Quantum Security Marketplace for Claude Code
Your codebase is not quantum-secure. Fix it today.
Classical cryptography -- RSA, ECDSA, ECDH, DH -- is broken by quantum computers. Not theoretically. Not someday. The math is settled, the standards are published, and adversaries are already harvesting your encrypted data to decrypt later. NIST finalized post-quantum cryptography standards in August 2024. The migration window is open. Start now.
The Threat
Harvest Now, Decrypt Later (HNDL): Nation-state adversaries are intercepting and storing encrypted communications today, waiting for quantum computers to break the encryption. If your data has value for more than 3-5 years, it is already at risk.
Timeline: Most estimates place cryptographically-relevant quantum computers at 2028-2035. Enterprise cryptographic migrations historically take 5-15 years. If you haven't started, you are already behind.
Read the full analysis: docs/urgency.md
Available Plugins
quantum-secure (v0.1.0)
One-command post-quantum migration for any codebase.
/quantum-secure full
What it does:
- Scans your codebase for classical cryptography vulnerable to quantum attack
- Migrates to NIST post-quantum standards (ML-KEM, ML-DSA, SLH-DSA)
- Validates the migration -- checks completeness, builds, and runs tests
Supports: Python, JavaScript/TypeScript, Go, Rust, Java, C/C++, C#, Ruby, PHP, Swift, Kotlin -- and any future language via FFI bindings to liboqs.
NIST Standards:
| Standard | Algorithm | Replaces |
|---|
| FIPS 203 | ML-KEM | RSA key exchange, ECDH, DH |
| FIPS 204 | ML-DSA | RSA signatures, ECDSA, EdDSA |
| FIPS 205 | SLH-DSA | Signatures (conservative hash-based fallback) |
Full plugin documentation
Installation
1. Add the Marketplace
Add to your Claude Code settings (~/.claude/settings.json):
{
"extraKnownMarketplaces": {
"quantum-security": {
"source": {
"source": "github",
"repo": "joestein/quantum-security"
}
}
}
}
2. Install the Plugin
/install quantum-secure@quantum-security
3. Run It
/quantum-secure scan # Assess your exposure (read-only, safe)
/quantum-secure full # Full migration pipeline
Documentation
How It Works
The quantum-secure plugin orchestrates three specialized AI agents:
/quantum-secure full
│
▼
┌──────────────┐ Findings ┌──────────────┐ Report ┌──────────────┐
│ SCANNER │ ──────────────▶ │ MIGRATOR │ ────────────▶ │ VALIDATOR │
│ (read-only) │ │ (writes code) │ │ (read + test) │
└──────────────┘ └──────────────┘ └──────────────┘
│ │ │
Detects RSA, Rewrites to ML-KEM, Re-scans, builds,
ECDSA, ECDH, ML-DSA, SLH-DSA. runs tests, flags
DH, AES-128, Adds PQC libraries. custom code for
MD5, SHA-1... Writes FFI bindings security audit.
when needed.
Each agent has deep knowledge of:
- 10+ programming languages and their crypto idioms
- NIST FIPS 203/204/205 algorithm specifications and parameter sets
- PQC library ecosystem across all major languages
- Hybrid migration patterns for TLS and protocol contexts
Why This Marketplace Exists
The cryptographic community has done its part -- the standards are published, the reference implementations are available, and major tech companies are deploying PQC in production. But most codebases still run entirely on classical crypto. The gap is not knowledge -- it's action.
This marketplace exists to close that gap. One command. Any language. Quantum-secure.
Every day you wait is another day of vulnerable data.
Contributing
Contributions welcome. If you'd like to:
devsforge
trailofbits
cosai-oasis
Hainrixz
jeremylongshore
rohitg00