decentralized oracle network
Chainlink LINK
Chainlink scores 4/100 (Stage 1: Quantum Risk Assessed). The project has published an educational article acknowledging quantum threats to blockchain cryptography (February 2026), but has no formal cryptographic inventory, no PQC migration roadmap, no PQC design or prototype, and zero production PQC protection across any component. Every critical cryptographic layer — OCR oracle report signing (EdDSA/ECDSA), CCIP cross-chain messaging (classical signatures), VRF randomness (ECC), node P2P identity (secp256k1/Ed25519), and LINK token transfers (inherited Ethereum ECDSA) — remains entirely dependent on quantum-vulnerable classical cryptography. Chainlink secures over $90 billion in DeFi value and dominates ~68% of the oracle market, making its quantum vulnerability a systemic risk for the entire DeFi ecosystem. The project has strong operational security (SOC 2 Type 2, bug bounty, multiple audits) but none of these address quantum readiness. This evaluation covers the Chainlink oracle network, CCIP, VRF, Data Feeds, node infrastructure, and LINK token as of 2026-06-01.
Roadmap OnlyECC-Only ProductionL1-Inherited Risk
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
1.39 / 20
Migration Mechanism, Governance & Ecosystem Coordination
0.75 / 15
Migration Status & Value-at-Risk
1 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
1.25 / 5
Critical Quantum Blockers
- OCR oracle report signing uses exclusively classical ECDSA/EdDSA signatures. A quantum attacker could forge oracle reports, manipulate price feeds, and trigger cascading DeFi liquidations across all dependent protocols.
- CCIP cross-chain messaging and Risk Management Network rely entirely on classical signatures. A quantum attacker could forge cross-chain messages, mint unbacked bridged assets, or bypass security controls across all CCIP-connected chains.
- VRF randomness generation uses classical elliptic curve cryptography. A quantum attacker could predict or manipulate VRF outputs, compromising gaming, lotteries, and fair-distribution mechanisms.
- LINK token (ERC-677/ERC-20) inherits the ECDSA vulnerability of its host chain (Ethereum). All LINK token transfers are quantum-vulnerable.
- Node P2P identity and key management use classical cryptography (secp256k1, Ed25519) with no PQC alternatives available in the core node software.
- No PQC migration roadmap, design document, prototype, testnet, or production code exists for any Chainlink component as of the evaluation date.
Key Risks
- SYSTEMIC DEFI RISK: Chainlink secures ~68% of oracle-dependent value in DeFi. A quantum break of OCR signatures would allow attackers to inject arbitrary price data, triggering cascading liquidations, arbitrage exploits, and protocol insolvencies across hundreds of dependent applications representing tens of billions in TVL.
- CCIP BRIDGE RISK: CCIP has processed $18B+ in cross-chain value (Q1 2026). Quantum signature forgery on CCIP would allow unbacked token minting, theft of bridged assets, and compromise of cross-chain messaging integrity across all supported chains.
- VRF MANIPULATION: Quantum prediction or forgery of VRF outputs would compromise all dependent gaming, lottery, NFT mint, and fair-distribution applications.
- HARVEST-NOW-DECRYPT-LATER: Oracle node public keys and on-chain signature data are permanently recorded. Adversaries can harvest this data today for future quantum decryption, making the threat time-sensitive even though cryptographically relevant quantum computers do not yet exist.
- NO MIGRATION PATH: There is no public PQC migration roadmap, design, testnet, or implementation for any Chainlink component. Given Chainlink's multi-party coordination requirements (hundreds of node operators, multiple DONs, cross-chain deployment), migration will require years of planning and execution that has not yet begun.
- LINK TOKEN: As an ERC-677/ERC-20 token, LINK inherits the full quantum vulnerability of Ethereum's ECDSA-based account model. LINK holders with exposed public keys (any address that has sent a transaction) are vulnerable to quantum key-recovery attacks.
- DEPENDENCY CHAIN: Chainlink's quantum readiness depends on quantum readiness of all host chains (Ethereum, Arbitrum, Polygon, etc.) for on-chain signature verification. Even if Chainlink nodes adopted PQC signatures, on-chain verification would require host-chain support for PQC signature verification precompiles or opcodes, which do not exist in production on most chains as of the evaluation date.
Assurance Notes
- No audit addresses quantum readiness or PQC implementation for any Chainlink component. Existing audits (Code4rena March 2026 Payment Abstraction V2, NDSS 2026 OCR security analysis, Deloitte SOC 2 Type 2 April 2026) cover classical security, operational controls, and Byzantine fault tolerance but exclude quantum threat models entirely.
- The Chainlink 'Quantum-Safe Cryptography' article (February 2026) is an educational overview of PQC concepts, NIST standards, and crypto-agility. It contains no project-specific cryptographic inventory, no Chainlink migration roadmap, no PQC design, and no implementation commitments. It is properly classified as risk awareness, not risk mitigation.
- Chainlink has a bug bounty program (HackerOne, Immunefi) and a dedicated security team, but no quantum-specific incident-response process is documented.
- The Mind Network partnership (FHE + CCIP) is partner-level exploration with quantum-resistant claims but represents third-party integration rather than Chainlink protocol-level PQC protection. Its production status and quantum-security properties are unverified for this evaluation scope.
- LINK token is a standard ERC-677/ERC-20 token that inherits the quantum vulnerability of its host chain (primarily Ethereum). No token-specific PQC controls exist.
- No formal performance or resource-impact analysis for PQC deployment across Chainlink's oracle networks, CCIP, or on-chain verification exists.
- The NDSS 2026 paper 'Validity Is Not Enough' identifies non-quantum Byzantine price manipulation risks in OCR up to 8.47% of ETH price; while not quantum-specific, this highlights that OCR's security guarantees have measurable gaps even under classical threat models.
Non-Scoring Caveats
- Chainlink is a decentralized oracle network, not a native blockchain; its quantum risk profile differs from L1/L2 chains but is equally critical given its systemic role in DeFi.
- The educational article on quantum-safe cryptography (Feb 2026) demonstrates awareness but does not constitute a formal risk assessment or migration plan.
- Gas cost and data availability implications of PQC signatures for on-chain verification across multiple EVM and non-EVM chains remain unaddressed.
- Quantum-resistant threshold signature schemes suitable for decentralized oracle networks are an open research problem.
- Chainlink's Confidential Compute (TEE-based) and DKG capabilities are not assessed for quantum safety in this evaluation.
- The quantum-safe cryptography article was LLM-assisted per its own disclaimer and may contain inaccuracies.
Evidence record
Claims and Caveats
Security Assessment & Evidence Preparedness
Public cryptographic inventory and quantum threat model
Claim: Chainlink has published an educational article on quantum-safe cryptography (Feb 2026) acknowledging the threat and discussing NIST PQC standards, but has not published a formal cryptographic inventory or project-specific quantum threat model.
Coverage basis: Educational article and technical documentation collectively describe cryptographic primitives used in OCR, CCIP, and VRF
Implementation score: 0.25 · Evidence confidence: Low
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: The quantum-safe article is LLM-assisted per its own disclaimer. No formal CBOM, cryptographic inventory, or quantum threat model covering affected assets and layers has been published.
The OCR3 protocol paper (2025) explicitly states use of EdDSA and ECDSA, and documentation describes VRF and CCIP cryptography. This constitutes a partial implicit inventory but lacks the structure, completeness, and quantum-specific threat analysis required for a formal assessment.
Security Assessment & Evidence Preparedness
Public evidence record supporting the assessment
Claim: Chainlink's documentation, open-source code, and OCR3 protocol paper provide technical details on cryptographic primitives, but no quantum-specific evidence record exists.
Coverage basis: Open-source repositories, protocol specifications, and documentation
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: score-reducing
Assurance: Code and documentation are publicly available but contain no PQC implementations, quantum-security tests, migration tooling, or quantum-specific evidence artifacts.
The open-source nature of the codebase allows third-party verification that no PQC code exists, which is itself evidence, albeit negative.
Production Cryptographic Protection
Spend authorization / transaction signatures
Claim: LINK token transfers rely on host-chain (Ethereum) ECDSA for transaction authorization. Oracle node operational transactions use classical secp256k1/Ed25519. No PQC or hybrid-PQC spend authorization exists.
Coverage basis: LINK is a standard ERC-677/ERC-20 token; node transactions are classical
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: LINK token transfers are secured exclusively by Ethereum ECDSA. All LINK spend authorization is quantum-vulnerable.
LINK inherits the host chain's QRI score for basic token transfers. Token-specific admin/governance keys may have additional risk but are not separately assessed here.
Production Cryptographic Protection
Account, address, public-key exposure
Claim: LINK token uses standard Ethereum EOAs with exposed public keys upon transaction broadcast. No PQ/hybrid address schemes or key-derivation controls exist.
Coverage basis: Standard Ethereum account model with ECDSA key pairs
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Any LINK address that has sent a transaction has an exposed ECDSA public key vulnerable to long-exposure quantum key-recovery attacks.
Long-exposure (at-rest) public keys are the most immediate quantum risk. Addresses that have only received LINK (never sent) have only the address hash exposed, providing partial protection.
Production Cryptographic Protection
Consensus-critical authentication (validator signatures, VRFs, threshold signatures, block certificates)
Claim: OCR oracle report signing uses EdDSA (internal) and ECDSA (attestations). VRF uses classical ECC. No PQC or hybrid-PQC consensus authentication exists.
Coverage basis: OCR3 protocol specification and VRF documentation confirm exclusive use of classical ECC
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: OCR quorum signatures and VRF proofs are verified on-chain using classical ECC. A quantum attacker could forge oracle reports and VRF outputs, compromising all dependent DeFi protocols.
OCR uses a threshold quorum (n=3f+1) where signatures are aggregated. A quantum attacker only needs to forge a quorum's worth of signatures (f+1) to inject arbitrary data. The on-chain aggregator contract verifies classical signatures.
Production Cryptographic Protection
State-integrity and data-availability mechanisms (commitments, nullifiers, bridge verification)
Claim: On-chain aggregator contracts verify classical signatures for OCR reports. CCIP bridge verification relies on classical signature verification across DONs and the Risk Management Network.
Coverage basis: Aggregator contracts and CCIP architecture documentation confirm classical signature verification
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: CCIP bridge verification uses classical signatures. A quantum attacker could forge cross-chain messages and mint unbacked bridged assets.
Chainlink does not have a native blockchain state-integrity layer (no native ledger). However, the on-chain verification of oracle reports and cross-chain messages constitutes a critical state-binding function that is quantum-vulnerable.
Production Cryptographic Protection
Privacy and proof layers
Claim: Chainlink's core protocol (OCR, CCIP, VRF) does not have a native privacy layer requiring ZK proofs. Confidential Compute (TEE-based) and DKG are application-layer privacy services.
Coverage basis: No native ZK proof system or shielded state in the core oracle protocol
Implementation score: 1 · Evidence confidence: Medium
Issue classification: none · Score treatment: not applicable
Assurance: Application-layer privacy services (TEE-based Confidential Compute) are not assessed for quantum safety in this evaluation.
Production Cryptographic Protection
P2P transport, node identity, and peer authentication
Claim: Chainlink nodes use classical cryptography (secp256k1, Ed25519) for P2P identity and peer authentication in the OCR P2P network.
Coverage basis: Core node repository confirms classical key management with no PQC alternatives
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Node P2P identity uses quantum-vulnerable classical cryptography. While node identity compromise alone does not directly enable asset theft, it enables man-in-the-middle attacks on OCR data aggregation and could facilitate consensus-level attacks.
OCR documentation states connections between oracle nodes are authenticated and encrypted. The specific transport encryption protocol is not publicly detailed but is presumed to use TLS or similar classical mechanisms.
Production Cryptographic Protection
Critical wallet, custody, HSM, signer workflows
Claim: No evidence of PQ/hybrid wallet, custody, or HSM support for Chainlink node operators or LINK token holders.
Coverage basis: No PQC wallet documentation, no hardware wallet PQC support for Chainlink operations
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Node operators and LINK holders lack any PQC-enabled wallet, custody, or HSM workflow for protecting keys against quantum attacks.
Assurance: Chainlink node operators use institutional-grade key management, but all current HSM/MPC solutions rely on classical cryptography.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected
Claim: 0% of Chainlink-secured value and LINK token market cap is protected by PQC. No migration has occurred.
Coverage basis: No PQC protection exists in any Chainlink component; LINK token inherits host-chain vulnerability
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Chainlink secures ~$90B+ in DeFi value with zero quantum protection. LINK token market cap (~$9B+) is entirely quantum-vulnerable.
Assurance: Value-at-risk figures are approximate market estimates. The systemic value-at-risk through dependent DeFi protocols far exceeds the LINK token market cap alone.
Per QRI 9.3.1, <25% coverage scores 1 (out of 20). Chainlink is at effectively 0% coverage. The coverage score of 1 reflects the minimum floor for acknowledging the category exists.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native
Claim: No critical wallets (treasuries, exchanges, custodians, bridges, foundations, major protocols) have been migrated to or protected by PQC.
Coverage basis: No evidence of any PQC migration for any Chainlink-related wallet or custody path
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Chainlink node operator keys, CCIP signer keys, and LINK treasury/governance wallets remain quantum-vulnerable.
Assurance: No public data on wallet migration status. Absence of evidence is treated as evidence of absence for PQC migration given the complete lack of any PQC infrastructure.
Migration Status & Value-at-Risk
Legacy vulnerable pools/accounts/UTXOs/contracts are identified, measurable, deprecated, migrated, frozen, or proven not to exist by design
Claim: No identification, measurement, deprecation, or migration of quantum-vulnerable pools has occurred.
Coverage basis: No evidence of any legacy pool identification or deprecation process
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: No quantum-vulnerable pool inventory, measurement methodology, or deprecation policy exists.
For LINK token, all addresses that have ever sent a transaction have exposed public keys. No process exists to identify, notify, or migrate these holders.
Migration Mechanism, Governance & Ecosystem Coordination
Public migration or protection roadmap
Claim: No PQC migration roadmap exists for Chainlink. The quantum-safe article discusses crypto-agility conceptually but provides no sequencing, activation criteria, or dependencies.
Coverage basis: The quantum-safe article is educational, not a roadmap; no Chainlink-specific migration plan exists
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No PQC migration roadmap exists for any Chainlink component (OCR, CCIP, VRF, Data Feeds, node software).
The quantum-safe article mentions 'crypto-agility' and 'future-proof' design but these are aspirational statements without concrete plans, timelines, or technical specifications.
Migration Mechanism, Governance & Ecosystem Coordination
Migration accessibility and defaults
Claim: No PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, or migration prompts exist.
Coverage basis: No PQC migration tooling or user-facing migration support exists
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No migration tooling, wallet support, or user education exists for quantum-safe migration.
Migration Mechanism, Governance & Ecosystem Coordination
Migration enforcement and coordination
Claim: No enforcement mechanisms (deprecation, freeze, disabled legacy signing, restricted withdrawals) exist. No exchange, custody, bridge, wallet, or infrastructure coordination for PQC migration has occurred.
Coverage basis: No enforcement or coordination mechanisms exist
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No enforcement or coordination mechanisms exist to prevent unsafe fallback into quantum-vulnerable systems.
Chainlink's multi-DON architecture and cross-chain deployment make migration coordination particularly complex. Hundreds of node operators across multiple chains would need to coordinate key rotation.
Migration Mechanism, Governance & Ecosystem Coordination
Emergency disclosure, incident-response, or governance process for quantum-related vulnerabilities
Claim: Chainlink has a general bug bounty program (HackerOne, Immunefi) and security team, but no quantum-specific incident-response process is documented.
Coverage basis: General security processes exist but lack quantum-specific procedures
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: score-reducing
Assurance: The bug bounty program and security team provide a foundation for incident response, but the absence of quantum-specific procedures is a gap.
This subfactor receives partial credit (0.25) because Chainlink's existing security infrastructure (bug bounty, security team, SOC 2 certifications) provides a baseline capability that could be extended for quantum incidents, even though no quantum-specific process is documented.
Algorithm & Implementation Assurance
Uses NIST-standardized, standards-track, or broadly reviewed PQC/hybrid-PQC algorithms appropriate to the use case
Claim: Chainlink uses no PQC algorithms in any production component. All cryptography is classical (ECDSA, EdDSA, secp256k1).
Coverage basis: No PQC algorithms are used anywhere in the Chainlink stack
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No NIST-standardized or standards-track PQC algorithms are used in any Chainlink production component.
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit for quantum-critical scope
Claim: No PQC implementation exists to audit. Existing audits (Code4rena, NDSS, Deloitte SOC 2) cover classical security only.
Coverage basis: Existing audits do not address quantum security or PQC implementation
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: Existing audits are high-quality for their classical scope but provide zero quantum-security assurance. Code4rena (March 2026) covers Payment Abstraction V2 smart contracts. NDSS (Feb 2026) analyzes Byzantine price manipulation in OCR. Deloitte SOC 2 (April 2026) validates operational controls. None address PQC or quantum threats.
The absence of any quantum-specific audit is expected given there is no PQC implementation to audit. This score reflects the current state: no quantum-critical scope exists to be independently reviewed.
Algorithm & Implementation Assurance
Open-source, reproducible implementation
Claim: Chainlink's core node software and smart contracts are open-source, but no PQC implementation exists within them.
Coverage basis: Open-source repositories contain classical cryptography only
Implementation score: 0.25 · Evidence confidence: High
Issue classification: none · Score treatment: score-reducing
Partial credit (0.25) reflects that the codebase is open-source and reproducible for its classical cryptography, but contains no PQC implementation to evaluate.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path
Claim: The quantum-safe article discusses crypto-agility conceptually, but no documented upgrade path or parameter agility specification exists for Chainlink components.
Coverage basis: Conceptual discussion of crypto-agility in the educational article only
Implementation score: 0.25 · Evidence confidence: Low
Issue classification: assurance-only caveat · Score treatment: score-reducing
Assurance: The crypto-agility discussion is aspirational and not backed by technical specifications, upgrade mechanisms, or migration tooling.
Partial credit (0.25) for conceptual acknowledgment of crypto-agility as a design principle, even though no concrete upgrade path is documented.
Algorithm & Implementation Assurance
Stateful-signature safety (XMSS/LMS anti-reuse controls, side-channel considerations)
Claim: No PQC signatures are used, so stateful-signature safety is not applicable.
Coverage basis: No PQC signatures deployed
Implementation score: 1 · Evidence confidence: Medium
Issue classification: none · Score treatment: not applicable
This subfactor will become applicable if/when Chainlink deploys stateful hash-based signatures such as XMSS/LMS or SLH-DSA.
Algorithm & Implementation Assurance
Performance and resource-impact analysis for PQC deployment
Claim: No PQC performance or resource-impact analysis exists for Chainlink's oracle networks, on-chain verification, or CCIP messaging.
Coverage basis: No PQC performance analysis has been published
Implementation score: 0 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: score-reducing
Assurance: PQC signatures are significantly larger than classical (ML-DSA-65: ~3.3KB vs ECDSA: ~72 bytes). On-chain verification costs and data availability requirements will increase substantially. No analysis of these impacts exists for Chainlink's multi-chain deployment.
This is a forward-looking gap. On-chain PQC signature verification on Ethereum and other host chains will require precompile support, which currently does not exist in production. Gas cost modeling for aggregated PQC oracle reports across EVM and non-EVM chains is an unresolved challenge.
Report metadata