Falcon Post-Quantum Signature Scheme Proposal

In the discussion about the future of post-quantum (PQ) cryptographic schemes in the realm of Bitcoin development, several key points are raised concerning the implementation and theoretical considerations of these new technologies. The conversation initially focuses on the necessity of not imposing arbitrary requirements on PQ schemes that are not already applied to existing cryptographic standards such as Schnorr or ECDSA signatures. This stance underscores a broader principle of equitable standards for emerging cryptographic methods, especially those that may impact offchain transaction systems which are still largely speculative and unproven.

The debate further delves into the practical implications of proposed PQ schemes, particularly regarding their potential to significantly increase the blockchain's onchain footprint or verification costs. Such increases could severely impact transaction throughputs and exacerbate centralization pressures, unless there are specific qualities within these schemes that can mitigate these drawbacks. The concept of batched or aggregated signing and the role of Cryptographic Information Security Assurance (CISA) are mentioned as possible mitigating factors. However, the acceptance of any PQ scheme without such amelioration is questioned, highlighting the challenges of balancing innovation with the practical realities of blockchain scalability and security.

Furthermore, the dialogue touches upon the flexibility within the development community towards adopting multiple PQ schemes over time, even if initial prototypes do not offer scalable solutions. This openness reflects a pragmatic approach to technological evolution, acknowledging the difficulties inherent in creating compatible and efficient cryptographic advancements. Questions around the support for adaptors and whether any plausible PQ candidates possess this feature also emerge, indicating an interest in the nuanced details of how these schemes might integrate with existing transaction mechanisms.

Overall, the conversation encapsulates the complexities of integrating PQ cryptography into Bitcoin, emphasizing the need for careful consideration of both theoretical ideals and operational realities. The discourse suggests a balanced perspective is necessary, one that values innovative approaches while critically assessing their impact on the broader ecosystem.