PQHD (Post-Quantum Hierarchical Deterministic) is Tidecoin's wallet key derivation system. It extends Bitcoin's BIP-32 HD wallet concept to post-quantum signature schemes using hardened-only derivation with SHA-512-based KDF.

Can I use the same seed for multiple PQ schemes?

Yes. PQHD supports multi-seed with per-seed scheme policies. The derivation path includes a scheme identifier, so the same master seed can generate keys for Falcon-512, Falcon-1024, ML-DSA-44, ML-DSA-65, and ML-DSA-87.

Is PQHD compatible with standard BIP-32 wallets?

No. PQHD is a fundamentally different derivation system designed specifically for post-quantum schemes. BIP-32's non-hardened derivation is inherently unsafe for lattice-based cryptography and was removed entirely.

PQHD: Post-Quantum Hierarchical Deterministic Wallet

PQHD is Tidecoin's custom wallet key derivation system that replaces Bitcoin's BIP-32. BIP-32 relies on elliptic curve arithmetic for key derivation — Shor's algorithm makes any exposed extended public key (xpub) equivalent to an exposed private key. PQHD uses hardened-only derivation with SHA-512-based KDF, supporting all five NIST post-quantum signature schemes with encrypted multi-seed storage.

// why bip-32 is broken

Why is Bitcoin's BIP-32 HD wallet broken by quantum computers?

BIP-32's extended public key (xpub) mechanism derives child public keys from a parent public key using elliptic curve point addition. In a quantum setting:

Shor's algorithm

Shor's algorithm derives the private key from any public key in polynomial time.

xpub = xpriv

An exposed xpub is equivalent to an exposed xpriv.

No PQ homomorphism

No NIST post-quantum signature scheme supports the homomorphic public key derivation that BIP-32's non-hardened derivation requires.

PQHD eliminates this vulnerability by using hardened-only derivation — every path element uses the private key material, and no public-key-only derivation exists.

// how it works

How does PQHD key derivation work?

All elements are hardened (high bit set).

Derivation path

m / 10007' / 6868' / scheme' / account' / change' / index'

10007'Tidecoin PQHD purpose
6868'Tidecoin coin type
scheme'PQ scheme identifier (Falcon-512, Falcon-1024, ML-DSA-44/65/87)
account' · change' · index'user-controlled derivation

Seed ID

domain-separated identifier

Seed ID: SHA-256("Tidecoin PQHD seedid v1" || master_seed) — domain-separated identifier.

seed_id = SHA-256("Tidecoin PQHD seedid v1" ‖ master_seed)

Master node

initial expansion

Master node: HMAC-SHA-512 from 32-byte master seed.

(master, chain) = HMAC-SHA-512(key, master_seed)

Child derivation (CKD)

hardened-only

Child derivation (CKD): HMAC-SHA-512 chained using parent secret material.

CKD(parent, i') = HMAC-SHA-512(parent.chain, parent.secret ‖ i')

Leaf extraction

HKDF stream

Leaf extraction: HKDF-based stream key derivation with scheme-specific domain separation.

stream = HKDF(leaf, info = "pqhd-scheme-" ‖ scheme_id)

Keypair generation

scheme-specific

Keypair generation: Scheme-specific conversion — Falcon uses first 48 bytes, ML-DSA uses first 32 bytes as deterministic seed.

falcon: keygen(stream[0..48]) · mldsa: keygen(stream[0..32])

// wallet features

What features does the PQHD wallet provide?

Multi-seed support

Independent seeds with per-seed scheme policies.

Per-seed scheme selection

Different PQ schemes for different seeds.

Configurable defaults

Set default receive and change address schemes.

Encrypted storage

Seeds encrypted with wallet master key (PQHDCryptedSeed).

Memory safety

All secret material cleansed via memory_cleanse() after use.

PSBT support

Proprietary PQHD origin metadata fields for offline signers.

Descriptor integration

Descriptor syntax for PQHD outputs.

wpkh(pqhd(SEEDID)/purpose'/cointype'/scheme'/account'/change'/index')

// rpc commands

PQHD wallet RPC commands

Manage PQHD seeds and scheme policies directly from tidecoin-cli.

tidecoin-cli.pqhdrpc

01$ tidecoin-cli setpqhdpolicy <recv> <change>

02# Set default PQ scheme for receive / change addresses

04$ tidecoin-cli listpqhdseeds

05# List PQHD seeds tracked by the wallet

07$ tidecoin-cli importpqhdseed <seed_hex>

08# Import a 32-byte PQHD master seed

10$ tidecoin-cli setpqhdseed <recv> [change]

11# Select default seed IDs for derivation

13$ tidecoin-cli removepqhdseed <id>

14# Remove non-default, unreferenced seed

// pqhd faq

PQHD FAQ

All FAQ