P2WOTS: Post Quantum UTXO Winternitz Signatures

This approach utilizes lightweight Winternitz signatures integrated within the Bitcoin framework, allowing each transaction to be secure without necessitating a hard fork, thanks to compatibility with BIP-141. The core innovation here lies in the generation of a new receive address for each transaction, incorporating a fresh Winternitz public key (wots_pk) that is embedded directly into the receive address. This method ensures that each Unspent Transaction Output (UTXO) is handled individually, maintaining security and privacy without the need for account-level management as seen in Ethereum.

Further improvements have been suggested following feedback, notably addressing the limitations of Winternitz One-Time Signatures (WOTS). Initially, the proposal did not fully accommodate scenarios where a UTXO needs to be signed multiple times due to address reuse, multi-user transactions, or fee adjustments. In response, an update was made to include a Merkle Key Tree within each address, providing up to 64 signing opportunities per UTXO, thereby expanding the usability and security of this system. Additionally, concerns about fee bumping have led to guidance against the use of Replace-By-Fee (RBF) for P2WOTS inputs and recommendations for using Child Pays For Parent (CPFP) via a P2TR change output to safely adjust transaction fees after broadcast.

Moreover, the proposal now integrates native multi-signature support and ensures compatibility with existing Bitcoin infrastructure such as the Lightning Network. These enhancements aim to make the proposal robust enough to offer comprehensive post-quantum security while retaining efficiency and compatibility with current Bitcoin operations. The ongoing revisions will continue to refine these mechanisms to ensure they meet the rigorous demands of Bitcoin’s decentralized network.

For further details on the proposal and access to the source code, please refer to the following resources: Proposal, Code Repository, and WOTS-39 Essay. These documents provide a deeper insight into the technical underpinnings and broader implications of the proposed post-quantum cryptographic methods for Bitcoin.