P2QRH / BIP-360 Update

The discussion opens with considerations for adding multisig semantics to attestation mechanisms in blockchain technologies, highlighting the necessity for separate multisig semantics like quorum and total for each class of key. This approach ensures robustness against potential vulnerabilities in Schnorr signatures or other Post-Quantum Cryptography (PQC) signatures by not allowing compromised signatures to count towards the quorum of other signature types.

In the realm of attestation structure, the conversation points out a safeguard against arbitrary data inclusion within attestations. It is emphasized that each signature public key pair must be capable of verifying the transaction message for it to be deemed a valid transaction. This process entails that upon transaction verification, each public key and signature pair is validated against the transaction message, thereby maintaining the integrity of the transaction validation process.

A request for further details on a specific attack targeting Multisignature 256-bit security was mentioned, seeking insights into how this attack operates and potential mitigation strategies. This indicates ongoing concerns regarding security measures and the need for continuous evaluation of cryptographic schemes' resilience against evolving threats.

General comments touched on concerns over worst-case transaction verification times and the necessity to examine NIST I variants along with their signature verification times. The goal is to compute worst-case scenarios considering different discount constants, indicating a proactive approach to understanding and mitigating potential bottlenecks in transaction processing.

The discussion also covers the proposal of adding three signature schemes to enhance security and efficiency. This addition would allow wallets to dynamically determine the number of signatures based on the transaction value, potentially increasing fee revenue for miners and addressing security assumptions. Despite increasing complexity, the introduction of smaller signature schemes like ML-DSA and FN-DSA alongside the larger SLH-DSA is considered, with the latter enjoying strong support despite its size. The proposed creation of a libbitcoinpqc library, analogous to libsecp256k1, is envisioned to facilitate these changes, backed by resources from Anduro for its development.

Lastly, there is enthusiasm for upcoming developments in signature aggregation, particularly for FN-DSA, with hopes that similar advancements could also benefit SLH-DSA. These improvements are eagerly anticipated for their potential to enhance security and efficiency once activated, showcasing an ongoing commitment to advancing blockchain technology's foundational aspects.