As organizations assess the impact of quantum computing on cryptography, many focus on algorithm migration and timelines. But preparing for PQC requires a broader view—one that includes not just new algorithms, but also the quality of the inputs that support them, including randomness.

That’s why Quantinuum joined with partners Thales, Keyfactor, and IBM Consulting to form the QSafe 360 Alliance, a collaboration focused on helping organizations build crypto-agile security architectures that are ready for the quantum era. Together, we’ve released a whitepaper—Digital Trust & Cybersecurity After Quantum Computing—to offer practical guidance on post-quantum readiness, from discovery and planning to deployment.

Lessons from Past Vulnerabilities

The history of cryptography offers clear examples of what happens when randomness fail, and how long those issues can go unnoticed. The Polynonce attack, first disclosed in 2023, exploited weak randomness in Bitcoin transaction signatures and enabled the theft of at least $25 million across 773 wallets. The vulnerability persisted undetected for nine years. The Randstorm disclosure, published in 2022, revealed that biased key generation in widely used Bitcoin wallet libraries exposed millions of wallets—across a window of more than a decade (2011–2022). In both cases, cryptographic algorithms functioned as designed; it was the randomness beneath them that silently failed, leaving companies vulnerable for many years

Post-Quantum Cryptography Inherits These Risks

Post-quantum cryptography (PQC) algorithms are being designed to resist attacks from quantum computers. But they still depend on random values to generate key material. That means any implementation of PQC inherits the same reliance on randomness—but without a way to prove its quality, that layer remains a potential vulnerability.

As security teams run cryptographic inventories, develop crypto-agility plans, or build software bill-of-materials (SBOMs) for PQC migration, it’s important to include randomness in that scope. No matter how strong the algorithm, poor randomness can undermine its security from the start.

A New Approach: Proven Randomness

Quantum Origin takes a fundamentally different approach to randomness quality to deliver proven randomness which improves key generation, algorithms, and the entire security stack. It leverages strong seeded randomness extractors—mathematical algorithms that transform even weak local entropy into provably secure output. These extractors are uniquely powered by a Quantum Seed, which is generated once by Quantinuum's quantum computers using quantum processes verified through Bell tests.

This one-time quantum generation enables Quantum Origin as a software-only solution designed for maximum flexibility. It works with existing infrastructure—on cloud systems, on-premises environments, air-gapped networks, and embedded platforms—without requiring special hardware or a network connection. It's also validated to NIST SP 800-90B standards (Entropy Source Validation #E214). This approach strengthens today’s deployments of AES, RSA, ECC, and other algorithms, and lays a secure foundation for implementing the NIST PQC algorithms.

The QSafe 360 Alliance

The QSafe 360 Alliance whitepaper outlines the path to post-quantum readiness, emphasizing crypto-agility as a guiding principle: the ability to adapt cryptographic systems without major disruption, from randomness to key generation to algorithmic strength.

For security architects, CISOs, and cryptographic engineering teams building their post-quantum transition strategies, randomness is not a peripheral concern. It is a starting point.

The QSafe 360 Alliance whitepaper offers valuable guidance on structuring a comprehensive PQC journey. As you explore that framework, consider how proven randomness—available today—will help strengthen your security posture from the ground up.

Our quantum algorithms team has been hard at work exploring solutions to continually optimize our system’s performance. Recently, they’ve invented a novel technique, called the Quantum Paldus Transform (QPT), that can offer significant resource savings in future applications.

The transform takes complex representations and makes them simple, by transforming into a different “basis”. This is like looking at a cube from one angle, then rotating it and seeing just a square, instead. Transformations like this save resources because the more complex your problem looks, the more expensive it is to represent and manipulate on qubits.

You’ve changed

While it might sound like magic, transforms are a commonly used tool in science and engineering. Transforms simplify problems by reshaping them into something that is easier to deal with, or that provides a new perspective on the situation. For example, sound engineers use Fourier transforms every day to look at complex musical pieces in terms of their frequency components. Electrical engineers use Laplace transforms; people who work in image processing use the Abel transform; physicists use the Legendre transform, and so on.

In a new paper outlining the necessary tools to implement the QPT, Dr. Nathan Fitzpatrick and Mr. Jędrzej Burkat explain how the QPT will be widely applicable in quantum computing simulations, spanning areas like molecular chemistry, materials science, and semiconductor physics. The paper also describes how the algorithm can lead to significant resource savings by offering quantum programmers a more efficient way of representing problems on qubits.

Symmetry is key

The efficiency of the QPT stems from its use of one of the most profound findings in the field of physics: that symmetries drive the properties of a system.

While the average person can “appreciate” symmetry, for example in design or aesthetics, physicists understand symmetry as a much more profound element present in the fabric of reality. Symmetries are like the universe’s DNA; they lead to conservation laws, which are the most immutable truths we know.

Back in the 1920’s, when women were largely prohibited from practicing physics, one of the great mathematicians of the century, Emmy Noether, turned her attention to the field when she was tasked with helping Einstein with his work. In her attempt to solve a problem Einstein had encountered, Dr. Noether realized that all the most powerful and fundamental laws of physics, such as “energy can neither be created nor destroyed” are in fact the consequence of a deep simplicity – symmetry – hiding behind the curtains of reality. Dr. Noether’s theorem would have a profound effect on the trajectory of physics.

In addition to the many direct consequences of Noether’s theorem is a longstanding tradition amongst physicists to treat symmetry thoughtfully. Because of its role in the fabric of our universe, carefully considering the symmetries of a system often leads to invaluable insights.

Einstein, Pauli and Noether walk into a bar...

Many of the systems we are interested in simulating with quantum computers are, at their heart, systems of electrons. Whether we are looking at how electrons move in a paired dance inside superconductors, or how they form orbitals and bonds in a chemical system, the motion of electrons are at the core.

Seven years after Noether published her blockbuster results, Wolfgang Pauli made waves when he published the work describing his Pauli exclusion principle, which relies heavily on symmetry to explain basic tenets of quantum theory. Pauli’s principle has enormous consequences; for starters, describing how the objects we interact with every day are solid even though atoms are mostly empty space, and outlining the rules of bonds, orbitals, and all of chemistry, among other things.

Symmetry in motion

It is Pauli's symmetry, coupled with a deep respect for the impact of symmetry, that led our team at Quantinuum to the discovery published today.

In their work, they considered the act of designing quantum algorithms, and how one’s design choices may lead to efficiency or inefficiency.

When you design quantum algorithms, there are many choices you can make that affect the final result. Extensive work goes into optimizing each individual step in an algorithm, requiring a cyclical process of determining subroutine improvements, and finally, bringing it all together. The significant cost and time required is a limiting factor in optimizing many algorithms of interest.

This is again where symmetry comes into play. The authors realized that by better exploiting the deepest symmetries of the problem, they could make the entire edifice more efficient, from state preparation to readout. Over the course of a few years, a team lead Dr. Fitzpatrick and his colleague Jędrzej Burkat slowly polished their approach into a full algorithm for performing the QPT.

The QPT functions by using Pauli’s symmetry to discard unimportant details and strip the problem down to its bare essentials. Starting with a Paldus transform allows the algorithm designer to enjoy knock-on effects throughout the entire structure, making it overall more efficient to run.

“It’s amazing to think how something we discovered one hundred years ago is making quantum computing easier and more efficient,” said Dr. Nathan Fitzpatrick.

Ultimately, this innovation will lead to more efficient quantum simulation. Projects we believed to still be many years out can now be realized in the near term.

Transforming the future

The discovery of the Quantum Paldus Transform is a powerful reminder that enduring ideas—like symmetry—continue to shape the frontiers of science. By reaching back into the fundamental principles laid down by pioneers like Noether and Pauli, and combining them with modern quantum algorithm design, Dr. Fitzpatrick and Mr. Burkat have uncovered a tool with the potential to reshape how we approach quantum computation.

As quantum technologies continue their crossover from theoretical promise to practical implementation, innovations like this will be key in unlocking their full potential.

In a new paper in Nature Physics, we've made a major breakthrough in one of quantum computing’s most elusive promises: simulating the physics of superconductors. A deeper understanding of superconductivity would have an enormous impact: greater insight could pave the way to real-world advances, like phone batteries that last for months, “lossless” power grids that drastically reduce your bills, or MRI machines that are widely available and cheap to use.  The development of room-temperature superconductors would transform the global economy.

A key promise of quantum computing is that it has a natural advantage when studying inherently quantum systems, like superconductors. In many ways, it is precisely the deeply ‘quantum’ nature of superconductivity that makes it both so transformative and so notoriously difficult to study.

Now, we are pleased to report that we just got a lot closer to that ultimate dream.

Making the impossible possible

To study something like a superconductor with a quantum computer, you need to first “encode” the elements of the system you want to study onto the qubits – in other words, you want to translate the essential features of your material onto the states and gates you will run on the computer.

For superconductors in particular, you want to encode the behavior of particles known as “fermions” (like the familiar electron). Naively simulating fermions using qubits will result in garbage data, because qubits alone lack the key properties that make a fermion so unique.

Until recently, scientists used something called the “Jordan-Wigner” encoding to properly map fermions onto qubits. People have argued that the Jordan-Wigner encoding is one of the main reasons fermionic simulations have not progressed beyond simple one-dimensional chain geometries: it requires too many gates as the system size grows.  

Even worse, the Jordan-Wigner encoding has the nasty property that it is, in a sense, maximally non-fault-tolerant: one error occurring anywhere in the system affects the whole state, which generally leads to an exponential overhead in the number of shots required. Due to this, until now, simulating relevant systems at scale – one of the big promises of quantum computing – has remained a daunting challenge.

Theorists have addressed the issues of the Jordan-Wigner encoding and have suggested alternative fermionic encodings. In practice, however, the circuits created from these alternative encodings come with large overheads and have so far not been practically useful.

We are happy to report that our team developed a new way to compile one of the new, alternative, encodings that dramatically improves both efficiency and accuracy, overcoming the limitations of older approaches. Their new compilation scheme is the most efficient yet, slashing the cost of simulating fermionic hopping by an impressive 42%. On top of that, the team also introduced new, targeted error mitigation techniques that ensure even larger systems can be simulated with far fewer computational "shots"—a critical advantage in quantum computing.

Using their innovative methods, the team was able to simulate the Fermi-Hubbard model—a cornerstone of condensed matter physics— at a previously unattainable scale. By encoding 36 fermionic modes into 48 physical qubits on System Model H2, they achieved the largest quantum simulation of this model to date.

This marks an important milestone in quantum computing: it demonstrates that large-scale simulations of complex quantum systems, like superconductors, are now within reach.

Unlocking the Quantum Age, One Breakthrough at a Time

This breakthrough doesn’t just show how we can push the boundaries of what quantum computers can do; it brings one of the most exciting use cases of quantum computing much closer to reality. With this new approach, scientists can soon begin to simulate materials and systems that were once thought too complex for the most powerful classical computers alone. And in doing so, they’ve unlocked a path to potentially solving one of the most exciting and valuable problems in science and technology: understanding and harnessing the power of superconductivity.

The future of quantum computing—and with it, the future of energy, electronics, and beyond—just got a lot more exciting.

In an experiment led by Princeton and NIST, we’ve just delivered a crucial result in Quantum Error Correction (QEC), demonstrating key principles of scalable quantum computing developed by Drs Peter Shor, Dorit Aharonov, and Michael Ben-Or. In this latest paper, we showed that by using “concatenated codes” noise can be exponentially suppressed — proving that quantum computing will scale.

When noise is low enough, the results are transformative

Quantum computing is already producing results, but high-profile applications like Shor’s algorithm—which can break RSA encryption—require error rates about a billion times lower than what today’s machines can achieve.

Achieving such low error rates is a holy grail of quantum computing. Peter Shor was the first to hypothesize a way forward, in the form of quantum error correction. Building on his results, Dorit Aharanov and Michael Ben-Or proved that by concatenating quantum error correcting codes, a sufficiently high-quality quantum computer can suppress error rates arbitrarily at the cost of a very modest increase in the required number of qubits.  Without that insight, building a truly fault-tolerant quantum computer would be impossible.

Their results, now widely referred to as the “threshold theorem”, laid the foundation for realizing fault-tolerant quantum computing. At the time, many doubted that the error rates required for large-scale quantum algorithms could ever be achieved in practice. The threshold theorem made clear that large scale quantum computing is a realistic possibility, giving birth to the robust quantum industry that exists today.

Realizing a legendary vision

Until now, nobody has realized the original vision for the threshold theorem. Last year, Google performed a beautiful demonstration of the threshold theorem in a different context (without concatenated codes). This year, we are proud to report the first experimental realization of that seminal work—demonstrating fault-tolerant quantum computing using concatenated codes, just as they envisioned.

The benefits of concatenation

The team demonstrated that their family of protocols achieves high error thresholds—making them easier to implement—while requiring minimal ancilla qubits, meaning lower overall qubit overhead. Remarkably, their protocols are so efficient that fault-tolerant preparation of basis states requires zero ancilla overhead, making the process maximally efficient.

This approach to error correction has the potential to significantly reduce qubit requirements across multiple areas, from state preparation to the broader QEC infrastructure. Additionally, concatenated codes offer greater design flexibility, which makes them especially attractive. Taken together, these advantages suggest that concatenation could provide a faster and more practical path to fault-tolerant quantum computing than popular approaches like the surface code.

We’re always looking forward

From a broader perspective, this achievement highlights the power of collaboration between industry, academia, and national laboratories. Quantinuum’s commercial quantum systems are so stable and reliable that our partners were able to carry out this groundbreaking research remotely—over the cloud—without needing detailed knowledge of the hardware. While we very much look forward to welcoming them to our labs before long, its notable that they never need to step inside to harness the full capabilities of our machines.

As we make quantum computing more accessible, the rate of innovation will only increase. The era of plug-and-play quantum computing has arrived. Are you ready?

Quantum computing companies are poised to exceed $1 billion in revenues by the close of 2025, according to McKinsey & Company, underscoring how today’s quantum computers are already delivering customer value in their current phase of development.

This figure is projected to reach upwards of $37 billion by 2030, rising in parallel with escalating demand, as well as with the scale of the machines and the complexity of problem sets of which they will be able to address.  

Several systems on the market today are fault-tolerant by design, meaning they are capable of suppressing error-causing noise to yield reliable calculations. However, the full potential of quantum computing to tackle problems of true industrial relevance, in areas like medicine, energy, and finance, remains contingent on an architecture that supports a fully fault-tolerant universal gate set with repeatable error correction—a capability that, until now, has eluded the industry.  

Quantinuum is the first—and only—company to achieve this critical technical breakthrough, universally recognized as the essential precursor to scalable, industrial-scale quantum computing. This milestone provides us with the most de-risked development roadmap in the industry and positions us to fulfill our promise to deliver our universal, fully fault-tolerant quantum computer, Apollo, by 2029.

In this regard, Quantinuum is the first company to step from the so-called “NISQ” (noisy intermediate-scale quantum) era towards utility-scale quantum computers.

Unpacking our achievement: first, a ‘full’ primer

A quantum computer uses operations called gates to process information in ways that even today’s fastest supercomputers cannot. The industry typically refers to two types of gates for quantum computers:

• Clifford gates, which can be easily simulated by classical computers, and are relatively easy to implement; and
• Non-Clifford gates, which are usually harder to implement, but are required to enable true quantum computation (when combined with their siblings).

A system that can run both gates is classified as universal and has the machinery to tackle the widest range of problems. Without non-Clifford gates, a quantum computer is non-universal and restricted to smaller, easier sets of tasks - and it can always be simulated by classical computers. This is like painting with a full palette of primary colors, versus only having one or two to work with. Simply put, a quantum computer that cannot implement ‘non-Clifford’ gates is not really a quantum computer.

A fault-tolerant, or error-corrected, quantum computer detects and corrects its own errors (or faults) to produce reliable results. Quantinuum has the best and brightest scientists dedicated to keeping our systems’ error rates the lowest in the world.

For a quantum computer to be fully fault-tolerant, every operation must be error-resilient, across Clifford gates and non-Clifford gates, and thus, performing “a full gate set” with error correction. While some groups have performed fully fault-tolerant gate sets in academic settings, these demonstrations were done with only a few qubits and error rates near 10%—too high for any practical use.

Today, we have published two papers that establishes Quantinuum as the first company to develop a complete solution for a universal fully fault-tolerant quantum computer with repeatable error correction, and error rates low enough for real-world applications.

This is where the magic happens

The first paper describes how scientists at Quantinuum used our System Model H1-1 to perfect magic state production, a crucial technique for achieving a fully fault-tolerant universal gate set. In doing so, they set a record magic state infidelity (7x10^-5), 10x better than any previously published result.

Our simulations show that our system could reach a magic state infidelity of 10^-10, or about one error per 10 billion operations, on a larger-scale computer with our current physical error rate. We anticipate reaching 10^-14, or about one error per 100 trillion operations, as we continue to advance our hardware. This means that our roadmap is now derisked.

Setting a record magic state infidelity was just the beginning. The paper also presents the first break-even two-qubit non-Clifford gate, demonstrating a logical error rate below the physical one. In doing so, the team set another record for two-qubit non-Clifford gate infidelity (2x10^-4, almost 10x better than our physical error rate). Putting everything together, the team ran the first circuit that used a fully fault-tolerant universal gate set, a critical moment for our industry.

Flipping the switch

In the second paper, co-authored with researchers at the University of California at Davis, we demonstrated an important technique for universal fault-tolerance called “code switching”.

Code switching describes switching between different error correcting codes. The team then used the technique to demonstrate the key ingredients for universal computation, this time using a code where we’ve previously demonstrated full error correction and the other ingredients for universality.

In the process, the team set a new record for magic states in a distance-3 error correcting code, over 10x better than the best previous attempt with error correction. Notably, this process only cost 28 qubits instead of hundreds. This completes, for the first time, the ingredient list for a universal gate setin a system that also has real-time and repeatable QEC.

Fully equipped for fault-tolerance

Innovations like those described in these two papers can reduce estimates for qubit requirements by an order of magnitude, or more, bringing powerful quantum applications within reach far sooner.

With all of the required pieces now, finally, in place, we are ‘fully’ equipped to become the first company to perform universal fully fault-tolerant computing—just in time for the arrival of Helios, our next generation system launching this year, and what is very likely to remain as the most powerful quantum computer on the market until the launch of its successor, Sol, arriving in 2027.

If we are to create ‘next-gen’ AI that takes full advantage of the power of quantum computers, we need to start with quantum native transformers. Today we announce yet again that Quantinuum continues to lead by demonstrating concrete progress — advancing from theoretical models to real quantum deployment.

The future of AI won't be built on yesterday’s tech. If we're serious about creating next-generation AI that unlocks the full promise of quantum computing, then we must build quantum-native models—designed for quantum, from the ground up.

Around this time last year, we introduced Quixer, a state-of-the-art quantum-native transformer. Today, we’re thrilled to announce a major milestone: one year on, Quixer is now running natively on quantum hardware.

Why this matters: Quantum AI, born native

This marks a turning point for the industry: realizing quantum-native AI opens a world of possibilities.

Classical transformers revolutionized AI. They power everything from ChatGPT to real-time translation, computer vision, drug discovery, and algorithmic trading. Now, Quixer sets the stage for a similar leap — but for quantum-native computation. Because quantum computers differ fundamentally from classical computers, we expect a whole new host of valuable applications to emerge.  

Achieving that future requires models that are efficient, scalable, and actually run on today’s quantum hardware.

That’s what we’ve built.

What makes Quixer different?

Until Quixer, quantum transformers were the result of a brute force “copy-paste” approach: taking the math from a classical model and putting it onto a quantum circuit. However, this approach does not account for the considerable differences between quantum and classical architectures, leading to substantial resource requirements.

Quixer is different: it’s not a translation – it's an innovation.

With Quixer, our team introduced an explicitly quantum transformer, built from the ground up using quantum algorithmic primitives. Because Quixer is tailored for quantum circuits, it's more resource efficient than most competing approaches.

As quantum computing advances toward fault tolerance, Quixer is built to scale with it.

What’s next for Quixer?

We’ve already deployed Quixer on real-world data: genomic sequence analysis, a high-impact classification task in biotech. We're happy to report that its performance is already approaching that of classical models, even in this first implementation.

This is just the beginning.

Looking ahead, we’ll explore using Quixer anywhere classical transformers have proven to be useful; such as language modeling, image classification, quantum chemistry, and beyond. More excitingly, we expect use cases to emerge that are quantum-specific, impossible on classical hardware.

This milestone isn’t just about one model. It’s a signal that the quantum AI era has begun, and that Quantinuum is leading the charge with real results, not empty hype.

Stay tuned. The revolution is only getting started.