Overview
- The SPHINCS‑ family proposal was published and demoed on Ethereum testnet on June 13–14, showing a roughly $0.07 cost to deploy a quantum‑resistant smart account and publishing verifier contracts plus formal Lean 4 proofs.
- The design replaces the SPHINCS+ hash function with Ethereum’s native KECCAK256 so verifiers run inside the EVM without new precompiles or a protocol change.
- On‑chain verification for tuned variants is reported at about 127,000–150,000 gas with one optimized variant (C13) at ~127,000 gas and a 3,704‑byte signature, trading higher gas and signature size for immediate deployability.
- Known limits include bounded per‑key signature budgets, large signature payloads and slow hardware signing on some variants (Ledger tests showed signing times of about 47.5 seconds and 390 seconds), and the proposal needs more security audits and performance work before broad production use.
- Researchers and the Ethereum Foundation present this as an interim, user‑deployable stopgap while they pursue audits, leanSPHINCS and other optimizations and a coordinated protocol‑level migration targeted around 2029, a push that has gained urgency after recent Google research and institutional warnings about quantum timelines.