All editions · AI Research Edition
Your Community, Your AI — CC BY 4.0The Horizon — Near-Term Technology and the Sovereignty Case
The first five articles inventoried the system as it runs today. This one looks a little further out — at a technology that is not yet in the inference or records path but is close enough that a decision about long-lived data should account for it. These are not predictions. They are briefings, each following one shape: what the thing is, why it matters to a sovereign inference and records stack, what actually changes, what a controlled platform does about it, what you can ask, and how certain any of it is. The article grows as new technologies come over the horizon. Today it carries one briefing. (Terminology is defined in the glossary.)
Last reviewed: July 2026.
Briefing 1 — Quantum computing and the encryption question
What it is
A quantum computer is not a faster classical machine. It is a different computational model that exploits superposition and interference to run a narrow class of algorithms with complexity no classical machine matches. Two results bear on cryptography. Shor's algorithm factors integers and computes discrete logarithms in polynomial time — which breaks RSA and elliptic-curve public-key cryptography outright. Grover's algorithm gives only a quadratic speedup against symmetric ciphers and hashes, so it halves the effective key strength rather than collapsing it: AES-256 retains roughly 128 bits of post-quantum security, which is still infeasible to brute-force. The asymmetric primitives are the exposure; the symmetric ones degrade but survive.
Why it matters (for a sovereign inference + records stack)
The records the platform holds — pastoral notes, member details, sealed matters, governance records indexed into the tenant-scoped vector store — rest on encryption at rest and in transit, and on the public-key handshakes that establish transport keys. Shor's algorithm targets exactly the asymmetric layer that negotiates those keys. A cryptographically-relevant quantum computer does not yet exist at the scale required, and yet the exposure is already present: anything that must stay confidential for a decade is within the window of the problem below.
The threat: harvest now, decrypt later
The driver is not the machine's arrival but the recording that precedes it. An adversary captures encrypted traffic and stored ciphertext today and retains it, decrypting once a capable quantum computer exists. Confidentiality that holds now can be broken retroactively. For a records stack whose contents must remain sealed for years, the relevant clock is not "when does the machine arrive" but "how long must this stay secret" — and much of what the platform holds falls well inside that horizon. This is the live reason to prepare now, before the hardware exists.
What a sovereign platform does about it
The defence is post-quantum cryptography: asymmetric primitives whose hardness does not fall to Shor's algorithm. NIST finalised the first standards in 2024 — ML-KEM (FIPS 203) for key encapsulation, ML-DSA (FIPS 204) and SPHINCS+ (FIPS 205) for signatures. The transitional norm is hybrid key exchange: a classical primitive and a post-quantum one run together, so the session stays secure if either holds.
The platform's posture here is architectural, not yet cryptographic. src/utils/cryptoAgility.js implements algorithm-as-data dispatch: every encrypted or signed value carries its alg field, and decrypt/verify dispatch on that field rather than on a hard-coded assumption. The supported set is currently ['AES-256-GCM', 'ChaCha20-Poly1305'] for encryption and ['Ed25519', 'ECDSA-P256'] for signing — strong classical primitives. Post-quantum identifiers (ML-KEM-768, ML-DSA-65) are reserved in the module but deliberately unimplemented: calling them raises NotImplementedError, with hybrid-PQ paths marked as Phase 2 work. The module's stated design goal is that "migration to hybrid post-quantum primitives becomes a config change, not a code rewrite." So the accurate claim is narrow: current primitives are strong classical, the PQ migration is planned via the agility layer, and it is not yet switched on. The platform is not post-quantum today; it is built so that becoming post-quantum does not require re-engineering the storage and signing paths.
The sovereignty point is the timeline. An operator controlling its own infrastructure migrates on its own schedule and can state when it has. A tenant on rented Big Tech infrastructure waits on a vendor whose priorities are not the tenant's, and may not be told when — or whether — the change happens.
What you can ask
Three questions put the matter in the operator's hands, whatever platform is under assessment:
- Is there a migration plan — ideally a date — to hybrid post-quantum key exchange and signatures?
- Is the most sensitive, long-lived data protected against harvest now, decrypt later, and is the current symmetric layer at 256-bit strength?
- Who controls the migration schedule — the operator, or a vendor?
Status and confidence
A cryptographically-relevant quantum computer does not yet exist, and credible estimates for one range from several years to a couple of decades. What is settled: Shor breaks RSA/ECC and Grover only halves symmetric strength; the NIST PQC standards are finalised and available now; and the harvest-now-decrypt-later logic makes preparation a present decision rather than a future one. This is preparedness, not alarm — the same posture the rest of this series takes towards AI. A technology imminently of relevance is worth understanding before it arrives.
Want to operate AI tools well, and under control? Our free courses — Working with Claude and Agents at Work — teach the practical skills. For the full technical architecture behind Village AI, see Village AI — Agentic Governance.
Useful? Share this article, or show a QR code to scan.