Quote Signing (ed25519)
Every quote in HyperDex must be signed by the maker's registered ed25519 hot key. This is what makes the protocol trustless: the on-chain contract independently verifies the signature before executing any swap.
Why ed25519?
ed25519 is a fast, secure elliptic-curve signature scheme natively supported by Stellar and Soroban. It produces 64-byte signatures that can be verified in a single Soroban instruction. It is the same scheme used by Stellar keypairs, making SDK integration straightforward.
What is signed?
The maker signs SHA256(XDR(quote)) — the SHA-256 hash of the XDR-encoded Quote struct. This ensures the signature covers every field of the quote (amounts, addresses, expiry, salt) and cannot be reused for a different quote.
Hot key vs. wallet key
The signing key is a hot key that lives in the Maker SDK. It is separate from the maker's Stellar wallet keypair, which controls the maker_pool inventory. This separation limits exposure: if the hot key is compromised, the attacker can sign fake quotes but cannot withdraw pool funds.