Model Hub

ML-DSA authenticated transport layer for Model Context Protocol (MCP) servers. Quantum-resistant agent-to-tool connections with per-call signing and session-level mutual authentication. Open source, 29 tests passing.

Sign and verify RAG document chunks with ML-DSA at ingestion and retrieval time. Prevents vector database poisoning attacks on enterprise RAG pipelines. Open source, 43 tests passing.

GitHub Action + CLI that scans code for classical cryptography (RSA, ECDSA, ECDH, DH, Ed25519, MD5, SHA-1) and suggests PQC replacements. Supports Python, JavaScript, Go, Rust, Java, C/C++. SARIF output for GitHub code scanning. Open source, 43 tests passing.

PQC-native C2PA-compatible content provenance for AI outputs. Sign every LLM/image/audio output with ML-DSA so its origin and chain-of-custody remain verifiable after quantum computers exist. Includes pluggable assertions (AI-generated, training data, usage licensing). 34 tests passing.

Quantum-resistant credential vault for AI agents. ML-KEM-768 key encapsulation, AES-256-GCM at rest, PBKDF2-SHA256 KDF, ML-DSA-signed audit log. Drop-in integrations for LangChain, AutoGen, CrewAI via secret provider and os.getenv shim. 40 tests passing.

PQC-signed AI Model Bill of Materials. Cryptographically enumerate every model component (weights, training data, fine-tuning, RLHF, quantization, evals) with quantum-safe ML-DSA signatures. SPDX-2.3 export/import. Diff utility for model version audits. 28 tests passing.

Merkle-tree commitments for AI training datasets using SHA3-256 + ML-DSA. Prove what a model was trained on without revealing the data. Inclusion proofs are O(log n) and publicly verifiable. Survives the quantum transition for the 15-20 year shelf life of training data. 29 tests passing.