Model Hub

PQC-signed hypervisor memory attestation framework for AI workloads. ML-DSA signed claims about memory region state, drift detection, pluggable backends for AMD SEV-SNP and Intel TDX. Protects model weights and activations on shared cloud infrastructure. 26 tests passing.

PQC-signed load gate for eBPF programs on AI inference servers. ML-DSA signatures over bytecode, pluggable LoadPolicy with allow-listed signers and size caps, append-only audit log. CLI (pqc-bpf sign/verify/info) for DevOps integration. 31 tests passing.

PQC-hardened framework for encrypted CPU-GPU tensor transfers and driver attestation. ML-KEM-768 channel keys, AES-256-GCM per-transfer encryption with AAD binding, ML-DSA signed driver attestations. Pluggable CUDA/ROCm backends. 24 tests passing.

PQC-native signed-boot framework for AI appliances. ML-DSA-65 firmware signatures, TPM-style measured-boot PCR chain, update-chain with rollback protection, manufacturer key-ring with revocation. Fork U-Boot/GRUB/coreboot to integrate. 31 tests passing.

PQC-native per-tenant KV cache encryption for multi-tenant LLM inference. ML-KEM-768 derived session keys, AES-256-GCM per-entry encryption, strict tenant isolation enforcement, automatic key rotation by entry count or time. Protects against cross-tenant side-channel reads. 34 tests passing.

Immutable filesystem-level audit log for AI inference events. SHA3-256 Merkle segments with ML-DSA-65 signed headers, cross-segment hash chain, O(log n) inclusion proofs, filesystem immutability guards. EU AI Act Article 12 compliance ready. 37 tests passing.

PQC-secured federated learning aggregation. ML-DSA signed gradient updates from clients, verifiable aggregation proofs from server. Pluggable aggregators: FedAvg, FedSum, FedMedian (robust), FedTrimmedMean. Byzantine-resilient. 31 tests passing.

PQC-signed neurosymbolic reasoning ledger. Chain-of-thought steps hash-chained in real time during AI inference, Merkle-rooted, ML-DSA-65 signed. Produces legally defensible reasoning trails that survive quantum transition. 11 StepKinds (thought, observation, hypothesis, deduction, retrieval, tool-call, tool-result, self-critique, refinement, decision, meta). 36 tests passing.

PQC Secure Enclave SDK for on-device AI. ML-KEM-768 key encapsulation + AES-256-GCM encrypted model weights, credentials, adapters, biometric templates. Pluggable backends for Apple Secure Enclave, Android StrongBox, Qualcomm QSEE. ML-DSA device attestation for proof of enclave storage. Protects 5+ year HNDL exposure of on-device weights. 32 tests passing.

PQC Byzantine fault-tolerant consensus for federated AI governance. ML-DSA-65 signed proposals and votes, weighted quorum policy (PBFT 2/3+2/3 default), Byzantine double-vote detection, AuthorizationChain with AUTHORIZE/REVOKE semantics. 9 proposal kinds for enterprise AI oversight. Quantum-resistant DAO for distributed AI trust. 38 tests passing.