Free for every Substrate 2 customer. Crypto-Agility is included at no additional charge — any
valid AlgoVoi suite licence unlocks it. There is no separate purchase.
What it is
The hard part of post-quantum adoption is not the primitive, it is the migration. A corpus of artifacts signed under a legacy, quantum-vulnerable key must stay trustable after you rotate to a post-quantum key. Crypto-Agility re-attests each legacy-signed artifact forward under Falcon-1024 and emits a signed migration attestation, so past evidence stays verifiable once the old key is retired. It hybrid-signs through the transition window and re-wraps encrypted data to ML-KEM-1024. It is the migration layer for Substrate 2: the same content-addressed, signed, offline-verifiable discipline as the rest of the suite, pointed at the one problem most post-quantum stories skip — carrying your existing evidence across the boundary.Classify the estate
Label every key against the transition —
classical, post-quantum, or hybrid — flag what is
quantum-vulnerable, and list the active keys that still need migrating.Re-attest forward (continuity)
Verify a legacy signature, then emit a
Falcon-1024-signed attestation binding the old key + content
hash to the new PQC key. Past evidence stays trustable without the retired key.Hybrid-sign the transition
Sign under the new PQC key while carrying a legacy signature alongside, so verifiers on either side
keep working until everyone has cut over.
Re-wrap encryption
Re-encrypt data from a classical KEM to ML-KEM-1024 and emit a re-wrap attestation that records
only the content hash and the old/new key ids — never the plaintext.
What you get
- Continuity, not breakage. Legacy-signed evidence stays trustable through a PQC-signed attestation, so you can retire a quantum-vulnerable key without invalidating everything it ever signed.
- A staged migration, not a big-bang rotation. Classify, hybrid-sign, migrate, and verify in steps, each one attested — the difference between a risky cutover and an auditable one.
- Post-quantum end to end. Migration attestations are Falcon-1024 signed; re-wrapped data is ML-KEM-1024 sealed.
- Substrate 2-bound. Every migration attestation folds into the broader Substrate 2 evidence chain.
How it works
| Step | What happens |
|---|---|
| Classify | Inventory your keys; flag the active quantum-vulnerable ones that need migrating. |
| Hybrid-sign | During the transition window, sign under the new PQC key while carrying the legacy signature, so nobody breaks mid-cutover. |
| Migrate | Verify each legacy signature, then re-attest the artifact forward under Falcon-1024 — a signed record binding old key + content hash to the new PQC key. |
| Re-wrap | Re-encrypt data from a classical KEM to ML-KEM-1024 and attest the move, with no plaintext in the receipt. |
| Verify | Anyone confirms a migration offline from the authority’s PQC public key alone. |
Cryptography
- Post-quantum signatures + KEM. Migration attestations use Falcon-1024 (NIST Level 5); re-wrap uses ML-KEM-1024 + AES-256-GCM. Legacy verification covers Ed25519 out of the box.
- No plaintext in receipts. Re-wrap attestations reference content only as
sha256. - Content-addressed + canonical.
canon_version: jcs-rfc8785-v1; everything is bound by JCS (RFC 8785) canonical bytes, so a migration attestation verifies byte-identically anywhere.
Who it’s for
- Anyone with a signing or encryption estate facing post-quantum mandates who needs the old evidence to survive the rotation.
- Security and platform teams that want a staged, attested migration instead of a risky big-bang key swap.
- Substrate 2 operators carrying a history of signed receipts across the PQC boundary.
Get Crypto-Agility
Crypto-Agility is included free for every Substrate 2 customer — any valid AlgoVoi suite licence unlocks it; install it from the private index and it runs alongside the rest of your suite. It pairs with Recovery Vault (the keys it migrates) and the Verifiable Archive (the evidence it carries forward).Talk to us
Already a Substrate 2 customer? Crypto-Agility is included — we’ll help you inventory your estate and
plan the migration windows.
The post-quantum core
Substrate 2 is post-quantum by default; Crypto-Agility is how you bring an existing estate up to it
without losing the evidence you already hold.