Quantum Cheques

Publicly-verifiable quantum money has been a central focus in quantum cryptography. To date, no constructions for this primitive exist based on standard assumptions. In this study, we propose an alternative notion which we refer to as $\textit{quantum cheques}$ (QCs). A quantum cheque can be verified using a public-key but only by a single user. Specifically, the payer signs the quantum cheque for a particular recipient using their ID, and the recipient can validate it without the assistance of the bank, ensuring that the payer cannot assign the same cheque to another user with a different ID. Unlike quantum money, QCs only necessitate quantum communication when a cheque is issued by the bank, meaning all payments and deposits are entirely classical! We demonstrate how to construct QCs based on the well-studied learning-with-errors (LWE) assumption. In the process, we build two novel primitives which are of independent interest. Firstly, we construct $\textit{signatures with publicly-verifiable deletion}$ under LWE. This primitive enables the signing of a message $m$ such that the recipient can produce a classical string that publicly proves the inability to reproduce a signature of $m$. We then demonstrate how this primitive can be used to construct $\textit{2-message signature tokens}$. This primitive enables the production of a token that can be used to sign a single bit and then self-destructs. Finally, we show that 2-message signature tokens can be used to construct QCs.