From Snowblossom Wiki
Jump to: navigation, search


One of the major concepts behind Snowblossom in 2018 was that when quantum computers had become better and started to threaten traditional elliptic curve cryptography, we would be able to switch to new quantum resistant algorithms. See Quantum Tough

Well, we might be there. The NIST Post Quantum Cryptography (PQC) contest has proceeded to some finalists and quantum computers are getting more powerful.

So in this Snowblossom Improvement Proposal we will be adding three new signing algorithms:

  • Dilithium - public key size: 2616 bytes, signature size: 4627 bytes
  • Falcon - public key size: 915 bytes, signature size: 655 bytes (+/-)
  • SPHINCS+ - public key size: 52 bytes, signature size: 7856 bytes

(Compare to standard ECDSA, key size: 33 bytes, signature size: 71 (+/-))

These will be supported by the network in additional to the existing signing methods (ECDSA, DSA, RSA, DSTU4150). It will continue to be up to users to decide which signing algorithms they use to generate their wallets.

Dilithium was included because it is the front runner in the PQC contest. It is a lattice based algorithm. Falcon was included because it is another lattice based, but with an emphasis on being smaller in size and CPU usage so it might be a good option. Sphincs+ was included because it is entirely different from the lattice based methods. It is based on plain old standard hash functions. While it is larger in cpu usage and signature size, it should be safe even if something is fundamentally broken with the other lattice based methods.


  • Passes when 1000 blocks pass containing 25% voting and >50% agreement
  • Pools will represent their miners.
  • Set in your miner or pool configuration file either
    • vote_yes=6
    • vote_no=6


This has been tested on testnet and has been running there for several weeks. It is currently in the branch.


We are still early in the PQC world. While all the algorithms are defined enough that the Bouncycastle devs have included them in the standard versions of Bouncycastle cryptography library (which we use) they could still change. Also, these are also relatively new. Unexpected vulnerabilities could be found.


If this SIP is adopted, the roll out will be scheduled roughly 90 days from the vote. At that time, new binaries, source code and docker images will be available. This means node operators will need to update within those 90 days.

Node Operator Actions Required

Node operators will need to update or risk forking the network.

User Actions Required

None required. However, we will publish some guides on how to migrate to a newer wallet type to take advantage of the PQC algorithms if desired.