A copyleft license for research data, AI outputs, quantum & classical calculations — with mandatory post-quantum release integrity.
“The Apparatus does not own the Outcome.”
Adversaries are already capturing encrypted scientific datasets, model outputs, and signed releases. When large-scale quantum computers arrive, RSA, ECDSA, and EdDSA fall — and so does the integrity of every artifact signed only with them. Open Results that outlive their cryptography are not open. They are forgeable.
State and well-resourced actors record encrypted traffic and signed bundles today — datasets, model weights, mirror tarballs, signatures — and store them indefinitely.
Once cryptanalytically relevant quantum computers exist, RSA / ECDSA / EdDSA signatures over historical artifacts become forgeable. Provenance for a generation of open Results collapses retroactively.
Open GPL and Creative Commons works ship with classical signatures (or none). The license language does not require post-quantum integrity. QGPL closes that gap by making Quantum-Safe Distribution Metadata a copyleft obligation — not an optional extra.
Both are copyleft. They protect different things, for different lifetimes.
| GPL v3 / AGPL | QGPL v3.0 | |
|---|---|---|
| Primary subject | Source code | Observation Outputs (Results), datasets, and Apparatus Code |
| Covers research data & AI outputs | No (CC-style licenses needed) | Yes — first-class |
| Database rights (sui generis) | Partial / unclear | Explicit grant |
| Copyleft / share-alike | Yes | Yes — “Entangled Freedom” |
| Anti-DRM / anti-tivoization | Yes | Yes — incl. crypto access locks |
| Post-quantum release signatures | Not required | Mandatory (Section 5.1) |
| PQ / hybrid key establishment for transport | Not addressed | Required when crypto is used (5.2) |
| Algorithm agility (NIST PQ revisions) | N/A | Built-in (5.3) |
| Patent grant and retaliation | Yes | Yes |
| Provenance integrity clause | Implicit | Explicit (Section 3.3) |
QGPL is designed to complement, not replace, GPL. Code can stay under GPL while the Results it produces are released under QGPL.
Prior to observation, information exists in all states — unowned and boundless.
The Collapsed State of an observation belongs to the common reality of all Observers. No entity can copyright a fact derived from reality.
You may own the quantum computer, the GPU cluster, or the laboratory. You do not own the calculation it produces.
If you use a QGPL Result to derive new Results, those remain QGPL. Reality cannot be enclosed.
Channels that carry a Result into the future must outlast the machines that would break them. Distribution integrity must be quantum-resistant.
Attach the notice to your dataset, model checkpoint, paper supplement, or repository. Ship Quantum-Safe Distribution Metadata alongside the artifact.
OBSERVATION DATA / WORK NOTICE
This Work (including any included Results) is released under the Quantum General Public
License (QGPL) v3.0 — Quantum-Safe Edition.
You may use, modify, and distribute this Work under the terms of the QGPL v3.0.
Quantum-Safe Distribution Metadata (Section 5) is provided with this distribution.
Contact: Dr. Šarūnas Grigaliūnas <info@qgpl.org>A single CLI — qgpl — that signs, verifies, inspects, and audits artifacts under Section 5. Reference implementation plus a portable, re-implementable file format so the obligation is trivial to meet.
qgpl sign results.csv produces an ML-DSA-65 signature, manifest, and detached .sig. Hybrid PQ and classical optional.
qgpl verify with --pq-only mode for archival recovery and --strict-issuer for pinned roots.
qgpl audit release/ walks a directory and reports which artifacts lack compliant Section 5 metadata.
QGPL is positioned for Lithuanian and European scientific institutions releasing open datasets, AI outputs, and quantum computation results — and for the European Quantum Communication Infrastructure ecosystem where post-quantum release integrity is a baseline requirement, not a future upgrade.
An academic write-up of the QGPL construction, the Harvest-Now-Decrypt-Later motivation, and the relationship between copyleft and post-quantum integrity.
Drop-in copyleft for open research-data deposits at Lithuanian and EU institutions; alignment target for the QCI.lt initiative and broader European Quantum Communication Infrastructure programs.
QGPL is the licensing layer. ResilQ (via RQmod.com) is the technical risk-assessment layer for post-quantum readiness. Together they cover the legal obligation, the cryptographic obligation, and the operational evidence for releasing Results in a quantum-vulnerable world.
This site. The license, the Compliance Toolkit, and the public-facing pitch.
qgpl.org Risk & readinessTechnical PQ risk assessment — cryptographic inventory, exposure scoring, and migration roadmaps for organisations.
rqmod.com AuthorMaintainer of QGPL and The Open Reality Initiative. Research and writing on post-quantum security and open Results.
sarunasgrigaliunas.lt