Meeting Time: Wednesday, April 29, 2026 at 13:00 UTC (60 minutes)
The meeting focused on post-quantum transaction signature solutions, with three presentations showcasing different approaches. Riva Labs presented their “Nestri” solution using Winternitz one-time signatures, demonstrating a working wallet implementation that maintains stable addresses while rotating ephemeral keys for each transaction. Nico presented “Jardine,” a stateless hash-based signature scheme using Sphinx variants that can work on hardware wallets, including a new NIST-compliant version requiring only 142K gas. Mahdi presented a zero-knowledge proof-based solution that never reveals public keys, using Longflow ZK to provide post-quantum security with fast proving times of 87 milliseconds. The presentations covered various technical aspects including security analyses, multi-device support, and hardware wallet integration, with presenters demonstrating live wallet demos and discussing trade-offs between different approaches.
The meeting focused on post-quantum transaction signature solutions. Antonio provided context about previous discussions, including Riva Labs’ presentation of a female key solution based on elliptic curve cryptography during Post Quantum transaction signature 4. The current session was planned to feature presentations from Riva Labs on a solution using Winder’s keys, Nico presenting a solution using Force, and Mahdi presenting a more advanced approach. The meeting began with technical difficulties regarding screen sharing, followed by Antonio setting time limits for the presentations (15 minutes for Riva and Nico, 10 minutes for Mahdi) and preparing to start the presentations.
Alessandro presented an update on the Nestri project, which focuses on improving user identity security on-chain through account construction and signer rotation. He explained two main approaches: a CDSA mode as a bridge solution for immediate implementation with minimal overhead, and a post-quantum safe mode using one-time signatures based on Winternitz’s scheme. Alessandro detailed the trade-offs of each approach, including considerations for backup signers, multi-device usage, and off-chain signing capabilities.
Conor presented a security analysis of the protocol and cryptography, focusing on NIST level 1 security across the WAP parameter set and implementation details. Matteo Vena demonstrated a working wallet called NiceTry, showing its functionality on the Ethereum testnet through a stake transaction and explaining gas considerations between different security modes. The team is currently working on recovery implementations, few-time signatures, hardware support, and multi-chain ephemeral keys accounts, with a repository to be shared containing detailed security analysis files.
The team discussed the implementation of different key rotation modes in their wallet, including ECDSA and a new GDSA mode. Alessandro explained how the stable address is derived using the hash of the public key, similar to ECDSA. Matteo Vena confirmed they are exploring multiple time signature schemes to support various use cases. The discussion addressed concerns about transaction reverts in the GDSA mode, with Matteo Vicari clarifying that keys are only rotated when transactions are valid, and gas limits can be managed to prevent issues. Nico briefly mentioned his project Jarden, which uses a different approach allowing multiple signatures with the same key, and noted that integrating it into the Nestray wallet would be relatively straightforward.
Nico presented a new website for visualizing Sphinx variants and discussed two main developments: a NIST-compliant Sphinx variant that works on Ethereum with 142K gas and a hybrid design called Jardine that enables signing on hardware wallets. The Jardine design combines stateless and stateful paths, allowing users to register lanes with 128 transactions that can be signed quickly on hardware wallets. Mahdi presented a different approach using zero-knowledge proofs to hide public keys and protect assets from quantum attacks, demonstrating a proof system with 87 milliseconds proving time though with larger proof sizes and higher gas costs.
8dj$cu8z)8dj$cu8z)8dj$cu8z)YouTube recording available: https://youtu.be/rnbBxopGMOI