QNSP
Start building free
Why QNSP
The Quantum ImperativeWhy QNSPPQC Migration GuideCompetitive AnalysisVet PQC Vendors
Platform
Platform ArchitectureCapabilitiesUse Cases by IndustryKnowledge BaseBlogResearch
Trust
Trust HubCompliance MappingNIST ACVP ConformancePerformance BenchmarksEntropy ChainAlgorithm CatalogSystem Status
Developers
Developer HubUse CasesAI Assistants (MCP)
PricingContactStart building free

Verifiable evidence

Verify every QNSP claim yourself.

QNSP publishes its assurance evidence as live, reproducible, tamper-bound artifacts — not screenshots and not marketing numbers. Each surface below is independently checkable by a procurement officer, an auditor, or an engineer.

NIST ACVP

Live conformance evidence

Server-rendered pass/fail counts for both QNSP PQC providers against the official NIST ACVP test vectors covering FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA). Bound by a SHA-3-256 tamper digest and regenerated every release.

View ACVP evidenceAuditor tool

Evidence-pack verifier

Have a signed JSON-LD conformance evidence pack from a QNSP customer for their SOC 2 / ISO 27001 / FedRAMP work? Independently verify the embedded ML-DSA-44 (FIPS 204) signature against the published QNSP signer registry here.

Open the verifierPerformance

Reproducible benchmarks

Per-algorithm operations-per-second measurements across QNSP's supported KEMs and signatures, published with a reproducible methodology so you can re-run them yourself rather than trust a marketing number.

View benchmarksRandomness

Entropy chain

Documentation of exactly where the randomness consumed by QNSP's PQC operations comes from, with citations to NIST SP 800-90A/B/C. The complement to algorithmic conformance — correct algorithms still need sound entropy.

Read the entropy chain

Why this exists

Algorithmic correctness, not vendor self-attestation

Most PQC vendors ask you to trust a logo. QNSP runs the official NIST ACVP test vectors against both of its independent providers — @noble/post-quantum (pure-JS reference) and @cuilabs/liboqs-native (native-C production engine) — and renders the live pass/fail counts on every page load. The evidence file is SHA-3-256 bound so any tampering is detectable.

This is algorithm validation (the CAVP-style regime), distinct from module-level FIPS 140-3 / CMVP validation. The two are orthogonal; algorithm validation is the prerequisite for the module-level work. QNSP does not claim a CMVP certificate it does not hold — see the honesty caveats on the conformance page.