The Blockstream standard produces signatures of ~2,564 bytes while the SLH-DSA standard produces 7,872 bytes.
According to Google, the quantum resources needed to break BTC are 20 times less than estimated.
Blockstream Research, the research arm of the company co-founded by Adam Back, announced on March 30 the launch of SHRIMPS, a new digital signature scheme resistant to quantum computers.
The scheme applies when signing Bitcoin transactions: every time a user authorizes a movement of funds from their wallet, they generate a digital signature that certifies that they are the owner of those funds. SHRIMPS would replace the current signature algorithm (called ECDSA) by one resistant to quantum computers, and is designed to work in environments with multiple devices.
According to its whitepaper, the new scheme produces signatures of approximately 2,564 bytes with 128-bit security, “three times more compact than SLH-DSA«, the post-quantum signature standard approved by the US National Institute of Standards and Technology (NIST) in 2024, which generates signatures of 7,872 bytes, and which the researchers used as a reference for comparison. Schnorr signatures, introduced with Taproot in 2021, are exactly 64 bytes.
An important fact is that in Bitcoin size matters because each transaction that includes a signature, and the heavier signatures take up more space in each block. With fixed-size blocks, larger signatures mean fewer transactions per block, potentially higher fees for users, and higher storage requirements for the nodes maintaining the network.
The signatures of the ECDSA algorithm that Bitcoin uses today weigh between 70 and 75 bytes; Any post-quantum scheme involves a significant jump in that weight, so reducing it is a central technical priority.
A concrete example illustrates the problem. BTQ Technologies recently launched a Bitcoin testnet with post-quantum signatures based on NIST’s ML-DSA standard, and The weight of these signatures forced the maximum size of each block to increase from 4 MB of the main network to 64 MB to keep your operation fluid. SHRIMPS aims to reduce that impact.
Blockstream’s announcement comes at the same time Google Quantum AI published a study that reduces almost 20 times the quantum hardware resources necessary to compromise the cryptography that protects Bitcoin, as reported by CriptoNoticias.
Google research estimated that a quantum computer could derive the private key of a Bitcoin transaction in approximately nine minutesbelow the average confirmation time of a block. That would make it technically possible to intercept transactions in transit before they are recorded on the chain.
What is SHRIMPS and what problem does it solve?
In December 2025, Blockstream Research presented SHRINCSa post-quantum signature scheme based on hash functions (considered resistant to quantum attacks because they do not depend on the mathematical problems that the algorithm of Shor can resolve) capable of producing signatures of just ~324 bytes.
The main drawback of SHRINCS was operational: it was designed to work efficiently on a single device. If a user wanted to restore their wallet on a second device (a common scenario with hardware wallets and backups), that system could not reliably transfer the state, so it generated signatures of several kilobytes, losing all the size advantage.
SHRIMPS, Blockstream’s new scheme, solves exactly that problem by allowing multiple devices or independent wallets loaded with the same seed produce 2,564-byte signatures autonomously.
SHRIMPS relies on SPHINCS+a NIST-approved signature standard based on hash functions whose security lies in mathematical properties studied for decades, unlike more recent and less tested approaches such as reticles or the isogenies.
On that basis, SHRIMPS operates with two signing paths: a compact one, for when the device signs for the first time, and a backup one, for later uses. Each device automatically decides which one to use based on its internal history. According to the whitepaper, the scheme is designed to Support up to 1,024 different devices operating with the same key.
What would it mean for Bitcoin users?
With SHRIMPS, a user with multiple devices loaded from the same seed (one main hardware wallet and one backupfor example) could sign post-quantum transactions from any of them without synchronization between devices.
The main limitation is that each device must keep an internal record of how many times it has signed. If that record is lost due to failure or reset, the device consumes part of the compact signature budget when restarting. The technical document clarifies that exceeding this budget does not collapse security abruptly, but rather degrades it gradually.
The scheme can also be combined with SHRINCS. The primary device would produce 324-byte signatures using SHRINCS, while any backup would use SHRIMPS to generate 2,564-byte signatures, avoiding falling into the heavier backup scheme.
Although it is a system with clear limitations, it attempts to solve the size of the signatures and quantum resistance at the same time.
Blockstream also tests anti-quantum shields on its Bitcoin sidechain
SHRIMPS is not Blockstream Research’s first post-quantum development. As CriptoNoticias reported, on March 3 the company explained that had transmitted the first transactions signed with SHRINCS on Liquid Networkthe side chain (sidechain) Bitcoin operated by Blockstream.
That test did not require modifying Liquid’s consensus rules: it was possible thanks to Simplicity, that network’s smart contract language, which allowed to integrate the post-quantum signature verifier directly in spending conditions.
However, SHRINCS (and by extension SHRIMPS) are Blockstream’s own developments introduced in late 2025 and early 2026, pending independent security audit, unlike the NIST standards that underwent years of review by the international crypto community.
Bringing any of these schemes to Bitcoin’s base layer would require an extensive consensus process between developers, miners, and node operators, with no formal proposal or set date for it.
The launch of SHRIMPS reflects a broader trend: while the deadlines to have quantum hardware capable of attacking Bitcoin are compressed, different teams in the ecosystem are accelerating the development of concrete solutions. The open question is not whether Bitcoin will need to migrate to post-quantum cryptography, but when the community will reach consensus to do so.