Technical specification for a post-quantum blockchain protocol with BFT finality, lattice-based cryptography, deterministic fork choice, and production infrastructure.
We present CURS3D, a Layer 1 blockchain protocol designed to provide long-term security against both classical and quantum adversaries. The protocol employs CRYSTALS-Dilithium Level 5 for all digital signatures, SHA-3 for hashing, and a Byzantine Fault Tolerant Proof of Stake consensus mechanism with deterministic finality. The system includes an HTTP REST API for browser integration, a built-in block explorer, Docker containerization, and CI/CD automation. This paper describes the protocol's cryptographic foundations, consensus design, fork choice rule, network architecture, API layer, and security guarantees.
The security of existing blockchain protocols rests on the computational hardness of problems such as integer factorization (RSA) and the elliptic curve discrete logarithm problem (ECDLP). These assumptions are vulnerable to quantum algorithms. Shor's algorithm, when executed on a sufficiently powerful quantum computer, can solve both problems in polynomial time.
CURS3D addresses this threat by building on NIST-standardized post-quantum algorithms from the outset. Every signature in the protocol uses CRYSTALS-Dilithium, whose security relies on the hardness of the Module Learning With Errors (MLWE) problem, believed to be resistant to quantum attack.
CURS3D uses CRYSTALS-Dilithium at NIST security Level 5 (FIPS 204). Dilithium provides EUF-CMA security in both classical and quantum random oracle models with deterministic signatures and approximately 4.6 KB signatures at Level 5.
Dilithium is used for: transaction authorization, block proposal signing, finality vote attestation, height announcement authentication, and equivocation evidence verification.
SHA3-256 serves as the universal hash function: block hash computation (double-hash), transaction hashing, Merkle tree construction, state root computation, address derivation, and validator selection seed generation.
Private keys are stored encrypted with AES-256-GCM. The encryption key is derived using Argon2 (memory-hard KDF). The wallet file contains Argon2 salt (16 bytes), AES-GCM nonce (12 bytes), and ciphertext.
CURS3D uses an account-based state model. Each account stores: balance (u64), nonce (u64), staked_balance (u64), and public_key (Option).
Four transaction types:
Computed by sorting all accounts deterministically by address, serializing each account state, and computing a SHA3-256 hash over the concatenation.
Accounts qualify as validators by staking a minimum amount (default: 1,000 CUR). The validator set is determined by current account state.
Deterministic, stake-weighted pseudo-random selection for each block height:
Validators broadcast FinalityVote attestations (Dilithium signatures over block_hash || block_height). The FinalityTracker checks:
Once finalized, a block and all its ancestors become permanent. The BlockTree prunes non-canonical branches.
Equivocation is provably detectable via EquivocationEvidence containing two valid Dilithium signatures on different block hashes at the same height. Penalty: 33% of staked balance, permanent jailing. Evidence is broadcast via Gossipsub.
CURS3D resolves competing chain tips using a heaviest chain by cumulative proposer-stake weight rule. The BlockTree maintains a DAG of all known blocks with cumulative weight = sum of proposer stakes from genesis.
Blocks below the finalized height are rejected. Pruning occurs when blocks are finalized, bounding memory overhead.
libp2p with TCP transport, Noise encryption, Yamux multiplexing. Each node has a unique PeerId.
Gossipsub with strict validation, 10-second heartbeat, 10 MB max message size (for Dilithium signatures).
mDNS for local networks, explicit bootnode multiaddresses for WAN connectivity.
Signed HeightAnnounce messages trigger sync. 15-second timeout, 3 retries max. Genesis hash verification prevents cross-chain contamination. Block deduplication cache prevents redundant processing.
Automatic detection when conflicting blocks arrive from the same validator. Evidence is constructed and broadcast immediately.
CURS3D runs two API servers concurrently:
The HTTP API provides 10 endpoints:
All responses follow the envelope pattern: {"ok": bool, "data": T | null, "error": string | null}. HTTP status codes reflect the operation result (200 OK, 400 Bad Request, 404 Not Found).
All signatures use Dilithium Level 5 (MLWE hardness). SHA-3 provides 128-bit quantum security via Grover's bound.
Tolerates f < n/3 Byzantine validators (stake-weighted). 2/3+ honest stake ensures finalized blocks cannot be reverted.
Cryptographically provable. 33% slash penalty provides strong economic disincentive.
Attacker needs more cumulative stake than honest chain. Finality prevents both short-range and long-range attacks.
Account nonces must increment with each transaction. Incorrect nonces are rejected.
Blocks must have timestamps between parent timestamp and 30 seconds in the future.
CURS3D provides a multi-stage Dockerfile that produces a minimal production image. The docker-compose configuration launches a 2-node network with automatic bootnode configuration and persistent volumes.
GitHub Actions runs on every push: cargo check, cargo test (46 tests across 16 modules), clippy linting, and rustfmt formatting verification. This ensures code quality and prevents regressions.
The sled embedded database provides crash-safe persistent storage for blocks, account states, and chain configuration. Each node uses an independent data directory.
A built-in web-based block explorer connects to the REST API. It provides real-time chain monitoring, block browsing, account lookup, transaction search, and a testnet faucet.
Native token: CUR. Smallest unit: microtoken. 1 CUR = 1,000,000 microtokens (u64).
Default: 50 CUR per block. Configurable via genesis.
Default: 1,000 microtokens per transaction. Fees are burned.
Minimum stake: 1,000 CUR (configurable). Selection probability proportional to stake. Block rewards provide return on staked capital. Unstaking returns tokens to liquid balance.
33% penalty + permanent exclusion. Expected value of equivocation is strongly negative.
CURS3D demonstrates that a blockchain protocol can be built entirely on post-quantum cryptographic primitives without sacrificing modern Layer 1 properties: deterministic finality, stake-weighted consensus, fork resolution, efficient networking, and production-grade infrastructure.
By adopting CRYSTALS-Dilithium Level 5 and SHA-3 from inception, CURS3D avoids the technical debt of retrofitting quantum resistance. The BFT finality mechanism provides safety under the standard 2/3 honesty assumption, provable slashing holds validators accountable, and the REST API + Block Explorer provide immediate developer accessibility.
The protocol is implemented in Rust and released under the MIT license. Source code: github.com/Pazificateur69/curs3d.