Bitcoin developers are quietly but actively tackling the quantum threat — and a new Blockstream preview put that fact back in the spotlight this week.
Matt Corallo, a well-known Bitcoin core developer, used Blockstream’s announcement to push back on a recurring claim in the community: “And the Bitcoin fudsters keep trying to claim no one is working on PQC in Bitcoin…”. The announcement previewed an opcode, OP_SHRINCSVERIFY, tied to Jonas Nick’s upcoming OPNEXT 2026 talk (April 16, 2026). Blockstream described the proposal as “a new opcode enabling SHRINCS,” a construction intended to support a 324‑byte stateful post‑quantum signature with a static backup option.
The event lineup underscores that this isn’t an isolated technical curiosity. Quantum topics appear across the program: Jonas Nick’s SHRINCS session sits alongside Alex Pruden of Project 11 on “Quantum Bitcoin,” and a “Quantum/Investor fireside” with Robert Mitchnick (BlackRock) and David Duong (Coinbase). That mix of technical and institutional voices reinforces Corallo’s point: post‑quantum risk and mitigation strategies are being discussed publicly and repeatedly.
What is SHRINCS?
- Jonas Nick introduced SHRINCS in a December Delving Bitcoin post as a hybrid, hash‑based design that combines a stateless scheme like SPHINCS+ with a stateful scheme based on unbalanced XMSS.
- The goal is pragmatic: get the efficiency of stateful signatures when a wallet’s state is intact, but keep a stateless fallback if state is lost or a backup is restored.
- Nick says the scheme is “extremely efficient when only a few signatures are required” and “can be backed up with a static seed.” Bitcoin Optech summarized that tradeoff as cheap normal‑path signing and heavier fallback signing when state integrity is uncertain.
Why the 324‑byte number matters
Nick’s formula for SHRINCS’ normal-path signature size is min(292 + q·16, s_l) + 16, where q is how many signatures have already been used via the stateful path. For q = 1, that gives the widely cited 324‑byte signature — more than 11× smaller in that scenario than the smallest NIST‑standardized alternative cited, ML‑DSA. Smaller signatures matter for on‑chain cost and practicality.
But it’s not settled policy
Nick and Mikhail Kudinov’s earlier paper argued hash‑based signatures are attractive for Bitcoin because their security reduces to hash assumptions, with relatively small public keys and reasonable verification cost per byte. Still, Nick’s Delving post explicitly solicited feedback, and mailing‑list discussion in December raised open questions: hardware performance, signature limits, wallet architecture, and whether Bitcoin should standardize stateful schemes alongside stateless ones. Bitcoin Optech has covered SHRINCS as part of an ongoing consensus‑change discussion — not as a finalized upgrade.
Bottom line
Corallo’s jab isn’t claiming Bitcoin has solved post‑quantum cryptography. Rather, it highlights that concrete engineering work is happening in the open: proposals, trade‑offs, and even opcodes are now part of the public discussion. OP_SHRINCSVERIFY is evidence that Bitcoin’s post‑quantum conversation has moved beyond abstract fear and denial to practical research — even if a full roadmap remains to be agreed.
At press time BTC was trading at $66,630.
Read more AI-generated news on: undefined/news
