Is Fidelity USD Digital Liquidity Fund-Acc Quantum Safe?
Whether Fidelity USD Digital Liquidity Fund-Acc (FILQ-A) is quantum safe is a question serious institutional investors are beginning to ask as quantum computing timelines compress. FILQ-A operates on distributed ledger infrastructure that, like most blockchain-adjacent products today, relies on classical cryptographic primitives. This article breaks down exactly which cryptographic schemes underpin the fund's operational architecture, where those schemes fail under quantum attack, what migration pathways exist, and how the emerging class of lattice-based post-quantum wallets differs from legacy approaches.
What Is the Fidelity USD Digital Liquidity Fund-Acc (FILQ-A)?
Fidelity's USD Digital Liquidity Fund-Acc (FILQ-A) is a tokenised money-market fund product designed to bring institutional-grade, short-duration USD liquidity onto distributed ledger infrastructure. The fund holds assets such as US Treasury bills and repurchase agreements, with tokenised fund units issued and tracked on a permissioned or public blockchain rail. Institutional participants interact with the fund through custodial wallets and smart-contract settlement layers.
Key structural features relevant to any cryptographic threat analysis:
- Tokenised fund units are recorded as on-chain entries, meaning ownership is enforced by cryptographic key pairs.
- Settlement and redemption instructions are signed transactions broadcast to a ledger validator network.
- Custodial key management relies on the same elliptic-curve or EdDSA schemes used across most enterprise blockchain deployments.
Understanding quantum safety for FILQ-A therefore requires understanding the cryptographic stack that sits beneath those on-chain interactions, not merely the fund's investment mandate.
---
What Cryptography Underpins Tokenised Fund Infrastructure?
Elliptic Curve Digital Signature Algorithm (ECDSA)
ECDSA is the dominant signing scheme on Ethereum-compatible ledgers, which includes most enterprise tokenisation platforms deployed since 2020. When a custodian or fund administrator signs a settlement instruction, that signature is generated using a private key derived from an elliptic curve, typically secp256k1 (Bitcoin, Ethereum mainnet) or secp256r1 (common in enterprise HSM configurations).
Security relies entirely on the computational hardness of the elliptic curve discrete logarithm problem (ECDLP). A classical computer requires sub-exponential but still astronomically large effort to solve this. A sufficiently powerful quantum computer running Shor's algorithm can solve the ECDLP in polynomial time, meaning it can derive a private key from an observed public key.
EdDSA and Ed25519
EdDSA (Edwards-curve Digital Signature Algorithm), specifically Ed25519, is used on several permissioned ledgers including Hyperledger Fabric deployments and Stellar-based tokenisation rails. Ed25519 offers performance advantages over ECDSA but relies on the same underlying mathematical problem: discrete logarithm hardness on an elliptic curve. Shor's algorithm breaks it equally.
RSA in Supporting Infrastructure
Beyond the signing layer, RSA-2048 or RSA-4096 is commonly used in TLS handshakes, certificate authorities, and API authentication layers that sit above the ledger. RSA is based on integer factorisation hardness. Shor's algorithm also solves integer factorisation in polynomial time, making every RSA key pair in the supporting infrastructure similarly exposed.
Symmetric Encryption (AES-256)
AES-256, used for encrypting data at rest and in transit, is vulnerable only to Grover's algorithm, which provides a quadratic speedup. In practice, Grover's reduces AES-256 security to roughly 128-bit equivalent. The consensus view among cryptographers is that AES-256 remains acceptable post-quantum. This is the one area of conventional crypto infrastructure that does not require urgent replacement.
---
The Q-Day Threat: What Actually Breaks and When?
Q-day refers to the point at which a cryptographically relevant quantum computer (CRQC) becomes operational, capable of running Shor's algorithm against real-world key sizes within practical timeframes.
Current Quantum Computing Landscape
As of mid-2025, the most advanced publicly disclosed quantum processors (IBM Heron, Google Willow) operate in the range of hundreds to low thousands of physical qubits. Breaking 256-bit elliptic curve keys via Shor's algorithm is estimated to require roughly 2,000 to 4,000 logical qubits with full error correction, which translates to millions of physical qubits under current error rates. Most independent research places Q-day somewhere in the 2030–2040 window, though some classified government assessments reportedly skew earlier.
The "Harvest Now, Decrypt Later" Attack Vector
A more immediate concern is the harvest-now-decrypt-later (HNDL) strategy. Adversaries with sufficient storage capacity are already intercepting and archiving encrypted data and signed transactions. When a CRQC becomes available, they decrypt or reverse-engineer historical material retroactively. For a tokenised fund, this means:
- Historical transaction signatures could be analysed to reconstruct private keys.
- Long-duration custody relationships established today remain exposed for the entire key lifecycle.
- Regulatory reporting data transmitted under RSA-protected TLS could be decrypted.
For FILQ-A specifically, if fund unit ownership records or redemption instruction histories are archived by a state-level adversary, Q-day converts those archives into actionable intelligence, potentially enabling fraudulent redemption instructions signed with reconstructed private keys.
---
Is FILQ-A Quantum Safe? An Honest Assessment
What Fidelity Has and Has Not Disclosed
Fidelity Investments has published material on its digital asset custody capabilities and its blockchain strategy through Fidelity Digital Assets. As of the time of writing, there is no publicly available disclosure confirming that FILQ-A's signing infrastructure uses NIST-standardised post-quantum algorithms (CRYSTALS-Dilithium / ML-DSA, FALCON / FN-DSA, or SPHINCS+ / SLH-DSA). The absence of such disclosure is not evidence of negligence, but it does mean investors cannot currently verify post-quantum readiness.
Likely Current Cryptographic Profile
Based on publicly available information about the ledger rails used for comparable institutional tokenisation products and standard enterprise HSM configurations, FILQ-A's operational layer almost certainly uses:
| Component | Likely Algorithm | Quantum Vulnerable? |
|---|---|---|
| Transaction signing | ECDSA (secp256r1 or secp256k1) | Yes (Shor's) |
| Validator/node auth | EdDSA / Ed25519 | Yes (Shor's) |
| API / TLS layer | RSA-2048 or ECDH key exchange | Yes (Shor's) |
| Data at rest | AES-256 | Marginally (Grover's, acceptable) |
| Smart contract logic | N/A (logic, not crypto primitive) | N/A |
The conclusion is direct: FILQ-A, as structured on current distributed ledger infrastructure, is not quantum safe in its signing and authentication layers. This is not unique to Fidelity. It applies to virtually every tokenised fund product operating today.
Mitigating Factors
Several factors moderate the immediate risk:
- Institutional custody: Fund units are held through custodial wallets, meaning private keys never reside in retail-grade, exposed environments. HSM-based key management reduces attack surface compared to software wallets.
- Permissioned ledger controls: If FILQ-A operates on a permissioned ledger (rather than Ethereum mainnet), validator sets are smaller and more controlled, limiting exposure vectors.
- Key rotation policies: Regular key rotation limits the window any single public key is observable, partially reducing HNDL risk, though it does not eliminate it.
---
Post-Quantum Migration Pathways for Tokenised Fund Infrastructure
NIST PQC Standardisation (Completed 2024)
NIST finalised its post-quantum cryptography standards in August 2024, publishing three primary standards:
- ML-DSA (CRYSTALS-Dilithium): Lattice-based digital signatures. Recommended for general signing use cases, including transaction authentication.
- FN-DSA (FALCON): Lattice-based signatures with smaller signature sizes, suited for constrained environments.
- SLH-DSA (SPHINCS+): Hash-based signatures. No lattice dependency, highly conservative security assumptions, but larger signature sizes.
For blockchain transaction signing, ML-DSA is the primary candidate for replacing ECDSA. Migration requires changes at the wallet layer, the validator/node layer, and the smart-contract or ledger logic layer.
Hybrid Cryptography as a Transition Strategy
Many security architects recommend a hybrid approach during the transition period: signing transactions with both an ECDSA key and an ML-DSA key, so that security is maintained against both classical and quantum adversaries simultaneously. This increases transaction size and computational overhead but provides a clean migration path without requiring a hard cutover.
Major protocols including the Internet Engineering Task Force (IETF) have published hybrid TLS extensions (RFC drafts for hybrid key encapsulation using X25519 + ML-KEM) along these lines.
What a Full Migration Requires
For a tokenised fund like FILQ-A, a full post-quantum migration would involve:
- HSM firmware upgrades to support ML-DSA or FN-DSA key generation and signing.
- Ledger-layer protocol updates so validators accept and verify post-quantum signatures.
- Smart contract or settlement logic updates to handle new signature formats.
- Re-issuance or migration of existing fund unit tokens to new quantum-resistant addresses.
- Regulator notification and updated offering documentation reflecting changed cryptographic assumptions.
This is a non-trivial engineering programme. For large institutions managing billions in tokenised assets, migration timelines measured in years are realistic.
---
How Lattice-Based Post-Quantum Wallets Differ from Legacy Approaches
The distinction between a classical crypto wallet and a lattice-based post-quantum wallet is architectural, not cosmetic.
The Math Underneath
Classical wallets (Bitcoin, Ethereum, most DeFi) derive security from the hardness of elliptic curve discrete logarithm or integer factorisation. Lattice-based schemes derive security from problems such as Learning With Errors (LWE) or Module Learning With Errors (MLWE), which remain computationally hard even for quantum computers running Shor's or Grover's algorithms. The best known quantum algorithms provide no meaningful advantage against well-parameterised lattice problems.
Key and Signature Size Differences
Lattice-based signatures are larger than ECDSA signatures. An ECDSA signature is typically 64-71 bytes. An ML-DSA (Dilithium) signature ranges from approximately 2,420 to 4,595 bytes depending on the security level. This has implications for on-chain storage costs and throughput, which fund infrastructure architects must account for in capacity planning.
Purpose-Built Post-Quantum Wallets
Projects building wallets specifically around NIST PQC standards, rather than retrofitting existing elliptic-curve codebases, offer a materially different security posture. BMIC.ai, for example, is a quantum-resistant cryptocurrency wallet built natively around lattice-based, NIST PQC-aligned cryptography, designed specifically to protect holdings against Q-day rather than treating post-quantum hardening as an afterthought.
The contrast with legacy wallet infrastructure is stark: legacy wallets require protocol-level forks and complex migration events to achieve quantum resistance, while purpose-built post-quantum wallets begin from quantum-safe primitives by design.
---
What Institutional Investors Should Do Now
Waiting for Q-day to assess exposure is not a sound risk management posture. The HNDL attack vector means that cryptographic exposure is being accumulated right now. Practical steps for institutional investors with exposure to tokenised fund products including FILQ-A:
- Request disclosure: Ask fund administrators and custodians for their post-quantum cryptography roadmap and target migration dates.
- Assess key lifecycle: Understand how long your custody relationship's key pairs will remain in use. Any key observable on a public ledger for more than five years carries meaningful HNDL risk.
- Evaluate hybrid custody options: Custodians offering hybrid classical/post-quantum signing should be evaluated alongside traditional HSM providers.
- Monitor NIST and IETF standards adoption: ML-DSA adoption in enterprise HSM firmware from vendors like Thales (Luna), Utimaco, and AWS CloudHSM is the practical prerequisite for institutional migration.
- Scenario plan for a 2030 CRQC: A 2030 Q-day is within the investment horizon of a five-year fund. Governance frameworks should model this scenario explicitly.
The cryptographic threat to tokenised fund infrastructure is real, the migration tools now exist, and the time cost of delay compounds annually as more signed transactions accumulate in adversarial archives.
Frequently Asked Questions
Is the Fidelity USD Digital Liquidity Fund-Acc (FILQ-A) quantum safe?
Based on publicly available information, FILQ-A's operational infrastructure almost certainly relies on ECDSA or EdDSA-based signing schemes, which are vulnerable to Shor's algorithm running on a sufficiently powerful quantum computer. Fidelity has not publicly confirmed adoption of NIST post-quantum cryptography standards for this product. This does not make FILQ-A uniquely risky compared to peers, as virtually no tokenised fund product has completed post-quantum migration, but it does mean it is not currently quantum safe in its signing and authentication layers.
What is Q-day and why does it matter for tokenised funds?
Q-day is the point at which a cryptographically relevant quantum computer becomes operational and capable of breaking classical public-key cryptography at practical speed. For tokenised funds, Q-day matters because fund unit ownership, settlement instructions, and custody key pairs are all protected by classical cryptography. A quantum computer running Shor's algorithm could derive private keys from publicly observable signatures, enabling fraudulent redemption instructions or unauthorised transfers.
What is the harvest-now-decrypt-later attack and does it affect FILQ-A?
Harvest-now-decrypt-later (HNDL) is an attack strategy where adversaries capture and store encrypted data or signed transactions today, then decrypt or reverse-engineer them once a quantum computer is available. For FILQ-A, this means historical transaction signatures broadcast to a ledger are potentially being archived by sophisticated adversaries. If those signatures are based on ECDSA or EdDSA, a future quantum computer could reconstruct the private keys involved, making HNDL a present-day concern even though Q-day has not yet arrived.
Which post-quantum algorithms does NIST recommend for replacing ECDSA in blockchain applications?
NIST finalised three post-quantum digital signature standards in August 2024: ML-DSA (CRYSTALS-Dilithium), FN-DSA (FALCON), and SLH-DSA (SPHINCS+). For blockchain transaction signing, ML-DSA is the primary candidate to replace ECDSA. It is lattice-based, offers strong security guarantees, and has been widely implemented in cryptographic libraries. FN-DSA offers smaller signatures but more complex implementation. SLH-DSA uses hash-based cryptography with more conservative security assumptions but produces much larger signatures.
How long would it take Fidelity to migrate FILQ-A to post-quantum cryptography?
A full migration would involve HSM firmware upgrades at the custody layer, ledger-protocol updates to accept post-quantum signature formats, smart-contract or settlement logic changes, re-issuance or migration of existing fund unit tokens, and updated regulatory disclosures. For an institution managing billions in tokenised assets, this is a multi-year engineering programme. The key variable is how quickly enterprise HSM vendors including Thales, Utimaco, and AWS CloudHSM ship production-ready ML-DSA support, and how quickly the underlying ledger protocol adopts post-quantum signature verification.
What should investors do if they are concerned about quantum risk in tokenised fund holdings?
Investors should request written disclosure from fund administrators and custodians about their post-quantum cryptography roadmap and target migration dates. They should assess how long their custody key pairs have been and will remain observable on a public or semi-public ledger, since longer exposure increases HNDL risk. Evaluating custodians offering hybrid classical and post-quantum signing is prudent. Governance frameworks for fund holdings with investment horizons extending beyond 2030 should include explicit scenario analysis for a cryptographically relevant quantum computer becoming operational within that window.