If you haven't had enough quantum stuff by now, the world seems determined to get you there. Here is Local host Research announcing a new quantum working group:

Localhost Research is excited to announce a new initiative. This initiative is in partnership with two world-class cryptographers: Benedikt Bünz and Dan Boneh.

They divide approaches to the quantum problem into two categories:

1. Reactive proposals are measures the network might adopt in response to a sudden, unexpected CRQC deployment. They are intended as temporary mechanisms that let users safely transition to a post-quantum signature scheme (PQSS).
2. Proactive proposals, by contrast, introduce lasting new PQSSs and related primitives that willing users can migrate to before a CRQC is deployed.

And of these two,

we believe that a subset of proactive cryptographic research problems are within scope of our new initiative. We also hope to contribute to the process of standardizing and developing reference implementations of post-quantum schemes as they achieve rough consensus.

Then they have these rather nice explanations of the different kinds of cryptography that can be useful to Bitcoin in a post-quantum computer world:

Within this category, there is a broad spectrum of post-quantum primitives, each making different tradeoffs between conservatism, functionality, efficiency, and implementation risk. At the most conservative end are hash-based signature schemes which rely on assumptions about hash functions rather than newer algebraic hardness assumptions. They are often cumbersome in practice, with large signatures, limited signing models, or state-management constraints, but they offer an important baseline precisely because they introduce so little cryptographic novelty.

Moving along the spectrum are lattice-based signature schemes, which are significantly more flexible and promising from a systems-design perspective, and will eventually support features that are much closer to what Bitcoin users have come to expect from modern signing systems. At the same time, the signatures are quite large and depend on newer cryptographic assumptions and have not yet enjoyed the same operational history as ECDSA, Schnorr, or the hash functions already deeply embedded in Bitcoin.

Further out still are more exotic families, including isogeny-based constructions and other advanced approaches, which are attractive in theory because they may offer compactness or richer functionality, but which remain far less mature and, in some cases, have experienced major cryptanalytic setbacks. For Bitcoin, this suggests a roadmap that begins with the most conservative post-quantum signature tools, while still investing in research on more expressive schemes that could eventually recover important functionality without compromising long-term security

Localhost seems most interested in working on hash-based schemes:

Given this landscape, our initial research objective is to perform a formal review of the design, security assumptions, concrete parameterization, and Bitcoin-specific tradeoffs of the SHRINCS/SHRIMPS proposals, including signature size, verification cost, key-management constraints, and suitability for consensus-critical deployment.

Building on that foundation, we are investigating threshold constructions for hash-based signatures that preserve verification compatibility at the consensus layer, ideally yielding a single signature artifact verifiable by the same logic as the corresponding non-threshold scheme. We are designing this threshold scheme such that it enables the threshold t to remain secret. Beyond these properties, we are specifically interested in threshold signing protocols that shift coordination complexity off-chain while minimizing or eliminating additional on-chain verification complexity.

Over the longer term, we view this line of research not merely as a way to make hash-based signatures more usable, but as a path toward recovering functionality that conservative post-quantum schemes do not natively provide. In particular, Bitcoin today benefits from structural properties of elliptic curve systems that support things like watch-only wallets, adaptor signatures, and related constructions for multiparty coordination and conditional payments. Hash-based signatures are attractive precisely because they are conservative, but they do not naturally reproduce much of this functionality. We believe not all of it is lost, and are excited to explore mechanisms by which powerful thresholdization and watch only-wallet functionality can be restored in creative ways.

More broadly, this research is not only an exercise in making hash-based schemes deployable; it is also a way to motivate longer-term work on more expressivity. Not only will we research ways to extend the functionality of hash-based signatures to support features we have all become accustomed to, this initial research will serve as a bridge towards constructions that depend on cryptographic primitives that extend beyond that hash-based paradigm. While it’s unlikely Bitcoin will consider non-hash-based primitives in the immediacy, it’s important that they are investigated within the context of Bitcoin’s limitations and usability requirements. We believe the future is bright, and with enough time, research, and battle-hardening, lattice and SNARK-based cryptosystems may one day be adopted by the Bitcoin community.

All in all, I like their approach. With all the talk about quantum computing, it seems very reasonable to focus on evaluating a cryptography scheme that works well for Bitcoiners.