One-time signatures are the best solution, no matter which algorithm/library to use

thread

thread

The solution is simple, use the same private key only once.

Data fields:
- nextPublicKeyHash // hash of the public key for next data sign
- nonce // counter, must be +1
- signature // signature computed by nextPublicKeyHash of previous data

Persistent address support methods:
- uuid // include uuid in body
- merkle tree root // pre generate n private keys, build merkle tree of n public keys
- contract address

Even if your DS algo implementation is completely vulnerable, the private key isn’t used after signing. (attack surface greatly reduced, just don’t use the same key again)