We present XSOC-QSIG-3P, a three-party transferable designated-verifier signature mode in which a signer P1 authorizes a transaction, a holder P2 forwards it, and a verifier P3 accepts it without ever interacting with P1. Unlike prior three-party constructions which require broadcast for information-checking (e.g., the Fitzi-style 4-broadcast variant in SILMARILS, arXiv:2605.03230v1), QSIG-3P uses two point-to-point messages and zero broadcast rounds. Signatures are 30 bytes; the integrity-check (IC) tag binding (m, sigma, seq) to the P1-P3 pairwise root is 32 bytes. Replay protection is intrinsic to the protocol via a strict-monotonic transaction sequence number; transferability follows from MAC unforgeability under independent pairwise roots. The construction is parameterised over an underlying single-pair information-theoretic signature scheme and a domain-separated MAC; the production instantiation is rooted in DSKAG (Deterministic Symmetric Key Agreement) and the XSOC wave-engine MAC, both audited under XSOC's existing cryptographic stack. We report a Rust reference implementation released under Apache-2.0, a private production adapter, and benchmarks demonstrating per-call signing in 6.83 microseconds at 32 bytes (approximately 146,500 signatures per second per core) on commodity x86 hardware. We compare QSIG-3P with SILMARILS, sequential ECDSA, and broadcast-based three-party schemes; QSIG-3P signatures are 5.3x smaller on the wire than the closest published academic alternative.
Richard Blech (Fri,) studied this question.