Pre-audit reference work — deliverables are self-attested and independently verifiable; third-party audit in procurement. No certification implied.
§ Pilots & Evidence Packs · Work with us

Put post-quantum cryptography to work — on your systems.

TRELYAN runs fixed-scope, design-partner engagements that take the post-quantum tooling behind our products and apply it to your stack: a signed inventory of where your cryptography stands, firmware and identity pilots, an adversarial review of your signing surface, and NIS2 / CRA readiness. Start small with the $7,500 Evidence Pack Express — it's creditable toward a larger engagement.

Start where it pays off fastest.

◆ Start here · the wedge

Evidence Pack Express

$7,500 · fixed · creditable

Step 1 — diagnostic. The pilots below build on its findings.

A fast, signed snapshot of your post-quantum posture: a cryptographic bill of materials (CBOM) of where you use quantum-vulnerable crypto, a TLS posture scan, and a prioritized remediation plan — delivered as an ML-DSA-87-signed PDF. Fully creditable toward a full Evidence Pack.

Deliverable: self-attested reference report — not an audited certification. Scoping call recommended before purchase.

Assessment

Evidence Pack (full)

from $15,000 · scoped

A complete cryptographic inventory across your repositories and services, a signed evidence report, and a phased migration roadmap mapped to your compliance regime.

Pilot · QuantumShield

Firmware-signing pilot

from $12,000 · one device line

Integrate hybrid post-quantum firmware-manifest signing and verify-before-flash anti-rollback into one of your device lines, end to end, with your team.

Pilot · QuantumDNA

Verifiable-identity pilot

from $9,000 · one use-case

Issue and verify hybrid post-quantum credentials for a concrete use case — supply-chain attestation or device identity — with selective disclosure and holder proof-of-possession.

Integration · QuantumPay

Payment-authorization integration

from $15,000 · with your rail

Wire post-quantum payment-authorization signing alongside your existing licensed settlement rail. We sign and verify the authorization; your rail moves the money.

Review

Code-security sweep

from $15,000 · signing surface

An adversarial, find-then-exploit-verify review of your cryptographic signing and verification surface, with every confirmed finding fixed and reported.

Readiness

NIS2 / CRA readiness pack

from $12,000 · crosswalk

A control crosswalk, incident-response runbook, and risk register aligned to NIS2 / CRA and CIS-CSF. A readiness alignment deliverable — not a certification or attestation.

Ongoing

Retained advisory

from $3,500/mo · T&M

Continuous post-quantum migration advisory and integration support, on a monthly retainer — time-and-materials, scoped to your roadmap.

Scope → agree → deliver.

  1. A 30-minute scoping call — we map your use case, regime, and the smallest pilot that proves value.
  2. A fixed-scope statement of work — clear deliverables, a fixed price, and a timeline. Express engagements credit toward what follows.
  3. We deliver with your team — signed artifacts, working integrations, and a roadmap you own.

Book a scoping call.

The fastest first step is the 30-minute call. Bring a system; we'll identify your quantum-vulnerable cryptography and the smallest engagement that gets you verifiable migration evidence.

Design-partner engagements · reference implementations · pre-audit

All pilots and Evidence Packs run against TRELYAN's unaudited reference implementations under a design-partner agreement: fixed scope, no general-availability SLA, and not a certification or attestation. An independent cryptographic and side-channel audit is on our roadmap — it is the gate that graduates pilots to warranted GA terms. Prices shown are starting points and are scoped per engagement. QuantumPay signs and verifies payment authorizations only; it does not move, hold, or settle funds. Nothing here is an offer of any security, token, or financial instrument, or financial or legal advice.