New Book: The Bitcoin Economy, Read free online or get your own copy. Read Now Buy on Amazon
Technology

The durable proof layer.

Six proprietary components built on the open Bitcoin Attestation Network protocol. Each runs today. Each is licensed through Blockie Talkie LLC for commercial use.

Identity adapters live: KERI, DID, SPIFFE, Sigstore, C2PA, OpenID4VC, X.509, Proofnet Native · Request identity demo

Where do you start?

Two paths in. One durable proof layer.

Every Proofnet engagement begins with identity. The question is just whether you already have one.

Path A · You don't have an identity system
We provide one.

Pick from several identity systems Blockie Talkie LLC can deploy for you. Each comes fully configured, post-quantum ready, and Memory Block-native from day one:

  • Proofnet Native, ML-DSA-87 keys issued natively under Proofnet primitives. No classical crypto underneath.
  • KERI, KERIpy + witnesses + OOBI infrastructure deployed for you.
  • DID, DIDKit resolver, issuance, and verification pipeline deployed for you.
  • SPIFFE, SPIRE server and agents for workload identity deployed for you.
  • OpenID4VC, issuer, holder, and verifier components stood up for you.

You end up with the full stack. Once identity is running, the rest of the Proofnet extras become available under the same proof record:

Memory Blocks, native replayable record layer
AttestoScript, bounded contract receipts tied to identity
BTCore, service routing bound to node identity
PQTLS, post-quantum transport handshake
Toshi PQ1, hardware ML-DSA-87 custody
Proofnet AI, sovereign reasoning over your verified records
Path B · You already have an identity system
We bridge to it.

Keep running what you have. The AttestoBind bridge verifies the upstream signature, records the exact accepted state, and wraps it under ML-DSA-87 inside Memory Blocks.

Supported upstreams:

KERI DID SPIFFE X.509 Sigstore C2PA OpenID4VC OAuth / OIDC

You get the full stack on top. Once the bridge is verifying your upstream identity, every Proofnet extra becomes available under the same record path:

Memory Blocks, durable proof of accepted identity state
AttestoScript, contract receipts citing your existing identity
BTCore, route your services under bridged identity
PQTLS, PQ transport alongside classical TLS
Toshi PQ1, add hardware custody to existing identities
Proofnet AI, reasoning over your bridged records
Either path, the proof record is the same shape and lives in the same Memory Blocks. Start where you are; the stack above it is the same.
How it works

Proofnet in one paragraph. Then how advanced it really is.

Every identity system, every Bitcoin block, every contract call, every transport handshake produces accepted state, a fact that was true at a moment in time. Proofnet takes that accepted state, canonicalizes it with SHA3-512, signs it with ML-DSA-87 (FIPS 204 post-quantum), and writes it into Memory Blocks as a replayable row. Years later, with no upstream service, no CA, no witness, no resolver, you can still prove exactly what was accepted.

01 · Adapter-neutral proof

One record shape across every identity surface

A single identity_binding record covers KERI, DID, SPIFFE, X.509, Sigstore, C2PA, OpenID4VC, OAuth, and Proofnet Native. Upstream services stay in place; the durable layer is unified. No other protocol normalizes identity into a single post-quantum signed artifact.

02 · Two-mode deployment

Wrap what exists, or embed post-quantum from day one

Wrap mode keeps classical identity and Bitcoin's ECDSA chain in place and adds a PQ record over them. Embed mode issues identity under Proofnet primitives from day one: Proofnet Native, Toshi PQ1 hardware, PQTLS transport, no classical crypto underneath. Same proof shape either way.

03 · Row-committed Bitcoin history

Bitcoin's future, under post-quantum

Bitcoin is a classical system. It signs with ECDSA over secp256k1. Proofnet row-commits Bitcoin blocks into Memory Blocks under ML-DSA-87. When ECDSA eventually breaks, the Proofnet record of accepted Bitcoin history still verifies.

04 · Memory Blocks

The native, replayable record layer

Not a log. Not a blockchain clone. A deterministic row-commitment ledger. Every attesto, identity binding, provenance packet, contract receipt, transport proof, and Bitcoin block commitment becomes a row. Bitcoin anchoring is optional, not load-bearing.

05 · AttestoScript

Contract receipts bound to signer identity

A bounded, deterministic contract runtime. Every receipt cites the caller's identity binding digest, is hashed with SHA3-512, and signed under ML-DSA-87. Auditors replay program, inputs, and identity state to re-derive the same output digest.

06 · BTCore + PQTLS

Service routes and transport under node identity

BTCore route advertisements cite the node's identity binding. PQTLS handshakes bind each session to the same identity under ML-KEM-1024/Kyber-1024 plus ML-DSA-87. The classical CA dependency is removed. Consumers verify the identity before trusting the session.

07 · Toshi PQ1

Hardware ML-DSA-87 custody today

Post-quantum keys generated and held inside a production-grade secure element. Private key material never leaves the device. The first production hardware wallet issuing ML-DSA-87 signatures, shipping on schedule for pre-launch demos.

08 · Proofnet AI

Sovereign reasoning over verified records

A local reasoning model operating directly over the Memory Block record layer. Because every record is deterministic and identity-bound, AI outputs are auditable back to the signer. Not a hosted API; runs on customer hardware against customer-owned records.

The full proof chain, integrated

AttestoBind binding → Memory Block row → AttestoScript receipt citing that binding → PQTLS handshake for the service that issued the receipt → BTCore route manifest the consumer used → Toshi PQ1 signature on the transfer → Proofnet AI reasoning trace.

One continuous proof chain. One post-quantum signature algorithm. One canonical digest. One record layer. Every step is replayable without the upstream services that originally produced it.

What it's not

Not “Bitcoin plus post-quantum theater.” Not a Layer 2. Not a rebranded Merkle-tree notary. Not a blockchain clone. Proofnet is a proof-layer protocol with six licensable implementations on top of an open protocol (the Bitcoin Attestation Network). The FIPS 204 primitives are NIST-final. The adapters are real code, not a roadmap.

Positioning

Different question. Different answer.

Identity layers (KERI, DID, SPIFFE, Sigstore, X.509, OpenID4VC, C2PA)
“Who is this, and what identity state do they claim right now?”

They answer the live question. Identifiers, key rotations, credentials, OOBIs, certificates, signatures, witnesses, receipts. Great at what they do.

Proofnet
“Can we prove, years from now, exactly what state was accepted, whether identity or Bitcoin history, and that the proof has remained unchanged?”

Proofnet answers the durable question for both. Every verified state, whether an identity binding or a Bitcoin block commitment, becomes a canonical record, hashed with SHA3-512, signed with ML-DSA-87, and stored as an attesto in Memory Blocks.

What gets recorded

Your identity layer says: “This subject is controlled by these keys, in this state, right now.”

Proofnet records: “We verified that state. The subject identifier was this. The key material was this. The upstream evidence was this. We signed the verified state with post-quantum crypto and stored it in Memory Blocks.”

Later, if the upstream agent goes offline, a resolver endpoint disappears, a witness or CA network is unavailable, or the identity rotates again, Proofnet can still prove: this exact state existed and was accepted at this point. The same applies to Bitcoin block history that Proofnet row-commits into Memory Blocks.

KERI
AID + KEL replay
DID
Resolved DID document
SPIFFE
Verified SVID
X.509
Validated cert chain
Plain version

Your identity system hands you a signed identity document. Proofnet notarizes that document with post-quantum cryptography, puts its fingerprint into a tamper-resistant record system, and keeps a verification receipt forever.

Even if the original office closes, the record still proves what document you saw and accepted.

The offer: Bring your identity system, or your Bitcoin history. Proofnet makes its verified state durable, post-quantum, and replay-verifiable over time.
Deployment modes

Two paths. Same proof output.

Secure what you already run under post-quantum, or issue identities post-quantum from inception. Both modes produce the same identity_binding packet and land in the same Memory Blocks.

Mode 1 · Classical-wrap

Adapter wrap

Keep what you already run. Add durable post-quantum on top.

Your X.509 chain signed with RSA or ECDSA, your OAuth JWT signed with ES256, your KERI event signed with Ed25519, and your DID document signed with Ed25519 all stay in place. AttestoBind verifies the upstream signature, records the exact identity state accepted, and wraps that record under ML-DSA-87 with a SHA3-512 canonical digest. The classical identity still works in its original system; the Proofnet record is the durable post-quantum layer over it.

Upstream
Unchanged
PQ layer
ML-DSA-87 wrap
Disruption
Zero
Posture
Hybrid-safe
Request wrap-mode demo →
Mode 2 · Native-embed

Post-quantum from inception

No RSA or ECDSA anywhere in the chain.

Issue the identity natively under Proofnet primitives. Proofnet Native adapter, Toshi PQ1 hardware generating ML-DSA-87 keys on-device, PQTLS handshakes without a classical transport under them. Highest assurance, cleanest long-term posture, and the end state most regulated environments eventually need to reach.

Keys
ML-DSA-87 native
Hardware
Toshi PQ1
Transport
PQTLS
Posture
Fully PQ
Request native-embed demo →
Wedge and endgame: Start in wrap mode to cover installed systems today. Migrate new issuance to native-embed over time. Run both in parallel: wrap for legacy, embed for new.
Compatibility & enhancement

Works with the stack you already run. Enhances every layer.

Proofnet is not a replacement. It is a post-quantum layer that binds to whatever primitives your stack already uses and issues a durable signed record alongside. Nothing upstream has to change for the proof layer to start working.

Your classical stack
Proofnet enhancement
Nothing you have to change
TLS 1.3
transport with classical CA chain
→ PQTLS
ML-KEM-1024/Kyber-1024 key exchange, ML-DSA-87 handshake signature, self-authenticated node identity
Drop-in alongside TLS. No CA migration.
RSA / ECDSA / Ed25519
classical digital signatures
→ ML-DSA-87
NIST FIPS 204 lattice signature, wraps the upstream signed state into a PQ-durable record
Upstream signing continues unchanged.
SHA-1 / SHA-256
classical hash families
→ SHA3-512
FIPS 202 canonical digest across every attesto and every Memory Block row
Upstream digest stays visible; the record digest is SHA3.
X.509
certificate chain from a classical CA
→ AttestoBind X.509
chain verified and subject, issuer, serial, fingerprint bound under ML-DSA-87
Your CA stays in charge of issuance.
OAuth / OIDC
JWT tokens, ES256 / RS256 signatures
→ AttestoBind OIDC adapter
token state accepted, claims bound into a signed identity record
IdP login flows keep running.
KERI / DID / SPIFFE
AID, DID document, SPIFFE SVID
→ AttestoBind adapters
KEL replay, resolved document, trust-domain SVID digest all bound as identity_binding attestos
Upstream infrastructure unchanged.
Sigstore / C2PA
software and content provenance
→ AttestoBind provenance
Rekor inclusion proof and C2PA manifest normalized into one PQ-signed packet
Existing signers keep operating.
EVM / Solidity contracts
Ethereum bytecode and ABI
→ AttestoScript
live translation to a bounded deterministic VM, receipts bound to caller identity and signed
Your Solidity source stays source.
Bitcoin blocks
ECDSA-signed transactions on secp256k1
→ Memory Block rows
block header and transaction commitments row-committed under ML-DSA-87
Bitcoin mainnet keeps producing blocks.
Vendor-hosted AI
per-seat SaaS inference calls
→ Proofnet AI
local inference over Memory Block records, identity-bound outputs, HTTP-compatible endpoint
Vendor tools point at your local endpoint.
The rule: your existing stack stays running. Proofnet accepts what it already produces and wraps the accepted state in a record that survives the post-quantum transition. Migration friction is zero because nothing has to migrate.
Bitcoin itself

Bitcoin is a classical system. We secure its future.

Bitcoin today signs transactions with ECDSA over secp256k1, a classical primitive. A sufficiently capable quantum computer breaks ECDSA and every Bitcoin signature with it. Proofnet BTC does not wait for that day; it row-commits Bitcoin blocks into Memory Blocks under ML-DSA-87 so the Bitcoin history you care about stays replayable under post-quantum.

Bitcoin wrap

Row commitments of Bitcoin blocks

The Bitcoin chain is an upstream adapter. Memory Blocks are the durable record.

Each Bitcoin block header, its transaction commitments, and the accepted chain state at commit time become a canonical record inside Memory Blocks. The record is digested with SHA3-512 and signed under ML-DSA-87. If the day comes that ECDSA signatures can no longer be trusted, the Proofnet record of what Bitcoin had accepted up to that point is still post-quantum verifiable.

Upstream
Bitcoin mainnet
Classical
ECDSA secp256k1
PQ record
Memory Block row
Signature
ML-DSA-87
See Memory Blocks demo →
Bitcoin embed

Post-quantum Bitcoin issuance

Quantum-secure transfers that cite the same Bitcoin history.

New Proofnet-native value movement signs under ML-DSA-87 from inception, with Toshi PQ1 hardware custody and PQTLS transport. These transfers cite the Memory Block row commitment of Bitcoin state so they remain provably continuous with the Bitcoin history that seeded them. Bitcoin's classical chain keeps running. Proofnet BTC carries its future forward.

Keys
ML-DSA-87 native
Custody
Toshi PQ1
Continuity
Cites BTC rows
Posture
Fully PQ
See Toshi PQ1 demo →
The same pattern: Bitcoin is just another upstream adapter. Its classical state wraps into durable Memory Block rows. New issuance embeds post-quantum from day one. Identity and Bitcoin share one proof layer.
Identity

Identity & attestation

Identity works with whatever you already run. Attestations commit into a native record layer.

Identity binding

AttestoBind

Post-quantum identity adapter framework

One adapter contract for any identity layer you already use: Proofnet Native, KERI, DID, SPIFFE, Sigstore, C2PA, OpenID4VC, X.509. Every adapter normalizes upstream state into the same identity_binding attesto with the same deterministic digest and the same post-quantum signature. Swap the upstream, the durable proof stays the same shape.

Signature
ML-DSA-87
Digest
SHA3-512
Adapters
8 runnable
Attesto shape
identity_binding
License AttestoBind →
Native record layer

Memory Blocks

Durable attestation history, native, not anchored · AI-ready by default

Every attesto commits into Memory Blocks as the primary record. Finalized blocks become verified local knowledge, training data for on-device AI, and history that survives without depending on any external chain. Classical Bitcoin anchoring is optional.

Proofnet AI · built on top

Proofnet AI is a sovereign local reasoning model that runs directly over the Memory Block record layer. Because every row is deterministic and identity-bound, every AI output is auditable back to the signer. Bundled with a Memory Blocks deployment, no hosted API, no data egress.

Record type
Native
Finality
User-chosen
Anchor
Optional BTC
AI access
Auditable
License Memory Blocks →
Contracts

Smart contracts & routing

Deterministic execution. Deterministic routing. No general-purpose VM, no surprise forks.

Smart-contract VM

AttestoScript

Deterministic contracts · bounded execution

Purpose-built for attested computation: no general-purpose Turing-complete VM, no hidden complexity, no reentrancy surface. Live EVM/Solidity translation lets existing Ethereum contracts run under bounded-execution rules, with BAX and LME intents anchored to the receipt.

Model
Deterministic
EVM translation
Live
Intents
BAX · LME
Receipts
attestoscript_receipt
License AttestoScript →
Service router

BTCore

PQ-authenticated service routing plane

Connects node services, wallets, miners, indexers, and external integrations through a single authenticated routing plane. Every hop carries PQ-authenticated identity. No plaintext internal RPC, no cross-service trust assumptions.

Auth
ML-DSA-87
Routing
Service mesh
Discovery
Peer-based
Transport
PQTLS
License BTCore →
Transport & Hardware

The edges

Self-authenticated transport on the wire. Post-quantum signing on the chip.

Transport

PQTLS

Self-authenticated transport · no CA

Node identity is the certificate. No certificate authority dependency, no web-of-trust bootstrapping, no CA chain validation in consensus. Post-quantum key exchange with ML-KEM-1024/Kyber-1024; ML-DSA-87 signatures on handshake messages.

Key exchange
ML-KEM-1024/Kyber-1024
Signature
ML-DSA-87
CA chain
None
Identity
Self-attested
License PQTLS →
Bootstrap

Verified Relay Mode

HTTPS first contact · PQTLS handoff

Proofnet nodes can start through a standard outbound HTTPS endpoint, verify the signed relay manifest under ML-DSA-87, then hand off to PQTLS and the fastest trusted route available. The relay is a doorway, not an anonymity network or public exit route.

Outer doorway
HTTPS 443
Inner proof
PQTLS
Route policy
Best trusted
Private services
Not exposed
Discuss relay setup →
Hardware wallet

Toshi PQ1 firmware

On-device ML-DSA-87 · keys never leave the chip

Post-quantum firmware for a production-grade secure element. Keys are generated and signatures produced on the chip. The host device never touches the private key material. Jointly built by Anthony & Drew Derbidge.

Base
Production secure element
Signature
ML-DSA-87
Keys
On-device
Status
Functional
License Toshi PQ1 firmware →
Foundations

Post-quantum primitives we use

Every component is built on public, standardized post-quantum cryptography. No home-grown ciphers. No unauthenticated dependencies.

ML-DSA-87
NIST FIPS 204 · module-lattice digital signature algorithm · primary signing primitive across Proofnet BTC.
SLH-DSA
NIST FIPS 205 · stateless hash-based signature · backup signature family for long-horizon identity claims.
ML-KEM-1024/Kyber-1024
NIST-selected module-lattice KEM · post-quantum key exchange used in PQTLS handshakes.
SHA3-512
NIST FIPS 202 · deterministic digest across canonical JSON bindings, Memory Blocks, and attesto records.

Commercial use starts with a conversation.

Tell us what you're building, the scale, and the compliance context. We'll scope licensing and support to match. Government pilots and enterprise deployments welcome.

Request a Demo → View licensing tiers →
Commercial Licensing Inquiry

Request a Demo

Tell us about your organization and what you're building. We'll follow up within one business day to scope a licensed demo or pilot.

info@proofnetbtc.com

Products of interest (check all that apply)
Submitted inquiries go to Blockie Talkie LLC. We respond within one business day.