Proposing a P2QRH BIP towards a quantum resistant soft fork

In the recent correspondence, the use of SQIsign within a blockchain framework was acknowledged for its innovative approach but also flagged for potential vulnerabilities due to its novelty. The message highlighted the abrupt compromise of SIDH, evidenced by a significant breach documented in an academic paper, underscoring the unpredictable nature of cryptographic security. To mitigate similar risks with SQIsign, the recommendation was to integrate a hash-based backup key mechanism. This would serve as a contingency plan, ensuring robustness against possible future exploits.

The proposed structure for this backup involves a Merkle tree configuration, where one branch would house the SQIsign public key, and another would accommodate the public key from a hash-based recovery scheme. This design choice is minimalistic, potentially increasing the transaction data size by merely one bit, which specifies the use of the SQIsign branch. Among the suggested hash-based methods were Sphincs+, which has received NIST standardization but necessitates additional coding efforts, and Lamport, which, despite lacking official standardization, can be efficiently verified on-chain using OP-CAT. This strategic augmentation aims at bolstering the system’s resilience by preparing it for unforeseen cryptographic vulnerabilities, thereby enhancing overall security and reliability.