Bitcoin’s long-term security depends on public-key signatures whose classical assumptions are threatened by cryptographically relevant quantum computers. A forced migration to a single post-quantum signature algorithm would reduce one systemic risk while introducing another: algorithmic monoculture. This paper proposes a quantum-agile Bitcoin signature architecture in which the protocol supports multiple post-quantum signature families, multiple parameter sets, and user-selected combinations of signatures. Rather than requiring the Bitcoin ecosystem to make a single irreversible prediction about which post-quantum algorithm will remain secure for decades, the network would standardize an extensible verification framework. Users, wallets, custodians, and institutions could choose security profiles proportional to the value, liquidity, and transaction frequency of their holdings. High-value cold storage could require multiple heterogeneous post-quantum signatures; low-value or high-frequency wallets could choose lowercost options. This approach converts post-quantum migration from a one-time global algorithm selection problem into an ongoing, market-priced, user-directed risk management process.
Jason Resch (Tue,) studied this question.