What happened
A post on Ethereum Research, surfaced Thursday and reported by Bitcoinist, lays out SPHINCS-, a variant of the stateless hash-based SPHINCS+ family, tuned for verification inside the Ethereum Virtual Machine. The authors frame it as a candidate scheme for post-quantum wallet signatures, with the explicit goal of cutting verification gas while preserving the conservative security assumptions that make hash-based signatures attractive in a post-quantum world.
SPHINCS+ was standardized by NIST in 2024 as part of its post-quantum cryptography slate alongside lattice-based ML-DSA and ML-KEM, which gives the family a credibility floor that newer constructions don't have. The Ethereum Research post is a draft for community feedback. It is not an EIP, not on the All Core Devs agenda, and not tied to any near-term hardfork.
Why it matters
Ethereum wallets today sign transactions with ECDSA over secp256k1, the same curve Bitcoin uses. A cryptographically relevant quantum computer would break that scheme using Shor's algorithm, exposing any address whose public key has been revealed on-chain, which is every address that has ever sent a transaction. The realistic timeline for such a machine is contested.
The risk, once it lands, is not. That's the layer this proposal is aimed at. Hash-based signatures like SPHINCS+ rely only on the security of the underlying hash function, which makes them the most conservative option on NIST's post-quantum list, but they pay for that with signature sizes measured in kilobytes rather than the 64 bytes ECDSA produces.
Getting that verification onto the EVM cheaply is the hard part, and it's the part this draft is trying to solve. Vitalik Buterin has flagged quantum resistance as a multi-year priority for the protocol, and account abstraction under ERC-4337 already gives wallets the room to swap signature schemes without touching consensus. The pieces are in place.