LP-178 mirrors HIP-0098 into Lux. Routine governance authorisations
(DAO proposals, parameter votes) are issued via Pulsar-87 threshold
ML-DSA-87 (FIPS 204, NIST PQ Cat 5). Cold-root upgrade authorisations
(genesis params, network upgrades, slashing-pause, emergency-stop) are
issued via SLH-DSA-256s (FIPS 205) under a k-of-n multi-signature
scheme with k ≥ ⌈2n/3⌉ + 1 and n ≥ 5 on Lux mainnet.
ProfileID: 0x01 (ProfileLuxStrictPQ)
ProfileName: LUX_STRICT_PQ
HashSuiteID: SHA3_NIST (0x01)
IdentitySchemeID: ML_DSA_65 (0x42)
GovernanceSchemeID: ML_DSA_87 (0x43)
ColdRootSchemeID: SLH_DSA_256S (0x70)
FinalitySchemeID: PULSAR_M_65 (0x52)
HighValueSchemeID: PULSAR_M_87 (0x53)
MinSoundnessBits: 128
MinHashOutputBits: 384
RequireTransparent: true
ForbidPairings: true
ForbidKZG: true
ForbidTrustedSetup: true
ForbidClassicalSNARKs: true
ForbidFallbacks: true
luxfi/consensus/protocol/auth/governance.go is the canonicalreference.
LP-171's high-value mode). Single-party ML-DSA-87 is permitted for
testnet only.
SLH-DSA-256s long-lived key profile).
genesis; LP-085 / LP-086 classical governance is refused under
LUX_STRICT_PQ.
luxfi/consensus/protocol/auth/testdata/governance_v1.json.A Lux validator on LUX_STRICT_PQ MUST refuse any governance action
not authorised under LP-178's warm-or-cold path. The LP-085 / LP-086
classical contracts are not deployed on LUX_STRICT_PQ.
luxfi/consensus/protocol/auth/governance.go.