Janus Henderson Anemoy Treasury Fund Post-Quantum Migration

The Janus Henderson Anemoy Treasury Fund post-quantum migration question is one of the more consequential open issues in tokenised real-world asset (RWA) infrastructure today. As quantum computing advances from theoretical threat to engineering reality, the cryptographic foundations beneath on-chain funds face a credible medium-term risk. This article examines what the Anemoy Treasury Fund actually is, whether any post-quantum migration plan has been made public, what a migration would technically involve, and what holders or prospective investors can do in the interim to manage quantum exposure across their broader on-chain portfolio.

What Is the Janus Henderson Anemoy Treasury Fund?

Janus Henderson Investors, a global asset manager overseeing roughly $370 billion in AUM, partnered with Anemoy Limited to bring a tokenised short-duration US Treasury bill fund onto public blockchain infrastructure. The product, often referenced as the Anemoy Treasury Fund or the Janus Henderson Anemoy T-bill fund, gives institutional and qualified investors exposure to US Treasury bills through an ERC-20-compatible token recorded on the Ethereum-compatible ledger.

The structure is significant for several reasons:

Regulatory wrapper: The fund operates under a recognised fund structure in the British Virgin Islands, giving it a familiar legal container for institutional capital.
On-chain settlement: Token transfers settle on-chain, aiming to reduce the T+2 friction of traditional fixed-income settlement.
Yield pass-through: Net asset value accrues daily, so token holders receive Treasury bill yield without manually rolling positions.
Institutional access: Unlike retail-facing stablecoin protocols, this product targets sophisticated investors who are already familiar with money-market instruments.

Anemoy itself is a blockchain-native fund infrastructure platform; Janus Henderson provides the investment management expertise and brand credibility. Together they represent one of the most prominent examples of a major asset manager directly embracing tokenised government securities, alongside peers such as BlackRock's BUIDL fund and Franklin Templeton's FOBXX.

---

The Post-Quantum Threat to Tokenised Funds

Before addressing migration specifics, it is worth being precise about the threat model, because "quantum risk" is frequently overstated in marketing materials and understated in technical documentation.

Why Elliptic Curve Cryptography Is Vulnerable

Every standard Ethereum wallet, including those holding Anemoy fund tokens, is secured by the Elliptic Curve Digital Signature Algorithm (ECDSA) over the secp256k1 curve. A sufficiently powerful quantum computer running Shor's algorithm could, in principle, derive a private key from a public key. The implication: any wallet whose public key has been exposed on-chain (which is every wallet that has ever signed a transaction) becomes vulnerable once cryptographically-relevant quantum computers (CRQCs) exist.

Current estimates from NIST and academic researchers place the arrival of a CRQC capable of breaking 256-bit ECC at somewhere between 10 and 20 years away under optimistic assumptions, though the range of uncertainty is wide. The "harvest now, decrypt later" attack vector is a more proximate concern: adversaries can record encrypted data and token transfer signatures today and decrypt them retroactively once quantum hardware matures.

Specific Risks for On-Chain Fund Tokens

For a tokenised fund like the Anemoy Treasury Fund, the quantum attack surface includes:

Investor wallets: If a holder's private key is derived from a public key via Shor's algorithm, an attacker could drain the token balance.
Smart contract admin keys: Multi-sig or single-key admin accounts controlling minting, burning, or NAV updates are high-value targets.
Oracle and transfer-agent signing keys: External signers that push NAV data or approve redemptions could be compromised.
Custodian key infrastructure: The off-chain custodian holding the underlying T-bills may itself rely on classical cryptography for its digital signing workflows.

Each layer requires its own migration strategy, which is why post-quantum migration for an institutional on-chain fund is substantially more complex than simply upgrading a retail wallet.

---

Does the Janus Henderson Anemoy Treasury Fund Have a Public Post-Quantum Migration Plan?

As of the time of writing, there is no publicly announced post-quantum migration roadmap for the Janus Henderson Anemoy Treasury Fund. Neither Janus Henderson's investor communications, Anemoy's technical documentation, nor any regulatory filings reviewed for this article disclose a formal timeline or technical specification for transitioning the fund's cryptographic infrastructure to post-quantum algorithms.

This is not unusual at this stage of the market. The vast majority of tokenised RWA products, including BlackRock BUIDL and Franklin Templeton FOBXX, have similarly made no public post-quantum commitments. The broader Ethereum ecosystem itself does not yet have a deployed post-quantum signature scheme, though Ethereum's core developers have discussed long-term migration paths in Ethereum Improvement Proposals (notably discussions around account abstraction and EIP-7702-adjacent proposals that could facilitate cryptographic agility).

What can be inferred from the public record:

Janus Henderson has a technology innovation programme and has published thought leadership on digital assets, but PQC is not mentioned in available materials.
Anemoy's architecture, as described in its whitepapers, relies on standard EVM tooling, which inherits Ethereum's ECDSA dependency.
The BVI fund structure does not impose any cryptographic-standard obligations on managers at this time.

The absence of a public plan does not imply indifference. Many institutional operators treat cryptographic infrastructure roadmaps as operationally sensitive. It is plausible that internal assessments are underway without public disclosure.

---

What a Post-Quantum Migration Would Actually Involve

Migrating a live tokenised fund to post-quantum cryptography is a multi-layer engineering and legal undertaking. Here is a realistic breakdown of what that process would entail.

Layer 1: Choosing a Post-Quantum Algorithm

NIST finalised its first set of post-quantum cryptographic standards in 2024. The primary standards relevant to digital signatures are:

Algorithm	Type	Signature Size	Key Size	EVM Compatibility
ML-DSA (CRYSTALS-Dilithium)	Lattice-based	~2.4 KB	~1.3 KB	Low (large calldata cost)
SLH-DSA (SPHINCS+)	Hash-based	~8–50 KB	Tiny	Very low (gas cost prohibitive)
FN-DSA (FALCON)	Lattice-based	~0.7 KB	~0.9 KB	Moderate (smaller than Dilithium)
XMSS (stateful hash)	Hash-based	~2.5 KB	Small	Low (stateful complexity)

The challenge for EVM-based funds is that larger signature sizes translate directly into higher gas costs, creating a cost-model problem that does not exist in classical ECDSA. FALCON (FN-DSA) is generally considered the most EVM-compatible NIST PQC candidate because of its comparatively compact signature size, though it introduces implementation complexity due to floating-point arithmetic requirements.

Layer 2: Smart Contract Upgrade

The fund's token contract and any associated transfer restriction logic (investor whitelisting, AML/KYC gates) would need to be redeployed or upgraded to support PQC signature verification. This typically requires:

A proxy upgrade pattern (e.g., UUPS or transparent proxy) if the existing contract is upgradeable.
A new signature verification precompile or library that handles PQC verification on-chain.
Extensive audit by a cryptographic security firm with PQC expertise, which is a narrower market than standard EVM auditors.

If the existing contract is non-upgradeable (immutable), a full token migration with a new contract address is required, which introduces snapshot and redemption coordination complexity.

Layer 3: Investor Key Migration

Every token holder would need to migrate their holdings from a classical ECDSA wallet to a PQC-capable wallet. This is the most operationally intensive step for an institutional fund:

Institutional custodians (Fireblocks, Anchorage, Copper, etc.) would need to support PQC key generation and signing, which none currently do at production scale.
Qualified investors holding tokens in self-custody would need to regenerate key pairs and sign migration transactions within a defined window.
Unclaimed or unresponsive wallets after a migration deadline create a legal and operational problem for the fund administrator.

Layer 4: Oracle and Off-Chain Signer Migration

NAV oracles, transfer agents, and any off-chain signing infrastructure that interacts with the smart contract must also be upgraded. This is arguably easier than investor key migration because it is under direct operational control of Anemoy and its service providers.

Layer 5: Legal and Regulatory Documentation Updates

Fund documentation, including the offering memorandum and subscription agreements, would need to be updated to reflect new technical standards. If post-quantum signing introduces new operational risks (key generation failures, increased transaction costs), those risks must be disclosed.

---

Interim Options for Holders Managing Quantum Exposure

Given the absence of a near-term migration plan, holders of the Anemoy Treasury Fund and similar tokenised RWA products have several practical options to manage quantum risk in the interim.

1. Custodian-Level Controls

Using a qualified institutional custodian rather than self-custody reduces the immediate risk of key compromise through conventional attacks, though it does not eliminate quantum risk. Custodians like Fireblocks use hardware security modules (HSMs) with multi-party computation (MPC) key splitting, which raises the attack barrier substantially for classical adversaries.

2. Wallet Hygiene: Minimise Public Key Exposure

A public key is only exposed on-chain when a wallet signs its first transaction. Wallets that have never signed a transaction (i.e., have only received funds) have not exposed their public key and are therefore less immediately vulnerable to Shor-based attacks. Maintaining a dedicated receiving wallet that only transacts when absolutely necessary reduces the quantum attack surface.

3. Monitor NIST PQC and Ethereum PQC Developments

The Ethereum Foundation has signalled long-term interest in quantum resistance. Staying current with Ethereum Improvement Proposals, particularly those related to account abstraction (ERC-4337) and potential future native PQC support, allows holders to position for migration when the ecosystem matures.

4. Diversify Across PQC-Native Infrastructure

For investors who want active quantum protection today rather than a theoretical future migration, a small allocation to wallets and protocols built with post-quantum cryptography from the ground up is a meaningful hedge. Projects explicitly built on NIST PQC-aligned lattice-based cryptography, such as BMIC.ai, represent this category, offering wallet infrastructure where the signing layer is quantum-resistant by design rather than by future retrofit.

5. Engage the Fund Manager Directly

Institutional investors in the Anemoy Treasury Fund have standing to ask Janus Henderson and Anemoy directly about their cryptographic infrastructure roadmap. Investor relations inquiries that specifically reference NIST PQC standards and Q-day timelines are the most effective lever for accelerating a public disclosure or formal commitment.

---

Broader Industry Context: Where Tokenised RWA Funds Stand on PQC

The Anemoy Treasury Fund is not an outlier in lacking a public PQC plan. A survey of leading tokenised RWA products reveals a consistent pattern:

Fund / Product	Chain	PQC Public Roadmap	Notes
Janus Henderson Anemoy T-bill	Ethereum	None public	BVI structure, ERC-20
BlackRock BUIDL	Ethereum	None public	Securitize transfer agent
Franklin Templeton FOBXX	Stellar / Polygon	None public	Oldest tokenised fund
Ondo Finance OUSG	Ethereum	None public	DeFi composability focus
Superstate USTB	Ethereum	None public	On-chain nav verification

The industry-wide absence of public PQC roadmaps reflects the current maturity level of both quantum computing hardware and post-quantum EVM tooling. Most practitioners view the threat as real but not imminent enough to justify the significant re-engineering cost today. That calculus will shift as CRQC timelines compress and regulatory guidance on cryptographic standards begins to emerge from bodies like the SEC, FCA, and IOSCO.

---

Key Takeaways

The Janus Henderson Anemoy Treasury Fund is a leading tokenised T-bill product but has no publicly disclosed post-quantum migration plan.
The core vulnerability is the EVM's dependence on ECDSA, which is broken by Shor's algorithm on a sufficiently powerful quantum computer.
A full migration would span five layers: algorithm selection, smart contract upgrade, investor key migration, oracle migration, and legal documentation.
FALCON (FN-DSA) is the most EVM-compatible NIST PQC candidate, but gas cost and implementation complexity remain real barriers.
Interim strategies include custodian-level MPC, minimising public key exposure, monitoring Ethereum PQC proposals, and diversifying into quantum-native infrastructure.
The absence of a plan is an industry-wide issue, not specific to Anemoy, but it is a legitimate due diligence consideration for long-duration institutional holders.

Frequently Asked Questions

Does the Janus Henderson Anemoy Treasury Fund have a post-quantum migration roadmap?

No. As of the time of writing, Janus Henderson and Anemoy have not publicly disclosed any post-quantum migration timeline, technical specification, or formal commitment. This is consistent with the broader tokenised RWA industry, where no major fund has yet published a PQC roadmap.

Why does post-quantum cryptography matter for an on-chain Treasury fund?

The fund's tokens are secured by standard Ethereum ECDSA cryptography. A cryptographically-relevant quantum computer running Shor's algorithm could theoretically derive private keys from exposed public keys, allowing an attacker to transfer tokens without authorisation. This affects investor wallets, smart contract admin keys, and oracle signing infrastructure simultaneously.

Which NIST post-quantum algorithm is most suitable for EVM-based funds?

FALCON (standardised as FN-DSA) is generally considered the most EVM-compatible NIST PQC signature scheme because its signature sizes (~0.7 KB) are significantly smaller than alternatives like ML-DSA (Dilithium) or SLH-DSA (SPHINCS+). Smaller signatures mean lower on-chain gas costs. However, FALCON introduces floating-point arithmetic complexity that requires careful implementation.

What is the 'harvest now, decrypt later' risk for tokenised fund holders?

Adversaries can record signed blockchain transactions today and store them for future decryption once quantum hardware matures. For tokenised fund investors, this means historical transaction signatures are already potentially at risk, even though no quantum computer capable of exploiting them exists yet. This is why long-duration holders should monitor PQC migration developments proactively.

Can I reduce my quantum risk while holding Anemoy fund tokens today?

Partially. Using a qualified institutional custodian with MPC/HSM key management raises the barrier against conventional attacks and adds operational complexity for a quantum attacker. Keeping a dedicated wallet that minimises on-chain transaction signing also limits public key exposure. However, there is no way to make a standard ECDSA wallet fully quantum-resistant without a protocol-level migration.

Is post-quantum migration a near-term or long-term concern for tokenised RWA holders?

Most credible estimates place cryptographically-relevant quantum computers 10 to 20 years away under optimistic assumptions. The near-term risk is the harvest-now-decrypt-later vector rather than live key theft. However, institutional investors with long-duration positions and large balances have a stronger incentive to demand PQC roadmaps from fund managers sooner rather than later, given that migration lead times are themselves measured in years.