Blockstream Researchers Explore Hash-Based Post-Quantum Signatures for Bitcoin

Blockstream researchers Mikhail Kudinov and Jonas Nick have published a detailed analysis of hash-based post-quantum signature schemes as potential long-term security solutions for Bitcoin^[1].

The paper evaluates cryptographic approaches that rely exclusively on hash functions rather than number-theoretic assumptions, making them suitable candidates for Bitcoin since they build on SHA-256, already fundamental to the protocol's design^[1].

While NIST has standardized SLH-DSA (SPHINCS+) as a post-quantum signature scheme, the researchers analyzed alternative constructions better aligned with Bitcoin's performance and size constraints^[1]. Using recent techniques including SPHINCS+C, TL-WOTS-TW, and PORS+FP, signature sizes could be reduced to approximately 3-4 kilobytes—comparable to lattice-based schemes like ML-DSA^[1].

The study addresses practical deployment considerations including compatibility with hierarchical deterministic wallets, multi-signature constructions, and security targets under quantum attack models^[1]. The researchers released scripts for independent verification and invited community feedback on hardware requirements and standardization choices^[1].

The authors emphasized that large-scale quantum computers capable of breaking current elliptic-curve signatures remain speculative, framing post-quantum preparedness as a long-term engineering challenge rather than an immediate threat^[1].