diff --git a/Cargo.lock b/Cargo.lock
index 2d907290..6c99c17c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -85,8 +85,7 @@ dependencies = [
  "pin-project",
  "pinentry",
  "pprof",
- "quickcheck",
- "quickcheck_macros",
+ "proptest",
  "rand",
  "rpassword",
  "rsa",
@@ -241,6 +240,21 @@ version = "0.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d86b93f97252c47b41663388e6d155714a9d0c398b99f1005cbc5f978b29f445"
 
+[[package]]
+name = "bit-set"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1"
+dependencies = [
+ "bit-vec",
+]
+
+[[package]]
+name = "bit-vec"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb"
+
 [[package]]
 name = "bitflags"
 version = "1.3.2"
@@ -730,16 +744,6 @@ version = "0.3.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f"
 
-[[package]]
-name = "env_logger"
-version = "0.8.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a19187fea3ac7e84da7dacf48de0c45d63c6a76f9490dae389aead16c243fce3"
-dependencies = [
- "log",
- "regex",
-]
-
 [[package]]
 name = "env_logger"
 version = "0.10.1"
@@ -868,6 +872,12 @@ dependencies = [
  "thiserror",
 ]
 
+[[package]]
+name = "fnv"
+version = "1.0.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
+
 [[package]]
 name = "fuse_mt"
 version = "0.6.1"
@@ -1839,34 +1849,38 @@ dependencies = [
 ]
 
 [[package]]
-name = "quick-xml"
-version = "0.26.0"
+name = "proptest"
+version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f50b1c63b38611e7d4d7f68b82d3ad0cc71a2ad2e7f61fc10f1328d917c93cd"
+checksum = "31b476131c3c86cb68032fdc5cb6d5a1045e3e42d96b69fa599fd77701e1f5bf"
 dependencies = [
- "memchr",
+ "bit-set",
+ "bit-vec",
+ "bitflags 2.4.1",
+ "lazy_static",
+ "num-traits",
+ "rand",
+ "rand_chacha",
+ "rand_xorshift",
+ "regex-syntax",
+ "rusty-fork",
+ "tempfile",
+ "unarray",
 ]
 
 [[package]]
-name = "quickcheck"
-version = "1.0.3"
+name = "quick-error"
+version = "1.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "588f6378e4dd99458b60ec275b4477add41ce4fa9f64dcba6f15adccb19b50d6"
-dependencies = [
- "env_logger 0.8.4",
- "log",
- "rand",
-]
+checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0"
 
 [[package]]
-name = "quickcheck_macros"
-version = "1.0.0"
+name = "quick-xml"
+version = "0.26.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b22a693222d716a9587786f37ac3f6b4faedb5b80c23914e7303ff5a1d8016e9"
+checksum = "7f50b1c63b38611e7d4d7f68b82d3ad0cc71a2ad2e7f61fc10f1328d917c93cd"
 dependencies = [
- "proc-macro2",
- "quote",
- "syn 1.0.109",
+ "memchr",
 ]
 
 [[package]]
@@ -1888,7 +1902,7 @@ dependencies = [
  "clap_complete",
  "console",
  "ctrlc",
- "env_logger 0.10.1",
+ "env_logger",
  "flate2",
  "fuse_mt",
  "fuser",
@@ -1936,6 +1950,15 @@ dependencies = [
  "getrandom",
 ]
 
+[[package]]
+name = "rand_xorshift"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d25bf25ec5ae4a3f1b92f929810509a2f53d7dca2f50b794ff57e3face536c8f"
+dependencies = [
+ "rand_core",
+]
+
 [[package]]
 name = "rayon"
 version = "1.8.0"
@@ -2118,6 +2141,18 @@ dependencies = [
  "windows-sys 0.52.0",
 ]
 
+[[package]]
+name = "rusty-fork"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cb3dcc6e454c328bb824492db107ab7c0ae8fcffe4ad210136ef014458c1bc4f"
+dependencies = [
+ "fnv",
+ "quick-error",
+ "tempfile",
+ "wait-timeout",
+]
+
 [[package]]
 name = "ryu"
 version = "1.0.16"
@@ -2572,6 +2607,12 @@ version = "1.17.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
 
+[[package]]
+name = "unarray"
+version = "0.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eaea85b334db583fe3274d12b4cd1880032beab409c0d774be044d4480ab9a94"
+
 [[package]]
 name = "unic-langid"
 version = "0.9.4"
@@ -2619,6 +2660,15 @@ version = "0.9.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
 
+[[package]]
+name = "wait-timeout"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6"
+dependencies = [
+ "libc",
+]
+
 [[package]]
 name = "walkdir"
 version = "2.4.0"
diff --git a/age/Cargo.toml b/age/Cargo.toml
index bfc1a16c..d3bb0a02 100644
--- a/age/Cargo.toml
+++ b/age/Cargo.toml
@@ -86,8 +86,7 @@ criterion = "0.5"
 futures-test = "0.3"
 hex = "0.4"
 i18n-embed = { workspace = true, features = ["desktop-requester"] }
-quickcheck = "1"
-quickcheck_macros = "1"
+proptest = "1"
 test-case = "3"
 tokio = { version = "1", features = ["macros", "rt-multi-thread"] }
 
diff --git a/age/src/x25519.rs b/age/src/x25519.rs
index 6fa591c9..3cd84d0c 100644
--- a/age/src/x25519.rs
+++ b/age/src/x25519.rs
@@ -231,8 +231,7 @@ impl crate::Recipient for Recipient {
 #[cfg(test)]
 pub(crate) mod tests {
     use age_core::secrecy::ExposeSecret;
-    use quickcheck::TestResult;
-    use quickcheck_macros::quickcheck;
+    use proptest::prelude::*;
     use x25519_dalek::{PublicKey, StaticSecret};
 
     use super::{Identity, Recipient};
@@ -255,27 +254,27 @@ pub(crate) mod tests {
         assert_eq!(key.to_public().to_string(), TEST_PK);
     }
 
-    #[quickcheck]
-    fn wrap_and_unwrap(sk_bytes: Vec<u8>) -> TestResult {
-        if sk_bytes.len() > 32 {
-            return TestResult::discard();
-        }
-
-        let file_key = [7; 16].into();
-        let sk = {
-            let mut tmp = [0; 32];
-            tmp[..sk_bytes.len()].copy_from_slice(&sk_bytes);
-            StaticSecret::from(tmp)
-        };
-
-        let stanzas = Recipient(PublicKey::from(&sk))
-            .wrap_file_key(&file_key)
-            .unwrap();
-        let res = Identity(sk).unwrap_stanzas(&stanzas);
-
-        match res {
-            Some(Ok(res)) => TestResult::from_bool(res.expose_secret() == file_key.expose_secret()),
-            _ => TestResult::from_bool(false),
+    proptest! {
+        #[test]
+        fn wrap_and_unwrap(sk_bytes in proptest::collection::vec(any::<u8>(), ..=32)) {
+            let file_key = [7; 16].into();
+            let sk = {
+                let mut tmp = [0; 32];
+                tmp[..sk_bytes.len()].copy_from_slice(&sk_bytes);
+                StaticSecret::from(tmp)
+            };
+
+            let stanzas = Recipient(PublicKey::from(&sk))
+                .wrap_file_key(&file_key);
+            prop_assert!(stanzas.is_ok());
+
+            let res = Identity(sk).unwrap_stanzas(&stanzas.unwrap());
+            prop_assert!(res.is_some());
+            let res = res.unwrap();
+            prop_assert!(res.is_ok());
+            let res = res.unwrap();
+
+            prop_assert_eq!(res.expose_secret(), file_key.expose_secret());
         }
     }
 }
diff --git a/supply-chain/config.toml b/supply-chain/config.toml
index aa138d30..595cd76e 100644
--- a/supply-chain/config.toml
+++ b/supply-chain/config.toml
@@ -541,12 +541,16 @@ criteria = "safe-to-deploy"
 version = "1.0.4"
 criteria = "safe-to-deploy"
 
-[[exemptions.quick-xml]]
-version = "0.26.0"
+[[exemptions.proptest]]
+version = "1.2.0"
 criteria = "safe-to-run"
 
-[[exemptions.quickcheck]]
-version = "1.0.3"
+[[exemptions.quick-error]]
+version = "1.2.3"
+criteria = "safe-to-run"
+
+[[exemptions.quick-xml]]
+version = "0.26.0"
 criteria = "safe-to-run"
 
 [[exemptions.rand]]
@@ -605,6 +609,10 @@ criteria = "safe-to-deploy"
 version = "0.38.28"
 criteria = "safe-to-deploy"
 
+[[exemptions.rusty-fork]]
+version = "0.3.0"
+criteria = "safe-to-run"
+
 [[exemptions.ryu]]
 version = "1.0.15"
 criteria = "safe-to-run"
@@ -761,6 +769,10 @@ criteria = "safe-to-deploy"
 version = "1.15.0"
 criteria = "safe-to-deploy"
 
+[[exemptions.unarray]]
+version = "0.1.4"
+criteria = "safe-to-run"
+
 [[exemptions.unic-langid]]
 version = "0.9.4"
 criteria = "safe-to-deploy"
@@ -773,6 +785,10 @@ criteria = "safe-to-deploy"
 version = "1.6.1"
 criteria = "safe-to-run"
 
+[[exemptions.wait-timeout]]
+version = "0.2.0"
+criteria = "safe-to-run"
+
 [[exemptions.walkdir]]
 version = "2.4.0"
 criteria = "safe-to-deploy"
diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock
index 78b258b7..b4055c40 100644
--- a/supply-chain/imports.lock
+++ b/supply-chain/imports.lock
@@ -447,12 +447,6 @@ who = "Pat Hickey <phickey@fastly.com>"
 criteria = "safe-to-deploy"
 version = "1.0.8"
 
-[[audits.embark-studios.audits.quickcheck_macros]]
-who = "Johan Andersson <opensource@embark-studios.com>"
-criteria = "safe-to-deploy"
-version = "1.0.0"
-notes = "Proc macro. No unsafe usage or ambient capabilities"
-
 [[audits.embark-studios.audits.thiserror]]
 who = "Johan Andersson <opensource@embark-studios.com>"
 criteria = "safe-to-deploy"
@@ -518,18 +512,6 @@ criteria = "safe-to-run"
 delta = "0.9.14 -> 0.9.15"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
-[[audits.google.audits.env_logger]]
-who = "George Burgess IV <gbiv@google.com>"
-criteria = "safe-to-run"
-version = "0.9.3"
-aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
-
-[[audits.google.audits.env_logger]]
-who = "George Burgess IV <gbiv@google.com>"
-criteria = "safe-to-run"
-delta = "0.9.3 -> 0.8.4"
-aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
-
 [[audits.google.audits.fastrand]]
 who = "George Burgess IV <gbiv@google.com>"
 criteria = "safe-to-deploy"
@@ -966,6 +948,26 @@ version = "1.1.0"
 notes = "All code written or reviewed by Josh Stone."
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 
+[[audits.mozilla.audits.bit-set]]
+who = "Aria Beingessner <a.beingessner@gmail.com>"
+criteria = "safe-to-deploy"
+version = "0.5.2"
+notes = "Another crate I own via contain-rs that is ancient and maintenance mode, no known issues."
+aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
+
+[[audits.mozilla.audits.bit-set]]
+who = "Mike Hommey <mh+mozilla@glandium.org>"
+criteria = "safe-to-deploy"
+delta = "0.5.2 -> 0.5.3"
+aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
+
+[[audits.mozilla.audits.bit-vec]]
+who = "Aria Beingessner <a.beingessner@gmail.com>"
+criteria = "safe-to-deploy"
+version = "0.6.3"
+notes = "Another crate I own via contain-rs that is ancient and in maintenance mode but otherwise perfectly fine."
+aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
+
 [[audits.mozilla.audits.bitflags]]
 who = "Alex Franchuk <afranchuk@mozilla.com>"
 criteria = "safe-to-deploy"
@@ -1106,6 +1108,13 @@ criteria = "safe-to-deploy"
 version = "0.11.0"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 
+[[audits.mozilla.audits.fnv]]
+who = "Bobby Holley <bobbyholley@gmail.com>"
+criteria = "safe-to-deploy"
+version = "1.0.7"
+notes = "Simple hasher implementation with no unsafe code."
+aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
+
 [[audits.mozilla.audits.futures-channel]]
 who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
@@ -1950,6 +1959,17 @@ relies on the `RUSTC` environment variable for inspecting the compiler version).
 """
 aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
 
+[[audits.zcash.audits.proptest]]
+who = "Jack Grigg <jack@electriccoin.co>"
+criteria = "safe-to-deploy"
+delta = "1.2.0 -> 1.4.0"
+notes = """
+Adds support for generating arbitrary `PathBuf`s, but as this crate is intended
+for fuzzing in test environments this is within its expected scope (and the new
+API would be used intentionally by downstream tests).
+"""
+aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
+
 [[audits.zcash.audits.quote]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"
@@ -1962,6 +1982,12 @@ criteria = "safe-to-deploy"
 delta = "1.0.33 -> 1.0.35"
 aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
 
+[[audits.zcash.audits.rand_xorshift]]
+who = "Sean Bowe <ewillbefull@gmail.com>"
+criteria = "safe-to-deploy"
+version = "0.3.0"
+aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
+
 [[audits.zcash.audits.regex]]
 who = "Jack Grigg <jack@electriccoin.co>"
 criteria = "safe-to-deploy"