From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Tue, 19 May 2026 19:07:01 -0700
Received: from mail-oa1-f57.google.com ([209.85.160.57])
	by mail.fairlystable.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <bitcoindev+bncBC53PRH7ZYORBO5OWTIAMGQEIJEE2TI@googlegroups.com>)
	id 1wPWKr-0000Mt-Hz
	for bitcoindev@gnusha.org; Tue, 19 May 2026 19:07:01 -0700
Received: by mail-oa1-f57.google.com with SMTP id 586e51a60fabf-439ba95ef42sf9971265fac.1
        for <bitcoindev@gnusha.org>; Tue, 19 May 2026 19:07:01 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1779242816; cv=pass;
        d=google.com; s=arc-20240605;
        b=RFCDAC8tRvI52i0LpnRDD8qfYh6yWaDE3ma+FNnSYN5E5rEW0jjPNF1ZjR/i4uFi5p
         2ELp9yCT/tCmSi3/PkLqxtRViCX61OVX/cIw2bkwmUlwqSDJGKb8qyZUbpzMuaEi3FEm
         5ZnHTML9YpHNe/84QwGg2Kh8vhP3udjFb4n7g0z4xSBTNaFdQUlOTFaRhrt0eXGEp5W3
         6NumGCGdwsd05TJSeE8AgZe2/lWwbkwdFS2SdZXgVd6Xru6Id4FpzefkXH5lkV79F73b
         WePZX8h2g3nXrmOPGM+G96m6AQwlGMnc/kRq7tXDP74SOz3bK9FgbXa+fXHpMLXFJ2q0
         VYVg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:content-transfer-encoding:subject
         :message-id:to:from:date:mime-version:feedback-id:sender
         :dkim-signature;
        bh=lfsFssnzVsBAzYSmXoLs3uqN43F2K8GhMUZj3yy4rjg=;
        fh=9yOALym9ljnLGCtTMFAKxzWXybun69DFaP887cunBuA=;
        b=izUkuycGJwkpKL2mEHnW4VdOVWsfFTYq56rY2HqA5+cAX48LkGGSjuD1Xl52vE3pT3
         B4PMvuADg+Igcp+BP7ZbhONvvlPwM0TKlimXtAxCumtu21cZeZYoALSPClVicY+mQulS
         YAW4rRva/Emz9/CCidi744lPwDZnJyO1UQczrOU4Vy/AbcXJIWqjBvVjGPNmlP2KDGX1
         PzSQWpx6OBJFvW1xx4KB0ZT+WqOMxJs8w8OdAcTGXopCpLLXrpQlcsIrAtftHWfCe5sj
         7FDvxVmlSckNLhf0+Y7VVcF/6jnLzqm7f1XXFFbt87HkTCW1zY0cZZGb/SG1bXVRZ981
         Lggg==;
        darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=permerror (no key for signature) header.i=@karetnikov.org header.s=2022-03.pbsmtp header.b=KF8QfL0r;
       dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=jqFFFZvq;
       spf=none (google.com: nikita@karetnikov.org does not designate permitted sender hosts) smtp.mailfrom=nikita@karetnikov.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20251104; t=1779242816; x=1779847616; darn=gnusha.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:content-transfer-encoding:subject:message-id:to
         :from:date:mime-version:feedback-id:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=lfsFssnzVsBAzYSmXoLs3uqN43F2K8GhMUZj3yy4rjg=;
        b=PLLoVq2jlr4ivcrjruJI2ZHtCo3x0rlfn4Ct0+a0wprOHwYlgglJxBLAwvU0ynC/us
         1H0WQYmrMN7Rm/aH9tuG2bu3JKvl6vNo6SqL2LgJ/TM/P/wzYJdSdwQSj4t6QD8XFvLS
         qzD/7z1mEySwKcBNn9622Z6pkY6KRSL/1fm63G/u0DvdYkvw80q7yLMSk0dG06LWdZPG
         wIWmdOJ+Ks3ULgD+3CJD9hUg6+51ZkFdnflg++7Bck6B4k5sxEgXFZS5xRpNOSi4ynRG
         B9VR54V17iABAzz+JThH4VohKxQwUcbkclMkwDkkPf5l6FRxIY+xPuzpvS7PSJCBk4Bc
         IFBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779242816; x=1779847616;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:content-transfer-encoding:subject:message-id:to
         :from:date:mime-version:feedback-id:x-beenthere:x-gm-message-state
         :sender:from:to:cc:subject:date:message-id:reply-to;
        bh=lfsFssnzVsBAzYSmXoLs3uqN43F2K8GhMUZj3yy4rjg=;
        b=Ve8LvOBtRVpOFjgfC1TtWBVaAYBpsNaNk3w0OxTfJLmz80hF3AXyvJgOsWWjSfrgGk
         wUjArpicvvPWh+KTcwDbjERGfBJt/N5E9v4d+F7baacPqoo4FeC4jwAP/Rq1cp/l38BE
         tqGpe6pxOXSD+6lMJ09BC3eWgAh9qERgT/W5e4TA3lGb5vH5TWh9/SGNpGDpn7qpc84t
         LwNUsVnniDhB3aVhjyMyquwJN90aT99eOogNVFYxgIYc83yfxWvJNFMkZAvvGcztzVne
         3oSRdomGUR6NlhxK0TLxdr8rwfBh/MCcyfhhTsmUNyCt0LLtDyvrGyfqPNjYrhqTR0m1
         7/0w==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AFNElJ9NZHUeCRhIdAr8Kg1HhvjLdU2nGWJ3S/NJywBuHnHpQhDTnlGOq4IbG9s2S0nd8ULOTJkK0IoLSB84@gnusha.org
X-Gm-Message-State: AOJu0YxX3h1zKXWz5DHTvnAgGAIhBd7lS21jDWMRXxRimCPUusEvzPnX
	tlXKFRahEuLLTYmvj1qpxCuBG00O45/w+oWDijHxhKQYcggkDI6ondly
X-Received: by 2002:a05:6870:718c:b0:423:b2de:3b45 with SMTP id 586e51a60fabf-43a2dd67ce5mr13862322fac.28.1779242815742;
        Tue, 19 May 2026 19:06:55 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h="AUV6zMMtHQGvsFwwch75/WOpCdNSzIa45irlyW3LQWyVVkuEzA=="
Received: by 2002:a05:6870:2492:b0:439:d3ee:8e40 with SMTP id
 586e51a60fabf-43a01d46d5cls5491023fac.1.-pod-prod-09-us; Tue, 19 May 2026
 19:06:51 -0700 (PDT)
X-Received: by 2002:a05:6808:150a:b0:467:14c7:a8b5 with SMTP id 5614622812f47-482e562ef31mr14251806b6e.10.1779242811427;
        Tue, 19 May 2026 19:06:51 -0700 (PDT)
Received: by 2002:a05:6809:52:20b0:47c:339e:add7 with SMTP id 5614622812f47-482b30a2ed4msb6e;
        Tue, 19 May 2026 12:35:22 -0700 (PDT)
X-Received: by 2002:a17:90b:3e81:b0:366:decb:d119 with SMTP id 98e67ed59e1d1-369519cc0demr21039930a91.11.1779219321295;
        Tue, 19 May 2026 12:35:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1779219321; cv=none;
        d=google.com; s=arc-20240605;
        b=Ku1D+DDHzPIyvw6WO6x8vmqmDcCXHgRDLaz5iza5e7hIJXOpoXilkhC9ztiS5SkRll
         vm0q5qJP3zQ8wnu6ANH7rX0a0EhTnxJQsvT53I+bqYp0hAell6FGo8SU4SAoejO+p9y4
         9McH10Cm6Q3T1WVYmhRuJydspUV1jS0mjxuYZyG43qH976yA2EVjgtaF1teF9XyqXqGh
         TN1q5yK/J5rI6wa5uOB/sqYM5xzVmzqUzOxLeY78X8H172jXXvsJeTz8kYL0TKD9bw1S
         pwHuLezRA81zd9wrui8cndBSagFqCMiyToe0zG01ZNlGKl20Wt/1oYp6qRVfqeFu0T7i
         sN0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=content-transfer-encoding:subject:message-id:to:from:date
         :mime-version:feedback-id:dkim-signature:dkim-signature;
        bh=2y0QuQKbUp1Ic5ftaYZUZVoQoCl0qcBWE1yBysSNudQ=;
        fh=VcGcg+Zjs9gw1uDcHbxsAILhBAcecnbJzZRdxgKVDIc=;
        b=UhK8bAcwqxGa3JaWuc/J7Uv1V9XFCGyi/GcaXmSmPRjRTYU6rUWpVHQprUp3uOwOeZ
         JwtQLLwoMQ6SbT4gn3fPj5GjSjvd35a/igtDjgKWuY02X0UTote5JLc2qSpItJuYvPik
         2B/H0XsHhRNUjdgrrWVNf2YovDnFgwstEe6qsb48jLL42Ny3/ssXDGKaA6tyKwyz1967
         Uyv3uKSHLdnWb+VsM1u0ulRCmCWr20zh6rJVZV4jS7gpJH4rIDFEeC8IfXgBOFDORKuS
         kuYdLtr0tahWlnbob+mOGfmNV0CakdG5zk/LTNUJpFAWiLxX4it0cIa4RuYbROuvbk9T
         +BWg==;
        dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=permerror (no key for signature) header.i=@karetnikov.org header.s=2022-03.pbsmtp header.b=KF8QfL0r;
       dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=jqFFFZvq;
       spf=none (google.com: nikita@karetnikov.org does not designate permitted sender hosts) smtp.mailfrom=nikita@karetnikov.org
Received: from fhigh-a5-smtp.messagingengine.com (fhigh-a5-smtp.messagingengine.com. [103.168.172.156])
        by gmr-mx.google.com with ESMTPS id 98e67ed59e1d1-369703281cfsi172879a91.2.2026.05.19.12.35.20
        for <bitcoindev@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 May 2026 12:35:20 -0700 (PDT)
Received-SPF: none (google.com: nikita@karetnikov.org does not designate permitted sender hosts) client-ip=103.168.172.156;
Received: from phl-compute-03.internal (phl-compute-03.internal [10.202.2.43])
	by mailfhigh.phl.internal (Postfix) with ESMTP id C7F731400096
	for <bitcoindev@googlegroups.com>; Tue, 19 May 2026 15:35:19 -0400 (EDT)
Received: from phl-imap-09 ([10.202.2.99])
  by phl-compute-03.internal (MEProxy); Tue, 19 May 2026 15:35:19 -0400
X-ME-Sender: <xms:d7sMaj6xq3hl2y7bIgpbSFh9teurovxUSG4dw3ZjGtDa9W0dGSTggA>
    <xme:d7sMajv_DqdGbuhoRbywLkWSdhVwd8Z4A7-dUM3FYIpslOPpGRPj5YKImXnJ2Qj9S
    zBkuJhq8gIDdmuvNS1lTFj1Z7X6c_YwkEWr0SI7hCMTuYpJhZiHpQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefhedrtddtgddugedviedtucetufdoteggodetrf
    dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu
    rghilhhouhhtmecufedttdenucenucfjughrpefoggffhffvkffutgfgsehtqhertdertd
    ejnecuhfhrohhmpedfpfhikhhithgrucfmrghrvghtnhhikhhovhdfuceonhhikhhithgr
    sehkrghrvghtnhhikhhovhdrohhrgheqnecuggftrfgrthhtvghrnhepvefhhffhheeife
    ehhfelveegvdduhefgheffveduuefgleefjeelieehhedvvdegnecuffhomhgrihhnpegs
    lhhotghkshhtrhgvrghmrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg
    hmpehmrghilhhfrhhomhepnhhikhhithgrsehkrghrvghtnhhikhhovhdrohhrghdpnhgs
    pghrtghpthhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepsghithgtoh
    hinhguvghvsehgohhoghhlvghgrhhouhhpshdrtghomh
X-ME-Proxy: <xmx:d7sMahcmiz13BHslxKDgU-5jscsuT1niYl_XOvUsmigP_O-8dKBD6w>
    <xmx:d7sMamL2S-5v8l_jEPBEm4lCitEgXOJ76GbVn7HwfmVc7-AGr0YKiQ>
    <xmx:d7sMagJfLlCXPzOTs5q5Xn9R-T7GR6kxwbUxv9ZmBDs6ZBmnqRWYhw>
    <xmx:d7sMagHBZ4dY8vUoMi58r3Pcmx-ilxR2dOfrRcC5bvwliUiptdgw6Q>
    <xmx:d7sMak07h6_91k_jCl6Wu71fa98HzusTMB4zvcpWo4SbV-h24ND4ztn1>
Feedback-ID: i852146ca:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501)
	id 62E793020086; Tue, 19 May 2026 15:35:19 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
X-ThreadId: AL3DWMkFr4zZ
Date: Tue, 19 May 2026 21:33:22 +0200
From: "Nikita Karetnikov" <nikita@karetnikov.org>
To: bitcoindev@googlegroups.com
Message-Id: <ffa56d63-32c6-4fc3-a150-4fe62ac2e00b@app.fastmail.com>
Subject: [bitcoindev] PQC: Lattice-based signatures
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Original-Sender: nikita@karetnikov.org
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=permerror (no
 key for signature) header.i=@karetnikov.org header.s=2022-03.pbsmtp
 header.b=KF8QfL0r;       dkim=pass header.i=@messagingengine.com header.s=fm3
 header.b=jqFFFZvq;       spf=none (google.com: nikita@karetnikov.org does not
 designate permitted sender hosts) smtp.mailfrom=nikita@karetnikov.org
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)

Dear list,

I hate to contribute to the recent flood of PQC posts, but I think it=E2=80=
=99s an important issue that=E2=80=99s worth discussing.

In particular, what I usually see is various competing proposals without a =
clear winner.

So I=E2=80=99d like to bring everyone=E2=80=99s attention to this new post =
from Blockstream:
https://blog.blockstream.com/schnorr-but-with-vectors-lattice-based-signatu=
res-explained/  =20

This post is interesting because unlike a lot of PQC discussions, it actual=
ly includes a comparison table of various approaches, where lattices seem t=
o come out ahead.

This raises a few questions.

Since lattices are not a new topic in cryptography, why has Blockstream foc=
used their efforts on hash-based approaches so far?
Are hashes seen as a more conservative choice?

Given the problems with hashes outlined in the post, are lattices actually =
the current most likely candidate for a PQC implementation?
If so, should the community effort be focused on lattices instead of other =
proposals?
Or is the comparison table not telling the whole story?

I=E2=80=99d like to hear your thoughts on the topic.

Thanks,
Nikita

--=20
You received this message because you are subscribed to the Google Groups "=
Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/=
ffa56d63-32c6-4fc3-a150-4fe62ac2e00b%40app.fastmail.com.