Show HN: Aegis – post-quantum cyberdefense proxy (471 attacks, 0 breaches)

A new open-source cyber-defense system called Aegis has been deployed in production, using NIST-standardized post-quantum cryptography to protect network services against both current and quantum-era threats. The autonomous, nine-layer proxy has blocked 471 attacks with zero security breaches, implementing algorithms such as ML-KEM-1024 and ML-DSA-87 to defend against the cryptographic vulnerabilities that quantum computers will exploit. The system, which operates without human intervention, is designed to address the estimated 2030-2033 "Q-Day" when quantum computers are expected to break current encryption standards.

AEGIS is an autonomous, nine-layer post-quantum cyber-defense system deployed in production. It protects network services against modern and quantum-era threats using NIST-standardized post-quantum cryptography, without human intervention. "We do not wait for Q-Day. We defend against it today." The cryptographic infrastructure of the internet RSA, ECC, Diffie-Hellman is mathematically broken by quantum computers running Shor's algorithm. The Q-Day, estimated 2030-2033, is not a theory: it is an active geopolitical race between the US, China, and the EU. AEGIS implements the NIST post-quantum standards FIPS 203, 204, 205 in a fully autonomous defense stack that adapts, detects, isolates, and learns without requiring a security team. Incoming traffic | C0 Crypto Foundation -- ML-KEM-1024, ML-DSA-87, SPHINCS+ C0.5 Shield -- Decoy ports, disuasion layer C1 Digital Twin -- Immutable forensic chain, signed jump log C2 Minefield -- Honeypots, canary tokens C3 Detector -- Anomaly detection fire-and-forget | threat detected C4 Lockdown -- Atomic isolation, session sealing C5 AMTD -- Adaptive Moving Target Defense C6 Bubble -- Attacker containment, interaction recording C7 Forensic -- Automated post-incident analysis C8 Learning -- Collective intelligence, pattern update | Protected service proxy :8080 - :8000 Threat flow: Detection C3 - Atomic lockdown C4 - Twin jump C1 - Forensic C7 - Learning C8 | Algorithm | Standard | Role | |---|---|---| | ML-KEM-1024 | NIST FIPS 203 | Key encapsulation Kyber | | ML-DSA-87 | NIST FIPS 204 | Digital signatures | | SPHINCS+ | NIST FIPS 205 | Hash-based signatures | 100% defensive -- no active reconnaissance, no counterattacks Single process -- pure Python asyncio, no threading, no microservices Stateless restart -- clean systemd restart with no undesired persistent state Minimal surface -- status API bound to 127.0.0.1 only, never 0.0.0.0 Immutable forensics -- digital twin jumps are signed and immutable after registration | Metric | Result | |---|---| | Unit tests | 611 passing 100% | | Red team scenarios | 946 / 1,000 94.6% | | Security breaches | 0 | | Known limit E1 | Latency 50% at 250 RPS sustained | The 54 E1 failures are latency degradation under extreme load, not security failures. Detection remains functional at any load. This is a documented architectural limit of a single Python async process on a general-purpose VPS. - Production: https://aegis-pq.com https://aegis-pq.com - Dashboard: https://aegis-pq.com/dashboard https://aegis-pq.com/dashboard auto-refresh 5s - Quantum demo: https://aegis-pq.com/quantum-demo https://aegis-pq.com/quantum-demo Shor N=15, Qiskit Aer, ~155ms python3.12+ pip install -r requirements.txt Protect a local service on port 8000 python main.py --daemon --mace --mace-port 8080 --mace-target http://localhost:8000 With Telegram alerts AEGIS TG TOKEN=your bot token AEGIS TG CHAT=your chat id \ python main.py --daemon --mace | Variable | Description | Required | |---|---|---| | AEGIS TG TOKEN | Telegram bot token | No | | AEGIS TG CHAT | Telegram chat ID | No | | AEGIS ENLIL TOKEN | ENLIL orchestrator token | No | | AEGIS INCIDENTS DIR | Path to incident reports | No | Service WorkingDirectory=/path/to/aegis Environment="AEGIS TG TOKEN=your token" Environment="AEGIS TG CHAT=your chat id" ExecStart=/usr/bin/python3 main.py --daemon --mace --mace-port 8080 --mace-target http://localhost:8000 Restart=always RestartSec=5 pytest tests/test suite.py -v 611 tests covering all nine layers, forensic chain integrity, cryptographic primitives, and lockdown mechanics. Registered with the Spanish Intellectual Property Registry. - Expediente: 8NT20260502456 admitted 27 April 2026 - Author: Miguel Angel Concha Estrada - Name: AEGIS -- Sistema Autonomo de Ciberdefensa Post-Cuantica GPL v3: free to use, study, modify, and distribute. Derivative works must remain open source under the same license. - Web: https://aegis-pq.com https://aegis-pq.com - Email: contacto@aegis-pq.com mailto:contacto@aegis-pq.com AEGIS is open to contributions. Priority areas: - New detection vectors for C3 Detector layer - Additional honeypot types for C2 Minefield - Adapters for different deployment environments - Performance improvements for the E1 known limit - Translations and documentation Two architectural constraints are non-negotiable: fire-and-forget on C3 never block the proxy path , and immutability on C1 twin jumps are forensic evidence .