BIP-XXX: Hybrid SPHINCS+ / secp256k1 Key Derivation for Quantum-Resistant Bitcoin Wallets

[DigiMancer3D]

This proposes a new wallet-layer BIP for a practical hybrid post-quantum key derivation scheme.

Reference implementation:
https://github.com/DigiMancer3D/bip-xxx-sphincs-hybrid

The BIP and code have been written to be immediately usable by wallet developers and advanced users building quantum-resistant paper wallets / cold storage today. It requires no consensus changes and works with existing tools (Electrum, bitaddress.org, Taproot, etc.).

Awaiting BIP editor assignment of a real number (replacing XXX).

[jonatack]

@DigiMancer3D Thank you for your proposal, but if I am not mistaken it appears to have been opened here prematurely before submission and discussion on the mail list? Happy to re-open if that is incorrect. See the README and BIP 3 for the process (thanks!)

[DigiMancer3D]

I was unaware the process had changed. Thanks for the information.

After looking at the readme given.Sent the email

[murchandamus]

This proposal makes no sense.
It doesn’t matter how you generate the private keys, if you continue using the same output scheme: once the public key is revealed the mythical CRQC could calculate the private key from it. Without a consensus change you cannot introduce a new output type, and all currently existing output types are not safe against shortrange attack.