Bitcoin Forum
December 30, 2025, 07:53:29 AM *
News: Latest Bitcoin Core release: 30.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Notes on adding a post-quantum signature path to a Bitcoin-derived protocol
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Notes on adding a post-quantum signature path to a Bitcoin-derived protocol  (Read 33 times)
jwlcore (OP)
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 28, 2025, 06:42:07 PM
 #1
This is an experimental effort based on a Bitcoin-derived codebase.

The goal is not to replace Bitcoin or alter its existing cryptographic rules,
but to introduce an additional post-quantum signature verification path at the
consensus level.

The approach is modular:

- Legacy ECDSA/secp256k1 remains untouched and continues to validate historical
  data and legacy outputs.
- A new script opcode introduces post-quantum signature verification (currently
  Dilithium-based) as a separate consensus path.
- The scriptPubKey explicitly determines which verification path is used, so
  there is no ambiguity for nodes.

Post-quantum signatures are intended to become the default for newly created
outputs over time, while legacy cryptography remains only for compatibility.
No hard cutoff, no forced migration.

At the current stage:
- The post-quantum opcode is integrated into the script engine.
- Deterministic consensus tests are passing.
- There is no mining, no release, and no economic activity yet.

This post is not an announcement and not a proposal for deployment.
It is shared to explain the design and to invite technical discussion
around consensus safety, script semantics, and long-term maintainability.
jwlcore (OP)
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
December 28, 2025, 07:01:43 PM
Last edit: December 28, 2025, 08:25:56 PM by jwlcore
 #2
For clarity, here is a screenshot of the current build and test output.

The post-quantum opcode is compiled as part of the codebase and exercised
through deterministic script-level tests.

No claims beyond that — just showing the current state of the implementation.

https://ibb.co/MDWqFPjw
https://ibb.co/1tWRCwjB

We have completed the most important consensus part for MVP PQCHECKSIG in pre-tapscript:
EvalPQChecksigPreTapscript(...) it already exists and does:
FindAndDelete for BASE
empty-sig → success=false
calls checker.CheckPQSignature(...)
NULLFAIL does not fix specific errors
  GenericTransactionSignatureChecker<T>::CheckPQSignature(...) now:
gives SCRIPT_ERR_PUBKEYTYPE if the pubkey is the wrong size
  gives SCRIPT_ERR_SIG_DER if the sig is the wrong size
  considers SignatureHash(...) consensus
calls PQ_Verify(...)

And the tests confirmed it: “6 test cases passed”
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Notes on adding a post-quantum signature path to a Bitcoin-derived protocol
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!