explaingit

quipnetwork/hashsigs-rs

11,558RustAudience · developerComplexity · 4/5LicenseSetup · hard

TLDR

A Rust library implementing quantum-resistant WOTS+ digital signatures, with a companion program that deploys the same logic as a Solana smart contract. Early-stage and research-grade.

Mindmap

mindmap
  root((repo))
    What It Does
      WOTS+ signing
      Post-quantum security
      Solana smart contract
    Tech Stack
      Rust
      Solana CLI
      Keccak256
    Structure
      Core Rust library
      Solana program
      Test vectors
    Use Cases
      Quantum-safe Solana
      Rust crypto library
    Requirements
      Rust 1.70 or later
      Solana CLI for chain
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Use as a standalone Rust library to sign and verify data with quantum-resistant WOTS+ signatures

USE CASE 2

Deploy the included Solana program to verify post-quantum signatures on-chain in a Solana application

USE CASE 3

Test WOTS+ against known vectors using keccak256 to validate correctness before integrating into a production system

Tech stack

RustSolanaKeccak256

Getting it running

Difficulty · hard Time to first run · 1h+

On Mac, install Rust via the official rustup installer, not Homebrew, Solana CLI is required for the on-chain program.

Source code must remain open under AGPL-3.0, if you use this in a network service, you must publish your modified source code.

In plain English

This repository is a Rust implementation of WOTS+, the Winternitz One-Time Signature scheme, with additional support for running as a Solana program. It is the Rust counterpart to a related Solidity implementation from the same organization, covering the same post-quantum signature concept but targeting the Solana blockchain instead of Ethereum. WOTS+ is a hash-based digital signature scheme. Hash-based signatures are considered quantum-resistant because their security relies on hash functions, which quantum computers are not expected to break in the way they are expected to break the math behind standard encryption. The one-time aspect means each key pair should only be used to sign a single message, signing more than once with the same key undermines the security the scheme provides. The library has two parts. The core implementation lives in the src directory and can be built and used as a standalone Rust library. The solana directory contains a program (the Solana term for a smart contract) that wraps the same logic for deployment on the Solana blockchain. The tests directory contains test vectors and unit tests, and the README includes a command to run tests against specific known vectors using a keccak256 hash variant. The README is brief and covers only build and test commands. It notes that on Mac, Rust should be installed via the official installer rather than Homebrew. Solana CLI tools are required for the on-chain program work. The library requires Rust 1.70 or later and is available under the AGPL-3.0 license.

Copy-paste prompts

Prompt 1
I want to use hashsigs-rs to sign a message with WOTS+ in Rust and then verify it. Show me the function calls I need and how to manage the one-time key constraint so I never reuse a key.
Prompt 2
Help me deploy the Solana program in hashsigs-rs to devnet and call it from a TypeScript client to verify a WOTS+ signature on-chain.
Prompt 3
I'm setting up hashsigs-rs on a Mac. Walk me through installing Rust via the official installer and Solana CLI tools, then running the test suite to confirm the library works.
Open on GitHub → Explain another repo

← quipnetwork on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.