4/ Many thanks to Yuval Domb, @kobi.bsky.social , @lmao.bsky.social , and @nicomnbl.bsky.social for their valuable feedback and comments!

3/ Most existing literature does not clearly bridge theory and code. I aim to fill this gap with this writeup. Readers will gain a strong working intuition behind regular Montgomery multiplication and Logjumps. This may pave the way to new improvements and optimisations.

2/ As such, I wrote a research note to help cryptography engineers fully understand both techniques: baincapitalcrypto.com/a-deep-dive-...

1/ Earlier this year, Yuval Domb of @ingonyama.com discovered Logjumps — a more efficient way to do large-prime field multiplication than Montgomery multiplication. So much modern crypto relies on modular multiplication — all the way from TLS sessions to elliptic-curve based ZK proofs.

🧵 I've been experimenting with combining local-first software and the AT Protocol (atproto) to play with the design space of apps that live at both ends of the privacy spectrum - maximally private AND maximally public, without some of the downsides of the modern web. 

Why? 👇

Where is the secp256k1 signature of this individual post though?

TL;DR: You can easily derive ETH addresses from Bluesky PDS public keys, but it's really important to check who really controls those keys before sending funds. If the user isn’t self-hosting their PDS, any crypto you send will be held by Bluesky PBC, not them.

Remember these trust assumptions:

- The @bluesky
API must return the correct DID for a handle
- The DID PLC Directory must return the correct repo data

If either fails, your belief about who truly owns that ETH address may be wrong.

Self-hosting your own PDS? You can import your PDS key into an ETH wallet. Navigate to /pds/actors/.../<your DID>/, then run:

python -c "print(open('./key', 'rb').read().hex())"

That’s your private key, in hex.

How it works:

Each Bluesky handle is associated with a decentralised identifier (DID). Each DID points to a PDS, which advertises a public key. Decode it to get a 33-byte key, decompress it to 64 bytes, Keccak-hash it, and keep the last 20 bytes. Voilà: an ETH address!

I built a quick web app to fetch a Bluesky handle’s public key and convert it into an ETH address. Check it out here: weijiekoh.github.io/bsky_handle_...

⚠️ Warning: Most Bluesky users rely on PDSes run by @bsky.app, who ultimately control those private keys! So if you send funds to addresses derived from those public keys, only Bluesky PBC can access them — not necessarily the user.

Want to send crypto to Bluesky users? It's possible!

Their keypairs are for the secp256k1 curve, which Ethereum also uses. That means you can derive an ETH address from their publicly accessible signing keys.

/.