On March 30, Blockstream Research, the company’s research arm co-founded by Adam Back, announced the launch of a new quantum computer-resistant digital signature scheme called SHRIMPS.
This scheme is applied when signing Bitcoin transactions. Every time a user authorizes the transfer of funds from their wallet, a digital signature is generated that proves that they are the owner of those funds. SHRIMPS replaces the current signature algorithm (called ECDSA) with an algorithm that is resistant to quantum computers and is designed to work in a multi-device environment.
According to the white paper, the new scheme generates signatures of approximately 2,564 bytes with 128 bits of security. “Three times more compact than SLH-DSA” Post-quantum signature standard approved by the National Institute of Standards and Technology (NIST) in 2024. This produced a 7,872-byte signature, which the researchers used as a reference for comparison. Schnorr signatures, introduced in Taproot in 2021, are exactly 64 bytes.
An important fact is that size matters with Bitcoin. Because each transaction that includes a signature has Heavy signatures take up more space in each block. With fixed-size blocks, larger signatures result in fewer transactions per block, which can result in higher fees for users and higher storage requirements for the nodes that maintain the network.
Signature of the ECDSA algorithm currently used by Bitcoin Weight is 70-75 bytes;post-quantum schemes involve a significant increase in that weight, so reducing it is a central technical priority.
Illustrate the problem with a concrete example. BTQ Technologies recently launched a Bitcoin testnet with post-quantum signatures based on NIST’s ML-DSA standard. The weight of these signatures required an increase in the maximum size of each block. You can scale from 4 MB to 64 MB on your main network to keep things running smoothly. SHRIMPS aims to reduce that impact.
Blockstream’s announcement coincided with the rollout of Google Quantum AI research called Approximately 20 times reduction As reported by CriptoNoticias, the quantum hardware resources needed to breach the cryptography that protects Bitcoin.
Google research estimates quantum computers could derive private keys for Bitcoin transactions After about 9 minutesbelow the average block confirmation time. This makes it technically possible to intercept transactions in transit before they are recorded on the chain.
What is SHRIMPS? What problem does it solve?
In December 2025, Blockstream Research introduced SHRINCS, a post-quantum signature scheme based on hash functions (considered to be resistant to quantum attacks because it does not rely on the mathematical problems that Shor’s algorithm can solve) that can generate signatures of up to 324 bytes.
The main drawback of SHRINCS was operational, as it was designed to work efficiently on a single device. If a user wants to restore their wallet to a second device (a common scenario with hardware wallets and backups), that system cannot transfer state reliably, so a multi-kilobyte signature is generated, eliminating any size advantage.
Blockstream’s new scheme, SHRIMPS, solves just that problem by allowing you to: Multiple devices or independent wallets loaded with the same seed autonomously generate a 2,564-byte signature.
SHRIMPS is based on SPHINCS+, a signature standard approved by NIST, and is based on hash functions whose security resides in mathematical properties that have been studied for decades, unlike more recent, less-tested approaches such as lattices and isogenies.
Based on this, SHRIMPS works with two signature paths. One is a compact path when the device signs for the first time, and the other is a backup for later use. Each device automatically decides which one to use based on its internal history. According to the white paper, the scheme is designed to: Supports up to 1,024 different devices working with the same key.
What does that mean for Bitcoin users?
With SHRIMPS, users use multiple devices (one main hardware wallet and one hardware wallet) loaded from the same seed. backupExample) Post-quantum transactions can be signed Even from any of them without syncing between devices.
The main limitation is that each device must keep an internal record of the number of times it has signed. If that record is lost due to failure or reset, the device consumes some of its compact signature budget when it restarts. This technical document makes clear that exceeding this budget does not result in a sudden collapse of security, but rather a gradual decline in security.
This scheme can also be combined with SHRINCS. The primary device uses SHRINCS to generate a 324-byte signature, while the backup uses SHRIMPS to generate a 2,564-byte signature to avoid falling into heavier backup schemes.
This is a system with clear limitations, but it attempts to address signature size and quantum resistance simultaneously.
Blockstream also tests anti-quantum shielding for Bitcoin sidechain
SHRIMPS is not Blockstream Research’s first post-quantum development. As reported by CriptoNoticias, on March 3, the company explained: I was sending the first transaction signed with SHRINCS and liquid networkside chain (side chainBitcoin, which operates Blockstream).
This test did not require any changes to Liquid’s consensus rules. That was possible thanks to Simplicity, a smart contract language for networks. Can directly integrate post-quantum signature verifiers In the spending situation.
However, unlike the NIST standard, which has undergone years of review by the international cryptocurrency community, SHRINCS (and extended SHRIMPS) is a Blockstream proprietary development introduced in late 2025/early 2026, pending an independent security audit.
Introducing any of these schemes into Bitcoin’s base layer would require an extensive consensus process between developers, miners, and node operators, and no formal proposal or date has been set.
The launch of SHRIMPS reflects a broader trend. While the deadline to develop quantum hardware capable of attacking Bitcoin approaches, various teams within the ecosystem are accelerating the development of concrete solutions. The open question is not whether Bitcoin should transition to post-quantum cryptography, but when the community will reach a consensus to do so.
(Tag translation) Bitcoin (BTC)
