🛡️ H33: 1.36ms Full Auth • 2,209,429 auth/sec sustained (±0.71% variance) • Zero Data Exposure • k-of-n Threshold • Nested Hybrid Signatures • Ed25519 + Dilithium • NIST L1 → L5 📜 129 Patent Claims Pending • 2,342 Tests Passing📐📐 See test breakdown by module → • 🔒 SOC 2 (In Progress) — 100% via Drata • 🏥 HIPAA Compliant — 100% via Drata • 🌍 ISO 27001 Pending • 🏦 FedNow In Progress

HICS Verified100/100Grade A STARK PROOFDILITHIUM ML-DSA-65Post-Quantum Attested

Quantum computers will break the encryption protecting everything. We built the replacement.

Your data can be processed without ever being decrypted. If your database is breached, attackers get encrypted noise — not names, not SSNs, not medical records. Noise.

Companies convert in minutes through an API — not years at a cost of millions. Encrypted biometrics, fraud detection, key management, zero-knowledge proofs — every layer post-quantum, one stack, one call. The only complete solution in the world.

Post-quantum encryption was supposed to be too slow to deploy. 2,209,429 operations per second.📐📐 Full benchmark suite → 35.25 microseconds per operation. Single ARM CPU. No GPUs. The encryption that protects your data, verifies identity, detects fraud, and signs every transaction — all post-quantum, all in one pipeline, faster than the classical systems it replaces.

3-of-5 threshold decryption📐🔑 Interactive Shamir demo → · 129 patent claims pending · SOC 2 (Expected June 3) · ISO 27001 (Expected June 18) · HIPAA via Drata

📐 See green numbers and copper terms? Click any of them to see the interactive proof behind the claim. Every number on this page is measured, not projected.

Free API Key→ Live Test→ Product Demos→ What Hackers See→ Schedule Demo↗

Read the Docs →

356µs

H0 (Dev)

1.36ms

H33 (128-bit NIST L1)📐🔒 NIST security levels →

5.98ms

H-256 (NIST L5 / 256-bit)📐🔒 NIST security levels →

2.3× / 23.6×

vs SEAL (single / at scale)

Zero Exposure

Guaranteed

±0.71%

Variance (120s sustained)

Blink Test:📐⚡ The blink test → 300ms blink ÷ 1.36ms = ~221 full crypto batches per blink📐⚡ The blink test →. The only auth where your biometric is NEVER decrypted.

Performance Modes v7.0

Mode	Latency	Security	NIST Level
H0	356µs	~57-bit	Dev Only
H33-128 ⭐	1.36ms	128-bit NIST L1📐🔒 NIST security levels →	Zero Exposure
H-256 ✓	5.98ms	256-bit (NIST L5)📐🔒 NIST security levels →	Zero Exposure

H0 (N=1024, Q=27-bit) — classical 128-bit per HE Standard v1.1. Not post-quantum. H33-128 and H-256 are NIST-compliant & HE Standard v1.1 verified:📐🔒 NIST security levels → H33-128 (N=4096) NIST L1 128-bit; H-256 (N=16,384) NIST L5 256-bit.

H0 Dev Mode (356µs) — Dev Only

Encrypt + inner product + single-party decrypt + ZKP Stark Lookup + Dilithium.

BFV Encrypt (N=1024)	~130µs	37%
FHE Inner Product	~48µs	13%
Decrypt (single-party)	~33µs	9%
ZKP Stark Lookup + Dilithium	~145µs	41%
TOTAL	356µs	100%

H33-128 CollectiveAuthority (1.36ms) — 128-bit NIST L1📐🔒 NIST security levels → FHE + Zero Exposure

BFV Encrypt (N=4096, Q=56)📐🔧 Single-modulus explainer →	0.42ms	31%
FHE Inner Product + Rotations	0.26ms	19%
k-of-n Threshold Decrypt (3-of-5 Shamir)📐🔑 Interactive Shamir demo →	0.33ms	24%
H33 ZKP Stark Lookup Prove📐🛡️ STARK lookup breakdown →	2.0µs	<1%
H33 ZKP Stark Lookup Verify	0.2µs	<1%
Dilithium Sign📐✍️ Batch attestation demo →	80.7µs	6%
Dilithium Verify📐✍️ Batch attestation demo →	24.8µs	2%
Encode / Normalize / Other	~0.24ms	18%
TOTAL PIPELINE	1.36ms	Zero Exposure

H-256 CollectiveAuthority (5.98ms) — 256-bit NIST L5📐🔒 NIST security levels → + Zero Exposure

BFV Encrypt (N=16384, Q=216)	~1.5ms	25%
FHE Inner Product + Rotations	~3.1ms	52%
k-of-n Threshold Decrypt (3-of-5 Shamir)📐🔑 Interactive Shamir demo →	~1.3ms	22%
H33 ZKP Stark Lookup Prove📐🛡️ STARK lookup breakdown →	2.0µs	<1%
H33 ZKP Stark Lookup Verify	0.2µs	<1%
Dilithium Sign📐✍️ Batch attestation demo →	80.7µs	1%
Dilithium Verify📐✍️ Batch attestation demo →	24.8µs	<1%
TOTAL PIPELINE	5.98ms	Zero Exposure

ZK Verification (H33 ZKP Stark Lookup)📐🛡️ STARK lookup breakdown →

H33 ZKP Stark Lookup: 2.0µs prove + 0.2µs verify📐🛡️ STARK lookup breakdown → | Cached Verify: 2.09ns (Cachee L1)📐🏎 Cachee L1 cache engine →

128-bit post-quantum. No trusted setup. 497M ops/sec cached throughput.

Blink = 300,000µs📐⚡ The blink test →
H33-128: 300,000 ÷ 1,356 = ~221 full crypto batches per blink📐⚡ The blink test →
H-256: 300,000 ÷ 5,980 = ~50 auths per blink📐⚡ The blink test →
vs SEAL (N=4096): H33 1.36ms vs SEAL 2.85ms = 2.3× faster pipeline + zero exposure

Measured on c8g.metal-48xl (96 cores, AWS Graviton4, Neoverse V2). Criterion.rs v0.5, 100+ samples. February 14, 2026.
Note: H33/H2 upgraded to N=4096 for NIST L1 compliance. Latencies being re-benchmarked.

full-stack-auth.js

// Ship quantum-resistant auth this afternoon

const result = await h33.auth.verify({
  userId: 'user_123',
  biometric: faceData
  // H33-128 default: 1.36ms, 128-bit NIST L1 FHE, zero exposure
});

// Maximum security? One parameter.
const secure = await h33.auth.verify({
  userId: 'user_123',
  biometric: faceData,
  mode: 'h-256'  // n=16,384, Q=216 → TRUE 256-bit NIST L5 ✓
});
            

FREE HICS

Get your free HICS code score.

H33 Independent Code Scoring. Five dimensions. STARK-proven. Dilithium-signed. One command. No account. No data leaves your machine.

brew install h33/tap/hics && hics scan .

Our Score: 100/100 What is HICS? PQ Attestations

The Threat

Your Encryption Has an Expiration Date.

Every RSA key, ECDSA signature, and TLS handshake your company relies on will be broken by quantum computers. The only question is when.

📡

They're Recording You Right Now

Nation-states are capturing your encrypted traffic today. When quantum computers arrive, they decrypt everything retroactively. This is called "Harvest Now, Decrypt Later" — and intelligence agencies have confirmed it's happening.

🔒

Every Key You Trust Is Broken

Shor's algorithm breaks RSA, ECDSA, and Diffie-Hellman. That's your TLS certificates, your API auth, your database encryption, your VPN tunnels. All of it. NIST finalized post-quantum standards in 2024.

📅

Your 2024 Data Is a 2030 Headline

Cryptographically relevant quantum computers are expected by 2028–2032. Data encrypted today has a 5–7 year shelf life. Your M&A communications, customer PII, trade secrets — all readable.

$4.88M

Average cost of a data breach — IBM 2024

Plus regulatory fines, class-action exposure, and customer churn.

2030

Federal PQC migration deadline — NIST

Your compliance clock started in 2024. Are you ready?

"The question isn't whether quantum breaks your encryption. It's whether your data is still valuable when it does."

See How H33 Solves This ↓

Architecture

The Stack Is Ours.

Five proprietary cryptographic engines. Three FHE libraries. Intelligent routing via FHE-IQ. All H33. Zero external dependencies.

Every engine built from scratch — not forked, not wrapped, not dependent on Microsoft SEAL, OpenFHE, TFHE-rs, Concrete, arkworks, or any other library.

Proprietary FHE Engine📐⚙️ Proprietary engine deep-dive →

H33 BFV📐⚙️ Proprietary engine deep-dive →

NIST L1 · 128-BIT POST-QUANTUM📐🔒 NIST security levels →

Complete BFV homomorphic encryption. NTT, Montgomery arithmetic, SIMD batching📐📊 SIMD batch amortization →, 3-of-5 threshold decryption📐🔑 Interactive Shamir demo →. Production default.

1.36ms full auth pipeline

2.3× faster than SEAL

N=4096 · Q=56-bit single modulus📐🔧 Single-modulus explainer →

32 users per ciphertext (SIMD)📐📊 SIMD batch amortization →

Includes H33 Noise Pilot — automatic noise management

Proprietary FHE Engine📐⚙️ Proprietary engine deep-dive →

H33 BFV-256📐⚙️ Proprietary engine deep-dive →

NIST L5 · 256-BIT POST-QUANTUM📐🔒 NIST security levels →

Military-grade BFV for maximum security applications. Multi-limb RNS, full 256-bit lattice security. Still faster than SEAL at any parameter set.

5.98ms full auth pipeline

3.2× faster than SEAL (19.08ms)

N=16384 · Q≤438-bit multi-limb

192-bit security also available

Includes H33 Noise Pilot — automatic noise management

Proprietary FHE Engine📐⚙️ CKKS engine deep-dive →

H33 CKKS📐⚙️ CKKS engine deep-dive →

L1–L5 · APPROXIMATE ARITHMETIC

Floating-point homomorphic encryption. Compute on encrypted real numbers. Chebyshev bootstrapping, fused dot product, scheme switching.

5 operations SEAL can't do

BFV↔CKKS scheme switching📐⚙️ Scheme switching explainer →

Lazy multiply + accumulate

128–256 bit PQ security

Includes H33 Noise Pilot — automatic noise management

Intelligent FHE Routing📐⚡ FHE-IQ deep-dive →

H33 FHE-IQ — Automatic Multi-Backend Routing

NEW · <500ns ROUTING DECISION

One API call auto-selects the optimal FHE backend — BFV-64, CKKS, or BFV-32 — based on data type, security tier, and hardware platform. Two-phase policy router: hard filters + weighted scoring. Zero cryptographic configuration. Powered by H33 Noise Pilot — noise-aware routing across all backends.

Backends

Tiers

<500ns

Routing

Tests

Proprietary ZK Engine📐🛡️ STARK lookup breakdown →

H33 ZKP Stark Lookup📐🛡️ STARK lookup breakdown →

128-BIT POST-QUANTUM · SHA3-256

Precomputed lookup proofs. Fastest for finite state verification — auth, policy, trust scores.

2.0µs prove + 0.2µs verify📐🛡️ STARK lookup breakdown →

No trusted setup required

2.09ns cached verify (Cachee L1)📐🏎 Cachee L1 cache engine →

Proprietary AIR Engine

H33 ZKP-AIR STARK

ALGEBRAIC INTERMEDIATE REPRESENTATION

Polynomial constraint proofs for open-ended computation. Proves execution correctness without precomputing answers.

Goldilocks field + FRI commitments

Fiat-Shamir non-interactive

STARK-IQ auto-routes Lookup vs AIR

Proprietary Biometric Engine📐🧬 Biometrics engine deep-dive →

H33 Biometrics📐🧬 Biometrics engine deep-dive →

L1–L5 · ENCRYPTED MATCHING

Multi-modal fusion pipeline. Face, voice, fingerprint, keystroke, mouse dynamics. LSTM behavioral modeling. All matching on encrypted data.

99.2% attack detection rate📐🧬 Attack detection breakdown →

5 biometric modalities

Liveness + anti-spoofing

Multi-Party Computation📐🔑 MPC threshold deep-dive →

H33-MPC — Post-Quantum Threshold Signing📐🔑 MPC threshold deep-dive →

NEW · DILITHIUM ATTESTATION

Multi-party key generation, signing, and resharing with configurable N-of-M threshold. Every finalized session carries a Dilithium (ML-DSA) post-quantum attestation. Zero single points of failure. Party contributions are zeroed from memory on completion.

N-of-M

Threshold

Operations

ML-DSA

Attestation

Credits/Session

6

Proprietary Engines

3

FHE Libraries

0

External FHE/ZK Deps

2.2–3.2×

Faster Than SEAL

L1–L5

NIST Post-Quantum

📐🔒 NIST security levels →

2.21M+

Auth/Sec (2,209,429)

📐📐 See how we measured this →

*Only external crypto dependency: Dilithium3 (pqcrypto-mldsa) — NIST FIPS 204 reference implementation. Using the standard is the right call for a signature algorithm.

Performance

2,209,429 Authentications Per Second

Full post-quantum pipeline — FHE encrypt, biometric match, ZK-STARK proof, Dilithium signature — in 35.25µs per auth. Graviton4 metal, 96 workers, ±0.71% variance.

35.25µs
Per authentication

1,128µs
32-user batch

2.21M/s
Sustained throughput

Full Performance Data →

Speed Comparison

Faster Than Every Alternative

2.3×

faster than Microsoft SEAL

875×

less expensive per auth

100%

post-quantum (zero classical)

Full Comparison →

Why H33

1.36ms. Zero Data Exposure. Post-Quantum.

The only biometric auth where your template is NEVER decrypted. H33-128 CollectiveAuthority uses k-of-n threshold decrypt📐🔑 Interactive Shamir demo → so no single server ever sees plaintext. H33 ZKP Stark Lookup: 2.0µs prove + 0.2µs verify. 2.3× faster than Microsoft SEAL (single-thread).

1.36ms

H33-128 Full Auth

0.42ms

BFV Encrypt (N=4096)

2.0µs📐🛡️ STARK lookup breakdown →

H33 ZKP Stark Lookup Prove📐🛡️ STARK lookup breakdown →

2.3×

vs SEAL (single-thread)

Capability	H33 (Feb 2026 v7.0)	Industry Best	H33 Advantage
H0 Mode (Turbo Full Match)	356µs	No comparison	~57-bit security (dev only)
H33-128 (CollectiveAuthority, N=4096)	1.36ms	SEAL: 2.85ms	2.3× faster + zero exposure
H-256 (NIST L5, N=16384)📐🔒 NIST security levels →	5.98ms	SEAL: 19.08ms	3.2× faster + zero exposure
H33 ZKP Stark Lookup	2.0µs prove + 0.2µs verify	2.09ns cached (Cachee L1)	497M ops/sec. PQ-safe.
Dilithium3 (NIST L3)📐✍️ Batch attestation demo →	~106µs	liboqs: ~105µs	Sign 80.7µs + Verify 24.8µs
Auths Per Blink	~221 crypto batches📐⚡ The blink test →	N/A	300,000µs ÷ 1.36ms📐⚡ The blink test →
Throughput (96-core Graviton4)	2,209,429/sec	No comparable offering	187.7B/day • 23.6× SEAL at scale
PQC Overhead	~106µs	N/A	Dilithium3 sign 80.7µs + verify 24.8µs
Cache Read Throughput	497M ops/sec	~100K/sec typical	Cachee L1, Rust-native, 2.09ns

Measured on c8g.metal-48xl (96 cores, AWS Graviton4, Neoverse V2). Criterion.rs v0.5, 100+ samples. February 14, 2026. 96-core single-socket, NUMA-pinned for throughput numbers.

Cryptographic Specifications

NIST FIPS 203/204 Compliant

ML-KEM (Kyber) key encapsulation + ML-DSA (Dilithium) digital signatures. BFV fully homomorphic encryption with N=4096, single Q=56-bit modulus. ZK-STARK proofs with SHA3-256 hash.

Full Parameter Tables →

API Services

Five proprietary crypto engines. One API.📐⚙️ Proprietary engine deep-dive →

H33 BFV, H33 BFV-256, H33 CKKS, H33 ZKP Stark Lookup, H33 Biometrics — every engine built from scratch in Rust📐⚙️ Proprietary engine deep-dive →. One API call for the entire post-quantum stack.

PATENT

🎯

Full Stack Auth

One API call: biometric + FHE + H33 ZKP Stark Lookup + quantum signature. 1.36ms at L1 (128-bit) or 5.98ms at L5 (256-bit). ZKP Stark Lookup: 2.0µs prove + 0.2µs verify. 2.2–3.2× faster than SEAL + k-of-n threshold.

POST /auth/full-stack POST /session/resume

🧬

FHE Biometrics

Face, voice, fingerprint matching on encrypted data. k-of-n threshold decrypt📐🔑 Interactive Shamir demo →. 0.42ms BFV encrypt + 0.26ms FHE inner product. 2.3× faster than SEAL (single-thread) + zero exposure.

POST /biometric/enroll POST /biometric/verify POST /auth/incremental

NEW

⚡

FHE-IQ Routing📐⚡ FHE-IQ deep-dive →

Intelligent multi-backend routing. One call auto-selects BFV-64, CKKS, or BFV-32 based on workload, security, and hardware. <500ns routing decision.

POST /fhe/fabric/session POST /fhe/fabric/encrypt POST /fhe/fabric/decrypt POST /fhe/fabric/compute POST /fhe/fabric/recommend GET /fhe/fabric/backends

NEW

🔢

CKKS FHE

Floating-point homomorphic encryption. Compute on encrypted real numbers. 128/192/256-bit security levels.

POST /fhe/ckks/keygen POST /fhe/ckks/encrypt POST /fhe/ckks/decrypt POST /fhe/ckks/add POST /fhe/ckks/multiply POST /fhe/ckks/rescale POST /fhe/ckks/similarity

🔒

Zero-Knowledge Proofs

H33 ZKP Stark Lookup: 2.0µs prove + 0.2µs verify. Prove identity, age, location without revealing data. 2.09ns cached verify (Cachee L1).

POST /zkp/prove POST /zkp/verify

🔐

Quantum Signatures📐✍️ Batch attestation demo →

Dilithium3 & Kyber768. NIST FIPS 203/204 compliant. ~106µs sign+verify📐✍️ Batch attestation demo → (80.7µs sign + 24.8µs verify). NIST L3 post-quantum.

POST /crypto/dilithium/keygen POST /crypto/dilithium/sign POST /crypto/dilithium/verify

PATENT

🔐

Nested Hybrid Signatures

Every authentication is dual-signed: Ed25519 (classical) nested inside Dilithium (post-quantum). Two independent algorithms, two mathematical families. An attacker must break both. If NIST's lattice-based standard has a backdoor, your auth still holds.

POST /hybrid/sign POST /hybrid/verify GET /hybrid/algorithms

142µs dual-sign · 79µs verify · 2,484 bytes

⛓️

Blockchain Attestation

Solana soulbound NFTs. Immutable audit trails. ZK-compressed logging (5000x less expensive).

POST /blockchain/attest POST /blockchain/mint-sbt

COMING SOON

👻

Invisible Auth

Zero-transmission authentication. No codes displayed. Cryptographic invisible keys. Zero-knowledge registration.

POST /auth/invisible-handshake POST /auth/session

PATENT

🛡️

Estate Fraud Detection

Behavioral shift detection from deceased baselines. Beneficiary collusion detection. Court-admissible evidence.

POST /fraud/estate/analyze GET /fraud/evidence

🏛️

KYC / AML

Privacy-preserving identity verification. ZK proofs of eligibility without exposing documents.

POST /kyc/verify POST /aml/screen

🧠

Continuous Auth

Multi-modal fusion: keystroke, mouse, face, voice. LSTM behavioral modeling. 99.2% attack detection.

WS /auth/continuous POST /auth/behavioral

NEW

🎬

PQ Video

Post-quantum encrypted video conferencing. ML-KEM (Kyber-1024) key exchange, AES-256-GCM media encryption, ML-DSA (Dilithium-3) signed transcripts. HIPAA/SCIF-ready.

POST /video/session POST /video/transcript GET /video/verify

5 units/min session · 10 units/min transcript

NEW

🗄️

Storage Encryption

Encrypt any data at rest with post-quantum Kyber+AES-256-GCM. Field-level encryption with sensitivity classification. Zero-downtime key rotation.

POST /storage/encrypt POST /storage/decrypt POST /storage/encrypt-fields POST /storage/rotate

NEW

🤖

AI Attack Detection

Three native Rust AI agents: Harvest Detection (0.69µs), Side-Channel Analysis (1.14µs), Crypto Health Monitor (0.52µs). Real-time threat intelligence.

POST /ai/harvest-detect POST /ai/side-channel POST /ai/crypto-health

NEW

🔍

Encrypted Search

Search over encrypted data without decryption. FHE-powered keyword matching, encrypted indexes, and privacy-preserving queries. Zero plaintext exposure.

POST /search/encrypted POST /search/index GET /search/query

📜 129 Patent Claims Pending

8 Core Innovations

Protected intellectual property covering the complete post-quantum authentication stack.

Three Proprietary FHE Engines (BFV + CKKS + BFV-32)📐⚙️ Proprietary engine deep-dive →

Three complete FHE implementations built from scratch. BFV-64 for authentication (2.2× SEAL), CKKS for encrypted ML, BFV-32 for ARM mobile. Scheme switching, fused ops, SIMD batching. FHE-IQ auto-routes across all three.

FHE-IQ — Intelligent Multi-Backend Routing📐⚡ FHE-IQ deep-dive →

Two-phase policy router auto-selects optimal FHE backend in <500ns. Hard filters + weighted scoring across latency, security, hardware, and health. Adaptive weights tuned by AI telemetry agents.

H33 ZKP Stark Lookup — Proprietary Zero-Knowledge

H33 ZKP Stark Lookup: 2.0µs prove + 0.2µs verify. 128-bit post-quantum, no trusted setup. 2.09ns cached verify (Cachee L1).

Continuous Multi-Modal Fusion

LSTM temporal modeling. Keystroke, mouse, face, voice, physiological signals. 94.7% accuracy.

Quantum-Resistant Architecture

Kyber, Dilithium with automated migration. 30+ year quantum resistance.

Estate Fraud Detection

Behavioral shift analysis from deceased baselines. Collusion detection. Legal evidence generation.

ML Threat Attribution

Ensemble classification for attack source identification. Campaign tracking. 89-95% accuracy.

Blockchain Compliance

Smart contracts for GDPR/HIPAA. ZK-compressed logging. 5000x cost reduction.

Invisible Authentication

Zero-transmission auth. Cryptographic invisible keys. Zero-knowledge registration.

Simple Per-Auth Pricing

Start free. Scale as you grow. All plans include every API.

Free

1,000 auths/month

All APIs · H0 mode · No credit card

Starter

$349/mo

5,000 auths/month

Full PQ pipeline · Production ready

Growth

$1,249/mo

25,000 auths/month

Priority support · Volume pricing

See All Plans Get Free API Key →

Security

Enterprise-grade. Formally verified.

Post-quantum cryptography, 16 mathematical proofs, 7 defense layers. Security that doesn't slow you down.

9.9/10

Internal Security Assessment

📐 View Full Audit Methodology →

Critical Vulns

Kani Proofs

Defense Layers

99.2%

Attack Detection

External Crypto Review

7-Layer Defense in Depth

                Layer 7: Post-Quantum Cryptography
                Dilithium3 + Kyber768 • NIST Level 3
            
                Layer 6: Zero-Knowledge Proofs
                H33 ZKP Stark Lookup • Privacy without exposure
            
                Layer 5: Homomorphic Encryption
                BFV/CKKS • Compute on encrypted data • Parameters externally reviewed
            
                Layer 4: Hardware Security (TEE)
                Intel SGX • Fortanix EDP
            
                Layer 3: Formal Verification
                16 Kani Proofs • Mathematical guarantees
            
                Layer 2: Network Security
                WAF • DDoS • mTLS • Segmentation
            
                Layer 1: Infrastructure
                AWS • VPC • IAM • CloudTrail

External Cryptographic Review

Independent Review by Jose Contreras

An independent cryptographer reviewed our FHE parameter security, HE Standard v1.1 compliance, threshold decryption, and noise budgets across all tiers. 10 findings were reported — every one has been addressed. Production parameters (H33-128, H-256) were confirmed compliant.

View All 10 Findings & Fixes → Full Audit Methodology

Findings

Resolved

Open

Architecture designed for compliance with:

💳

PCI DSS

Planned

🏛️

FedRAMP

Planned

⚡

FedNow

In Progress

View Trust Center — 189+ Compliance Documents →

Post-Quantum Compliance — Already Shipping

Not on our roadmap. In your auth pipeline today.

NIST FIPS 204 — ML-DSA (Dilithium)

Every H33 authentication is signed with CRYSTALS-Dilithium at ML-DSA-65 (NIST Level 3). This is the finalized NIST standard, not a draft or candidate. Hybrid tiers add Ed25519 as an independent classical layer.

Shipping since Q1 2026

Nested Hybrid Signatures — Algorithmic Diversity

Our H33 and H-256 tiers wrap every signature in two or three independent cryptographic algorithms from different mathematical families. If a backdoor is discovered in any single algorithm — lattice-based, elliptic curve, or hash-based — the remaining layers maintain security. No re-enrollment required.

Shipping since Q1 2026

Side-Channel Resistant — Constant-Time at Every Layer

Biometric matching runs inside FHE — plaintext never touches the cache. Ed25519 uses constant-time scalar multiplication with conditional-move table lookups. Dilithium NTT uses branchless Barrett reduction. FALCON signing is isolated to a dedicated physical core. SPHINCS+ is hash-based and inherently constant-time. No secret-dependent memory access anywhere in the auth pipeline.

Shipping since Q1 2026

Soulbound Identity Tokens — Patent-Protected

KYC/AML identity tokens are minted as non-transferable blockchain tokens with nested hybrid signatures. Identity cannot be sold, transferred, or stolen. 108 patent claims cover the complete architecture including nested signature composition, graceful cryptographic degradation, dual-committed guardian recovery, and lattice-redundant triple signing.

33 Claims Filed

Benchmarks

Independently Reproducible

Every number on this site is verifiable. Run our open benchmark suite on your own hardware. Graviton4 c8g.metal-48xl, 96 workers, 120-second sustained.

Full Benchmark Data → January 2026 Report →

API

One API. Full Post-Quantum Pipeline.

REST API with SDKs for Python, Node.js, Rust, and Go. FHE encrypt, biometric match, ZK proof, Dilithium sign — all in a single call.

POST /v1/auth/verify
→ FHE encrypt → biometric match → ZK-STARK proof → Dilithium sign
Response: 35.25µs · Session token + attestation

API Reference Documentation →

SDKs

Native SDKs for every stack

Official client libraries with TypeScript definitions, async/await support, and automatic retries.

Rust — API Client

cargo add h33-client

REST API client · async · retries · typed responses

Rust — FHE Client FASTEST

cargo add h33-fhe-client

Client-side BFV encrypt · saves ~419µs · WASM + native

Python

pip install h33

Node.js / TypeScript

Coming soon

go get github.com/h33-ai/h33-go

React Native

npm install @h33/react-native

Ship NIST-standard post-quantum encryption this afternoon.

We solved the hard part. 1,000 free auths. Full API access. No credit card required.

Get Free API Key → Schedule a Demo ↗ View Pricing →

What You Can Build With H33

One API call. Six quantum-safe capabilities. Zero data exposure.

Passwordless Authentication

Replace passwords with encrypted biometrics and ZK proof verification. 1.36ms per auth.

Encrypted Biometric Matching

FHE biometric templates that never decrypt. 32 users per ciphertext, 967µs batch.

Post-Quantum Cryptography

Dilithium + Kyber + Ed25519 nested hybrid signatures. FIPS 203/204 compliant today.

Quantum-Safe Digital Identity

Soulbound identity tokens, selective disclosure, and verifiable credentials — all PQ-safe.

Encrypted Search & Compute

Query encrypted data without decryption. FHE inner-product matching at microsecond latency.

FHE API — 4 Engines

BFV, CKKS, BFV-32, FHE-IQ. From mobile to enterprise. The fastest FHE in production.

Frequently Asked Questions

What is post-quantum cryptography?

Post-quantum cryptography (PQC) uses mathematical problems that quantum computers cannot solve efficiently — unlike RSA and ECC, which Shor's algorithm breaks. H33 implements NIST's finalized standards: ML-KEM (FIPS 203) for key encapsulation and ML-DSA (FIPS 204) for digital signatures. Every H33 API call is post-quantum end-to-end — zero classical crypto in the hot path.

Is fully homomorphic encryption fast enough for production?

Historically, no — FHE was 10,000x too slow for real-time use. H33 changed that. Our BFV engine runs encrypted biometric matching at 35.25 microseconds per authentication — 2.21 million per second sustained on Graviton4. The optimization stack includes Montgomery NTT, Harvey lazy reduction, and NTT-domain fused inner products. FHE is no longer a research project.

What are NIST FIPS 203 and 204 and do I need to comply?

FIPS 203 (ML-KEM/Kyber) and FIPS 204 (ML-DSA/Dilithium) are NIST's post-quantum cryptography standards, finalized August 2024. Federal agencies and their contractors must migrate. NSA timelines range from 2025-2033 depending on system category. H33 is FIPS 203/204 compliant today — Dilithium signatures and Kyber key exchange are built into every API call.

Is reCAPTCHA GDPR compliant?

As of April 2, 2026, Google shifts reCAPTCHA from data controller to data processor — meaning you bear legal responsibility for all data it collects. European regulators have already fined companies for improper reCAPTCHA use. H33-BotShield uses SHA-256 proof-of-work instead: no cookies, no fingerprinting, no personal data. GDPR compliant by architecture, not by policy. Free for 2,500 challenges/month.

What is a CAPTCHA alternative that doesn't track users?

BotShield by H33 replaces CAPTCHA with invisible proof-of-work. The visitor's browser solves a SHA-256 challenge in 1-3 seconds — no images, no checkboxes, no behavioral tracking. One script tag to integrate. Free for 2,500 challenges per month. Unlike other PoW alternatives, BotShield challenges are signed with post-quantum Dilithium signatures, making them unforgeable.

What is harvest now, decrypt later?

Adversaries — particularly nation-states — are capturing encrypted data today with the intent to decrypt it once quantum computers mature (estimated 2030-2035). If your authentication tokens, biometric templates, or session keys use RSA or ECC, they're already at risk. H33's entire pipeline uses lattice-based cryptography (ML-KEM, ML-DSA, BFV) that remains secure against both classical and quantum attacks.

How do I add post-quantum encryption to my app?

One API call. H33 handles FHE encryption, ZK-STARK proof generation, Dilithium signing, and biometric matching — all in 35.25 microseconds. Integrate via REST API, Python/Node/Rust/Go SDKs, or a single script tag for BotShield. No cryptography expertise required. Get 1,000 free credits →

How does encrypted biometric matching work?

Traditional biometric systems decrypt templates for comparison — creating a plaintext exposure window. H33 performs the entire match in encrypted space using BFV fully homomorphic encryption. Your biometric data is encrypted on-device, transmitted encrypted, compared encrypted, and never exists in plaintext on any server. The match result is a ZK-STARK proof that reveals only "match" or "no match."

View all FAQs →

FROM THE BLOG

Latest Technical Deep Dives

🔥 URGENT · MARCH 2026

Google reCAPTCHA Is Dead: Your 5-Minute Migration Plan

Google slashed the free tier to 10K and reCAPTCHA shuts down April 2026. Replace it with one script tag.

Read Article →

🛡️ POST-QUANTUM

Harvest Now, Decrypt Later: Are You Protected?

Adversaries capture encrypted traffic today. When quantum computers arrive, they'll decrypt it all. Here's your defense.

Read Article →

⚡ BENCHMARK

2.17 Million Auth/Sec — Here's the Architecture

BFV homomorphic encryption, SIMD batching, NTT-domain ops on 96-core Graviton4. Full breakdown.

Read Article →

View All 370+ Articles →