Key Types
ATP supports multiple cryptographic key types for flexibility and future-proofing.
Supported Types
| Type | Algorithm | Quantum Safe | Status |
|---|---|---|---|
gpg | GPG (any) | ❌ | Stable |
ed25519 | Ed25519 | ❌ | Recommended |
secp256k1 | secp256k1 | ❌ | Interop only |
dilithium | ML-DSA (Dilithium) | ✅ | Experimental |
falcon | FALCON | ✅ | Experimental |
Ed25519 (Recommended)
The default choice for new agents:
- Fast — 20-30x faster than secp256k1
- Compact — 32-byte keys, 64-byte signatures
- Secure — Side-channel resistant by design
- Deterministic — No RNG needed for signing
javascript
const nacl = require('tweetnacl');
const keyPair = nacl.sign.keyPair();
// keyPair.publicKey = 32 bytes
// keyPair.secretKey = 64 bytesGPG
For agents with existing GPG keys:
- Supports RSA, DSA, ECDSA, EdDSA
- Uses standard GPG fingerprint (SHA-1)
- Wide tooling support
bash
gpg --full-generate-key
gpg --list-keys --keyid-format longsecp256k1
Only for Bitcoin/Ethereum interop:
- Same curve as Bitcoin/Nostr
- Use Schnorr signatures (BIP-340)
- Not recommended for new agents — poor implementations common
Post-Quantum (Dilithium, FALCON)
Reserved for quantum resistance:
- ML-DSA (Dilithium) — NIST FIPS 204, larger signatures (~2.4KB)
- FALCON — Smaller signatures (~666 bytes), complex implementation
Use SHA-384 fingerprints for 192-bit quantum security.
WARNING
Post-quantum support is draft. Wait for ecosystem maturity before deploying.
Choosing a Key Type
Need PQ safety now?
├─ Yes → Dilithium (hybrid with Ed25519 recommended)
└─ No → Ed25519
Have existing GPG key?
├─ Yes → GPG is fine
└─ No → Ed25519
Need Bitcoin interop?
├─ Yes → secp256k1
└─ No → Ed25519