I’ve been exploring simple ways to derive Bitcoin-style addresses using post-quantum signature schemes. I put together a small, two-program proof-of-concept to show how double-shake256 with SPHINCS+ using small paramaters can produce bitcoin sytled addresses. It would take more to get these as fully working addresses but this uses no elliptic curve maths & has a test mode to produce a multidue of keys to show quickly the outputs possible.

What happens:

- **prog1** takes a 32-byte seed and produces a fixed 105-byte slice from a SPHINCS+ signature.

- **prog2** reduces that slice to a 20-byte payload using SHAKE256-based methods, then creates two kinds of addresses:

  - Standard “real BTC” (double-SHA256 + Base58Check)

  - “shake + pq-checksum” (double-SHAKE256 + same Base58 format)

It also includes a simple role-based derivation system (Role 0 = master, higher roles = derived children), but that is mostly to show a simple way to get derived children from a master role.

The repo is here:

https://github.com/DigiMancer3D/sphincs-btc-pipeline

It is deliberately minimal, uses official SPHINCS+ reference code with very small SPHINCS+ parameters to make this happen. The idea is if this mehtod was used the paramaters could just be raised back to normal after a major PQC fork while offering a potential hybrid use-case for pre-QC. The parameters can be returned to normal with almost no changes to the pipeline after a PQC fork.

This is different since the payload is derived directly from the SPHINCS+ signature slice without relying on elliptic curves at any point.

I’m sharing this as a discussion piece / proof-of-concept. I’d be very interested in any feedback and questions.

-- DigiMancer3D