Show HN: Aegis – post-quantum cyberdefense proxy (471 attacks, 0 breaches)

AEGIS is an autonomous, nine-layer post-quantum cyber-defense system deployed in production. It protects network services against modern and quantum-era threats using NIST-standardized post-quantum cryptography, without human intervention.

"We do not wait for Q-Day. We defend against it today."

The cryptographic infrastructure of the internet (RSA, ECC, Diffie-Hellman) is mathematically broken by quantum computers running Shor's algorithm. The Q-Day, estimated 2030-2033, is not a theory: it is an active geopolitical race between the US, China, and the EU.

AEGIS implements the NIST post-quantum standards (FIPS 203, 204, 205) in a fully autonomous defense stack that adapts, detects, isolates, and learns without requiring a security team.

Incoming traffic
       |
  [C0]   Crypto Foundation   -- ML-KEM-1024, ML-DSA-87, SPHINCS+
  [C0.5] Shield              -- Decoy ports, disuasion layer
  [C1]   Digital Twin        -- Immutable forensic chain, signed jump log
  [C2]   Minefield           -- Honeypots, canary tokens
  [C3]   Detector            -- Anomaly detection (fire-and-forget)
         | threat detected
  [C4]   Lockdown            -- Atomic isolation, session sealing
  [C5]   AMTD                -- Adaptive Moving Target Defense
  [C6]   Bubble              -- Attacker containment, interaction recording
  [C7]   Forensic            -- Automated post-incident analysis
  [C8]   Learning            -- Collective intelligence, pattern update
       |
  Protected service (proxy :8080 -> :8000)

Threat flow: Detection (C3) -> Atomic lockdown (C4) -> Twin jump (C1) -> Forensic (C7) -> Learning (C8)

100% defensive-- no active reconnaissance, no counterattacks** Single process**-- pure Python asyncio, no threading, no microservices** Stateless restart**-- clean systemd restart with no undesired persistent state** Minimal surface**-- status API bound to 127.0.0.1 only, never 0.0.0.0** Immutable forensics**-- digital twin jumps are signed and immutable after registration

The 54 E1 failures are latency degradation under extreme load, not security failures. Detection remains functional at any load. This is a documented architectural limit of a single Python async process on a general-purpose VPS.

• Production: https://aegis-pq.com - Dashboard: https://aegis-pq.com/dashboard(auto-refresh 5s) - Quantum demo: https://aegis-pq.com/quantum-demo(Shor N=15, Qiskit Aer, ~155ms)

python3.12+
pip install -r requirements.txt
python main.py --daemon --mace --mace-port 8080 --mace-target http://localhost:8000

AEGIS_TG_TOKEN=your_bot_token AEGIS_TG_CHAT=your_chat_id \
python main.py --daemon --mace

[Service]
WorkingDirectory=/path/to/aegis
Environment="AEGIS_TG_TOKEN=your_token"
Environment="AEGIS_TG_CHAT=your_chat_id"
ExecStart=/usr/bin/python3 main.py --daemon --mace --mace-port 8080 --mace-target http://localhost:8000
Restart=always
RestartSec=5
pytest tests/test_suite.py -v

611 tests covering all nine layers, forensic chain integrity, cryptographic primitives, and lockdown mechanics.

Registered with the Spanish Intellectual Property Registry.

• Expediente: 8NT20260502456 (admitted 27 April 2026)
• Author: Miguel Angel Concha Estrada
• Name: AEGIS -- Sistema Autonomo de Ciberdefensa Post-Cuantica

GPL v3: free to use, study, modify, and distribute. Derivative works must remain open source under the same license.

• Web: https://aegis-pq.com - Email: contacto@aegis-pq.com

AEGIS is open to contributions. Priority areas:

• New detection vectors for C3 (Detector layer)
• Additional honeypot types for C2 (Minefield)
• Adapters for different deployment environments
• Performance improvements for the E1 known limit
• Translations and documentation

Two architectural constraints are non-negotiable: fire-and-forget on C3 (never block the proxy path), and immutability on C1 (twin jumps are forensic evidence).