FieldHash | Lumenais

The trust gap

Modern records can prove who signed them, but not whether the evidence behind the record was anchored to physically observed execution behavior. That matters for trade documents, compliance packets, AI provenance, public-sector records, and any artifact that must remain credible years after creation.

Post-quantum cryptography is necessary, but it is still an algorithmic trust layer. FieldHash is designed for the missing layer: durable, portable evidence that a protected artifact was bound to measured hardware behavior and can be verified later, including offline.

FieldHash is not a replacement for PQC. It is a second evidence layer: mathematical authenticity plus physics-tethered provenance.

Why quantum matters

The quantum hardware is not decorative and not merely a randomness source. FieldHash uses hardware-executed measurement distributions as the primary verification signal for a Quantum Physical Unclonable Function, or Q-PUF. Those distributions are influenced by backend state, calibration, gate behavior, and noise characteristics, creating device-conditioned fingerprints that classical signatures alone do not provide.

Physical anchor

Quantum measurements add a hardware-conditioned signal to otherwise algorithmic provenance workflows.

Composed defense

Production verification combines statistical policy gates with integrity signatures and profile controls.

Backend agnostic

Users do not need their own quantum computer; FieldHash can call available provider APIs today.

What FieldHash does

FieldHash turns important digital artifacts into offline-verifiable evidence packages. Each certificate binds content hashes, quantum measurement statistics, backend metadata, policy profile, and cryptographic signatures into a portable trust object.

Hash

Bind the artifact with SHA-256/SHA-512 content digests.

Execute

Run a parameterized circuit through simulation or available QPU backends.

Fingerprint

Capture measurement distributions, noise statistics, and distribution digests.

Sign

Bind the evidence package with modern signatures, including post-quantum options.

Verify

Validate the certificate later through versioned standard, hardened, strict, or offline profiles.

Evidence, not assertion

The public evidence package documents real hardware execution, adversarial synthesis benchmarks, adaptive spoofing tests, cost data, and reproducibility materials. The claim boundary is explicit: FieldHash does not claim asymptotic runtime speedup at current scale. It claims security-oriented quantum utility.

HardwareExecuted on IBM Quantum and Quantum Inspire, with auditable job records and reproducibility artifacts.

Standard profileUniform-blend attack accepted in 15/800 trials, a measured soft spot rather than a hidden failure.

Hardened profileThe same attack family was closed to 0/800 under tightened policy settings.

Production gateAdaptive production-gated tests produced 0/5000 successful forgeries per tested model under the no-signing-key assumption.

Where it applies

The first high-impact use case is long-retention document integrity in workflows where trust must survive time, jurisdictional boundaries, and disconnected verification environments.

Trade and supply chain

Preserve tamper evidence for customs, logistics, bills of lading, and high-value cross-organization records.

Compliance evidence

Maintain offline-verifiable integrity for audit packets, regulated artifacts, and long-retention submissions.

AI provenance

Bind generated artifacts, model outputs, and research trails to evidence that survives beyond the application stack.

Critical records

Add a physical provenance layer for institutional evidence where future disputes or degraded trust are expected.

European enterprise posture

For European regulated teams, the practical wedge is not a blanket compliance guarantee or a generic sovereign-AI posture. It is governed evidence: what the AI was allowed to remember, what was rejected or rolled back, which artifacts were signed, and who can verify the trail later.

The enterprise deployment package can support customer-approved model routing, EU-region cloud providers, customer VPC or on-prem infrastructure, named subprocessor review, DPA/SCC support, retention/export/delete controls, and customer-owned audit logs with SIEM/GRC export where configured. Counsel and governance teams still decide compliance; Lumenais and FieldHash supply the evidence trail they can inspect.

Model and hosting control

Route through customer-approved models and deploy in EU-region cloud, customer VPC, or on-prem environments where configured.

Governance review packet

Prepare named subprocessors, DPA/SCC support, retention controls, and evidence ownership for enterprise review.

Audit-log ownership

Keep governed-memory and FieldHash evidence logs customer-owned, exportable, and suitable for SIEM/GRC workflows.

Review support, not legal advice

Provide verifiable evidence for counsel, CISO, and AI-governance teams without claiming legal compliance by default.

Next phase

FieldHash is ready for independent validation and carefully scoped pilots. The next work is not to broaden the claim; it is to harden the proof, expand backend conditions, and quantify impact in real document ecosystems.

Independent third-party red teaming against the Q-PUF verification model.

Larger-shot, multi-backend hardware campaigns to expand the operating envelope.

Domain pilots in trade, logistics, compliance, or critical infrastructure workflows.

Economic and policy impact modeling aligned to SDG 9 and SDG 16.

The goal is practical: stronger digital trust now, using quantum hardware as a measured evidence source rather than waiting for a fault-tolerant future.

Read the proof package

Start with the public evidence package for the preprint, adversarial results, hardware reports, manifests, and reproducibility materials.

Open Zenodo Evidence Return to FieldHash