pull down to refresh
Unless I'm missing something, don't those trade offs bring us right back to square one? I don't know if OP_CAT is the actual solution, but I don't see a whole lot of other options floating around for long term PQ.
I guess I'm out of ideas then lol. If nothing looks good, then nothing looks good.
I don't think we should presume that we can "solve the quantum issue" between you and I, unless we are cryptographers. I'm not, I'm just a lowly implementer of cryptography that is extremely dependent on people that design the algorithms to share and explain them to me.
I think we can help them best by reading, understanding and appreciating their work. Not so much by making things political or by exerting pressure.
It's amazing that there are people that want to solve this. The number of proposals is growing, which also means the number of people working on it is growing. I think we can get there. Either way, there's a massive canary in the form of all these lost p2pk transactions sitting on-chain, so we'll know when to worry. That moment does not seem to be there yet.
Honestly, I don't like any of the things circulating at the moment, most of the small stuff is stateful, making wallet backups (not seed backups) a must-have and the stateless ones have 20x signature size - OpTech keeps tabs on everything that's being discussed, so I come back to that page a couple times per month, see what's new.
I do like the rewritten BIP-360 as a stopgap measure for long range attacks on p2tr. But it's not a real solution for PQ resistance long term.