SHRINCS: 324-byte stateful post-quantum signatures with static backups

In the exploration of cryptographic advancements, particularly in the context of blockchain technology, a significant discussion revolves around the deployment of XMSS (Extended Merkle Signature Scheme) as an alternative to traditional taproot and WOTS+ implementations. The proposal underlines a strategic modification to XMSS merkle branches, advocating for a directionless structure, much like that of taproot trees. This approach is driven by the objectives of enhancing succinctness and privacy within blockchain transactions.

The conventional XMSS implementation necessitates the revelation of the WOTS leaf path within the tree. This requirement not only leads to an inefficient use of block space but also compromises privacy. Knowledge of the tree structure enables an observer to deduce the number of signatures previously issued by a key, alongside its remaining capacity. Conversely, a directionless balanced XMSS tree introduces an element of ambiguity regarding the count and sequence of signatures associated with a specific key. Such ambiguity persists even if the observer is aware of the tree's height, rendering the exact count of prior or subsequent signatures indiscernible without additional external data.

Moreover, the proposal highlights a distinction between balanced and unbalanced XMSS trees, specifically in the context of signature count revelation through merkle path length observation. A directionless approach effectively masks this differentiation, presenting a unified appearance of the on-chain signature fingerprint across diverse tree structures. Consequently, this allows for a greater degree of freedom and privacy for users and wallets in selecting the XMSS tree height and structure, without compromising the integrity of the verification process. The authentication path and WOTS signature would continue to validate against the correct root hash, thereby maintaining the security and reliability of the transaction mechanism.