Skip to content

Releases: Uniswap/emissary

Version 1.0.0

15 Oct 22:02
@ccashwell ccashwell
v1.0.0
aa27c30
This commit was signed with the committer’s verified signature.
ccashwell
GPG key ID: D8076C85A06608BB
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Version 1.0.0 Latest
Latest

This is the first stable release of Emissary, a minimal, audited, protocol-agnostic key management and signature verification layer for EVM accounts. Emissary provides a generalized framework for managing delegated signature authority with support for multiple cryptographic key types and first-class M-of-N multisig capabilities.

Emissary serves as the foundational key management primitive for The Compact v1 protocol, while maintaining a modular architecture that enables any protocol to integrate flexible, secure key management into their systems.

What is Emissary?

Emissary solves the challenge of delegated signature authority in blockchain systems by providing:

  • Multi-Algorithm Support: Secp256k1 (traditional EOA), P-256 (hardware security keys), and WebAuthn (passkeys)

  • Flexible Authentication: M-of-N multisig with bitmap-based gas-efficient storage

  • Timelock Protection: Configurable delays (fixed reset periods ranging from 1 second to 30 days) for secure key lifecycle management

  • Protocol Agnostic Design: Modular architecture allowing any protocol to integrate key management

  • Production-Ready Security: Independently audited by OpenZeppelin with all findings resolved

  • Timelock Protection: Two-phase key removal (schedule → wait → execute) prevents malicious instant changes

  • Comprehensive Validation:

    • Secp256k1: Non-zero address, canonical encoding validation
    • P-256: Point-on-curve validation with coordinate range checks
    • WebAuthn: Full P-256 point validation for passkey contexts

  • Dependency Tracking: Prevents removal of keys still used in active multisigs

  • Authorization Control: Customizable _checkKeyManagementAuthorization for flexible access patterns

🔑 Advanced Key Management

Supported Key Types:

  1. Secp256k1: Traditional EOA signatures with EIP-1271 fallback for smart contract accounts
  2. P-256: Hardware security modules (HSMs), YubiKeys, secure enclaves, TPMs
  3. WebAuthn: Consumer passkeys (Face ID, Touch ID, Windows Hello, biometric authentication)

Key Lifecycle:

  • Registration with configurable reset periods
  • Schedule removal with timelock protection
  • Cancellation support before execution
  • Dual verification modes:
    • verifySignatureWithKey: O(1) verification when key hash is known
    • verifySignatureWithAnyKey: O(n) verification checking all registered keys

🤝 M-of-N Multisig

Emissary includes comprehensive multisig functionality:

  • Flexible Thresholds: Any M-of-N configuration (e.g., 2-of-3, 3-of-5, 5-of-10)
  • Gas-Efficient Storage: Bitmap-based signer references (1 bit per signer vs 32 bytes per address)
  • Key Reuse: References existing registered keys without duplication
  • Timelock Protection: Independent reset periods for each multisig configuration
  • Sorted Signatures: Enforces strictly increasing indices to prevent double-counting
  • Identity-Stable Hashes: Multisig hashes remain stable across key index shifts
  • Capacity: Supports up to 256 keys per account

Canonical Deployments

Address: 0x00000000000059A79403C99B216981C8B7E40Cd7 (permissionlessly deployable)

Currently deployed on:

Assets 2
Loading