ML-DSA-65 (FIPS 204)

What is ML-DSA-65?

ML-DSA-65 (Module Lattice Digital Signature Algorithm, security level 3) is a post-quantum digital signature algorithm standardized by NIST in FIPS 204 (August 2024). It is the successor to Dilithium3 from the CRYSTALS family.

PQSafe AgentPay uses ML-DSA-65 to sign all spend envelopes.

Why post-quantum?

Classical digital signatures (ECDSA, RSA, Ed25519) rely on the computational hardness of problems that quantum computers can solve efficiently (Shor’s algorithm). A sufficiently powerful quantum computer — expected to be practically relevant within 10–15 years — could forge arbitrary signatures for any deployed ECDSA/Ed25519 system.

For payment infrastructure designed to run for years or decades, starting with quantum-resistant signatures is the right architectural choice. Especially for agentic systems that may operate largely autonomously.

Key parameters (ML-DSA-65 / CRYSTALS-Dilithium3)

Parameter	Value
Security level	NIST Level 3 (≈ AES-192)
Secret key size	4,032 bytes
Public key size	1,952 bytes
Signature size	3,293 bytes (6,586 hex chars)
Key generation	~1ms on modern hardware
Sign latency	~2ms
Verify latency	~1ms

Usage in PQSafe

import { generateKeyPair, createSignedEnvelope, verifyEnvelope } from '@pqsafe/agent-pay'

// Key generation (async, ~1-2ms)
const { publicKey, secretKey } = await generateKeyPair()

// Sign an envelope — signature is 6,586 hex chars
const signed = createSignedEnvelope(envelope, secretKey)
console.log(signed.signature.length) // 6586

// Verify
const valid = verifyEnvelope(signed, publicKey)
console.log(valid) // true

Key storage recommendations

Environment	Recommendation
Development	.env file (gitignored)
CI/CD	GitHub Secrets / environment variable
Production (cloud)	AWS Secrets Manager, GCP Secret Manager, Azure Key Vault
Production (on-prem)	HashiCorp Vault with key rotation policy
Self-hosted agent	Encrypted key file + OS keychain integration

Caution

The ML-DSA-65 secret key is 4,032 bytes. If leaked, an attacker can forge spend envelopes for any amount, any recipient, and any time window. Treat it with the same care as a private bank signing key.

Implementation

PQSafe uses the @noble/post-quantum library (by Paulmillr) for ML-DSA-65 operations — a pure-JavaScript implementation with no native dependencies, audited, and widely used in the Web3 ecosystem.

// Internal implementation reference
import { ml_dsa65 } from '@noble/post-quantum/ml-dsa'

const seed = crypto.getRandomValues(new Uint8Array(32))
const { secretKey, publicKey } = ml_dsa65.keygen(seed)
const signature = ml_dsa65.sign(secretKey, message)
const valid = ml_dsa65.verify(publicKey, message, signature)

Further reading

• NIST FIPS 204 (ML-DSA standard)
• CRYSTALS-Dilithium specification
• @noble/post-quantum on GitHub