Identity

Accounts

An account is identified by a unique Make ID (mid, uint64) assigned by an onchain registry contract. The registry maps MIDs to Ed25519 owner keys.

Keys

All keys are Ed25519. Each account has one or more registered keys with explicit scopes:

Keys are registered onchain and relayed into the consensus layer as KEY_ADD / KEY_REMOVE messages (2P set) so validators can verify signatures without querying the chain.

Signature Scheme

• Ed25519 — fast verification (~60k verifications/sec on commodity hardware), compact signatures (64 bytes), deterministic signing (no nonce reuse risk)
• BLAKE3 — 32-byte digests for message hashing, commit hashing, and merkle tree construction

External Address Verification

Accounts can prove ownership of external blockchain addresses via VERIFICATION_ADD / VERIFICATION_REMOVE messages (2P set). Each verification requires a claim_signature proving the external key signed a deterministic challenge message.

Challenge Message

The message to sign is:

makechain:verify:<mid>

Where <mid> is the decimal string representation of the account's Make ID. For example, account 42 signs the UTF-8 bytes of makechain:verify:42.

Ethereum (ETH_ADDRESS)

Sign the challenge using EIP-191 personal_sign:

keccak256("\x19Ethereum Signed Message:\n" + len(message) + message)

The claim_signature is 65 bytes: r (32) || s (32) || v (1) where v is the recovery ID (0 or 1).

The address field is the 20-byte Ethereum address. The protocol recovers the public key from the signature, derives the address via keccak256(pubkey)[12..], and verifies it matches.

Solana (SOL_ADDRESS)

Sign the challenge using standard Ed25519:

ed25519_sign(keypair, "makechain:verify:<mid>")

The claim_signature is 64 bytes (standard Ed25519 signature). The address field is the 32-byte Solana public key. The protocol verifies the signature directly against the address.