Anchor-pq Gradle Plugin – Android Post-Quantum Integrity Framework

Summary: The Anchor-pq Gradle Plugin computes a cryptographic fingerprint of compiled Android bytecode to enable secure runtime verification using post-quantum cryptography, ensuring app integrity against tampering and unauthorized modifications.

What it does

It generates a Merkle root hash of the app's compiled code at build time and supports runtime integrity validation via a verification server using ML-KEM (CRYSTALS-Kyber) for quantum-resistant communication.

Who it's for

Developers and organizations needing to detect APK tampering, prevent piracy, and comply with security standards for sensitive Android applications.

Why it matters

It provides tamper detection and post-quantum secure verification to protect apps from modification and future quantum attacks.