图片

In recent years, Ed25519 has become synonymous with the Web3 ecosystem because of popular blockchains such as Solana, Near, Aptos, etc. Although they are widely used for their efficiency and cryptographic strength, true MPC solutions are still not fully applicable to them.

This means that despite advances in cryptographic technology, Ed25519 wallets generally lack the level of multi-party security that can eliminate the risks associated with a single private key, and without MPC they will continue to have the same core vulnerabilities as traditional wallets, leaving room for improvement in protecting digital assets.

Just recently, Solana ecosystem project Jupiter launched Ape Pro, a mobile-friendly trading suite. Ape was launched together with Trading & Mint, combining a powerful trading suite with mobile-friendly and social login functions and token creation experience. Web3Auth provides technical support for its social login.

图片

Current status of Ed25519 wallet

Before we proceed, it’s important to understand the weaknesses of the current Ed25519 wallet system. Typically, wallets use a seed phrase to create a private key, which is then used to sign transactions. However, traditional wallets are more vulnerable to risks such as social engineering, fake websites, and malware attacks. Since the private key is the only way to access the wallet, it is difficult to recover or protect it if something goes wrong.

This is where MPC technology revolutionizes security. Unlike traditional wallets, MPC wallets do not store private keys in one location. Instead, the keys are divided into multiple parts and distributed in different locations. When a transaction needs to be signed, these key parts generate partial signatures, which are then combined using the Threshold Signature Scheme (TSS) to generate the final signature.

Since private keys are never fully exposed on the front end, MPC wallets can provide superior protection against social engineering, malware, and injection attacks, bringing wallet security to a whole new level.

Ed25519 Curve and EdDSA

Ed25519 is a twisted Edwards form of Curve25519 optimized for double-radix scalar multiplication, a key operation in EdDSA signature verification. It is preferred over other elliptic curves because of its shorter key and signature lengths, faster and more efficient signature computation and verification, while still maintaining a high level of security. Ed25519 uses a 32-byte seed and a 32-byte public key, and the resulting signature size is 64 bytes.

In Ed25519, the seed is hashed with the SHA-512 algorithm, the first 32 bytes are extracted from this hash to create a private scalar, and this scalar is then multiplied by a fixed elliptic point G on the Ed25519 curve to produce the public key.

This relationship can be expressed as: Public key = G x k

Here k represents a private scalar and G is the base point of the Ed25519 curve.

图片

How Web3Auth adds support for Ed25519

However, instead of generating a seed and hashing it to obtain a private scalar, the Web3Auth network directly generates a private scalar, which is then used to calculate the corresponding public key and generate a threshold signature using the FROST algorithm.

The FROST algorithm allows private key sharing to independently sign transactions and generate the final signature. Each participant in the signing process generates a random number and makes a commitment to it. These commitments are then shared among all participants. After sharing the commitment, participants can independently sign the transaction and generate the final TSS signature.

Web3Auth utilizes the FROST algorithm to generate valid threshold signatures while minimizing the required communication compared to traditional multi-round schemes. It also supports flexible thresholds and allows non-interactive signing between participants. After the commitment phase is completed, participants can generate signatures independently without further interaction. At the security level, it prevents forgery attacks without limiting the concurrency of signing operations and aborts the process when participants behave improperly.

How to use the Ed25519 curve in Web3Auth

The introduction of Ed25519 support in Web3Auth’s MPC Core Kit is a major advancement for developers building dApp/wallet-supported chains using the Ed25519 curve. This new addition opens up new opportunities to build MPC-enabled DApps and wallets on popular chains such as Solana, Algorand, Near, Polkadot, etc. To integrate MPC Core Kit for the Ed25519 curve, you can check out our documentation on MPC EdDSA signatures.

Ed25519 is now also natively supported by the Web3Auth node, which means that the Web3Auth non-MPC SDK based on Shamir Secret Sharing can use Ed25519 private keys directly in all Web3Auth solutions (including mobile, gaming, and web SDKs). Explore how to integrate Web3Auth with blockchain platforms such as Solana, Near, and Aptos.

图片

in conclusion

In summary, Web3Auth's MPC CoreKit supports EdDSA signatures, providing enhanced security for DApp/wallets. By leveraging true MPC technology, it does not need to expose private keys on the front end, greatly reducing the risk of attacks. In addition to strong security, it also provides seamless, user-friendly login and more efficient account recovery options.

For more information about Web3Auth, read:

  • How Heroes of Mavia works perfectly with Web3Auth

  • 1.5 million coins minted on-chain in six months: Mocaverse and Web3Auth redefine the Web3 ecosystem

  • Launch of NFT Services: Simplify the NFT purchasing process, making it more user-friendly and easy to integrate

图片

#Web3Auth #solana生态 #Jupiter #NFT​


OpenSea content you care about

Explore | Collect | Sell | Buy

Bookmark and follow OpenSea Binance Channel

Get the latest news