github.com
🔗 Quantum-Safe Bitcoin Transactions Without Softforks

Bitcoin transactions are not quantum-safe. The primitive that binds the components of a transaction its inputs, outputs, and spending conditions is an ECDSA signature (pre-Taproot) or a Schnorr signature (post-Taproot), neither of which is post-quantum secure. This means that even spending conditions which are themselves quantum-safe can be subverted: if the signature scheme securing the transaction is broken, the entire transaction including its outputs and other inputs can be forged.