XRP Certified Mail

Blockchain-verified email proof

🛡
ECDSA Vulnerable Quantum Shield Active
XRP transaction signatures are Shor-vulnerable, but this tool's Quantum Shield adds a hash-based proof layer that does not depend on ECDSA. See how it works →
Certify Email
Certified Receipt
TX Hash
Content Hash
Timestamp
Explorer View on XRPL Testnet
Testnet Wallet
Address
Seed
Balance

Testnet only. Do not use for real funds.

Verify Receipt
Verification Result
TX Hash
Content Hash
Timestamp
Explorer View on XRPL Testnet
Quantum Security Assessment

This tool demonstrates a real-world quantum vulnerability. The same cryptographic weakness that threatens Bitcoin transaction signing also affects XRP Certified Mail — and every blockchain system built on elliptic curve cryptography.

Quantum Safe
Content Proofs (SHA-256)
Grover's Algorithm provides only a quadratic speedup (2256 → 2128). Your email content hashes remain trustworthy in a post-quantum world.
Vulnerable
Transaction Signatures (ECDSA)
Shor's Algorithm breaks elliptic curve discrete logarithms in polynomial time. XRP's secp256k1 signing keys could be derived by a sufficiently powerful quantum computer.

What This Means in Practice

SAFE
The proof of what the email said — SHA-256 hashes survive quantum attacks. You can still prove the exact content, recipient, and timestamp.
AT RISK
The proof that YOU sent it — ECDSA signatures could be forged. Someone with a quantum computer could create fake transactions that appear to come from your account.
WATCH
The ledger's integrity itself — if signing keys can be forged, the trust model of the entire ledger changes. This affects every blockchain using ECDSA.

The Bigger Picture

This is not a theoretical problem limited to certified mail. The same ECDSA vulnerability affects:

Bitcoin
Ethereum
XRP Ledger
🔒
All ECDSA chains

I built this tool to demonstrate a practical use case — and then discovered it has the exact quantum vulnerability my research lab studies. That's the point: post-quantum risk isn't abstract. It shows up in real tools people build today.

Our Solution: Quantum Shield

Rather than just documenting the problem, this app implements a working fix. When you certify an email, you get two independent proofs — one classical, one quantum-resistant.

Classical Proof
XRP Ledger transaction
ECDSA signed (secp256k1)
✗ Shor-vulnerable
+
Quantum Shield
SHA-256 + HMAC hash chain
No elliptic curve math
✓ Quantum resistant
How the Shield Hash Chain Works
1 Bind — SHA-256(content_hash + timestamp + nonce)
2 Separate — SHA-256(layer_1 + "quantum-shield-v1")
3 Seal — HMAC-SHA256(layer_2, server_secret)

No elliptic curves. No discrete logarithms. Nothing Shor's Algorithm can break. Even if XRP transaction signatures are compromised, the Shield provides a secondary record of the message content that does not depend on elliptic curve cryptography. Note: the Shield is a server-side proof — it requires trust in the certifying server, unlike the blockchain proof which is publicly verifiable.

After Quantum Computers Arrive
Content proof survives — SHA-256 hash of the email is quantum-safe
Server-side timestamp record preserved — bound into the hash chain, not dependent on ECDSA
Shield verification works — the /verify-shield endpoint uses only hash-based crypto (requires trust in the certifying server's secret)
Sender identity proof breaks — ECDSA signatures can be forged (awaiting ledger-level PQC)
Try it now: Go to the Certify tab and send a test email. You'll see both the classical receipt and the green Quantum Shield certificate in your results.

What's Next

ML-DSA signatures — when NIST FIPS 204 libraries mature, add post-quantum digital signatures for sender identity proof
Hybrid proof mode — ECDSA + ML-DSA dual signatures so the proof is valid under both classical and quantum threat models
Ledger-level PQC — when XRP and other chains adopt post-quantum signature schemes, integrate natively
Crypto-agility — the Shield is designed to swap hash algorithms without changing the proof structure
Explore the Research

The Quantum Shield is part of a broader independent research project on post-quantum migration for digital assets.

Quantum Security Lab Bitcoin Exposure Tester View Source on GitHub

How It Works

  • Email content is hashed with SHA-256
  • The hash is written to an XRP Ledger transaction memo
  • The transaction hash becomes your certified receipt
  • Anyone can verify by looking up the transaction on the public ledger

Why XRP?

Transactions settle in 3-5 seconds and cost fractions of a cent (typically 10-12 drops, or ~$0.00001). No mining, no waiting, no significant cost.

Open Source

This project is MIT licensed and available on GitHub. Built with FastAPI, xrpl-py, and the XRP Testnet.

For quantum security research, see the Quantum Security Lab.

Security Notice

This is an experimental research prototype. It provides a message receipt proof, not full certified mail in the legal or postal sense. It is not production-grade security software. The Quantum Shield provides a secondary proof layer but requires trust in the certifying server. Do not use this system for legally binding certified mail without additional safeguards. Review the source code before relying on any proof.