Skip to content
qproof
About

An applied post-quantum cryptography practice.

We exist because most organisations lack the internal expertise to assess their quantum exposure, educate their staff, and implement post-quantum cryptography — while the regulatory clocks are already running.

How we work

Four principles

They decide what we recommend, what we publish, and what we refuse to oversell.

01

Risk asymmetry, not timeline bets

Our recommendations don't rest on certainty about quantum timelines. They rest on the asymmetry of consequences: migrating early costs engineering overhead — recoverable. Migrating late is unrecoverable. That asymmetry is the basis for everything we advise.

02

Design-level over scanner-deep

Security begins with architecture, not patches. We work upstream of implementation bugs — at primitive selection, hybrid construction, threat modelling, and protocol design — where the decisions that matter are made.

03

Open methodology, earned trust

We publish our methodology as open guidance and our tooling as open source. The framework is open; the credibility is earned through shipped work, transparent findings, and the certificate behind them.

04

Point-in-time honesty

A certificate is a map, not a guarantee. Every assessment is explicitly point-in-time, and every certificate carries that disclaimer. The post-quantum landscape moves; an annual renewal keeps your posture current.

Team

Who you work with

A founding team across strategy, audit methodology, research, and partnerships.

LE

Leon

Founder & CEO

Overall strategy, enterprise engagements, partnerships, and the standards-body and ISO alignment path.

KR

Krzysztof

Co-founder · Technical Lead

Owns the audit methodology and technical direction. Every engagement is led by a senior cryptographer, not a junior running a scanner.

CO

Conor

Co-founder · Head of Content

Owns the research and methodology pipeline — turning what we find in audits into open, citable guidance.

PI

Pietro

Co-founder · Head of Partnerships

First point of contact for new engagements; owns scoping, qualification, and the client relationship.

The landscape

Why now

Not our track record — the state of the field that makes this urgent.

3

NIST PQC standards finalised — ML-KEM, ML-DSA, SLH-DSA

~65%

of human web traffic already post-quantum encrypted (2026)

2030

CNSA 2.0 preference deadline for many systems

Day 0

“harvest now, decrypt later” is already underway

About

Let's make you quantum-ready.

Book a discovery call and we'll show you where you stand.

Secure my organization