How QSBitcoin Works
QSBitcoin is a soft fork of Bitcoin Core that adds quantum-safe signatures through unified opcodes, allowing seamless migration from ECDSA to post-quantum cryptography.
Core Concepts (Similar to Bitcoin)
QSBitcoin shares several fundamental concepts with Bitcoin:
- Decentralized Network: QSBitcoin operates on a peer-to-peer network. There is no central server, bank, or authority controlling the system. Participants (nodes) collectively maintain the network.
- Blockchain: Transactions are grouped into blocks and added chronologically to a public ledger called the blockchain. This ledger is distributed across many nodes, making it transparent and resistant to tampering.
- Mining (Proof-of-Work): New QSBitcoin are created, and transactions are confirmed through a process called mining. Miners use computational power to solve complex mathematical problems. The first miner to find a solution gets to add the next block to the blockchain and is rewarded with newly created QSBitcoin and transaction fees. This process secures the network.
- Public/Private Keys: Users control their QSBitcoin using cryptographic keys. A public key is used to generate addresses for receiving funds (like an email address), while the corresponding private key is kept secret and used to authorize (sign) transactions to spend funds (like a password).
Technical Implementation
QSBitcoin's quantum-safe implementation is built on several key innovations:
Unified Opcodes
Instead of adding separate opcodes for each quantum algorithm, QSBitcoin uses just two unified opcodes:
- OP_CHECKSIG_EX (0xb3): Extended checksig for quantum signatures
- OP_CHECKSIGVERIFY_EX (0xb4): Extended checksig and verify
The algorithm is identified by the first byte of the signature data (0x02 for ML-DSA, 0x03 for SLH-DSA), making the system extensible for future quantum algorithms.
Signature Format
Quantum signatures follow this format in witness data:
[algorithm_id:1 byte][signature_data][sighash_type:1 byte]
Address Format
All quantum addresses use standard P2WSH (Pay-to-Witness-Script-Hash) format:
- Mainnet: bc1q... (62 characters)
- Testnet: tb1q... (62 characters)
- Regtest: bcrt1q... (64 characters)
No special prefixes distinguish quantum addresses from regular P2WSH addresses, maintaining privacy.
Soft Fork Activation
- Deployment: Uses BIP9 with bit 3
- Script Flag: SCRIPT_VERIFY_QUANTUM_SIGS (bit 21)
- Testnet/Regtest: Always active for testing
- Mainnet: Awaiting activation parameters
Weight and Fee Structure
QSBitcoin implements special weight calculations and fee incentives for quantum signatures:
Transaction Weight
- ML-DSA signatures: 3x weight factor (25% discount vs ECDSA)
- SLH-DSA signatures: 2x weight factor (50% discount vs ECDSA)
- ECDSA signatures: Standard 4x weight factor
Fee Structure
- Standard fees: Based purely on transaction size
- ML-DSA: ~3.3KB signatures result in higher fees
- SLH-DSA: ~35KB signatures result in significantly higher fees
Transaction Limits
- Max weight: 1,000,000 (1MB) for quantum transactions
- Max signatures: 10 quantum signatures per transaction
- Max signature size: 50,000 bytes per signature
Using Quantum Signatures
To create a quantum-safe address:
- Generate a quantum key pair (ML-DSA or SLH-DSA)
- Create witness script:
<pubkey> OP_CHECKSIG_EX - Hash the witness script with SHA256
- Encode as bech32 P2WSH address
When spending, the signature includes the algorithm ID as its first byte, allowing the script interpreter to automatically select the correct verification method.
For detailed technical specifications, see our Developer Documentation.