Introducing Ed25519: Enhancing Security for Applications and Wallets

In recent years, Ed25519 has become a highly regarded technology in the Web3 ecosystem, with several popular blockchain projects such as Solana, Near, and Aptos adopting this technology. Although Ed25519 is widely popular due to its efficiency and cryptographic strength, true multi-party computation (MPC) solutions have not yet been fully applicable to these platforms.

This means that, even as cryptographic technology continues to advance, wallets based on Ed25519 typically still lack multi-party security mechanisms to eliminate the risks associated with a single private key. Without the support of MPC technology, these wallets will continue to face the same core security vulnerabilities as traditional wallets, and there is still significant room for improvement in protecting digital assets.

Recently, a Solana ecosystem project launched a mobile-friendly trading suite called Ape Pro. This suite combines powerful trading features with mobile and social login capabilities, as well as an experience for token creation. The social login function of this innovative product is supported by a specialized Web3 authentication service.

The Current State of Ed25519 Wallets

Understanding the vulnerabilities of the current Ed25519 Wallet system is crucial. Typically, Wallets use mnemonic phrases to generate private keys, which are then used to sign transactions. However, traditional Wallets are susceptible to attacks such as social engineering, phishing websites, and malware. Since the private key is the only way to access the Wallet, it is difficult to recover or protect it once an issue arises.

This is where MPC technology can fundamentally change security. Unlike traditional wallets, MPC wallets do not store private keys in a single location. Instead, the keys are split into multiple parts and distributed across different locations. When a transaction needs to be signed, these key parts generate partial signatures, which are then combined through a threshold signature scheme (TSS) to produce the final signature.

Since the private key is never fully exposed on the front end, the MPC Wallet can provide exceptional protection, effectively preventing social engineering, malware, and injection attacks, thereby elevating the wallet's security to a whole new level.

Ed25519 Curve and EdDSA

Ed25519 is a twisted Edwards form of Curve25519, optimized for double-base scalar multiplication, which is a key operation in EdDSA signature verification. Compared to other elliptic curves, Ed25519 is more popular because it has shorter key and signature lengths, and the signature computation and verification are faster and more efficient while still maintaining a high level of security. Ed25519 uses a 32-byte seed and a 32-byte public key, with a generated signature size of 64 bytes.

In Ed25519, the seed is hashed using the SHA-512 algorithm, and the first 32 bytes of this hash are extracted to create a private scalar. This scalar is then multiplied by the fixed elliptic point G on the Ed25519 curve to generate the public key.

This relationship can be expressed as: Public Key = G x k

where k represents the private scalar, and G is the base point of the Ed25519 curve.

How to Introduce Ed25519 Support

Some advanced authentication systems adopt different approaches. Instead of generating a seed and hashing it to obtain a private scalar, they directly generate a private scalar, then use that scalar to compute the corresponding public key, and generate a threshold signature using the FROST algorithm.

The FROST algorithm allows private keys to share independently signed transactions and generate final signatures. During the signing process, each participant generates a random number and makes a commitment to it. These commitments are then shared among all participants. After the commitments are shared, participants can independently sign the transaction and generate the final TSS signature.

This method utilizes the FROST algorithm to generate valid threshold signatures while minimizing the required communication compared to traditional multi-round schemes. It also supports flexible thresholds and allows for non-interactive signing among participants. After the commitment phase is completed, participants can independently generate signatures without further interaction. In terms of security level, it can prevent forgery attacks without restricting the concurrency of signing operations and can abort the process in case of participant misconduct.

Using the Ed25519 Curve in Applications

The introduction of Ed25519 support is a significant advancement for developers building applications and wallets that utilize the Ed25519 curve for specific blockchains. This new feature provides new opportunities for building decentralized applications and wallets with MPC capabilities on popular chains like Solana, Algorand, Near, and Polkadot. To integrate MPC functionalities for the Ed25519 curve, developers can refer to the relevant documentation for detailed implementation of MPC EdDSA signatures.

Ed25519 now also has native support from some authentication nodes. This means that non-MPC SDKs based on Shamir secret sharing can directly use Ed25519 private keys in various authentication solutions, including mobile, gaming, and Web SDKs. Developers can explore how to integrate these authentication services with blockchain platforms such as Solana, Near, and Aptos.

Conclusion

In summary, MPC technology that supports EdDSA signatures provides enhanced security for decentralized applications and Wallets. By leveraging true MPC technology, it does not require the public exposure of private keys on the front end, significantly reducing the risk of attacks. In addition to strong security, it offers seamless, user-friendly login and more efficient account recovery options. The application of this technology will greatly enhance the security and user experience of the Web3 ecosystem.