Simple (hash-based) Post-Quantum Signing


This is the project page for the combined CoinZdense projects. The CoinZdense projects aim to provide simple post-quantum-ready hash-based signatures geared specifically at :

CoinZdense explicitly does NOT aim at being a post-quantum solution for blockchain projects that neither rely nor would benefit from extensive re-usage of signing keys.


There are currently two active projects in CoinZdense. One for Python and one for C++. The ultimate goal of the project though is to support a number of different programming languages.


Support this project

CoinZdense is currently an unfunded one-man spare-time project, what means that it's a slow moving project with a lot of work to be done. If you want to help this project move faster, please consider a donation through the tippinjar page.

A short history of the project

In line with the (new) name of the project, the existance of the CoinZdense project and how it started is very much a coincidence. A huge part of my profesional background is in information security and computer forensics. In the distance part I designed and created the MinorFs least-authority file-system as a proof of concept file-system meant to be used in combination with the E object-capability programing language and secure distributed computing platform. Through this project, I ended up coming up with the RumpelTree sparse-cap DAG algoritm (as used in my pyrumpeltree project) that uses secure hashing as its primitive in order to create sparse capability tokens that allow for decomposition and attenuation of rights.

Later, in the context of computer forensics, whyle getting myself another masters degree in the field, I wrote a proof of concept system aimed at minimizing page cache missen in computer forensic disk-image processing frameworks, that among other measures to achieve this goal implemented the concept of opportunistic hashing. This project again deepened my knowledge of secure hashing and their application.

In my spare time, I like writing speculative fiction. My last novel, Ragnarok Conspiracy starts off with a quantum blockchain heist. The research I did for the quantum computing and blockchain bit, got me acquainted with blockchain technology, the use of ECDSA, and the future thread that quantum computing poses to blockchain technology that uses ECDSA for signing transactions. I got some details wrong in my book, but the research opened up my mind to the technology and to the existance of a problem.

During the writing of the book, I bumped heads with the admins of an indie author support group on Goodreads, and health issues that resurfaced had me pause my fiction writing completely for a while, untill I found the STEEM blockchain-based blog platform, and I started picking up working on my novel again. I ended up publishing my novel on STEEM first. I used some of the money I made from posting my chapters on STEEM to contract an illustrator, and to crowd-fund my editing.

Then the first coincidence: STEEM got hit by what I can only describe as an actual blockchain heist. Sunyuchen bought out the founding company of the blockchain, Steemit Inc. The community didn't like it and wanted to fork their way out. Then Sunyuchen tricked exchanges into believing there was some kind of an attack on the blockchain, and these exchanges, using stake owned by their customers, voted in a hard-fork that defrauded a number of large stake holders of their funds. Not a quantumblockchain heist, but still very much a blockchain heist.

This was the point I got acquainted with the QRL, an obscure blockchain, there are only two exchanges carying QRL, and as the STEEM incidence has shown us, we can't rely on exchanges to do the right thing in times of adversity. And I started reading up on hash-based signatures and things started clicking big time with my earlier work on the rumpeltree algoritm and with my computer forensics related work.

By this time STEEM had forked to the new HIVE blockchain, and most of the ols STEEM community had moved to HIVE. So I started thinking. HIVE (formerly STEEM) is pretty much a key-reuse-by-design blockchain and as such very much vulnerable to attack once there are sufficiently large quantum computers. My book had made me some STEEM (now HIVE), and it would be too ironic if I were to losethe money I made writing a book that starts with a quantum blockchain heist, in an actual quantum blockchain heist. So I started a HIVE Quantum Resistance community, with verry litle success. Then I tried with a HIVE DHF Proposal, also no success. I had to face the HIVE orca's and whale's weren't particularly worried about quantum computing or particularly interested in persuing quantum resistance for the HIVE blockchain.

Then I paused for a bit, and decided I should still persue a project. Not a project geared specifically at HIVE alone, but a project usable by any key-reuse-by-design blockchain project, including, but in no way being exclusively tageted at HIVE. The project was renamed from spq-sigs to CoinZdense.

Blog posts

Other than on github, reports on progress are posted on @pibara's blog on HIVE. Here is a chonological list of blog posts: