I am researching the implementation challenges of migrating existing blockchain infrastructure to a post-quantum secure state. While NIST has standardized algorithms like ML-DSA and ML-KEM, a single PQC algorithm still presents a potential single point of failure if a new cryptanalytic breakthrough occurs.
Some projects are proposing a Triple Structural Redundancy system (QRS-3) combining ECDSA, ML-DSA, and SPHINCS+ in a 2-of-3 multisig.
My questions are:
-
Mempool & Scalability: Given that PQC signatures are orders of magnitude larger than Schnorr or ECDSA, how would this triple redundancy impact mempool congestion and transaction relay policies?
-
Taproot/SegWit Compatibility: How could such a 2-of-3 multi-structure be efficiently integrated into the current SegWit or Taproot (MAST) framework? Would the witness data size make these transactions prohibitively expensive?
-
Security: Are there known attack vectors that could compromise both Lattice and Hash-based schemes simultaneously in a UTXO-based model?
I would appreciate insights from anyone working on Bitcoin’s long-term quantum resistance or script optimizations.
