faq.
what makes PostQ different from other tokens?
most tokens have no real barrier to minting — you pay, you receive. PostQ requires a valid post-quantum digital signature before the smart contract will release any tokens. this makes each mint verifiably tied to a cryptographic operation that would survive quantum computer attacks.
is the signature scheme actually quantum-resistant?
yes. the scheme is based on hash-based signatures, which were standardized by NIST in 2024 (FIPS 205). its security depends only on the collision resistance of hash functions — no mathematical assumptions that quantum algorithms can break. as long askeccak256 holds, the signatures hold.
why not verify signatures directly on-chain?
post-quantum signature verification in Solidity would cost hundreds of thousands of gas per mint. at current prices, that would add ~$10-20 to every mint transaction. instead, the backend runs the full verification off-chain and signs a compact ECDSA attestation that the contract can check cheaply (~5k gas via ecrecover).
what can the backend do (and not do)?
the backend can slow down or refuse to process your mint request. it cannot:
- send your tokens to someone else — your wallet address is inside the signed data
- create tokens beyond the cap — the contract has a hard limit of 5,000,000 public tokens
- change the price — 0.0025 ETH is a constant in the deployed bytecode
- withdraw funds — ETH is forwarded instantly on every mint, the contract never holds a balance
can I reuse my key?
no. each post-quantum public key can only mint once. the contract records every pkHash permanently. if you try to submit the same key twice, the transaction reverts.
what happens when all 10,000 slots are filled?
minting stops permanently. the 10M LP reserve tokens get paired with ETH in a liquidity pool. no more $POSTQ can ever be created — the contract has no admin functions and no upgrade mechanism.
where does my 0.0025 ETH go?
straight to the developer wallet in the same transaction as your mint. there's no treasury, no escrow, no multisig holding funds. the contract processes payment and token delivery atomically.
can I verify my mint independently?
yes. go to the verify page, paste your pkHash, and you'll get the complete cryptographic record: your public key, the signed message, the full signature, and the ECDSA attestation. you can re-run verification using the reference python implementation.
is this a real investment?
no. PostQ is a technical experiment and a meme coin. it demonstrates that post-quantum crypto can gate token distribution on ethereum today. don't spend money you can't lose.