Toshi PQ1™ — shipping in five colors.
Post-quantum firmware on a production-grade secure element. Keys generated on-chip, signatures produced on-chip, private key material never leaves the hardware boundary.
Watch classic, then post-quantum — on the device screen.
Same challenge, two signing flows. Classic ECDSA completes quickly with a 71-byte signature but leaks no quantum-safety. ML-DSA-87 takes longer and produces a 3309-byte signature, but remains verifiable after cryptographically relevant quantum computers arrive.
The device signs. The verifier checks public output.
The hardware claim is deliberately narrow: private key material remains on-device while the public verification packet can be exported, reviewed, and committed into Memory Blocks.
{
"type": "proofnet_toshi_pq1_signature_packet_v0",
"attesto_type": "hardware_signature",
"device": "toshi-pq1-demo-unit",
"challenge": "Proofnet review challenge",
"challenge_digest": "sha3-512:44aa...91d0",
"proofnet_pq_algorithm": "ML-DSA-87",
"public_key_bytes": 1952,
"signature_bytes": 3309,
"private_key_exported": false,
"verification_result": "fixture_valid",
"public_safe": true
}
Challenge, device, signature, record.
Prepare challenge
A deterministic review message is generated off-device.
Sign on device
The private key stays inside the Toshi PQ1 hardware boundary.
Verify output
Verifier checks public key, signed message, signature, and digest.
Export proof
The hardware proof packet can be stored as a safe review artifact.