Post-Quantum Readiness in EdDSA Chains

You can find the slides at this link.

• Quantum computers pose a serious threat to blockchains that rely on classical signatures such as ECDSA, since exposed public keys could allow adversaries to recover private keys using quantum algorithms.
• Existing proposals for migrating to post-quantum signatures often require changing addresses, deploying hybrid signature schemes, or introducing mechanisms that fail to protect inactive accounts.
• We observe that blockchains using EdDSA signatures (such as Sui, Solana, and Near) have a structural advantage: their keys are deterministically derived from a seed following RFC 8032.
• This property enables a user to prove ownership of an account by proving knowledge of the EdDSA seed in zero knowledge, without revealing elliptic-curve secrets.
• We introduce a protocol where the EdDSA seed is used as a witness in a zero-knowledge proof that authorizes a new post-quantum signature key.
• The protocol enables seamless migration to quantum-safe signatures while preserving existing addresses and maintaining backward compatibility.
• Importantly, the approach also works when the public key has already been exposed, which is the common case for active blockchain accounts.
• We formalize a security model for post-quantum ready signatures and prove the security of the construction through a game-based argument.
• A proof-of-concept implementation demonstrates practicality, achieving about 6.2 seconds proving time, 2.3 seconds verification time, and a 5.4 MB proof using the Ligetron zkVM.

Cryptography sometimes hides clever time capsules. EdDSA’s deterministic seed derivation was designed for simplicity and safety, yet it quietly leaves a door open for zero-knowledge based upgrades. Years later, that door turns out to be a surprisingly elegant escape hatch from the quantum future.