Blockstream Analysis has launched a brand new technical paper analyzing how hash-based digital signature schemes could possibly be tailored to be used in Bitcoin as a possible protection in opposition to future quantum computing threats.
We simply revealed “Hash-based signatures for Bitcoin,” a brand new evaluation of post-quantum schemes by @kudinov_mikhail and myself at @blksresearch.
This paper serves as a delicate intro to hash-based schemes and explores easy methods to optimize them particularly for utility in Bitcoin. 🧵 pic.twitter.com/Ge701QCnun
— ncklr (@n1ckler) December 9, 2025
The research, authored by Mikhail Kudinov and Jonas Nick, offers an in depth analysis of post-quantum cryptographic approaches that rely solely on hash features quite than number-theoretic assumptions.
The paper focuses on hash-based signatures as a candidate for long-term Bitcoin safety as a result of their safety mannequin relies upon solely on cryptographic hash features, primitives already foundational to Bitcoin’s present design by way of SHA-256.
Whereas the U.S. Nationwide Institute of Requirements and Expertise (NIST) has already standardized SLH-DSA (SPHINCS+) as a post-quantum signature scheme, the authors analyze different constructions that could be higher aligned with Bitcoin’s efficiency, measurement, and integration constraints.
A central contribution of the analysis is its examination of how parameter selections and new optimizations have an effect on signature measurement and computational effectivity.
The authors report that, utilizing current strategies similar to SPHINCS+C, TL-WOTS-TW, and PORS+FP, signature sizes could possibly be lowered to roughly 3–4 kilobytes, inserting them in a spread akin to lattice-based post-quantum schemes like ML-DSA.
Past uncooked efficiency metrics, the paper additionally addresses broader system-level issues that may have an effect on any potential deployment in Bitcoin.
These embrace the trade-offs between stateful and stateless signature schemes, compatibility with hierarchical deterministic (HD) wallets, sensible limits for multi-signature and threshold-signature constructions, and concrete safety targets beneath quantum assault fashions.
The researchers have additionally launched scripts used to generate the parameter and efficiency evaluation to permit others to breed and consider the outcomes independently.
They particularly invited suggestions on {hardware} efficiency necessities and on how standardization selections may form future implementations.
Though the authors emphasize that large-scale quantum computer systems able to breaking right this moment’s elliptic-curve signatures stay speculative, the paper frames post-quantum preparedness as a long-term engineering problem quite than a near-term emergency.
Their evaluation provides to a rising physique of analysis exploring how Bitcoin may evolve cryptographically over the approaching a long time with out departing from its present belief assumptions.
Share this text