Skip to content

feat: post-quantum signature support (SLH-DSA / FIPS 205) #46

Description

@avrabe

Context

wasmsign2 uses Ed25519 for Wasm module signatures. portal-co/wasmsign3 is an experiment replacing this with SLH-DSA (FIPS 205, stateless hash-based signatures via Shake128s) — a post-quantum scheme.

for safety-critical and long-lived embedded targets, post-quantum readiness may become a compliance requirement. rather than a separate tool, sigil could support SLH-DSA as an additional signing backend alongside Ed25519 and Sigstore keyless.

Scope

  • evaluate SLH-DSA parameter sets (Shake128s, Shake256s, etc.) for signature size vs. security tradeoffs
  • add SLH-DSA as a signing/verification backend in wsc-lib
  • ensure no_std compatibility (the slh-dsa crate supports default-features = false)
  • maintain backwards compatibility with existing Ed25519 signatures

References

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions