MLabs: ポスト量子署名検証サポート

The cryptographic signatures Cardano scripts and dApps rely on today — Ed25519, ECDSA, and Schnorr — will all become breakable when sufficiently capable quantum computers arrive. The migration timeline isn't urgent yet, but it is finite, and "harvest now, decrypt later" is already a real concern for long-lived assets and high-value scripts. NIST has standardized the first generation of post-quantum signature schemes (ML-DSA, SLH-DSA, Falcon). Multiple chains — Algorand among them — already support post-quantum signatures natively. Cardano scripts cannot currently use any of them. This proposal closes that gap. We will, conditionally on approval from the relevant projects: 1. **Research and compare** the available post-quantum signature schemes against Cardano's specific constraints, and publish a public report recommending one for implementation along with the reasoning and alternatives considered. 2. **Author and shepherd a CIP** describing a UPLC builtin for verifying signatures from the recommended scheme. 3. **Implement the scheme** in cardano-base and the corresponding builtin in Plutus Core. 4. **Provide language wrappers** in Plinth, Plutarch, and Aiken so the new capability is immediately usable from Cardano's three main smart contract languages. 5. **Build a proof-of-concept smart contract wallet** using post-quantum signatures, demonstrating the new capability end-to-end. This proposal addresses **CPS-0027 ("Approaches to Post-Quantum Signatures")** — a current Cardano Problem Statement , **authored by an MLabs Tech Lead.** No other team is positioned to deliver this work: MLabs is the only organization outside IOG to have implemented and shipped Plutus Core primitive operations (secp256k1/ECDSA and bit-level manipulation) to mainnet.