From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Sat, 20 Dec 2025 04:04:25 -0800 Received: from mail-qt1-f186.google.com ([209.85.160.186]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1vWvhA-0004uP-Ja for bitcoindev@gnusha.org; Sat, 20 Dec 2025 04:04:25 -0800 Received: by mail-qt1-f186.google.com with SMTP id d75a77b69052e-4ee0c1c57bcsf81946141cf.2 for ; Sat, 20 Dec 2025 04:04:24 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1766232258; cv=pass; d=google.com; s=arc-20240605; b=A52Uab7zUYJ6hw3Wyu9GXYoPlVe59zG0yk81ND5Miel0BHm7omTkU14S0ARkuEPNcV F8e0JgpYGPcvl91mGJfxytcoRQ5waxnZPU/D/+8Lnv++bMaFSyvYM7u+fQuPfmWR08vi bzod3lWJPCXjHpk+7sePGGUFBocOr3Gk38/vp6OGr305y1YO4uZ+mgWvNhK6T4hNF4nn rESTtQTYEIuOtqKlYd3IJ++8H4LnNpy0GDX1Xx1NpXA4XWtsCqGWGZ42gdkJVozwRNUn ZsjzuKWi0B0PX+w1AfJoiBfo2askwQt86xn9AWvxoFla92fHbWJj7UsovAErmJMFOY6F 1JTA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:sender:dkim-signature; bh=M5B5YZHsVj8lBs3XGYQ20EO+MZ6xUsgTaBRSwx3n7Iw=; fh=xnqM9e97yNURrruAFzslp03G+sSQY/oq3OiokhDHo0M=; b=aMqcuxSQIa1O4ZwMy2o+q4pAXWaQvCVOQSDsFSQOy6Aqd4Zb6OP8GSBhv8LZrw+tEN JiMpR+NbpR0c0FyO2pykiw5/6TecisQ72XK1x1u7ANY9E13gx5FJlCe4Ik52p0n3G3fp hwoRaLBW00K2NRMRRAFbbJaHfascsyTKyEG1FXMzWr4NeXsJ9/T42nAOryWMJsSyfqtC xUZhLORzD0NluPO9erba89UEHwvlVaIXULzZqHUwjVw7tbNKpExfPhorFJYMdFWBYk9E GzPx4oepat9aPuUV8E/itxy8qWeR4PpDuhLaUtyh4UsLW61tBmbaIJGXBE7uP+JzkZxU zgDg==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@q32-com.20230601.gappssmtp.com header.s=20230601 header.b=sCg2iEjs; spf=pass (google.com: domain of earonesty@gmail.com designates 2a00:1450:4864:20::533 as permitted sender) smtp.mailfrom=earonesty@gmail.com; dara=pass header.i=@googlegroups.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1766232258; x=1766837058; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:sender:from:to:cc:subject:date:message-id :reply-to; bh=M5B5YZHsVj8lBs3XGYQ20EO+MZ6xUsgTaBRSwx3n7Iw=; b=LM6e+hk9vWdsX6wRphfIpZaLKmqZ399ikl2aKp19jiNkGPvsXB7X2QKQFXYRHprV1e QhyZZx9A/Q5/Fx3z9K3m5fd5Sch5IFFJZ2kYdiESUCXiPy8wd0gFQhMRc99MtB10DfF/ l3dMRm//WSrQIS7BhP5Kpy3MldBcz7/gQyzej/mW3HI14caYSVJpE7b0NdhZc3StCjTf oo0JdagdOYGafsp0Z5IRwgdrqKMbnpvJhOhXX8Qyvr9CGlrplgUukp4YoTaQ45Wl2eUQ FkYC0Mdjfn1WfEBLd0o/8Uwheqo9TdCp99bWIqkOyP+vB9EXgG7duebUrHhoNa/JyTx8 iVUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1766232258; x=1766837058; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:x-gm-gg:x-beenthere:x-gm-message-state :sender:from:to:cc:subject:date:message-id:reply-to; bh=M5B5YZHsVj8lBs3XGYQ20EO+MZ6xUsgTaBRSwx3n7Iw=; b=bl6qtNnlTm+X9ZNToJbVGhnhRGlFu/cAC32FhTMOPRC3pSW/e7FLCu8cPsempuOobA pLa+3YRI822+n5dEgtJbObD1SM9HeOjccOG219zwOAGwUr+DN74LHeMBgN4b5USbjHZU w133G0O10E36dsdjDCy24Nod/SLg11TZquL8RhvyWTZZuymHSYiABCAtNO2NaiQx3pD3 mgRY0YDDlc1upeF+RXRtwZEiyV6PbZxHNaCuLhPl7M/tYrkCE7oXRhRT0WUxbjBf1UfI KE6TqrCipCRO8KtHCnD46ynVGmuoyqLer9X3jubnmx0H5JEh7OvgJnBpO7QV2+KnE1VH xXbg== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCW2mfe6vr1X05TUx9oUmZK7aR4G4RJJ5YZiJEuSF3ku7qxoYDmdQ4otmyAcGL5U+hQG8Av1sJLKayeU@gnusha.org X-Gm-Message-State: AOJu0YxCHMsAT65Pp31EVfxJ2wkwVn8CSzX5k8ttP6vG9zcSSRtHIDp3 VzAY3vNyrGa2fwPQf5QxVJ4Ub/cJqco4Y+F09chKLmF8mLeX8s73LKTb X-Google-Smtp-Source: AGHT+IGWVFTn3xFo70SxPe5qqBqQypR1cR6bX6293FdoP1FDsyydfDUzW+LqhOM5wZOnQDgoICXjVA== X-Received: by 2002:a05:622a:40c4:b0:4ed:aa7b:e1b6 with SMTP id d75a77b69052e-4f4abcb8c61mr98408981cf.12.1766232257899; Sat, 20 Dec 2025 04:04:17 -0800 (PST) X-BeenThere: bitcoindev@googlegroups.com; h="AWVwgWbzB68cZ3rpJqIjc+wlWiXNJ3htzOvs+XdcgI3YxatRLA==" Received: by 2002:ac8:7c44:0:b0:4ed:d8e7:bb76 with SMTP id d75a77b69052e-4f1ced6dfb4ls126155701cf.2.-pod-prod-04-us; Sat, 20 Dec 2025 04:04:12 -0800 (PST) X-Received: by 2002:a05:620a:1a0c:b0:8b1:d2f7:9586 with SMTP id af79cd13be357-8c08fd041c2mr890923085a.64.1766232252762; Sat, 20 Dec 2025 04:04:12 -0800 (PST) Received: by 2002:ab3:5782:0:b0:2cb:e387:155d with SMTP id a1c4a302cd1d6-2d87ea824f9msc7a; Fri, 19 Dec 2025 17:14:20 -0800 (PST) X-Received: by 2002:a2e:bea2:0:b0:37b:9976:df0d with SMTP id 38308e7fff4ca-38121636097mr12052581fa.21.1766193257907; Fri, 19 Dec 2025 17:14:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1766193257; cv=none; d=google.com; s=arc-20240605; b=CcnlO9YZDEoNS+lQneFoWT0fXxGhyCuYL5gtnnHdfchX7unt9apHsES+vmJpLWMSYX 3G9E/nVLz4neBcX3m/fp41OLB3PKY+0qs612aWxoqKOaMrNM4yKcpKT0S0wiYSA96+1B dI9TbL8UDbmMTdd/h1LrdueE+iUAnZtfxvWIpdiB4seSJwICpRorHv80aq+W51mS3XxP pzeZq6SUnKs++/wRky/6ucrlOwR/52wObqDWFZLUpaQcs9ftyWDbETLnm910A/zWGLK+ 1DbLisWtvmlQ+w1WYE4JNA8mmZ5l44orEjCeOXysxvpgUe8xyIeKnfLuKD+CM7KSJVw5 Wwhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=nyf2hYCQXCAPd5cS1XIXvMtGzBv6XfczHdU3U4F+OlY=; fh=cgOCP+hW58VXKHQ+ImRZV/rd71/nEyQizZrr4l2P0HQ=; b=XXWl0kv5tnhtY2iSJL886qhqbc8pazB/zgEnumna2+R/yEmvorBfXhITbt4pZMP0an 6x5RTx3fygfwqGhpDzufqogs7SLPVszh0srYialXLWPOaISjeU5mqdRXYu63cwxHhh+k envFIuZLdf5PM8IgvhWBoY28B62mNMxDX1bLW2cQLvjrSvK5qv5SQiESMJ31x59RmLP0 eHRww+sparnaYODXMZUT48yx8dSiVeVXA6SuBJT8gik03VR6stc+gtMCWoqxFbNPiVtI iOwqzSlmJzg3R/uZ4fc8Jf55mEQPzNkuQ0e236LX1GgWMNsM5DhaR1tP9AcwEvg074XD bbgA==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@q32-com.20230601.gappssmtp.com header.s=20230601 header.b=sCg2iEjs; spf=pass (google.com: domain of earonesty@gmail.com designates 2a00:1450:4864:20::533 as permitted sender) smtp.mailfrom=earonesty@gmail.com; dara=pass header.i=@googlegroups.com Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com. [2a00:1450:4864:20::533]) by gmr-mx.google.com with ESMTPS id 38308e7fff4ca-381224d4e27si598531fa.1.2025.12.19.17.14.17 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 19 Dec 2025 17:14:17 -0800 (PST) Received-SPF: pass (google.com: domain of earonesty@gmail.com designates 2a00:1450:4864:20::533 as permitted sender) client-ip=2a00:1450:4864:20::533; Received: by mail-ed1-x533.google.com with SMTP id 4fb4d7f45d1cf-64b7a38f07eso2868863a12.0 for ; Fri, 19 Dec 2025 17:14:17 -0800 (PST) X-Gm-Gg: AY/fxX7hfo5eC3XUeOXi2f1JGIqrsYGf2DhQe6ANPfoWWMQOZbomDTGy9wXGfZAPb1d PHeC9NhMgcqBfES1UVKM4aj5pO3qg3j5uxbm9isT+qNp1zfc1lCdkkfIkWUj80waFV2aVfFtMmZ 2yOlBG2RXLen6WBJShYH6Lo+9wy6O6zKYrcCHz0X0FK5KSffLMmghMnpEga8auzTNq9XWCHK5Co 145elkIQCakiLBiqqOWqpOhnn5hFGBWB0jPTliBvwQeu8VHJK1favH2CZil8H1J8GC4fJlKDkCc 6oLFjZ2yrMdUiUxLLxz3aQfFHkqbuwVkjdZUeAdJIBOgWN9Of1fsoWyppaQi5U4e X-Received: by 2002:a17:907:e106:b0:b80:4103:537e with SMTP id a640c23a62f3a-b80410355bcmr229778366b.53.1766193257046; Fri, 19 Dec 2025 17:14:17 -0800 (PST) MIME-Version: 1.0 References: <3e815d03-5e21-41ed-ba1a-4f9b2120a986n@googlegroups.com> <60d61084-f1aa-4911-a615-77d8597645c0n@googlegroups.com> In-Reply-To: From: Erik Aronesty Date: Fri, 19 Dec 2025 17:14:05 -0800 X-Gm-Features: AQt7F2pmOXQIEqiIwtxpXJPZY1jZZbnpc3xJBuPCR1ZYoR2WXCwjoaMpmDKjgtY Message-ID: Subject: Re: [bitcoindev] Re: Hash-Based Signatures for Bitcoin's Post-Quantum Future To: Jonas Nick Cc: Bitcoin Development Mailing List Content-Type: multipart/alternative; boundary="000000000000b0e734064657e976" X-Original-Sender: erik@q32.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@q32-com.20230601.gappssmtp.com header.s=20230601 header.b=sCg2iEjs; spf=pass (google.com: domain of earonesty@gmail.com designates 2a00:1450:4864:20::533 as permitted sender) smtp.mailfrom=earonesty@gmail.com; dara=pass header.i=@googlegroups.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.7 (/) --000000000000b0e734064657e976 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable this scheme has no mitm attack or replay attack because of the use of covenants to secure each step in the chain The best part about starting with something like this is that we can have a safe quantum vault, too useful covenants that are broadly helpful for other vaulting schemes, while we develop a proper library that is both performant and efficient for quantum signatures. secp256k1 has been optimized to the point where timing attacks are challenging, and I wouldn't want to use some sort of quantum library that hasn't had that level of optimization. simple commit reveal schemes use hashes that are well known to be quantum resistant. I consider that a lot safer at first step forward. especially because we can take that step sooner than later without too much discussion over implementation since the underlying covenants have been well studied. (txhash and ctv) we can't say that about any signature schemes. On Fri, Dec 19, 2025, 3:34=E2=80=AFAM Jonas Nick wr= ote: > This appears to be a variant of a commit-reveal scheme, a design that has > been > discussed a few times on this mailing list. Commit-reveal schemes come wi= th > their own set of trade-offs. > > -- > You received this message because you are subscribed to the Google Groups > "Bitcoin Development Mailing List" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to bitcoindev+unsubscribe@googlegroups.com. > To view this discussion visit > https://groups.google.com/d/msgid/bitcoindev/b6df02a0-8d69-4882-a13c-411b= c90adfa1%40gmail.com > . > --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/= CAJowKgL-VBTgbacpbPStGMqe6u6Y7wB6fWNiGy28zWfkCODp%3DA%40mail.gmail.com. --000000000000b0e734064657e976 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
this scheme has no mitm attack or replay attack because o= f the use of covenants to secure each step in the chain
The best part about starting with something like = this is that we can have a safe quantum vault, too useful covenants that ar= e broadly helpful for other vaulting schemes, while we develop a proper lib= rary that is both performant and efficient for quantum signatures.=C2=A0=C2= =A0

secp256k1 has been o= ptimized to the point where timing attacks are challenging, and I wouldn= 9;t want to use some sort of quantum library that hasn't had that level= of optimization.=C2=A0

= simple commit reveal schemes use hashes that are well known to be quantum r= esistant. I consider that a lot safer at first step forward. especially bec= ause we can take that step sooner than later without too much discussion ov= er implementation since the underlying covenants have been well studied. (t= xhash and ctv)

we can= 9;t say that about any signature schemes.

=


On Fri, Dec 19, 2025, 3:3= 4=E2=80=AFAM Jonas Nick <jonasd= .nick@gmail.com> wrote:
This= appears to be a variant of a commit-reveal scheme, a design that has been<= br> discussed a few times on this mailing list. Commit-reveal schemes come with=
their own set of trade-offs.

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com.=
To view this discussion visit https://groups.google.com/d/msgid/bitcoin= dev/b6df02a0-8d69-4882-a13c-411bc90adfa1%40gmail.com.

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/= msgid/bitcoindev/CAJowKgL-VBTgbacpbPStGMqe6u6Y7wB6fWNiGy28zWfkCODp%3DA%40ma= il.gmail.com.
--000000000000b0e734064657e976--