The Application of Ed25519 in MPC: Providing Secure Signatures for DApps and Wallets

In recent years, Ed25519 has become an important component of the Web3 ecosystem. Although popular blockchains like Solana, Near, and Aptos have widely adopted Ed25519 for its efficiency and cryptographic strength, true MPC solutions have not yet been fully applicable to these platforms. This means that while cryptographic technology has made progress, Ed25519 Wallets often lack the multi-party security levels that can eliminate the risks associated with a single private key. Without MPC, these wallets will continue to have the same core vulnerabilities as traditional wallets, leaving room for improvement in the protection of digital assets.

Recently, a mobile-friendly trading suite called Ape Pro was launched in the Solana ecosystem. This suite combines powerful trading features with mobile-friendliness and social login capabilities, providing users with an experience to create tokens.

The Current State of Ed25519 Wallets

It is important to understand the vulnerabilities of the current Ed25519 Wallet system. Typically, wallets use a seed phrase to create a private key, which is then used to sign transactions. However, traditional wallets are more susceptible to risks such as social engineering, phishing websites, and malware attacks. Since the private key is the only way to access the Wallet, it can be difficult to recover or protect it if issues arise.

This is where MPC technology fundamentally changes security. Unlike traditional wallets, MPC wallets do not store the private key in one location. Instead, the keys are divided into multiple parts and distributed across different locations. When a transaction needs to be signed, these key parts generate partial signatures, which are then combined using a Threshold Signature Scheme (TSS) to generate the final signature.

Since the private keys are never fully exposed on the front end, the MPC Wallet can provide exceptional protection against social engineering, malware, and injection attacks, elevating wallet security to a whole new level.

Ed25519 Curve and EdDSA

Ed25519 is a twisted Edwards form of Curve25519, optimized for double-scalar multiplication, which is a key operation in EdDSA signature verification. It is more popular compared to other elliptic curves because it has shorter key and signature lengths, and the signature computation and verification are faster and more efficient, while still maintaining a high level of security. Ed25519 uses a 32-byte seed and a 32-byte public key, with a signature size of 64 bytes.

In Ed25519, the seed is hashed using the SHA-512 algorithm, and the first 32 bytes are extracted from this hash to create a private scalar. This scalar is then multiplied by the fixed elliptic point G on the Ed25519 curve to generate the public key.

This relationship can be expressed as: Public Key = G x k

Here, k represents the private scalar, and G is the base point of the Ed25519 curve.

Support Ed25519 in MPC

Some security solutions do not generate a seed and hash it to obtain a private scalar, but instead directly generate a private scalar, then calculate the corresponding public key using that scalar, and use the FROST algorithm to generate threshold signatures.

The FROST algorithm allows private keys to be shared for independently signing transactions and generating a final signature. Each participant in the signing process generates a random number and makes a commitment to it, which is then shared among all participants. After sharing the commitments, participants can independently sign transactions and generate the final TSS signature.

The FROST algorithm can generate valid threshold signatures while minimizing the required communication compared to traditional multi-round schemes. It also supports flexible thresholds and allows for non-interactive signing among participants. Once the commitment phase is completed, participants can independently generate signatures without further interaction. In terms of security, it can prevent forgery attacks without limiting the concurrency of signing operations, and it can abort the process in case of participant misconduct.

Using Ed25519 Curve in Security Schemes

Some security solutions introduced Ed25519 support, which is a significant advancement for developers building DApps/Wallets on chains that utilize the Ed25519 curve. This new feature provides new opportunities for building DApps and Wallets with MPC functionality on popular chains like Solana, Algorand, Near, and Polkadot.

Ed25519 now also receives native support from some secure nodes, which means that non-MPC SDKs based on Shamir Secret Sharing can directly use Ed25519 private keys in various solutions, including mobile, gaming, and Web SDKs. Developers can explore how to integrate these secure solutions with blockchain platforms such as Solana, Near, and Aptos.

Conclusion

In summary, the MPC technology supporting EdDSA signatures provides enhanced security for DApps/Wallets. By leveraging true MPC technology, it does not require the private key to be exposed on the front end, significantly reducing the risk of attacks. In addition to strong security, it also offers seamless, user-friendly login and more efficient account recovery options. The application of this technology will bring a safer and more convenient user experience to the Web3 ecosystem.