Post-Quantum Primer
Post-quantum cryptography means cryptography designed to remain secure against attackers with large-scale quantum computers. It does not mean “cryptography that runs on a quantum computer.” It means classical algorithms that can be run on ordinary computers, but whose known hard problems are not broken by Shor’s algorithm.
This page is a conceptual primer. It is not the Tidecoin consensus specification; see Security Analysis and Signature Schemes for protocol-level details.
The Basic Problem
Most cryptocurrencies authenticate spends with ECDSA or Schnorr signatures over elliptic curves. Those schemes are efficient today because the elliptic curve discrete logarithm problem is hard for classical computers.
Shor’s algorithm changes that assumption. A sufficiently large fault-tolerant quantum computer can derive an elliptic curve private key from its public key. Once an attacker has the private key, they can create valid signatures.
That is why the quantum threat to cryptocurrency is not just a privacy issue. It is a transaction authorization issue.
Why Blockchains Are Different
In many systems, old encrypted traffic may eventually lose confidentiality. In a blockchain, old public key exposure can also become a future spending risk.
Blockchains are:
- public, so attackers can download the data now;
- permanent, so old exposed keys remain visible;
- adversarial, so anyone can race a transaction if they can sign;
- high-value, so old dormant funds are attractive targets.
This is the “Harvest Now, Decrypt Later” pattern applied to ledgers: collect public data now, attack it when quantum capability exists later.
What NIST Standardized
NIST ran a multi-year post-quantum cryptography standardization process. The first final standards were approved in August 2024:
| Standard | Algorithm family | Role |
|---|---|---|
| FIPS 203 | ML-KEM | Key encapsulation for shared-secret establishment |
| FIPS 204 | ML-DSA | Digital signatures |
| FIPS 205 | SLH-DSA | Stateless hash-based digital signatures |
NIST is also developing FN-DSA, the standard based on Falcon. As of April 2026, NIST has published public status material for FIPS 206 / FN-DSA, but Falcon is not yet a final FIPS publication.
Where Tidecoin Fits
Tidecoin uses NIST-track post-quantum primitives where they match blockchain needs:
| Primitive | Tidecoin role |
|---|---|
| Falcon-512 | Live transaction signature scheme from genesis. |
| Falcon-1024 | Higher-security Falcon parameter set implemented behind activation rules. |
| ML-DSA-44/65/87 | Standardized signature alternatives implemented behind activation rules. |
| ML-KEM-512 | Post-quantum peer transport encryption support. |
| SHA-512 | Witness v1 script hashing support after AuxPoW activation. |
The important distinction is that Tidecoin is not only “a coin with a PQ signature.” It also adjusts wallet derivation, script hashing, peer transport, and consensus activation so the surrounding system can use PQ signatures coherently.
What Post-Quantum Does Not Solve
Post-quantum signatures do not remove every risk:
- Bad wallet backups can still lose funds.
- Malware can still steal keys before signing.
- Poor fee estimation can still delay transactions.
- Remote nodes can still mislead light wallets.
- Consensus bugs can still affect a chain.
- Weak operational security can still break custody.
Post-quantum cryptography solves a specific cryptographic failure mode. It does not replace careful wallet, node, and service operation.
Practical Takeaway
If a chain relies on ECDSA or Schnorr, it eventually needs a migration plan. If keys have already been exposed on-chain, migration protects future spends but does not erase old public data. Tidecoin’s design choice is to avoid that class of exposed classical signatures from genesis.
See also: Quantum Threat, Harvest Now, Decrypt Later, Signature Schemes Explained, Protocol / Security Analysis.