critical, spend-critical, bridge-critical, or custody-critical in Algorand's architecture. While a quantum adversary could potentially impersonate nodes at the network layer, this would not directly enable theft, forgery, or consensus manipulation.
Production Cryptographic Protection
Critical wallet, custody, HSM, signer, and hardware-wallet workflows support the production PQ/hybrid path or are protected by native satisfied-by-design controls
Claim: Lute Wallet has added experimental Falcon support. The Falcon Signatures CLI provides developer tooling. No major wallet (Pera), exchange, custody provider, or HSM vendor supports Falcon accounts in production workflows.
Coverage basis: Experimental/CLI only; no production wallet or custody support
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: operational/product caveat · Score treatment: note-only
Assurance: Lute Wallet's Falcon support is described as 'experimental' and has not been independently reviewed. No HSM or hardware-wallet vendor has announced Falcon integration for Algorand.
Wallet and custody support is a practical prerequisite for migration. Without Pera Wallet, exchange, or custody support, the Falcon spend authorization path is inaccessible to virtually all users.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected from quantum key-recovery attacks across all attack windows
Claim: Falcon accounts are opt-in since Nov 2025. Adoption rate and percentage of value migrated is not publicly reported. Based on the experimental nature of the tooling, lack of wallet/exchange support, and absence of any migration campaign, coverage is conservatively estimated at negligible (<1%).
Coverage basis: Negligible migration coverage; vast majority of value quantum-vulnerable
Implementation score: 0.05 · Evidence confidence: Low
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: Over 99% of value-at-risk remains in Ed25519 accounts with exposed public keys. No protocol enforcement, deprecation, or mandatory migration mechanism exists.
Assurance: Coverage estimates are inferred from the absence of data rather than measured directly. No public dashboard tracks Falcon-migrated value.
Algorand does not publish Falcon account adoption statistics. The Q1 2026 Transparency Report mentions State Proof transactions but provides no data on Falcon account creation or migration. Coverage is conservatively estimated at <1% based on the experimental nature of the tooling.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native
Claim: No evidence that any major treasury, exchange, foundation, bridge, or protocol-controlled wallet has been migrated to Falcon. The Algorand Foundation has not announced migration of its own wallets.
Coverage basis: No critical wallet migration identified
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: No critical treasury, foundation, exchange, bridge, or protocol-controlled wallet has been publicly migrated to Falcon.
Assurance: Confidence is Medium because the absence of migration cannot be definitively proven from public data alone. However, given the high profile of such migrations and the Foundation's transparent communication, the absence of any announcement is strong negative evidence.
The Algorand Foundation holds ~19.5% of stake (~390M ALGO) and has not announced migration. Major ecosystem protocols (Tinyman, Pact, Folks Finance, Lofty) have not announced Falcon migration.
Migration Status & Value-at-Risk
Legacy vulnerable pools/accounts/UTXOs/contracts are identified, measurable, deprecated, migrated, frozen, or proven not to exist by design
Claim: Algorand has clearly identified Ed25519 accounts as the legacy vulnerable pool and documented the rekeying-based migration path. However, there is no protocol-level mechanism to deprecate, freeze, burn, or force migration of vulnerable accounts. No policy exists for handling dormant or abandoned Ed25519 accounts.
Coverage basis: Identified and measurable; no enforcement or deprecation policy
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: operational/product caveat · Score treatment: note-only
Assurance: The absence of a published policy for unmigratable accounts creates uncertainty about how the protocol would handle permanently vulnerable value.
Algorand's account model makes it possible to identify Ed25519 accounts on-chain. The rekeying mechanism provides a technical migration path, but no protocol rule prevents abandoned accounts from remaining vulnerable indefinitely.
Migration Mechanism, Governance & Ecosystem Coordination
Public migration or protection roadmap with sequencing, activation criteria, and dependencies
Claim: Algorand has published a clear three-part roadmap: (1) secure the past via State Proofs (completed 2022), (2) secure the present via Falcon accounts (in progress, experimental mainnet), (3) secure the future via PQ-VRF for consensus (research phase).
Coverage basis: Public roadmap with clear phases; consensus phase still research
Implementation score: 0.75 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
The roadmap is unusually detailed for the blockchain space. Phases 1 and 2 have specific deliverables and evidence, while phase 3 remains at the research-plan stage.
Migration Mechanism, Governance & Ecosystem Coordination
Migration accessibility and defaults: PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, and migration prompts are available, default, strongly preferred, mandatory, or complete by design
Claim: Falcon account creation and migration require CLI expertise (falcon-signatures tool), 4-transaction groups, and manual address derivation. Lute Wallet has experimental support. The primary wallet (Pera) does not support Falcon. Exchange and custody support is absent. Default account creation remains Ed25519 with no migration prompts or warnings.
Coverage basis: Developer-oriented experimental tooling; not accessible to average users
Implementation score: 0.25 · Evidence confidence: High
Issue classification: operational/product caveat · Score treatment: score-reducing
Migration accessibility is the critical bottleneck for Algorand's quantum readiness. The technical capability exists but the practical path is inaccessible to virtually all users.
Migration Mechanism, Governance & Ecosystem Coordination
Migration enforcement and coordination: enforcement mechanisms exist and exchange, custody, bridge, wallet, and infrastructure coordination prevents unsafe fallback into vulnerable systems
Claim: No enforcement mechanisms exist: no deprecation of Ed25519 signing, no freeze or burn policy for vulnerable accounts, no mandatory migration deadlines, no restrictions on creating new Ed25519 accounts, no exchange or custody coordination framework.
Coverage basis: No enforcement or coordination mechanisms deployed
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No protocol-level enforcement, deprecation, or mandatory migration mechanism exists. Users can indefinitely create and use Ed25519 accounts with no restrictions, warnings, or migration deadlines.
The absence of enforcement mechanisms is a structural blocker to achieving meaningful migration coverage.
Migration Mechanism, Governance & Ecosystem Coordination
Emergency disclosure, incident-response, or governance process for quantum-related vulnerabilities
Claim: Algorand has general governance processes (xGov) and Foundation security contacts. No quantum-specific incident-response playbook has been published.
Coverage basis: General governance exists; no quantum-specific IR
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: The absence of a quantum-specific IR playbook is an assurance gap but does not directly create a quantum-vulnerable path.
Algorand's governance infrastructure (xGov, Foundation Board, Ecosystem Advisory Council) provides a framework for emergency response. The appointment of Chris Peikert as CSO strengthens cryptographic governance.
Algorithm & Implementation Assurance
Uses NIST-standardized, standards-track, or broadly reviewed PQC/hybrid-PQC algorithms appropriate to the use case
Claim: Algorand uses Falcon-1024, a NIST-selected lattice-based signature scheme (Round 3, 2022) targeting NIST Security Level 5 (equivalent to AES-256).
Coverage basis: NIST-standardized algorithm appropriate to the use case
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Falcon's formal security proof was only recently established (Eurocrypt 2026, IBM Research). Ongoing cryptanalytic work continues to refine concrete security bounds.
Falcon's selection is well-justified for Algorand's constraints: compact signatures (~1.5KB), fast verification (<200 microseconds), deterministic mode available.
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit exists for the quantum-critical scope
Claim: No publicly documented independent cryptographic audit of Algorand's Falcon integration (falcon_verify opcode, LogicSig account abstraction, off-curve address derivation, State Proof Falcon usage) has been identified.
Coverage basis: Algorithm reviewed via NIST process; protocol-specific integration unaudited
Implementation score: 0.25 · Evidence confidence: Low
Issue classification: assurance-only caveat · Score treatment: confidence-only
Assurance: Per QRI v3.1, the absence of an independent audit does not by itself cap the QRI Score when the quantum-critical property is verifiable from public code and mainnet evidence. Confidence is capped at Medium.
The Falcon implementation credits Thomas Pornin and Chris Peikert/David Lazar. These are respected cryptographers, and deterministic signing with constant-time practices is documented. However, protocol-specific integration risks have not been independently assessed.
Algorithm & Implementation Assurance
Open-source, reproducible implementation
Claim: The Falcon Signatures CLI is open-source (AGPL-3.0) on GitHub. go-algorand is open-source. The implementation is publicly buildable and reproducible.
Coverage basis: Fully open-source and reproducible
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
The falcon-signatures repository provides a complete, documented workflow from key generation (with BIP-39 mnemonics) to on-chain transaction submission.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path are documented
Claim: Algorand's documentation mentions that Falcon can be 'tweaked or integrated with other algorithms as the cryptography field evolves.' The post-quantum strategy article discusses crypto agility in the context of account migration. No formal parameter agility specification exists.
Coverage basis: Acknowledged but not formally documented
Implementation score: 0.5 · Evidence confidence: Medium
Issue classification: operational/product caveat · Score treatment: note-only
Assurance: The absence of a formal parameter agility specification is an assurance gap but does not create a current quantum-vulnerable path.
The LogicSig-based Falcon account abstraction provides some inherent agility: the LSig program can be updated to use different PQ algorithms without changing account addresses (via rekeying to a new LSig).
Algorithm & Implementation Assurance
Stateful-signature safety, side-channel, fault-injection, state-management, hardware-wallet, HSM, or custody implementation risks are considered
Claim: Falcon uses deterministic signing mode (eliminating randomness-related side channels). The implementation uses constant-time coding practices. Falcon is not a stateful scheme (unlike XMSS/LMS), so state-management and anti-reuse concerns are minimal.
Coverage basis: Deterministic signing, constant-time, non-stateful scheme
Implementation score: 0.75 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Deterministic signing and constant-time claims are documented by the project but have not been independently verified through side-channel analysis or formal audit. Falcon's floating-point-based signing introduces potential for subtle implementation side channels.
Falcon's use of floating-point arithmetic in signing (Gaussian sampling over NTRU lattices) is a known implementation challenge. The deterministic mode mitigates some risks but does not eliminate all side-channel concerns.
Algorithm & Implementation Assurance
Performance and resource-impact analysis exists where PQ signature/verification costs could affect safe deployment
Claim: Algorand documents Falcon verification at under 200 microseconds. Signature sizes (~1.5KB), public key sizes (1,793 bytes), and LogicSig budget constraints are discussed. Academic research estimates 1.14x-3.4x throughput reduction for PQ-VRF.
Coverage basis: Partial analysis exists; no comprehensive formal benchmark
Implementation score: 0.75 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Performance metrics are provided by the project without independent reproduction.
The documented verification speed (<200us) is fast enough for block validation. The 4-transaction group requirement combined with ~1.5KB signatures creates practical throughput and cost implications that are acknowledged but not formally benchmarked.
Report metadata