Developer platform
Build quantum-secure infrastructure in minutes
First-party SDKs in TypeScript, Python, Go, Rust, and JVM/Android + REST APIs (OpenAPI). Free on every plan. Zero ops overhead. Production-ready from day one.
Quick start
From zero to quantum-secure in 4 steps
Sign up free
Create your account at cloud.qnsp.cuilabs.io and provision your tenant in minutes
Install SDK
SDK install and usage instructions are provided in the documentation portal
Upload your first document
Use QNSP APIs to upload documents with quantum-secure encryption
Build your app
Integrate QNSP into your application with full PQC protection
Most Requested Tier — Dev Team
$1,499/month — designed by the community. CBOM export, quantum readiness reports, 90-day audit retention included from day one.
Request lifecycle
How a QNSP API call flows.
What happens between an SDK call and a tamper-evident audit-ledger entry. The dashed cross-verification branch on signing operations (liboqs + @noble/post-quantum, with provider attestation written into the Merkle ledger) is the architectural choice that sets QNSP apart from single-provider PQC platforms.
Cross-verification logic and audit-chain checkpoint generation are both independently reproducible from the public mirror at github.com/cuilabs/qnsp-public.
Migration build path
How engineering teams move workloads onto QNSP
Most teams start with APIs and SDKs, but the broader migration path is the same: connect sources, discover what exists, then cut workloads over so production trust calls QNSP directly.
Connect sources
Use provider connectors for AWS, Azure, GCP, Vault, and supported APIs. Use QNSP agents where discovery must happen inside private environments.
Discover and inventory
Run discovery before refactoring application code so the migration plan is based on actual keys, secrets, certificates, and cryptographic dependencies.
Switch application trust paths
Update services, CI jobs, agents, and apps to call QNSP KMS, Vault, storage, search, audit, and policy-managed interfaces through SDKs, APIs, and the CLI.
Validate evidence
Use readiness reports plus CBOM, QBOM, and SBOM outputs to verify cutover and prove that production no longer depends on legacy trust systems.
SDK packages
SDKs in TypeScript, Python, Go, Rust, JVM/Android — free on every plan
One package per language, all sharing the same wire contracts: TypeScript (pnpm add @cuilabs/qnsp), Python (pip install qnsp), Go (go get github.com/cuilabs/qnsp-public/sdks/go/qnsp@latest), Rust (cargo add qnsp), JVM/Android (implementation('io.cuilabs:qnsp:0.1.0')).
@cuilabs/qnsp (npm — TypeScript / Node.js)AvailableSingle Node.js / TypeScript package covering all 11 QNSP services (vault, kms, audit, auth, tenant, access, billing, crypto-inventory, storage, search, ai) + webhook verification + activation. Replaces the 11 deprecated per-service @cuilabs/qnsp-*-sdk packages.
qnsp (PyPI — Python)AvailableSingle Python package mirroring the same 11-module surface, plus local PQC primitives (qnsp[crypto] extra → liboqs-python) and webhook verify. Async variant on the v0.4.0 roadmap.
github.com/cuilabs/qnsp-public/sdks/go/qnsp (Go)AvailableSingle Go module with the 11-service surface as sub-packages (qnsp/vault, qnsp/kms, …) + qnsp/crypto via liboqs-go. Concurrency-safe, sync.Mutex'd activation cache, share one *qnsp.Client across goroutines.
qnsp (crates.io — Rust)AvailableTokio-based Rust crate with all 11 services as modules (qnsp::vault, qnsp::kms, …) + qnsp::crypto behind the `crypto` feature flag (oqs 0.11). Client is Send + Sync, cheap to clone via internal Arc.
io.cuilabs:qnsp (Maven Central — JVM / Android)AvailableKotlin SDK with a Java-interop-clean API; all 11 services as sub-clients (qnsp.kms, qnsp.vault, …) + webhook verification. Built on OkHttp — one artifact for Spring/JVM backends and native Android (API 21+). On-device PQC via Bouncy Castle or OS-native.
@cuilabs/qnsp-browser (npm)AvailableBrowser-side PQC primitives bundled with @noble/post-quantum for client-side encryption / signing / key encapsulation. Use this in the browser; use @cuilabs/qnsp on Node.js.
@cuilabs/qnsp-cli (npm)Availableqnsp CLI for scripting, CI/CD, and operational tasks. Wraps the same APIs as @cuilabs/qnsp.
@cuilabs/qnsp-mcp (npm)AvailableModel Context Protocol server exposing QNSP tools to AI assistants (ChatGPT, Claude Desktop, Cursor, Windsurf).
@cuilabs/qnsp-agent (npm)AvailableHost agent for crypto asset discovery and continuous monitoring.
SDK access and full API reference: docs.qnsp.cuilabs.io · npmjs.com/package/@cuilabs/qnsp
API reference
REST API — Edge Gateway
All services accessible via a single edge gateway. Full OpenAPI specifications available in the documentation portal.
https://api.qnsp.cuilabs.io/auth/v1/tenant/v1/billing/v1/storage/v1/vault/v1/kms/v1/search/v1/ai/v1/platform/v1CI/CD Integration
GitHub Actions
Workflow templates for SDK usage, API key injection, and PQC audit webhooks.
GitLab CI
Pipeline examples for vault secrets injection and PQC-signed artifact verification.
Jenkins
Shared library examples for QNSP SDK integration and compliance report generation.
CircleCI
Orb examples covering auth, storage upload, and audit log retrieval.
FAQ
Developer FAQ
Direct answers to the questions developers ask before building on QNSP.
What SDKs does QNSP offer?
QNSP ships first-party SDKs for five languages, one package per language, all sharing the same wire contracts across 11 services: TypeScript/Node (@cuilabs/qnsp on npm), Python (qnsp on PyPI), Go (github.com/cuilabs/qnsp-public/sdks/go/qnsp), Rust (qnsp on crates.io), and JVM/Android (io.cuilabs:qnsp on Maven Central). All are free on every plan.
Is there a free QNSP tier?
Yes. QNSP has a free-forever tier for everyone, with no credit card required. It includes 10 GB of PQC-encrypted storage, 50,000 API calls per month, 20 KMS keys, 25 vault secrets, PQC TLS, and full SDK access. It is intended for evaluation and small projects; paid tiers add vault, SSE-X, and higher quotas.
Resources