Existing homomorphic ring signature schemes are scarce and fail to simultaneously achieve strong anonymity and homomorphic computability, hindering post-quantum secure deployment in confidential blockchain and secure multi-party computation. Method: We propose the first lattice-based linearly homomorphic ring signature scheme, constructed in the standard model under the SIS assumption, unifying the security goals of ring signatures and linearly homomorphic signatures for the first time. Contribution/Results: Our scheme guarantees strong anonymity even under full key exposure and resists insider collusion attacks, while ensuring existential unforgeability. It supports homomorphic aggregation and verification of arbitrary linear combinations of signatures. This work establishes the first practical, post-quantum secure theoretical foundation and construction paradigm for applications requiring both anonymous data provenance and verifiable homomorphic computation.

Homomorphic ring signature schemes combine the strong anonymity of ring signatures with the computability of homomorphic signatures, demonstrating significant potential in scenarios requiring both anonymous data provenance and verifiable homomorphic computation (e.g., confidential blockchain transactions and secure multi-party computation). However, no feasible homomorphic ring signature scheme currently exists. In this work, we propose the first lattice-based linearly homomorphic ring signature scheme. Proven secure in the standard model under the small integer solution (SIS) assumption, our scheme achieves strong anonymity under full key exposure and unforgeability against insider corruption attacks. As the first unified framework for ring signatures and linear homomorphic signatures, this construction provides a post-quantum-secure solution for the aforementioned applications, advancing the development of privacy-enhanced homomorphic computation.