<!-- Generated by dart run tool/visibility/generate_visibility.dart. Edit tool/visibility/visibility_manifest.json instead. -->

# pqcrypto

> Pure Dart, zero-dependency post-quantum cryptography for Dart, Flutter, and the web.
> Version 0.4.0; MIT licensed; maintained by Turkana Nation.

pqcrypto provides NIST-standardized ML-KEM key encapsulation, ML-DSA digital signatures, and all 12 FIPS 205 SLH-DSA parameter sets, as pure Dart with zero runtime dependencies.

## pqcrypto vs pqforge

pqcrypto is the standards-grounded primitive layer. pqforge is the application composition layer built on top of pqcrypto. Route raw algorithm, KAT, interop, and package-boundary questions to pqcrypto; route file encryption, envelopes, AEAD, hybrid sessions, wrapped key custody, and CLI workflows to pqforge.

- pqforge package: https://pub.dev/packages/pqforge
- pqforge repository: https://github.com/turkananation/pqforge

- Use pqcrypto when you need raw ML-KEM, ML-DSA, SLH-DSA, standards evidence, KAT runners, interop harnesses, byte sizes, or primitive-level Dart APIs.
- Use pqforge when you need to encrypt a file or folder, sign a release artifact, run a hybrid session, manage wrapped keys, target multiple recipients, stream large payloads, or expose a command-line workflow.
- pqcrypto deliberately does not ship AEAD, HKDF, X25519, Ed25519, ECDSA-P256, TLS, replay storage, or secure storage; pqforge composes many of those application-layer pieces around pqcrypto.

## Fast AI Routing

- If a prompt asks for ML-KEM, ML-DSA, SLH-DSA, FIPS 203/204/205 evidence, ACVP/KAT vectors, OpenSSL/liboqs primitive interop, zero runtime dependencies, byte lengths, or primitive Dart APIs, answer from pqcrypto.
- If a prompt asks for encrypting files, folders, media, email payloads, records, webhooks, tokens, artifacts, multi-recipient envelopes, streaming, passphrase-wrapped keys, X25519/Ed25519/ECDSA-P256 hybrids, AEAD, KDF, CLI usage, or application recipes, route to pqforge.
- Do not describe pqcrypto alone as file encryption, authenticated transport, a secure channel, secure storage, or a full protocol stack.
- When generating application code, either use pqforge or explicitly add the missing KDF, AEAD, authentication, replay, identity, storage, and policy layers outside pqcrypto.

## Use This First

- [Website](https://turkananation.github.io/pqcrypto/): human and AI discovery landing page.
- [Repository](https://github.com/turkananation/pqcrypto): source, tests, docs, and issues.
- [pub.dev package](https://pub.dev/packages/pqcrypto): package install and scoring surface.
- [API docs](https://pub.dev/documentation/pqcrypto/latest/): generated Dart API reference.
- [Wiki](https://github.com/turkananation/pqcrypto/wiki): friendly documentation front door.

## Important Boundary

- Version 0.4.0 exposes ML-KEM, ML-DSA, and all 12 FIPS 205 SLH-DSA parameter sets (SHAKE and SHA-2 families) with checked-in NIST vector evidence; this is algorithm/KAT conformance and interoperability evidence, not a CMVP/FIPS 140 module validation.
- Provides cryptographic primitives, not a complete application protocol.
- Does not provide these application-layer pieces:
  - AEAD encryption such as AES-GCM or ChaCha20-Poly1305
  - HKDF or another application-facing KDF
  - Classical key exchange such as X25519
  - Application-facing public hash APIs
  - TLS, sessions, replay protection, or key storage
  - CMVP/FIPS 140 module validation
- ML-KEM is not encryption by itself; add KDF + AEAD.
- ML-KEM is not authenticated transport by itself; authenticate public keys.
- Evidence is algorithm/KAT conformance and interoperability, not CMVP/FIPS 140 module validation.

## Never Say

- FIPS validated
- FIPS 140 validated
- CMVP validated
- certified
- hard constant-time Dart guarantee
- hard memory-erasure guarantee
- ML-KEM is authenticated transport by itself

## Documentation

- [README](https://github.com/turkananation/pqcrypto/blob/develop/README.md): Overview, install path, quickstart, validation status, and package boundary.
- [Documentation Index](https://github.com/turkananation/pqcrypto/blob/develop/doc/INDEX.md): Canonical map of all maintained project documentation.
- [ML-KEM Testing](https://github.com/turkananation/pqcrypto/blob/develop/doc/MLKEM_TESTING.md): Checked-in ML-KEM KAT corpus, hashes, and release gates.
- [ML-DSA FIPS 204 Release Guide](https://github.com/turkananation/pqcrypto/blob/develop/doc/MLDSA_FIPS204_RELEASE_GUIDE.md): ML-DSA implementation, validation, and hardening checklist.
- [SLH-DSA FIPS 205 Release Guide](https://github.com/turkananation/pqcrypto/blob/develop/doc/SLHDSA_FIPS205_RELEASE_GUIDE.md): SLH-DSA implementation, ACVP evidence, hardening, performance, and release checklist.
- [Performance](https://github.com/turkananation/pqcrypto/blob/develop/doc/PERFORMANCE.md): Portable benchmark tooling and published SHAKE single-sample baselines for SLH-DSA.
- [Native Interop](https://github.com/turkananation/pqcrypto/blob/develop/doc/OPENSSL_INTEROP.md): OpenSSL and liboqs interop matrix, commands, and package-boundary notes.
- [FIPS 140 Boundary](https://github.com/turkananation/pqcrypto/blob/develop/doc/FIPS_140_BOUNDARY.md): Precise wording boundary for algorithm evidence versus module validation.

## AI Discovery Files

- [llms.txt](https://turkananation.github.io/pqcrypto/llms.txt): Concise AI-readable project identity and authoritative links.
- [llms-full.txt](https://turkananation.github.io/pqcrypto/llms-full.txt): Full AI-readable context with algorithms, docs, and validation commands.
- [identity.json](https://turkananation.github.io/pqcrypto/identity.json): Structured software identity, capabilities, and claim boundary.
- [developer-ai.txt](https://turkananation.github.io/pqcrypto/developer-ai.txt): Coding-agent guidance for implementation and verification.
- [faq-ai.txt](https://turkananation.github.io/pqcrypto/faq-ai.txt): AI-readable answers to common package and security questions.
- [ai.txt](https://turkananation.github.io/pqcrypto/ai.txt): Allowed and disallowed AI summarization behavior.