H33-74 for QEVM

Six objections to Bonds on QEVM. Six answers. One infrastructure.

"EVM chains use secp256k1. Quantum kills that."

QEVM is lattice-based from genesis. Cellframe post-quantum crypto at the protocol layer.

ADDRESSED

"On-chain means everyone sees the bond data."

H33 FHE encrypts before it touches the chain. Balance checks, compliance, audits — all without decrypting.

ADDRESSED

"How do you settle real payments from a new chain?"

Smart contract escrow + oracle bridge. Same settlement rails as any EVM. Stablecoin or fiat off-ramp.

ADDRESSED

"Bond holders won't trust a new EVM."

Right objection. No cryptographic proof of reserves exists on any EVM today.

This Is Where H33 Enters

"There's no framework to verify bond data or prove reserves on a quantum-resistant EVM."

"What's still missing is the proper framework to ensure privacy, provenance, and verifiable settlement for bonds issued on next-generation chains."

— The gap every institutional buyer sees

H33-74 is that framework.

"A 30-year bond must survive quantum computers."

Classical signatures have a single point of failure
Classical signatures (RSA, ECDSA) will not survive
H33-74: three independent post-quantum families — NIST Level 1 and Level 5 options

Addressed — Operational Today

The Trust Gap Today

Every existing on-chain privacy system has the same structural flaw.

Bond Created

plaintext in memory

→

Copied to DB

plaintext at rest

→

Encrypted Later

gap: already exposed

→

Signed After

proves nothing about origin

PROBLEM 1

Data was plaintext before it was signed. The signature proves the data exists — not that it wasn't seen, copied, or altered before signing.

PROBLEM 2

No provenance from creation. There's no proof of where the data originated. Anyone with access could have injected or modified it before the first signature.

PROBLEM 3

Verification = data access. To verify privacy, you must decrypt and inspect. Everyone who checks gets a copy. More checks = more exposure.

This is why bond holders don't trust on-chain privacy. The proof architecture doesn't exist. Until now.

H33-74: Proof Starts at Creation

H33-74 establishes trust at the moment data is created — not bolted on after. Each bond event produces a canonical record that is signed, compressed into a verifiable receipt, and anchored to QEVM.

H33-74: Sealed

fingerprint + encrypt
in one boundary

→

H33-74: Dual Output

FHE ciphertext (compute)
encrypted fingerprint (verify)

→

H33-74: PQ Signed

3 PQ families at creation
provenance bound

→

H33-74: 74B Receipt

QEVM-anchored
before anything else happens

FIX 1: NEVER PLAINTEXT

Data is encrypted inside the generation boundary. Raw data never crosses the boundary. There is no plaintext window to exploit — not for a millisecond.

FIX 2: PROVENANCE AT BIRTH

Origin is cryptographically committed before any processing, transmission, or storage. The provenance chain is unbreakable from creation through the full persistent lifecycle.

FIX 3: VERIFY ≠ ACCESS

Independent key hierarchies separate compute from verify. Auditors verify reserves without accessing bond data. More verification = zero additional exposure.

The proof exists before the bond settles. Every subsequent event — custody check, coupon payment, audit, transfer — extends the chain. Never breaks it.

How H33-74 Wraps a Bond

The bond data enters one boundary. Two encrypted outputs exit. Raw data never leaves.

HARDWARE-ATTESTED GENERATION BOUNDARY — NOTHING PLAINTEXT EXITS

Bond Data

CUSIP · face value · allocation · holder address

→

enters boundary as plaintext — last time it will ever be plaintext

OPERATION 1: FHE ENCRYPT

KEY A

Bond data encrypted under BFV fully homomorphic encryption. This ciphertext enables computation — compliance checks, reserve verification, threshold comparison — all on encrypted data.

OUTPUT: Ciphertext C for compute

OPERATION 2: QUANTUM TAG

KEY B

Fingerprint F(d) computed, then encrypted under independent PQ key (ML-KEM / Kyber + AES-256-GCM). This tag enables verification — reserve proof, identity check, integrity audit — without accessing bond data.

OUTPUT: Encrypted Fingerprint E_F for verify

KEY SEPARATION

Key A cannot derive Key B. Key B cannot derive Key A. Operators who compute on the bond cannot inspect the verification tag. Verifiers who check reserves cannot access bond data.

↓

FHE Ciphertext C

bond data stays encrypted forever

+

Quantum Tag E_F

metadata access without decryption

+

3-Family PQ Signatures

ML-DSA + FALCON + SLH-DSA

=

74 bytes

persistent footprint

The bond is fully covered by FHE for its entire life. The quantum tag lets anyone verify reserves, authorization, and integrity — without ever touching the encrypted bond data. Patent pending.

How It Works

From bond data to QEVM anchor — every layer

OFF-CHAIN

ON-CHAIN

Bond Data

CUSIP · face value · allocation · maturity date

INPUT

↓

Claims & Authorization

VERIFIED

ACTION_AUTHORIZED CUSTODIAN_APPROVED LIMIT_WITHIN_BOUND SIGNATORY_VALID

↓

FHE Encryption

Data encrypted — never decrypted at any step

BFV

↓

H33-74 Primitive Minted

58 BYTES

type
1B domain
1B SHA3-256 hash
32B timestamp
8B nonce
16B

↓

3-Family PQ Signing

ML-DSA-65
FALCON-512
SLH-DSA-SHA2-128f

~21KB bundle · off-chain

Compact Receipt

version + flags
verify digest
timestamp

42 bytes · Cachee

↓

QEVM Mainnet

State commitment — standard QEVM transaction

32 bytes

permanent · immutable

32 on-chain + 42 off-chain = 74 bytes. The persistent verification footprint. Full evidence bundle (~21KB) retrievable by hash.

Day One

ACTOR: TREASURY / ISSUER

Issuer commits bond on QEVM ($10M face value)

↓

H33-74 commits: amount + address + timestamp

↓

32 bytes anchored to QEVM chain

Standard QEVM state commitment. No protocol changes required.

Years 1–30

ACTOR: CUSTODIAN · AUDITOR / VERIFIER

CUSTODIAN_APPROVED

Verified at each checkpoint

LIMIT_WITHIN_BOUND

Allocation within policy

CHAIN_OF_ATTESTATION

Every movement attested

30 annual attestations → one Merkle root → one hash. Unbroken chain of custody.

Year 30: Redemption

ACTOR: BOND HOLDER · PAYING AGENT · SMART CONTRACT

PROVES

Valid Contract Address

Valid holder

Maturity reached

Not redeemed

Not disputed

REVEALS

Nothing beyond what the paying agent requires.

The paying agent learns eligibility, then pays according to bond terms — without learning unnecessary portfolio or identity detail. Zero-knowledge proof. No phone call. Mathematical proof.

The Full Lifecycle

Each step produces a 74-byte proof: 32 bytes anchored on QEVM, 42 bytes stored off-chain.

ON-CHAIN — QEVM — 32 BYTES PER EVENT

Issuance

CUSIP + FHE-encrypted amount

32 bytes

Privacy

address + balance

32 bytes

Annual ×30

balance + prior hash

32 bytes each

Maturity

redemption value

32 bytes

Settlement

transfer confirm

32 bytes

State commitment — standard QEVM transaction Each node: 32 on-chain + 42 off-chain = 74 bytes

OFF-CHAIN — CACHEE RECEIPT STORE — 42 BYTES PER EVENT

Receipt + 3 PQ sigs

ML-DSA + FALCON + SLH-DSA

~21KB sig bundle

retrievable by receipt hash

Algorithm flags

enables family rotation

Verifiable without H33

open-source verifier

30 years. One Merkle root. One QEVM commitment. Unbroken proof chain. Trust no one.

Ian is building the first quantum-resistant EVM
with native FHE privacy.

H33 provides the missing verification layer
as an open contribution. Same spirit.

Not a vendor.
The infrastructure that makes it verifiable.

Before You Ask

"74 BYTES SOUNDS TOO SMALL"

74 is the persistent footprint — 32 on-chain, 42 receipt. The full signature bundle (~21KB) lives off-chain, retrievable by hash. 74 bytes is enough to verify. Not enough to reconstruct.

"WHAT IF A SIGNATURE FAMILY BREAKS?"

Algorithm flags byte allows rotation. Flip one bit — disable the broken family. Remaining two provide protection during migration. No reissuance. No downtime.

"WHO HOLDS THE KEYS FOR 30 YEARS?"

Key rotation is supported — re-sign under new keys without breaking the attestation chain. Each rotation is itself attested. The privacy chain is self-describing.

"WHAT IF H33 DISAPPEARS?"

The 32 bytes on QEVM are permanent regardless. The verifier crate is open source (Apache 2.0). Anyone can verify without H33. The proof outlives the company.

"HOW DOES ZK REDEMPTION WORK?"

ZK-STARK proves “I hold a valid CUSIP, maturity reached, not redeemed” without revealing identity, position size, or portfolio. Paying agent gets a boolean: eligible or not.

"WHY ON-CHAIN AND NOT A DATABASE?"

QEVM provides quantum-resistant immutable timestamping. A database can be altered. A quantum-secured chain can’t. The bond proof outlives any single institution.

The Cryptographic Layer Bonds on QEVM Were Waiting For.

Bonds on QEVM become auditable across issuance, custody, and redemption — without trusting a database, a validator, or H33 itself.

Eric Beans · CEO · H33.ai, Inc.

eb@h33.ai

Patent Pending #19/645,499

Anchored on QEVM — verifiable by anyone