hashsigs-py

Hashsigs-py is a Python package that implements WOTS+, a type of cryptographic digital signature based entirely on hash functions. Unlike most signing systems in use today, hash-based signatures are considered resistant to attacks from quantum computers, making this approach relevant to organizations thinking about long-term security.

The package is installed with pip and works out of the box using a pure Python implementation. For better performance, it can optionally build a Rust extension at install time. If the Rust toolchain is present on the system, the package detects it automatically and compiles the faster backend. The Python code then checks at runtime whether the Rust extension is available and falls back to pure Python if it is not. This means the package is usable on any machine, with the faster path available when Rust is set up.

Using the library involves three steps: generating a key pair from a seed, signing a message with the private key, and verifying the signature using the public key. Both key generation and signing accept raw byte strings. The README includes a one-line shell command that imports the package, runs a sign-and-verify cycle, and prints the result, providing a quick confirmation that the installation is working correctly.

The test suite has three tiers depending on what dependencies are available: full tests with vector validation require both the Rust extension and a keccak cryptographic provider, a reduced set runs with keccak but without Rust, and a minimal set runs with only the standard library. The README includes troubleshooting steps for common build failures on Python 3.13 and macOS. The project is released under the AGPL-3.0 license.