Building the Post-Quantum Internet: PHANTOM Protocol

In August 2024, NIST finalized its post-quantum cryptography standards. The primary algorithms:

• ML-KEM (formerly Kyber) — key encapsulation mechanism
• ML-DSA (formerly Dilithium) — digital signatures
• SLH-DSA (formerly SPHINCS+) — hash-based signatures

These are not theoretical proposals. They are production standards. The transition to post-quantum cryptography is no longer a question of "if" — it is a question of which systems will complete the transition before sufficiently powerful quantum computers exist.

The threat model

"Harvest now, decrypt later" attacks are already happening. Nation-state adversaries are collecting encrypted communications today with the intent to decrypt them when quantum computers become available. Encrypted data with long-term sensitivity — medical records, financial transactions, government communications — is at risk from data collected before quantum computers exist.

The internet's security infrastructure — TLS, SSH, PGP, Signal's X3DH, most blockchain cryptography — is vulnerable to Shor's algorithm on a sufficiently powerful quantum computer. The timeline for when such computers will exist is uncertain but the range of expert estimates has narrowed: somewhere between 8 and 20 years.

PHANTOM Protocol architecture

PHANTOM Protocol is a post-quantum secure messaging protocol with an on-chain token economy built on Base L2 (Ethereum L2). The key design decisions:

Hybrid key encapsulation: Rather than replacing X25519 Diffie-Hellman with Kyber-1024 directly, PHANTOM uses a hybrid approach:

K = KDF(X25519(ek_X, dk_X) || Kyber-1024(ek_K, dk_K))

The session key derives from both classical and post-quantum key agreement. This means the protocol is secure against classical adversaries today (via X25519) and against quantum adversaries in the future (via Kyber-1024). Both primitives must be broken simultaneously to compromise a session.

Key sizes: Kyber-1024 public keys are 1568 bytes. Ciphertexts are 1088 bytes. This is larger than X25519 (32-byte keys) but entirely manageable for modern messaging infrastructure. The performance cost is measurable but not prohibitive: key generation takes approximately 1.5ms on modern hardware, encapsulation 1.8ms, decapsulation 2.3ms.

Forward secrecy: Each message session generates fresh ephemeral key pairs. Compromise of long-term keys does not compromise past sessions. This is the same property provided by Signal's Double Ratchet — PHANTOM implements the equivalent using post-quantum primitives.

PHTM token on Base L2: The token economy provides a decentralized mechanism for protocol governance, spam prevention, and incentivized relay node operation. PHTM is an ERC-20 token on Base L2. Token mechanics: users stake PHTM to operate relay nodes, relay nodes earn PHTM fees for message forwarding, staked PHTM can be slashed for provable malicious behavior.

Why this matters for ASI Research Lab

PHANTOM Protocol is not ASI Research Lab's primary research focus — it sits within Monolith 01 as part of the post-quantum cryptographic infrastructure work. The relevance is twofold:

First, the protocol demonstrates that post-quantum cryptographic systems can be built and deployed today, before quantum computers exist. The transition is an engineering problem, not a research problem at this point.

Second, the on-chain architecture provides a template for how ASI Research Lab's future AI agent networks can operate with cryptographically verified, auditable communication between agents — a property that becomes important when multi-agent systems are making decisions with real-world consequences.

The post-quantum internet will exist. The question is whether South Asia's technology organizations will be building it or receiving it. ASI Research Lab is building it.