As of right now, there's no post-quantum signatures that *don't* eat up a lot of blockspace. There's no getting around this fact. What's cool about SPHINCS+ is that you can tune it to have smaller signatures, depending on how many resigns you need.

Exactly how big those signatures are won't be known until the BIP parameters get proposed, but they'll very likely be on the order of 50-100x larger than existing sigs

Elliptic curves are *really* elegant in how densely you can get 128-bit security; unfortunately they're (theoretically) breakable.

SPHINCS+ is pretty complex and I was questioning whether we really needed all the complexity for sigs; unfortunately I think the answer is yes and we will either have to increase the block size, accept lower through put, or pick a different option entirely like zero-knowledge proofs.