Commitments
A value is sealed into a binding, hiding commitment. It’s published on-chain; the value is not. Equal amounts produce different commitments.
Technology
The architecture of
The architecture of
verifiable confidentiality.
Qedis keeps values private to their owners and lets a network confirm that every transaction is valid — using mathematics, not trusted hardware. Here’s how the pieces fit together.
Commitments
Zero-knowledge proofs
Post-quantum signatures
Cryptographic disclosure
First principle
Never decrypt. Always prove.
The conventional way to make a ledger private is to encrypt data and decrypt it inside trusted hardware to compute on it — which means your plaintext exists, in memory, inside someone’s enclave, on every transaction. Qedis takes the opposite stance: a value is committed once and never decrypted anywhere. The network operates on commitments and proofs, learning only whether a state change is valid. Confidentiality becomes a property of the cryptography — not a promise about an enclave, an attestation chain, or a master secret.
The primitives
A small, composable cryptographic toolkit.
Each primitive does one job well. Applications compose them into confidential workflows.
Range proofs
Prove a hidden value is a valid, non-negative, in-bounds amount — closing off negative or overflow “inflation” values — without revealing it.
Value conservation
Prove a transfer balances — nothing is created or destroyed — in zero knowledge, so supply integrity holds while amounts stay private.
Set membership
Prove an address belongs to (or is absent from) an allow-list — for KYC or sanctions screening — without exposing the identity behind it.
Post-quantum signatures
Authorisation is built on ML-DSA — a standards-based, post-quantum signature scheme — in a hybrid construction alongside classical signatures.
Cryptographic viewing keys
Disclose exactly what a grant permits to an authorised viewer, who verifies the revealed value against the public commitment. Scoped. Revocable. Provable.
Anatomy of a confidential transaction
Commit. Prove. Verify. (Disclose, if required.)
- 01
Commit
The owner commits to the value off-chain and publishes only the commitment. The plaintext never leaves the owner.
- 02
Prove
They attach zero-knowledge proofs — range, conservation, membership — authorised with a post-quantum signature.
- 03
Verify
The network verifies the proofs natively and atomically, accepting or rejecting the state change. The value is never seen.
- 04
Disclose
When supervision requires it, an authorised viewer opens only what a grant permits and checks it against the public commitment.
Where it runs
Native at the consensus layer — not a contract bolted on top.
Verification runs as native protocol logic, which is what makes the guarantees hold for institutional volumes.
Atomic with finalisation
A confidential operation either commits with the block or reverts entirely — its result is bound to state finalisation, with no partial or dangling effects.
Deterministic across validators
Verification is deterministic: every honest validator reaches the same result, so confidential transactions reach consensus like any other.
Native execution speed
Proof verification runs in native code at the protocol layer rather than as interpreted contract bytecode — the difference between viable and unusable at scale.
No enclave · no master secret
There is no trusted-hardware component and no single secret whose compromise could unwind confidentiality. Privacy rests on the mathematics alone.
Post-quantum posture
Built for the post-quantum era — honestly.
Authorisation and attestation are post-quantum today: signatures use ML-DSA in a hybrid construction, so a forgery requires breaking both the classical and the post-quantum scheme. Confidential-value proofs use well-studied classical cryptography now, with a clear migration path to fully post-quantum, hash-based confidentiality on the roadmap. We say “post-quantum-ready,” never “quantum-proof” — and we’re precise about which layer is which.
Deploy anywhere
Substrate-agnostic by design.
Qedis is built to integrate at the consensus layer of different ecosystems rather than being locked to one network — so the same confidentiality guarantees travel with you. A reference integration targets the Avalanche ecosystem, with the core designed to port across EVM and non-EVM substrates.
Evaluate Qedis for your network.
Technical deep-dives are available to qualified institutions and ecosystem partners under evaluation agreement.
partnerships@qedis.io