Ethereum Research Proposal Targets Post-Quantum Wallet Security At Low Gas Cost

A new Ethereum Research proposal is putting post-quantum wallet security back in focus, outlining a practical way to verify quantum-resistant signatures on the EVM without requiring a full protocol-level upgrade.

The proposal, published by Ethereum researcher nicocsgy, explores an EVM-optimized version of the SPHINCS+ stateless post-quantum signature scheme. The design aims to make quantum-resistant verification more practical for wallet use cases by adapting the scheme to Ethereum’s existing execution environment.

TL;DR

• An Ethereum Research proposal outlines a post-quantum signature verification approach for the EVM.
• The design is based on SPHINCS+ but optimized for Ethereum-style execution.
• The proposal uses KECCAK256 instead of SHAKE256 to better fit EVM costs.
• It could give wallets and smart accounts a practical migration path before quantum threats become urgent.

Why Quantum Security Is Back In The Ethereum Conversation

Quantum computing is not an immediate threat to Ethereum wallets today, but developers are already thinking about what a migration path could look like if cryptographic assumptions change.

Most blockchain wallets rely on public-key cryptography. If future quantum computers become powerful enough to break widely used signature systems, wallets and protocols will need alternative methods to prove ownership securely.

That does not mean Ethereum is facing a near-term crisis. It means the ecosystem needs credible upgrade paths before the risk becomes urgent.

The Ethereum Research proposal is interesting because it does not wait for a full base-layer redesign. Instead, it looks at whether post-quantum signature verification can be made practical inside the EVM itself.

How The SPHINCS-Based Design Works

SPHINCS+ is a stateless post-quantum signature scheme standardized by NIST. The challenge is that post-quantum signatures can be large and expensive to verify on-chain, especially if the underlying design does not map neatly onto Ethereum’s cost model.

The proposal adapts the idea by replacing the standard SHAKE256 hash function with KECCAK256, which is native to the EVM. That matters because Ethereum already supports KECCAK256 efficiently, making it a more practical building block for on-chain verification.

The author also focuses the design around typical wallet behavior rather than trying to cover every theoretical use case. That trade-off is important. If the goal is to give users a realistic path to protect funds, the solution needs to be affordable enough to use, not just academically sound.

The report estimates verification in the range of roughly 127,000 to 150,000 gas. That is still more expensive than a normal signature verification flow, but it is low enough to be discussed as practical for high-value wallet protection and smart account designs.

What This Could Mean For Wallets

The most useful part of the proposal is the idea of an upgrade-free path. If smart accounts or wallet contracts can verify post-quantum signatures at the application layer, users may not need to wait for Ethereum itself to change its signature system.

That could matter for long-term holders, custodians, and institutions. These users are less concerned with making every transaction as cheap as possible and more concerned with making sure large balances can be protected across long time horizons.

A practical route could involve smart accounts that support quantum-resistant recovery, migration, or spending conditions. Users could move funds into wallets that are harder to attack under future cryptographic assumptions while the broader Ethereum protocol continues to evolve.

Still Early, But Worth Watching

This is still research, not a finished wallet standard. There are trade-offs around signature size, gas cost, implementation complexity, and user experience. Any production version would need serious review before large balances depended on it.

Even so, the direction is important. Crypto security cannot wait until quantum computers are powerful enough to create an emergency. The safer path is to test practical migration tools early, while there is still time to evaluate them calmly.

For Ethereum, post-quantum readiness will likely be a gradual process. Proposals like this show how the first steps may happen at the wallet and smart account layer rather than through one dramatic network-wide switch.

Originally published by Ethereum Research Forum at Ethereum Research Forum