If an additional layer of symmetric-key crypto is required (for, say, post-quantum resistance), WireGuard also supports an optional pre-shared key that is mixed into the public key cryptography
If it wasn't clear that changing the public peer seem troublesome since it changes its ID (IMHO), you'll have to decide which one you prefer. I don't know what you mean by "efficient".
Also, you forgot 3:
Change both 1 and 2
(I'm getting a feeling this is about to enter tin foil hat mode.)
Your questions assume you control both peers anyway.
If you plan to ask the same questions three times, perhaps you could explain what "efficient" means to you?
Stopping attacks against quantum computers that haven't been built for production yet, while modern machines would take thousands of years seems "well suited" to secure...so I'm confused on what you're asking.
Did you read the information I provided in Post No. 2?
A pre-shared key is the secret, if someone intercepts it while you are sending it to a peer they have what they need to decrypt the communication.
When you rotate public-private keys each peer generates a new private key and keeps it secret. Only the public key needs to be sent to the other peer(s). It isn't necessary to keep a public key secret since it is only useful when combined with the private key.
Isn’t it the same as in OpenVPN that the PSK only makes the handshake for the asymmetric crypto is the fog and quantum computers sucks at symetric cryptos. And there you have the “poor mans hand quantum protection”.
So even if you have the PSK you still need to crack the asymetric crypto with the quantum computer.