Quantum Intelligence
Quantum Intelligence is WalletWall’s cross-cutting framework for estimating future cryptographic migration urgency for Ethereum wallets. It surfaces inside Holder Wall (wallet drawer), Whale Watcher (risk section), and Coinstellation (NodeDetailPanel).
Framing
A high Quantum Exposure Score does not mean a wallet is currently vulnerable to theft or exploitation by any existing technology. The score is a forward-looking heuristic for long-term cryptographic migration planning, not a statement of current risk.
- Future-looking: measures potential risk posed by future quantum computing advances to current cryptographic standards (ECDSA/secp256k1)
- Not currently exploitable: no practical quantum attack exists against these standards today
- Informational only: provided for cryptographic awareness and security planning
- Not investment advice: must not be used as a basis for financial decisions
Quantum Exposure Score
The score is a normalized value from 0 to 100, composed of seven weighted components:
| Component | Description |
|---|
publicKeyExposureScore | Has the public key been revealed on-chain via a sent transaction? |
addressReuseScore | Frequency of address reuse, increasing signature analysis surface |
signatureSchemeScore | Inherent quantum-vulnerability of the current signature scheme (ECDSA vs. future PQC) |
valueAtRiskScore | USD value held — represents the migration urgency “bounty” |
dormancyScore | Time since last transaction; long-dormant wallets may be less migration-ready |
migrationReadinessRisk | Capability of the wallet (AA vs. EOA) to rotate to new signature schemes |
recoveryPathRisk | Availability and security of social recovery or alternative access methods |
Score labels
| Label | Meaning |
|---|
| Low exposure | Minimal risk; public key may not be exposed, or value is low |
| Moderate exposure | Standard EOA risk; public key is exposed but migration is not yet urgent |
| High exposure | Significant value held in a classical EOA |
| Migration priority | High-value wallets with no clear path to automated rotation |
| Unknown / insufficient data | Signature info or transaction history is unavailable |
Source caveats
Every score carries a caveats array built from up to three layers:
| Layer | When added |
|---|
Base caveat (SCORE_CAVEAT constant) | Always |
| Coverage caveat | When key facts (chain profile, tx history, dormancy) are unavailable |
| Insufficient-data caveat | When exposureStatus === 'unknown' |
| Stale-data caveat | When scheduled Dune data is older than the staleness threshold |
| Missing-source caveat | When a required source alias is not configured |
| Live-only caveat | When a Dune API call failed or was skipped |
Chain and signature assumptions
| Chain type | Notes |
|---|
| EVM / Ethereum EOAs | Use ECDSA (secp256k1). Public key is recoverable from signature after first outgoing transaction. Accounts that have only received funds have lower immediate exposure. |
| Smart contract wallets / AA | ERC-4337 or multisig (Gnosis Safe) wallets may support future upgrades to quantum-resistant signatures. If the upgrade path is unknown, confidence is reduced. |
| Solana | Uses Ed25519. WalletWall does not support Solana holder analytics; Solana quantum risk is documented as a general category only. |
Vault Readiness Card
The Vault Readiness Card (QuantumExposureCard component) renders the full score breakdown:
- Composite score and risk band
- Per-component breakdown with values
- Behavioral exposure signals (adversarial signals)
- Migration-readiness hints from Dune scheduled data
- Source caveats and confidence level
Source provenance is shown via DataSourceBadge for each contributing data source.
Dormancy signal
Wallets that have not sent any outgoing transaction are classified as dormant. Dormancy increases migration urgency because:
- The wallet may not be actively monitored
- The holder may not respond to future migration requirements
- Long-dormant wallets represent “cold” exposure that is hard to remediate
Dormancy is measured from the last_active_at timestamp. The Dormancy exposure feed provides source-backed dormancy facts with bucket classification:
| Bucket | Duration |
|---|
warm_dormant_30_180d | 30–180 days since last outgoing transaction |
cold_dormant_180_730d | 180–730 days (roughly 6 months to 2 years) |
ancient_dormant_730d_plus | More than 730 days (2+ years) |
Migration readiness
Migration readiness indicates whether a wallet has a viable path to adopt post-quantum cryptography (PQC) signatures. The Migration readiness feed provides:
is_contract_wallet: true if the address is a contract-based wallet (Safe, multisig, ERC-4337 AA)contract_wallet_type: safe, gnosis_multisig, erc4337_aa, or other_contractrecent_migration_signal: true if a token migration or key-rotation event was observedrisky_approval_count: count of active ERC-20 approvals with unlimited or large allowances
is_contract_wallet: true does not mean the wallet is safe — it means it has a programmable upgrade path. The absence of a known-safe upgrade path should still yield low readiness.
How the three concepts relate
WalletWall keeps three distinct ideas separate so users don’t confuse “risk” with “a fix”:
| Concept | Question it answers |
|---|
| Quantum Exposure | How urgent is the wallet-level risk? |
| Migration Readiness | How feasible is it to move safely? |
| WalletWall Vault | One experimental post-quantum migration path, monitor only in the private app. |
src/lib/migration-readiness.js, deriveMigrationReadiness()) returns level, urgency, difficulty, recommendedPath, blockers, and nextAction.
recommendedPath | When it is suggested |
|---|
monitor | Small wallet, low exposure — no action needed yet |
fresh-wallet | Older exposed wallet with medium value |
split-wallet | Very high value concentrated in one address |
multisig | High-value exposed wallet with no upgrade path |
treasury-custody | DAO / treasury-like (Safe / multisig) wallet needing a signer-led migration path |
vault-prototype | Long-horizon, high-value, quantum-exposed vault candidate |
WalletWall Vault (research prototype)
WalletWall Vault is a Phase 2 research prototype that demonstrates a hybrid classical + post-quantum authorization model: an Ethereum ECDSA signature plus an ML-DSA (FIPS 204, formerly CRYSTALS-Dilithium) signature verified on-chain. Related signature research includes SLH-DSA (FIPS 205, formerly SPHINCS+).
WalletWall Vault is a research prototype. The private app does not store keys, does not ask for seed phrases, and does not implement recovery flows. The on-chain verifier is an architectural placeholder, not production-grade cryptographic verification.
vault-prototype, WalletWall surfaces it as a vault candidate with the disclosure above and a link to the research repository. It never enables private key handling, seed phrase inputs, wallet writes, or mainnet interactions.
Approved framing: post-quantum migration research, hybrid authorization prototype, experimental migration path, vault candidate, monitor only. Avoid absolute safety, recovery, or asset-control claims.
The /vault route and vault.walletwall.org subdomain expose a dedicated Vault product page with its own readiness scan flow, vault readiness card, and a Simulate: Authorization flow research panel. See WalletWall Vault for full product documentation.
Behavioral exposure signals
Behavioral signals (adversarialSignals) are deterministic heuristics derived from wallet transaction history and 12-week Dune activity data. They are computed by deriveAdversarialSignals() in src/lib/adversarial-heuristics.js.
| Key | Approved label | What it observes |
|---|
extractionStyleActivityRisk | extraction-style activity | Single large outgoing movement dominates outgoing volume |
counterpartyConcentrationRisk | counterparty concentration | Activity concentrated among one or few counterparties |
relayRoutingExposure | relay routing exposure | Incoming value closely followed by outgoing to different addresses |
activityRampRisk | activity ramp | Recent activity sharply elevated vs. prior baseline |
assetValueAmbiguityRisk | asset/value ambiguity | Token or value fields are ambiguous, missing, or unverifiable |
score, confidence, reason, and evidence. Signals with score < 0.3 are not rendered.
confidence reflects data completeness, not accusatory certainty. These signals are not findings of wrongdoing and do not imply intent, identity, or legal status.
Policy simulator
The policy simulator allows exploring how score components would change under different wallet configuration assumptions (e.g., migrating to a Safe multisig, rotating keys). It operates on the current score breakdown and produces a hypothetical output — no on-chain action is taken.
Dune source aliases
| Public alias | Query name | Cadence |
|---|
| Dormancy exposure feed | walletwall_dormant_quantum_exposure_v1 | Weekly |
| Signature exposure feed | walletwall_wallet_signature_exposure_v1 | Daily / on-demand |
| Value-at-risk feed | walletwall_quantum_value_at_risk_v1 | Daily |
| Migration readiness feed | walletwall_wallet_migration_readiness_v1 | Weekly |
