Guest Post by Alexander Rogan
As the transition toward post-quantum cryptography accelerates, much of the Web3 security conversation has focused on mathematical resilience. With NIST finalising standards such as ML-DSA, the standardised form of CRYSTALS-Dilithium, the industry is rightly preparing for a future in which classical signature schemes can no longer be assumed durable.
This work is essential. But it addresses only part of the risk surface.
In practice, the majority of high-impact digital asset losses do not arise from broken cryptography. They occur before cryptography ever has a chance to fail, inside compromised execution environments where transaction intent, keys, and wallet state are manipulated upstream of signing.
Where Real-World Losses Actually Occur
Across wallet, exchange, and custody incidents over the past several years, a consistent pattern emerges.
In multiple documented cases, endpoint malware intercepted wallet transaction construction and silently altered destination addresses before the user approved and signed the transaction. The signature was mathematically valid. The blockchain verified it correctly. Funds were transferred exactly as instructed. The loss occurred because the execution environment had been subverted before signing.
In other incidents, exchanges and custodians have disclosed losses attributed to “credential compromise” or “insider abuse”. In these cases, authorised processes accessed private keys or signing material from disk or memory using legitimate access paths. No cryptographic primitive was broken. No exploit of ECDSA or EdDSA was required. The signatures were valid and auditable. The failure lay entirely in uncontrolled execution and data access.
Similar failure modes have appeared in supply-chain attacks against wallet software and browser extensions. Malicious updates or poisoned dependencies introduced unauthorised code into otherwise trusted wallet processes. Transactions were constructed and signed correctly, but under attacker control. Cryptography behaved exactly as designed. Execution trust did not.
These are not edge cases. They represent the dominant loss patterns in Web3 today.
Quantum risk addresses a different surface
Much of the quantum security discourse centres on harvest-now-decrypt-later attacks: adversaries capturing encrypted or signed data today in anticipation of future decryption once large-scale quantum computing becomes practical. This is a genuine concern, particularly for long-lived assets, compliance records, and audit trails.
But this risk exists after signing.
The attacks that drain wallets, empty treasuries, and trigger insolvencies overwhelmingly occur before signing, when transaction intent, keys, or wallet state are manipulated inside compromised runtimes.
Post-quantum cryptography addresses the former. It does not address the latter.
Deterministic Execution Integrity
Abatis approaches this problem from a different direction. Rather than attempting to detect threats or react to anomalous behaviour, it enforces deterministic execution integrity at the operating system level.
In concrete terms, this means applying OS-level policy controls so that only pre-authorised, attestable code paths are permitted to execute, access wallet processes, touch private keys, or modify transaction construction buffers. Code that is not explicitly permitted is unable to run or interact with protected assets, regardless of user privilege or malware context.
This model does not depend on behavioural heuristics, threat intelligence feeds, or post-incident analysis. It prevents entire classes of attack by removing the ability for unauthorised code to execute or access sensitive data in the first place.
Why this Matters in a Post-Quantum World
A wallet can be fully post-quantum at the signature layer and still sign an attacker-crafted transaction if its execution environment is compromised. A quantum-resistant algorithm will faithfully sign whatever data it is given, malicious or otherwise.
Conversely, long-term cryptographic survivability is meaningless if keys, transaction buffers, or wallet state can already be exfiltrated or manipulated today.
True quantum-safe Web3 infrastructure therefore requires more than new mathematics. It requires deterministic control over execution and data access, ensuring that transaction intent cannot be subverted upstream of cryptographic signing.
Post-quantum cryptography secures the mathematics of trust.
Execution integrity secures the reality in which that mathematics is applied.
Without execution integrity, quantum-safe cryptography protects the wrong layer.
Bio — Alexander Rogan is a cybersecurity practitioner and entrepreneur with over two decades of experience working across government, critical national infrastructure, and high-assurance computing environments. He is the CEO of Abatis Security Innovations & Technologies, a Swiss-founded cybersecurity company specialising in deterministic, prevention-first security at the operating system and data layer. His work focuses on execution integrity, data sovereignty, and long-term resilience in systems where failure carries systemic risk, including financial infrastructure, healthcare, and industrial control systems.
0 Comments