[BIP Proposal] Hybrid SPHINCS+ / secp256k1 Key Derivation for Quantum-Resistant Paper Wallets

[3D]

Hi all,

I'd like to propose a new wallet-layer BIP for a practical hybrid post-quantum key derivation scheme.

**Title:** Hybrid SPHINCS+ / secp256k1 Key Derivation for Quantum-Resistant Bitcoin Wallets

**Summary:**

This BIP defines a simple, immediately usable method that combines NIST-standardized SLH-DSA (SPHINCS+) with the 3’s Company HE-SD (High-Entropy Seed Distillation) algorithm (which uses SPX-QEC for cleanup) to derive ordinary secp256k1 private keys and standard Bitcoin addresses (legacy + BIP-341 Taproot).

The process is fully offline, runs on low-end/air-gapped hardware (Raspberry Pi class), and produces keys that work today with Electrum, bitaddress.org, and Bitcoin Core; no consensus changes required.

**Reference implementation & full code:**

https://github.com/DigiMancer3D/bip-xxx-sphincs-hybrid

**Draft BIP text:**

https://github.com/DigiMancer3D/bip-xxx-sphincs-hybrid/blob/main/bip-xxx.mediawiki

This is intended as a practical bridge for quantum-hardened cold storage/paper wallets while post-quantum consensus migration is still in the future.

Happy to answer questions, incorporate feedback, and make any changes needed.

Thanks,

DigiMancer3D

[conduition]

3’s Company HE-SD (High-Entropy Seed Distillation) algorithm

Never heard of that. Google shows no results. Doesn't seem to exist.

(which uses SPX-QEC for cleanup)

Cleanup of what? What is SPX-QEC? Your draft doc links to this word-salad repo. I can't make sense of how this is related.

This is intended as a practical bridge for quantum-hardened cold storage/paper wallets while post-quantum consensus migration is still in the future.

What does this even mean? There is no way to "quantum harden" a secp256k1 keypair with different entropy, despite what some snake-oil salesmen are saying. A curve point is a curve point and Shor's algorithm can factor it to find its discrete log just as well as any other point.

Mods, this appears to be an underinformed proposal at best, AI slop/spam, or even phishing at worst. 

Needless to say but I'll say it anyway: Don't use this tool to generate paper wallet keys. The keygen code is unreadable gibberish to my eye. Output entropy could be compromised in a way that only the author knows, designed to steal any money deposited into the output keys. Don't click on links to websites you don't already know & trust.

DigiMancer3D, if this is not the case, please explain your proposal better and document your code.

regards,

conduition

--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/bpSypbIuSoDinhE-Y4CrVI5LGHrJ_I79xYUzpYswA5JGkbASwibq94UozeR2jsu48vH6FZLdEBPpWHgIuVtSpUNy-tRpnGfe1hce2ti8k5w%3D%40protonmail.com.