Actually, we can consider commitment schemes as two properties: hiding and binding. For the data availability part, we only need the binding property of the commitment schemes. As we think of the threat of quantum computers, binding is not a big problem until a high-scale quantum computer arises. We can change the commitment schemes when the quantum computer will be a real threat. At this stage, I think efficiency is more of a priority. But of course, the situation is different for the zk-proof side. Because even if there is no quantum computer now, all data can be collected now and the hiding feature will be broken when there is a quantum computer in the future. Just thinking about the issue from this perspective. We can discuss it later.

In the above scenario, the commitment schemes that are vulnerable to quantum computing are those based on elliptic curves. For the hash-based ones, quantum computing is not a threat

The prediction for high-scale quantum computers is that they can be put into operation in 2030. I'm adding this information for decision-making when considering the Nomos project timeline. Resources: https://www.ibm.com/topics/quantum-safe-cryptography and https://www.nature.com/articles/s41586-022-04623-2