JSPM

quantumguard-mcp

0.1.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 16
  • Score
    100M100P100Q51746F
  • License MIT

QuantumGuard MCP Server - Post-quantum cryptography security tools for AI coding agents. Scan for quantum vulnerabilities, get migration templates, check NIST compliance.

Package Exports

  • quantumguard-mcp
  • quantumguard-mcp/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (quantumguard-mcp) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

QuantumGuard MCP

npm version license downloads

Post-quantum cryptography security tools for AI coding agents. Scan your codebase for quantum vulnerabilities, check NIST compliance, and get migration guidance -- all from within Claude Code, Cursor, or VS Code.

Why QuantumGuard?

NIST finalized its post-quantum cryptography standards in 2024 (FIPS 203, 204, 205). The NSA's CNSA 2.0 mandates quantum-safe algorithms by 2030-2035. The EU requires migration inventories by 2027.

Meanwhile, most codebases are full of ECDSA signatures, RSA key exchanges, and SHA-1 hashes that quantum computers will break. Between $381B and $650B in crypto assets sit in quantum-vulnerable addresses today.

The problem: developers have no fast way to find and fix these vulnerabilities during their normal workflow.

QuantumGuard MCP solves this by embedding 9 PQC security tools directly into your AI coding agent via the Model Context Protocol (MCP). No context switching. No separate audit tools. Just ask your AI assistant to scan.

Quick Start (30 seconds)

Option 1: npx (zero install)

npx quantumguard-mcp

Option 2: Add to your project

Add to .mcp.json in your project root:

{
  "mcpServers": {
    "quantumguard": {
      "command": "npx",
      "args": ["-y", "quantumguard-mcp"]
    }
  }
}

Option 3: Global install

npm install -g quantumguard-mcp

Then add to your MCP config:

{
  "mcpServers": {
    "quantumguard": {
      "command": "quantumguard-mcp"
    }
  }
}

Works with Claude Code, Cursor, and VS Code (any MCP-compatible client).

9 Tools

Tool What it does
pqc_scan_file Scan a single file for quantum-vulnerable patterns (ECDSA, RSA, DH, Ed25519, etc.)
pqc_scan_directory Recursively scan an entire project across 14+ file types
pqc_compliance_check Audit a project against NIST FIPS 202/203/204/205 and CNSA 2.0
pqc_nist_standards_reference Quick reference for all NIST PQC standard parameters
pqc_migration_guide Code templates for ECDSA-to-Dilithium, RSA-to-ML-KEM, SHA-256-to-SHA3 in Rust, TypeScript, and Solidity
pqc_recommend_algorithm Algorithm recommendations based on use case (blockchain, API auth, IoT, government, finance)
pqc_algorithm_comparison Side-by-side comparison of algorithms (performance, key size, security level)
pqc_key_size_comparison Compare key and signature sizes to plan storage/bandwidth impact
pqc_analyze_signature Identify the algorithm from a hex-encoded signature or public key

Usage Examples

Once QuantumGuard MCP is configured, just ask your AI agent in natural language:

Scan for vulnerabilities

"Scan this project for quantum vulnerabilities"

## QuantumGuard PQC Vulnerability Report

**Total findings: 12**
- CRITICAL: 5
- HIGH: 4
- MEDIUM: 3

### PQC-002 [CRITICAL]
- **File**: `src/auth/wallet.ts:42:15`
- **Match**: `ECDSA`
- **Issue**: Elliptic curve signature/key exchange (vulnerable to Shor's algorithm)
- **Fix**: Replace with ML-DSA-65 (Dilithium) for signatures. Use FIPS 204 compliant library
- **CWE**: CWE-327

### PQC-030 [CRITICAL]
- **File**: `contracts/Vault.sol:89:5`
- **Match**: `ecrecover`
- **Issue**: EVM ECDSA recovery/signing - quantum vulnerable wallet operations
- **Fix**: Implement hybrid signing: ECDSA (EVM compat) + ML-DSA-65 (quantum safety)
- **CWE**: CWE-327

Check compliance

"Check if this project is NIST PQC compliant"

Reports pass/fail status for each FIPS standard (202, 203, 204, 205), CNSA 2.0 timeline requirements, and EU quantum-safe regulatory deadlines.

Get migration code

"Show me how to migrate from ECDSA to Dilithium in Rust"

Returns working code templates with before/after examples for your target language (Rust, TypeScript, or Solidity).

Get algorithm recommendations

"What algorithm should I use for a blockchain wallet?"

Returns context-aware recommendations considering your environment (server, browser, mobile, embedded, smart contract) and priority (security, performance, size, balanced).

What's Quantum-Vulnerable vs Quantum-Safe

Category Quantum-Vulnerable Quantum-Safe Replacement Standard
Digital Signatures ECDSA, Ed25519, DSA ML-DSA-65 (Dilithium) FIPS 204
Key Exchange ECDH, DH, RSA ML-KEM-768 (Kyber) FIPS 203
Hash-Based Signatures -- SLH-DSA (SPHINCS+) FIPS 205
Hashing SHA-1, MD5 SHA3-256 FIPS 202
Symmetric Encryption AES-128 AES-256 --
Blockchain Signing ecrecover, eth_sign Hybrid: ECDSA + ML-DSA-65 FIPS 204

Vulnerability Patterns Detected

CRITICAL (broken by Shor's algorithm):

  • ECDSA, Ed25519, EdDSA, RSA, DH, DSA
  • secp256k1, secp256r1, P-256, P-384, curve25519
  • ecrecover, eth_sign, personal_sign, signTypedData

HIGH (weakened by Grover's algorithm):

  • AES-128, SHA-1, MD5
  • ethers.Wallet signing, web3.eth.accounts.sign

MEDIUM (suboptimal for quantum resistance):

  • SHA-256 (reduced from 256-bit to ~128-bit quantum security)
  • keccak256 (pre-FIPS, use SHA3-256 instead)

Supported Languages

Scans files in: TypeScript, JavaScript, Rust, Solidity, Python, Go, Java, C#, Ruby, PHP, YAML, JSON, TOML.

Migration templates available for: Rust, TypeScript, Solidity.

Standards Coverage

Standard Description
FIPS 202 SHA-3 (Secure Hash Algorithm 3)
FIPS 203 ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism)
FIPS 204 ML-DSA (Module-Lattice-Based Digital Signature Algorithm / Dilithium)
FIPS 205 SLH-DSA (Stateless Hash-Based Digital Signature Algorithm / SPHINCS+)
CNSA 2.0 NSA Commercial National Security Algorithm Suite 2.0
NIST SP 800-227 Post-Quantum Cryptography Migration Recommendations

Part of Quantum Shield

QuantumGuard MCP is the developer tool component of Quantum Shield, a post-quantum asset custody protocol using dual NIST signatures (Dilithium + SPHINCS+), a Prover Pool, VRF, and time-locked security.

Contributing

Contributions are welcome. Areas where help is needed:

  • New vulnerability patterns -- especially for languages not yet covered
  • Migration templates -- for additional languages (Go, Python, Java)
  • CI/CD integration -- GitHub Actions, GitLab CI templates
  • Testing -- expanding test coverage for edge cases
git clone https://github.com/kota1026/quantum-shield.git
cd quantum-shield/src/services/quantumguard-mcp
npm install
npm run dev

License

MIT