<k​ayabanerve:matrix.org> chaser: Not without adding a hash.

<k​ayabanerve:matrix.org> Eh. A switch commitment could work?

<k​ayabanerve:matrix.org> If we decide a PQ scheme now, we could embed a PQ KEM into a switch commitment. In the future, a public registry of PQ keys could exist and it'd be verifiable as belonging to the address.

<k​ayabanerve:matrix.org> But it'd require making a bad decision now a public registry in the future

<c​haserene:matrix.org> thanks. deciding on the PQ scheme now sounds unrealistic for sure. and do I understand correctly that the public registry would require some liveness from the owner of the address, which isn't guaranteed to be the case?

<c​haserene:matrix.org> in the case of adding a hash, what would you hash?

How many legit PQ candidate schemes are there at the moment?

WIKI says there are 7.

With 8 alternate schemes.

<c​haserene:matrix.org> we only need signature algorithms (last column). of the many finalists, three were selected as winners / standardization targets (en.wikipedia.org/wiki/NIST_Post-Qua…ardization#Selected_Algorithms_2022). in "Zero-cost post-quantum mitigations for Seraphis" (gist.github.com/tevador/23a84444df2…7f1a#5-post-quantum-signature-algor<clipped message>

<c​haserene:matrix.org> ithms), tevador outlined that Falcon is patented, which leaves Sphincs+ and Crystals-Dilithium