AI Could Crack Crypto’s Quantum Shield – Solana’s Toly Sounds the Alarm

Solana co-founder Anatoly Yakovenko warns AI may break post-quantum cryptography signature schemes, urging 2/3 multi-sig wallet support or native PDA-level protection.

The thread started small. A developer posted a single line on X. Then Solana co-founder Anatoly Yakovenko stepped in, and it got serious fast.

Developer @shek_dev on X set the conversation off by noting that Solana was about to get quantum-mogged. The context was a live pull request on GitHub, where contributor abishekk92 had opened a formal verification suite for a Falcon-512 signature verifier built on Solana’s post-quantum cryptography stack.

The Real Danger Nobody Talks About

The pull request on GitHub was technical. Thousands of lines of formal verification, adversarial test batteries, Lean proofs, Kani harnesses, and Miri memory safety checks on every unsafe code path in the Falcon-512 verify pipeline. The work covered byte-level codec canonicality, NTT kernel correctness, and a fallible alternative to the existing key preparation function that returns an error instead of panicking on malformed input.

That is where Yakovenko jumped in.

Posting on X, Toly wrote that he believed the biggest current risk was AI breaking PQC signature schemes. Not a distant concern. Not a theoretical edge case. His words were direct: the industry does not fully understand the implementation vulnerabilities in these schemes, and the mathematical attack surface is even less mapped. His call to action was 2/3 multi-signature wallet support for PQC, or native support built directly into the transaction processor through Program Derived Addresses.

It was not a long post. It landed anyway.

Toly, Syscalls, and a Developer Conversation Moves Fast

Earlier in the same thread, Yakovenko had asked on X whether the Falcon-512 implementation was using Vlad’s harmonic. @shek_dev replied on X that it was not — the work was running on Opus 4.7 and Codex 5.5, with plans to let Harmonic run on the Bertoni complement that developer @deanmlittle had added to the keccak implementation. @shek_dev then handed things over on X to @HarmonicMath to pick up.

In a separate reply during the same exchange, Yakovenko posted on X a proposed architectural fix: a syscall to lift PDA is_signer status to the transaction processor level, with fees charged to valid signers at the end of each block. “Make it so, pls,” he wrote.

The Falcon-512 PR itself did not touch production compute. Benchmarks from the formal verification branch showed zero change in compute units against master — 195,786 CUs on both sides. The new try_prepare_pubkey function costs roughly the same as the original when called, around 99k CUs, because it runs the same arithmetic with assertions rewritten as error returns instead of panics.

The Problem Toly Is Actually Pointing At

PQC schemes like Falcon-512 are being adopted in part because they resist attacks from quantum computers using Shor’s algorithm. The math is sound. The question Yakovenko raised is different: what happens when AI starts probing implementation gaps that formal verification does not yet cover.

Formal verification can prove that per-coefficient encoding is injective. It can pin that byte-packing is canonical. The Lean proofs in this PR do exactly that — serializeFalcon_injective, packBytes_injective, zero-pad cancellation theorems. What formal verification does not yet cover in this PR, and the team acknowledged it, is whole-pipeline NTT correctness as a formal statement.

That is not a criticism of the work. It is the category of gap Yakovenko was describing.

The multi-sig proposal and the PDA-level syscall approach are not fixes to the formal verification problem. They are structural fallbacks. If one signature scheme gets broken — by AI, by a novel mathematical attack, by something no one has named yet — a 2-of-3 arrangement means the network does not collapse on a single point of failure.

The PR is open. The conversation is ongoing.

The post AI Could Crack Crypto’s Quantum Shield – Solana’s Toly Sounds the Alarm appeared first on Live Bitcoin News.