ACE Chain is the first L1 with native ML-DSA-44 (FIPS 204) signatures as first-class citizens — not a migration plan, but production-ready from day one.
Ed25519 and ML-DSA-44 coexist at every protocol level — consensus, account, and client layers. Both are first-class peers, not a primary/fallback hierarchy. The same account can switch algorithms at any time via OP_SET_AUTH_PUBKEY, without changing its on-chain identity or balances.
A single 16-byte Identity Material seed deterministically derives all key types through HKDF with distinct context strings. One seed, multiple algorithms, one identity.
Because the identity commitment (idcom) is derived independently of any key algorithm, swapping from Ed25519 to ML-DSA-44 is a single on-chain operation. No state migration. No address changes. No contract redeployment. The account, its balance, and its entire transaction history remain intact.
ACE Chain separates authorization from execution at the protocol level. TaggedSignature verification happens before VM dispatch. This means every VM engine — EVM, SVM, BVM, TVM, and Native — automatically inherits PQC protection without any modification.
Users can sign EVM contract calls with ML-DSA-44 today. The authorization layer verifies the post-quantum signature and passes a verified idcom to the execution layer. The EVM sees a standard msg.sender derived from idcom — it has no awareness of which algorithm was used.
Deploy Solidity contracts as-is. Get quantum protection with zero code changes. msg.sender is derived from idcom.
Solana programs execute with PQC-verified identities. No program modification needed.
Bitcoin Script transactions verified with post-quantum signatures at the authorization layer.
Tron contracts inherit PQC protection through the same authorization/execution separation.
ACE Chain supports two transaction paths that share the same account and balances. Users can transition to post-quantum security at their own pace — or never, if they choose.
Use MetaMask, Phantom, or any legacy wallet. Transactions are signed with Ed25519 or Secp256k1 as usual. Full backward compatibility with existing tooling — Hardhat, Foundry, Anchor, and more.
Use Yallet or any PQC-capable wallet. Transactions are signed with ML-DSA-44 for post-quantum security. Same account, same balances, same contracts — different signature algorithm.
Both paths resolve to the same idcom on-chain. A user can sign a transaction with MetaMask in the morning and with Yallet (ML-DSA-44) in the afternoon, and both hit the same account with the same balance.
Every signature on ACE Chain is wrapped in a self-describing TaggedSignature envelope. The format is minimal: a 1-byte algorithm tag, a 2-byte length (little-endian), and the raw signature bytes.
| Algorithm | Tag | Signature Size | Total Wire Size |
|---|---|---|---|
| Ed25519 | 0x00 |
64 bytes | 67 bytes |
| Secp256k1 | 0x01 |
64 bytes | 67 bytes |
| ML-DSA-44 | 0x02 |
2,420 bytes | 2,423 bytes |
| HMAC-SHA256 | 0x03 |
32 bytes | 35 bytes |
The larger ML-DSA-44 signatures (2,420 bytes vs 64 bytes) do not affect throughput because signature verification is decoupled from execution. The ZK batching layer absorbs the verification cost, and the AR-ACE attestation relay handles bandwidth optimization for mempool propagation.
PQC-signed EVM transactions execute on ACE Chain's n-VM, not on Ethereum mainnet. ACE Chain provides an EVM-compatible execution environment where Solidity contracts run with full fidelity — but the security boundary is ACE Chain's authorization layer.
Cross-chain interoperability with Ethereum, Solana, or other L1s requires bridges. ACE Chain's PQC protection covers transactions within its own execution environment. Bridge messages to external chains revert to those chains' native security models.
Most L1 chains treat post-quantum cryptography as a future migration problem. ACE Chain treats it as a launch requirement.
| Dimension | ACE Chain | Ethereum | Solana |
|---|---|---|---|
| PQC Status | Production-ready | Multi-year roadmap | No concrete plan |
| TPS Impact | 0% change | ~85% drop projected | ~90% drop projected |
| State Migration | None required | Full state migration | Full state migration |
| Contract Changes | Zero modifications | Rewrite precompiles | New program model |
| Address Changes | None (same idcom) | New address format | New address format |
| User Action Required | Switch wallet | Migrate everything | Migrate everything |
| Timeline | Available now | Years away | Years away |
ACE Chain uses ML-DSA-44 (FIPS 204), the NIST-standardized lattice-based digital signature algorithm. ML-DSA-44 provides 128-bit security against both classical and quantum adversaries, based on the Module-LWE hard problem.
NIST-approved post-quantum digital signature standard. Not experimental — this is the production standard selected after a decade-long evaluation process.
Security based on the hardness of Module Learning With Errors. Resistant to Shor's algorithm and all known quantum attacks.
Implemented via the fips204 crate. No C FFI, no unsafe dependencies. Runs natively on all platforms: native, WASM, iOS, Android.
The same implementation works across server nodes, browser WASM, mobile apps, and embedded devices. One codebase, universal PQC.