Post-quantum cryptography is becoming an increasingly important area of research across the industry. Our latest report explores what a post-quantum migration path for BSC could look like, including: • ML-DSA-44 transaction signatures • pqSTARK aggregation • Throughput and block propagation trade-offs One important takeaway: The biggest challenge wasn’t consensus. It was the increase in transaction and block sizes once quantum-resistant signatures were introduced. Full report 👇

Post-quantum protection for Bitcoin has arrived. No forks. No consensus changes. No frozen coins. Deployed on @ArchNtwrk 🤝 @CoinDesk with the story ↓

BITCOIN RAILS #59#: Post-Quantum Bitcoin Signatures (+ their tradeoffs) | with BIP 360 co-author @Ethan_Heilman and @Blockstream Head of Research @n1ckler 🔗 YOUTUBE: 🌿 SPOTIFY: According to BIP 360 co-author Ethan Heilman, Bitcoin needs a minimum of two soft forks to become quantum resistant: P2MR (or an output type that can safely execute PQ signatures) + a post-quantum checksig (signature scheme). Ethan and the BIP 360 team (including myself and @cryptoquick) introduced the P2MR part via a BIP 360 update late last year—but the question remains, what’s the most appropriate PQ signature scheme for Bitcoin? They all have substantive tradeoffs, but hash-based signatures seem to be leading technical discourse—likely due to recent optimizations by @n1ckler and the broader @Blockstream research team. It was an honor to sit down with both of these men - arguably the two most influential and productive cryptographers in Bitcoin quantum mitigation right now - for an in-depth review of the leading PQ signature schemes and a temperature check on Bitcoin’s post-quantum planning process. TBH, if you want to skip the noise and jump straight to the signal on quantum, this is the interview to watch. In this episode, we discuss: - What needs to happen at the soft fork, infra, and mitigation levels to fully quantum-harden Bitcoin - Recent updates to BIP 360 + breakdown of the leading hash-based signatures schemes for Bitcoin (SHRINCS + SHRIMPS) - Why we may actually get consensus around a stateful scheme for Bitcoin - Comparisons of hash-based signatures vs Lattice and Isogeny-based schemes - Assessing the risks of both waiting too long and acting too fast (and why quantum is a better threat to be facing than a potential classical attack) This episode of Bitcoin Rails is brought to you by my NEW sponsors: - LayerTwo Labs @LayerTwoLabs — developing research, software, and technologies for scaling Bitcoin via the integration of Drivechains (BIP 300/301) - Hashi on @SuiNetwork — a primitive for executing Bitcoin Defi transactions, without having to trust a federated bridge or other centralized entity - BitBox @BitBoxSwiss — an open-source Bitcoin-only hardware wallet, with smooth UX and no compromises on security. Check out Bitbox [dot] swiss and use code BITCOINRAILS to get a discount TIMESTAMPS: 00:00 Intro 02:18 Ethan’s Quantum Wakeup 05:18 How Blockstream Enters Post Quantum 09:25 BIP 360 Explained 12:11 How Bitcoin Transitions to PQ 17:35 Choosing Post Quantum Signatures 23:20 How Blockstream Created SHRINCS 27:22 Signature Budgets Importance Explained 41:13 What are SHRIMPS? 44:51 SHRIMPS vs SHRINCS 47:48 Why SLH-DSA Alone Won’t Cut It 49:24 Is a SHRIMPS + SHRINCS BIP Coming? 51:51 Blockstream’s Big Plans for Liquid 59:04 Quantum Readiness Roadmap 01:02:22 Importance of a PQ Recovery Plan 01:05:35 How Long Would a PQ Migration Take 01:11:17 Quantum Watchlist Recommendations

BNB chain just published concrete post-quantum migration research using ML-DSA-44 signatures and pqSTARK aggregation. bitcoin has zero BIPs for quantum resistance. ethereum has zero EIPs with timelines. google/stanford research compressed the quantum threat from 20-30 years to 5-10 years and the market is pricing exactly 0% premium for chains that are actually preparing. BNB's 21 validators can coordinate a cryptographic hard fork in months. ethereum's 900,000 validators took 7 years to ship the merge. when IBM hits 50k stable qubits around 2029, the coordination problem becomes an existential problem. the "centralization discount" on BNB flips into a survival premium during forced migration. still early

Regulators are setting the pace for post-quantum cryptography. For banks, this is a multi-year project that requires building for cryptographic agility today. Read our new ebook for the roadmap to meet 2035 mandates without impacting user experience.

We’ve published a technical report evaluating a post-quantum cryptography migration path for BSC. The report covers: • ML-DSA-44 transaction signatures • pqSTARK validator aggregation • Type 0x05 transaction format • Public key storage and verification flow • Cross-region performance benchmarks Benchmark highlights: • Tx size: 110 B → ~2.5 KB • Block size: ~110 KB → ~2 MB • Native transfer TPS: 4,973 → 2,997 One notable result: The primary bottleneck was not signature verification performance, but block byte size and cross-region propagation overhead. Read the full report 👇

Liquid is the first production Bitcoin sidechain to verify post-quantum signatures on mainnet. @blksresearch deployed SHRINCS as a Simplicity smart contract. No consensus changes. No hard fork. LBTC, stablecoins, and tokenized securities on Liquid can opt into quantum-resistant protection today. 🌊 Full Q1 report:

⚡️Security Brief⚡️ Cloudflare announced an accelerated roadmap to achieve full post-quantum security across its entire product suite by 2029. The company plans to add post-quantum authentication using ML-DSA to origin connections by mid-2026, advancing cryptographic defenses ahead of anticipated quantum computing threats. Currently, 65% of human-initiated traffic through Cloudflare is already using post-quantum encryption. The post-quantum capabilities are being offered at no additional cost to customers, integrating quantum-resistant cryptography into standard service offerings. The shift toward post-quantum cryptography represents a significant infrastructure undertaking, with Cloudflare positioning itself at the forefront of quantum-safe technology adoption. This proactive approach to cryptographic evolution addresses concerns about long-term data security in the context of future quantum computing capabilities. @Cloudflare Source: Cloudflare Blog

zcash tachyon upgrade ships quantum recovery next month through zodl. full post-quantum privacy by year end. cardano targeting late 2026 for lattice-based FIPS 203-206 integration at protocol level. these are the only two chains with committed production timelines for quantum resistance. bitcoin core hasn't even started the conversation. ethereum is co-authoring the research papers proving the threat exists but has no migration date. the trade isn't whether quantum computers break ECDSA in 2030 or 2035. the trade is which chains pass institutional risk committee review when the first credible quantum milestone drops and every compliance desk on wall street starts asking questions at once. by then the infrastructure either exists or it doesn't