Architecture Showcase: Securing Canton with ML-DSA and Rust TEEs (AetherNet)

The timeline for quantum-cryptographic breaks is accelerating. While the Canton Network provides unmatched sub-transaction privacy and composability, standard node identities and external transaction signatures across the broader ecosystem continue to rely on classical PKI (Ed25519/ECDSA)—frameworks fundamentally vulnerable to Shor’s algorithm.

To address this existential infrastructure risk, the AetherNet architecture has been engineered. AetherNet is a Post-Quantum execution and routing gateway designed specifically to interface with Canton, establishing a mathematically unbroken perimeter for both Agent-to-Agent (A2A) commerce and institutional vault yield routing.

The Architecture

AetherNet operates as an untampered bridge between high-velocity API edge environments and Canton’s distributed ledger, utilizing a Defense-in-Depth model.

Core Protocol Mechanics:

1. Post-Quantum Edge Verification: Incoming transaction intents (secured via Decentralized Identifiers - DIDs) are authenticated at the gateway utilizing ML-DSA signatures. Classically-signed or malformed payloads are dropped at the network edge, preventing compute exhaustion.
2. Hardware-Isolated Execution: Mathematically pure payloads are routed into a Rust-based Trusted Execution Environment (TEE). The enclave acts as an ephemeral, quantum-secure HSM, maintaining absolute isolation of the cryptographic execution context from the host OS.
3. Atomic Canton Settlement: The TEE orchestrates ledger state modifications by interacting directly with the Canton API. It leverages the Daml CreateAndExercise pattern, guaranteeing that complex state transitions (such as institutional escrow creation and unlock) occur in a single, inseparable ledger transaction.
4. Omnichain Oracle Relay: A dedicated Python-based Oracle continuously monitors the Canton gRPC stream for SettledReceipt events. Upon ledger finality, the Oracle extracts the verified Post-Quantum signature and broadcasts the immutable state to off-chain enterprise databases and EVM cross-chain bridges.

Discussion & Feedback

The goal of this architecture is to demonstrate how Canton can serve as the ultimate synchronization layer for a fully quantum-resistant ecosystem—protecting everything from autonomous AI agent identities to massive institutional fund movements.

Would be highly interested in opening a technical dialogue with the Digital Asset engineering team and the broader Canton architect community regarding:

• Native PQC Integration: Are there active discussions or roadmaps for native ML-DSA/Dilithium support within the Canton Sequencer or node identity architecture?
• Attestation Synergy: Feedback on utilizing TEE hardware quotes (e.g., AWS Nitro/Intel SGX) for Attested Key Binding in conjunction with Daml’s deterministic privacy models.

Feedback, critiques, and questions on the architectural flow are highly welcomed.

Thanks for sharing, @rmourey26! Looping in @nycnewman, our CISO, to review your workflow and share his technical insights.

@rmourey26 Good to meet you.

I will take a longer look at the proposal but a quick pass through (including your website), doesn’t suggest this is really securing Canton protocol directly. The perception is that this is an inbound gateway for AI / algorithmic trading and a bridge to off-ledger operational storage (with PQC proofs). It still depends on Canton protocol (which currently uses ECC). Not I understand the reference to a mempool in the diagram.

Canton is pluggable for cryptographic primitives and we are assessing the work to enable PQC (particularly ML-DSA) across the network. I am very aware of Google’s recent announcement of 2029 as a cutover date for PQC and the lively chatter this has produced across many forums. There are several partners who are also proposing a variety of ways to tackle PQC support within the ecosystem. Ideally we uplift all protocol actions (including topology, keys, HSMs, etc) to use PQC.

The potential for TEE is interesting but there continues to be research on various attacks against these solutions and the need for a solution to work across different TEE implementations (not everyone will want to be restricted to AWS Nitro).

@nycnewman, thank you for the initial review and the highly relevant insights. It is incredibly encouraging to hear that Digital Asset is actively assessing ML-DSA for the base protocol. Aligning with the 2029 cutover is critical, and uplifting Canton’s internal topology and key infrastructure to native PQC is the ultimate end-state.

To clarify the architectural positioning: you are entirely correct that AetherNet currently operates as an inbound/outbound execution layer rather than a modification of the Canton sequencer itself. Our objective is to establish a mathematically unbroken, quantum-resistant perimeter around the application layer. This allows enterprise clients to implement PQC at the edge for highly sensitive operational routing today, protecting payloads before they are passed into Canton’s current ECC-based execution environment. More on architecture here: Kronova | The Settlement Layer for the Agent Economy. Live terminal/UI split screen demo: https://youtu.be/4YDlEsNF2-c?si=wGJAMxKMa1_sVpYE

Regarding your points on the vision, TEEs, and the broader competitive landscape:

1. Foresight vs. Reaction

While Google’s recent 2029 announcement has certainly sparked “lively chatter,” AetherNet was not born of this recent news cycle. In November 2021, based on a first-principles assessment of quantum trajectory, I publicly predicted that quantum-cryptographic breaks would arrive significantly faster than the conservative 10-to-15-year estimates held by the industry. This visionary mission has been the North Star of our development long before PQC became a boardroom topic. AetherNet was designed from the ground up to bridge frontier technologies to solve the fundamental friction points in the enterprise world today.

2. The Architectural Moat: Comparison to Kinexys and STARKs

The “Architectural Moat” of AetherNet lies in its ability to deliver Web2 high-frequency cloud latency secured by Web3 cryptographic finality.

• Vs. J.P. Morgan’s Kinexys: While Kinexys (formerly Onyx) is a pioneer in institutional tokenized cash, many legacy institutional frameworks remain vulnerable to the “technical debt” of classical PKI and centralized routing bottlenecks. AetherNet provides an Atomic Finality layer that Kinexys cannot match without significantly re-architecting its core for the post-quantum era.

• Vs. STARK Networks: While ZK-STARKs offer scalability and theoretical quantum resistance via hashing, they often suffer from significant proof-generation latency. AetherNet utilizes a sub-millisecond HFT matching engine inside our TEE to process state transitions in real-time, only then locking the result with ML-DSA Round 3 signatures via our proprietary Micro-KMS.

3. Bypassing the Mempool & MEV Elimination

The “Mempool” reference in our diagram represents an off-ledger Intent Aggregation Queue. In the M2M economy, AI agents generate intents at sub-millisecond velocities. By allowing users to submit encrypted intents directly to our enclave, we completely bypass public RPC nodes. This mathematically eliminates MEV—front-running, sandwich attacks, and mempool latency—which are currently the primary hurdles for institutional DeFi participation.

4. Institutional DeFi & Tokenized Deposits

We are building the foundational economic jurisdiction for enterprise M2M commerce—the SWIFT network of the AI and RWA era.

• Commercial Banks: Our architecture enables banks to tokenize deposits while maintaining the actual capital and “house” completely in-house.

• Omnichain Oracle: Our Oracle extracts PQC-verified state proofs from Canton to facilitate high-frequency settlement for institutional DeFi, serving as a next-gen AMM for protocols like Solv.finance.

• Cloud-Agnostic TEEs: We are strictly cloud-agnostic, utilizing hardware attestation to prove algorithmic fairness without being tethered to AWS Nitro.

5. The Vision: A Post-Quantum Global Synchronizer

Our ultimate ambition in terms of Canton Network is to move beyond the edge. AetherNet could serve as a Post-Quantum Secure Global Synchronizer natively within the Canton Network. By leveraging our hardware-agnostic TEEs and ML-DSA state proofs, we aim to provide a Synchronizer domain where institutional participant nodes can route their Daml Autonomous Escrow Contracts through a sequencing layer that is natively immune to Shor’s algorithm today.

The massive Total Addressable Market (TAM) for AetherNet reflects a proportional growth potential for the Canton Network. We view Canton as the premier privacy and synchronization engine, and AetherNet as the quantum-secure infrastructure that brings the trillion-dollar AI and RWA markets safely onto that engine.

Would love to dive deeper into how DA is conceptualizing the PQC migration for the sequencer and how we might collaborate on a PQC-native Synchronizer pilot.

The current plan is to add native support for PQC algorithms into the core Canton Network services (Support Validator, Validator) and protocol through using the extensible cryptographic API that is already in place. One option is ML-DSA but the team is considering other options, including hybrid schemes. This would upgrade the existing Global Synchronizer for full PQC defense against quantum attacks.

There are details that still need to be worked out but the architecture of Canton abstracts a lot of the cryptographic details from the smart contract execution layer. I expect that more details would appear in early H2 2026. We don’t think this is a significant uplift but further analysis of dependencies (libraries, HSM/KMS, etc) is still ongoing. This will need coordination with many entities across the ecosystem, especially wallet providers, to fully support.